Completed
Push — sync/sync-after-connection ( 26183c...e627b2 )
by
unknown
188:57 queued 179:37
created

class.jetpack.php (8 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
/*
4
Options:
5
jetpack_options (array)
6
	An array of options.
7
	@see Jetpack_Options::get_option_names()
8
9
jetpack_register (string)
10
	Temporary verification secrets.
11
12
jetpack_activated (int)
13
	1: the plugin was activated normally
14
	2: the plugin was activated on this site because of a network-wide activation
15
	3: the plugin was auto-installed
16
	4: the plugin was manually disconnected (but is still installed)
17
18
jetpack_active_modules (array)
19
	Array of active module slugs.
20
21
jetpack_do_activate (bool)
22
	Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
23
*/
24
25
class Jetpack {
26
	public $xmlrpc_server = null;
27
28
	private $xmlrpc_verification = null;
29
30
	public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
31
32
	/**
33
	 * @var array The handles of styles that are concatenated into jetpack.css
34
	 */
35
	public $concatenated_style_handles = array(
36
		'jetpack-carousel',
37
		'grunion.css',
38
		'the-neverending-homepage',
39
		'jetpack_likes',
40
		'jetpack_related-posts',
41
		'sharedaddy',
42
		'jetpack-slideshow',
43
		'presentations',
44
		'jetpack-subscriptions',
45
		'tiled-gallery',
46
		'widget-conditions',
47
		'jetpack_display_posts_widget',
48
		'gravatar-profile-widget',
49
		'widget-grid-and-list',
50
		'jetpack-widgets',
51
		'goodreads-widget',
52
		'jetpack_social_media_icons_widget',
53
	);
54
55
	public $plugins_to_deactivate = array(
56
		'stats'               => array( 'stats/stats.php', 'WordPress.com Stats' ),
57
		'shortlinks'          => array( 'stats/stats.php', 'WordPress.com Stats' ),
58
		'sharedaddy'          => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
59
		'twitter-widget'      => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
60
		'after-the-deadline'  => array( 'after-the-deadline/after-the-deadline.php', 'After The Deadline' ),
61
		'contact-form'        => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
62
		'contact-form'        => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
63
		'custom-css'          => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
64
		'random-redirect'     => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
65
		'videopress'          => array( 'video/video.php', 'VideoPress' ),
66
		'widget-visibility'   => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
67
		'widget-visibility'   => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
68
		'sharedaddy'          => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
69
		'omnisearch'          => array( 'jetpack-omnisearch/omnisearch.php', 'Jetpack Omnisearch' ),
70
		'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
71
		'latex'               => array( 'wp-latex/wp-latex.php', 'WP LaTeX' )
72
	);
73
74
	public $capability_translations = array(
75
		'administrator' => 'manage_options',
76
		'editor'        => 'edit_others_posts',
77
		'author'        => 'publish_posts',
78
		'contributor'   => 'edit_posts',
79
		'subscriber'    => 'read',
80
	);
81
82
	/**
83
	 * Map of modules that have conflicts with plugins and should not be auto-activated
84
	 * if the plugins are active.  Used by filter_default_modules
85
	 *
86
	 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
87
	 * change `module-slug` and add this to your plugin:
88
	 *
89
	 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
90
	 * function my_jetpack_get_default_modules( $modules ) {
91
	 *     return array_diff( $modules, array( 'module-slug' ) );
92
	 * }
93
	 *
94
	 * @var array
95
	 */
96
	private $conflicting_plugins = array(
97
		'comments'          => array(
98
			'Intense Debate'                       => 'intensedebate/intensedebate.php',
99
			'Disqus'                               => 'disqus-comment-system/disqus.php',
100
			'Livefyre'                             => 'livefyre-comments/livefyre.php',
101
			'Comments Evolved for WordPress'       => 'gplus-comments/comments-evolved.php',
102
			'Google+ Comments'                     => 'google-plus-comments/google-plus-comments.php',
103
			'WP-SpamShield Anti-Spam'              => 'wp-spamshield/wp-spamshield.php',
104
		),
105
		'contact-form'      => array(
106
			'Contact Form 7'                       => 'contact-form-7/wp-contact-form-7.php',
107
			'Gravity Forms'                        => 'gravityforms/gravityforms.php',
108
			'Contact Form Plugin'                  => 'contact-form-plugin/contact_form.php',
109
			'Easy Contact Forms'                   => 'easy-contact-forms/easy-contact-forms.php',
110
			'Fast Secure Contact Form'             => 'si-contact-form/si-contact-form.php',
111
		),
112
		'minileven'         => array(
113
			'WPtouch'                              => 'wptouch/wptouch.php',
114
		),
115
		'latex'             => array(
116
			'LaTeX for WordPress'                  => 'latex/latex.php',
117
			'Youngwhans Simple Latex'              => 'youngwhans-simple-latex/yw-latex.php',
118
			'Easy WP LaTeX'                        => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
119
			'MathJax-LaTeX'                        => 'mathjax-latex/mathjax-latex.php',
120
			'Enable Latex'                         => 'enable-latex/enable-latex.php',
121
			'WP QuickLaTeX'                        => 'wp-quicklatex/wp-quicklatex.php',
122
		),
123
		'protect'           => array(
124
			'Limit Login Attempts'                 => 'limit-login-attempts/limit-login-attempts.php',
125
			'Captcha'                              => 'captcha/captcha.php',
126
			'Brute Force Login Protection'         => 'brute-force-login-protection/brute-force-login-protection.php',
127
			'Login Security Solution'              => 'login-security-solution/login-security-solution.php',
128
			'WPSecureOps Brute Force Protect'      => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
129
			'BulletProof Security'                 => 'bulletproof-security/bulletproof-security.php',
130
			'SiteGuard WP Plugin'                  => 'siteguard/siteguard.php',
131
			'Security-protection'                  => 'security-protection/security-protection.php',
132
			'Login Security'                       => 'login-security/login-security.php',
133
			'Botnet Attack Blocker'                => 'botnet-attack-blocker/botnet-attack-blocker.php',
134
			'Wordfence Security'                   => 'wordfence/wordfence.php',
135
			'All In One WP Security & Firewall'    => 'all-in-one-wp-security-and-firewall/wp-security.php',
136
			'iThemes Security'                     => 'better-wp-security/better-wp-security.php',
137
		),
138
		'random-redirect'   => array(
139
			'Random Redirect 2'                    => 'random-redirect-2/random-redirect.php',
140
		),
141
		'related-posts'     => array(
142
			'YARPP'                                => 'yet-another-related-posts-plugin/yarpp.php',
143
			'WordPress Related Posts'              => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
144
			'nrelate Related Content'              => 'nrelate-related-content/nrelate-related.php',
145
			'Contextual Related Posts'             => 'contextual-related-posts/contextual-related-posts.php',
146
			'Related Posts for WordPress'          => 'microkids-related-posts/microkids-related-posts.php',
147
			'outbrain'                             => 'outbrain/outbrain.php',
148
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
149
			'Sexybookmarks'                        => 'sexybookmarks/shareaholic.php',
150
		),
151
		'sharedaddy'        => array(
152
			'AddThis'                              => 'addthis/addthis_social_widget.php',
153
			'Add To Any'                           => 'add-to-any/add-to-any.php',
154
			'ShareThis'                            => 'share-this/sharethis.php',
155
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
156
		),
157
		'verification-tools' => array(
158
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
159
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
160
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
161
		),
162
		'widget-visibility' => array(
163
			'Widget Logic'                         => 'widget-logic/widget_logic.php',
164
			'Dynamic Widgets'                      => 'dynamic-widgets/dynamic-widgets.php',
165
		),
166
		'sitemaps' => array(
167
			'Google XML Sitemaps'                  => 'google-sitemap-generator/sitemap.php',
168
			'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
169
			'Google XML Sitemaps for qTranslate'   => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
170
			'XML Sitemap & Google News feeds'      => 'xml-sitemap-feed/xml-sitemap.php',
171
			'Google Sitemap by BestWebSoft'        => 'google-sitemap-plugin/google-sitemap-plugin.php',
172
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
173
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
174
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
175
			'Sitemap'                              => 'sitemap/sitemap.php',
176
			'Simple Wp Sitemap'                    => 'simple-wp-sitemap/simple-wp-sitemap.php',
177
			'Simple Sitemap'                       => 'simple-sitemap/simple-sitemap.php',
178
			'XML Sitemaps'                         => 'xml-sitemaps/xml-sitemaps.php',
179
			'MSM Sitemaps'                         => 'msm-sitemap/msm-sitemap.php',
180
		),
181
	);
182
183
	/**
184
	 * Plugins for which we turn off our Facebook OG Tags implementation.
185
	 *
186
	 * Note: WordPress SEO by Yoast and WordPress SEO Premium by Yoast automatically deactivate
187
	 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
188
	 *
189
	 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
190
	 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
191
	 */
192
	private $open_graph_conflicting_plugins = array(
193
		'2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
194
		                                                         // 2 Click Social Media Buttons
195
		'add-link-to-facebook/add-link-to-facebook.php',         // Add Link to Facebook
196
		'add-meta-tags/add-meta-tags.php',                       // Add Meta Tags
197
		'autodescription/autodescription.php',                   // The SEO Framework
198
		'easy-facebook-share-thumbnails/esft.php',               // Easy Facebook Share Thumbnail
199
		'facebook/facebook.php',                                 // Facebook (official plugin)
200
		'facebook-awd/AWD_facebook.php',                         // Facebook AWD All in one
201
		'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
202
		                                                         // Facebook Featured Image & OG Meta Tags
203
		'facebook-meta-tags/facebook-metatags.php',              // Facebook Meta Tags
204
		'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
205
		                                                         // Facebook Open Graph Meta Tags for WordPress
206
		'facebook-revised-open-graph-meta-tag/index.php',        // Facebook Revised Open Graph Meta Tag
207
		'facebook-thumb-fixer/_facebook-thumb-fixer.php',        // Facebook Thumb Fixer
208
		'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
209
		                                                         // Fedmich's Facebook Open Graph Meta
210
		'header-footer/plugin.php',                              // Header and Footer
211
		'network-publisher/networkpub.php',                      // Network Publisher
212
		'nextgen-facebook/nextgen-facebook.php',                 // NextGEN Facebook OG
213
		'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
214
		                                                         // NextScripts SNAP
215
		'opengraph/opengraph.php',                               // Open Graph
216
		'open-graph-protocol-framework/open-graph-protocol-framework.php',
217
		                                                         // Open Graph Protocol Framework
218
		'seo-facebook-comments/seofacebook.php',                 // SEO Facebook Comments
219
		'seo-ultimate/seo-ultimate.php',                         // SEO Ultimate
220
		'sexybookmarks/sexy-bookmarks.php',                      // Shareaholic
221
		'shareaholic/sexy-bookmarks.php',                        // Shareaholic
222
		'sharepress/sharepress.php',                             // SharePress
223
		'simple-facebook-connect/sfc.php',                       // Simple Facebook Connect
224
		'social-discussions/social-discussions.php',             // Social Discussions
225
		'social-sharing-toolkit/social_sharing_toolkit.php',     // Social Sharing Toolkit
226
		'socialize/socialize.php',                               // Socialize
227
		'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
228
		                                                         // Tweet, Like, Google +1 and Share
229
		'wordbooker/wordbooker.php',                             // Wordbooker
230
		'wpsso/wpsso.php',                                       // WordPress Social Sharing Optimization
231
		'wp-caregiver/wp-caregiver.php',                         // WP Caregiver
232
		'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
233
		                                                         // WP Facebook Like Send & Open Graph Meta
234
		'wp-facebook-open-graph-protocol/wp-facebook-ogp.php',   // WP Facebook Open Graph protocol
235
		'wp-ogp/wp-ogp.php',                                     // WP-OGP
236
		'zoltonorg-social-plugin/zosp.php',                      // Zolton.org Social Plugin
237
		'wp-fb-share-like-button/wp_fb_share-like_widget.php'    // WP Facebook Like Button
238
	);
239
240
	/**
241
	 * Plugins for which we turn off our Twitter Cards Tags implementation.
242
	 */
243
	private $twitter_cards_conflicting_plugins = array(
244
	//	'twitter/twitter.php',                       // The official one handles this on its own.
245
	//	                                             // https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
246
		'eewee-twitter-card/index.php',              // Eewee Twitter Card
247
		'ig-twitter-cards/ig-twitter-cards.php',     // IG:Twitter Cards
248
		'jm-twitter-cards/jm-twitter-cards.php',     // JM Twitter Cards
249
		'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
250
		                                             // Pure Web Brilliant's Social Graph Twitter Cards Extension
251
		'twitter-cards/twitter-cards.php',           // Twitter Cards
252
		'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
253
		'wp-twitter-cards/twitter_cards.php',        // WP Twitter Cards
254
	);
255
256
	/**
257
	 * Message to display in admin_notice
258
	 * @var string
259
	 */
260
	public $message = '';
261
262
	/**
263
	 * Error to display in admin_notice
264
	 * @var string
265
	 */
266
	public $error = '';
267
268
	/**
269
	 * Modules that need more privacy description.
270
	 * @var string
271
	 */
272
	public $privacy_checks = '';
273
274
	/**
275
	 * Stats to record once the page loads
276
	 *
277
	 * @var array
278
	 */
279
	public $stats = array();
280
281
	/**
282
	 * Allows us to build a temporary security report
283
	 *
284
	 * @var array
285
	 */
286
	static $security_report = array();
287
288
	/**
289
	 * Jetpack_Sync object
290
	 */
291
	public $sync;
292
293
	/**
294
	 * Verified data for JSON authorization request
295
	 */
296
	public $json_api_authorization_request = array();
297
298
	/**
299
	 * Holds the singleton instance of this class
300
	 * @since 2.3.3
301
	 * @var Jetpack
302
	 */
303
	static $instance = false;
304
305
	/**
306
	 * Singleton
307
	 * @static
308
	 */
309
	public static function init() {
310
		if ( ! self::$instance ) {
311
			self::$instance = new Jetpack;
312
313
			self::$instance->plugin_upgrade();
314
315
			add_action( 'init', array( __CLASS__, 'perform_security_reporting' ) );
316
317
		}
318
319
		return self::$instance;
320
	}
321
322
	/**
323
	 * Must never be called statically
324
	 */
325
	function plugin_upgrade() {
326
		if ( Jetpack::is_active() ) {
327
			list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
328
			if ( JETPACK__VERSION != $version ) {
329
330
				// Check which active modules actually exist and remove others from active_modules list
331
				$unfiltered_modules = Jetpack::get_active_modules();
332
				$modules = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
333
				if ( array_diff( $unfiltered_modules, $modules ) ) {
334
					Jetpack_Options::update_option( 'active_modules', $modules );
335
				}
336
337
				add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
338
				/**
339
				 * Fires when synchronizing all registered options and constants.
340
				 *
341
				 * @since 3.3.0
342
				 */
343
				do_action( 'jetpack_sync_all_registered_options' );
344
			}
345
		}
346
	}
347
348
	static function activate_manage( ) {
349
350
		if ( did_action( 'init' ) || current_filter() == 'init' ) {
351
			self::activate_module( 'manage', false, false );
352
		} else if ( !  has_action( 'init' , array( __CLASS__, 'activate_manage' ) ) ) {
353
			add_action( 'init', array( __CLASS__, 'activate_manage' ) );
354
		}
355
356
	}
357
358
	/**
359
	 * Constructor.  Initializes WordPress hooks
360
	 */
361
	private function __construct() {
362
		/*
363
		 * Check for and alert any deprecated hooks
364
		 */
365
		add_action( 'init', array( $this, 'deprecated_hooks' ) );
366
367
368
		/*
369
		 * Load things that should only be in Network Admin.
370
		 *
371
		 * For now blow away everything else until a more full
372
		 * understanding of what is needed at the network level is
373
		 * available
374
		 */
375
		if( is_multisite() ) {
376
			Jetpack_Network::init();
377
		}
378
379
		// Unlink user before deleting the user from .com
380
		add_action( 'deleted_user', array( $this, 'unlink_user' ), 10, 1 );
381
		add_action( 'remove_user_from_blog', array( $this, 'unlink_user' ), 10, 1 );
382
383
		if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) {
384
			@ini_set( 'display_errors', false ); // Display errors can cause the XML to be not well formed.
385
386
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-xmlrpc-server.php';
387
			$this->xmlrpc_server = new Jetpack_XMLRPC_Server();
388
389
			$this->require_jetpack_authentication();
390
391
			if ( Jetpack::is_active() ) {
392
				// Hack to preserve $HTTP_RAW_POST_DATA
393
				add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
394
395
				$signed = $this->verify_xml_rpc_signature();
396
				if ( $signed && ! is_wp_error( $signed ) ) {
397
					// The actual API methods.
398
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) );
399
				} else {
400
					// The jetpack.authorize method should be available for unauthenticated users on a site with an
401
					// active Jetpack connection, so that additional users can link their account.
402
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) );
403
				}
404
			} else {
405
				// The bootstrap API methods.
406
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) );
407
			}
408
409
			// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on.
410
			add_filter( 'pre_option_enable_xmlrpc', '__return_true' );
411
		} elseif ( is_admin() && isset( $_POST['action'] ) && 'jetpack_upload_file' == $_POST['action'] ) {
412
			$this->require_jetpack_authentication();
413
			$this->add_remote_request_handlers();
414
		} else {
415
			if ( Jetpack::is_active() ) {
416
				add_action( 'login_form_jetpack_json_api_authorization', array( &$this, 'login_form_json_api_authorization' ) );
417
				add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) );
418
			}
419
		}
420
421
		if ( Jetpack::is_active() ) {
422
			Jetpack_Heartbeat::init();
423
		}
424
425
		add_action( 'jetpack_clean_nonces', array( 'Jetpack', 'clean_nonces' ) );
426
		if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) {
427
			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
428
		}
429
430
		add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ) );
431
432
		add_action( 'admin_init', array( $this, 'admin_init' ) );
433
		add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
434
435
		add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
436
437
		add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
438
		// Filter the dashboard meta box order to swap the new one in in place of the old one.
439
		add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
440
441
		add_action( 'wp_ajax_jetpack-sync-reindex-trigger', array( $this, 'sync_reindex_trigger' ) );
442
		add_action( 'wp_ajax_jetpack-sync-reindex-status', array( $this, 'sync_reindex_status' ) );
443
444
		// returns HTTPS support status
445
		add_action( 'wp_ajax_jetpack-recheck-ssl', array( $this, 'ajax_recheck_ssl' ) );
446
447
		// If any module option is updated before Jump Start is dismissed, hide Jump Start.
448
		add_action( 'update_option', array( $this, 'jumpstart_has_updated_module_option' ) );
449
450
		// Identity Crisis AJAX callback function
451
		add_action( 'wp_ajax_jetpack_resolve_identity_crisis', array( $this, 'resolve_identity_crisis_ajax_callback' ) );
452
453
		// JITM AJAX callback function
454
		add_action( 'wp_ajax_jitm_ajax',  array( $this, 'jetpack_jitm_ajax_callback' ) );
455
456
		add_action( 'wp_ajax_jetpack_admin_ajax',          array( $this, 'jetpack_admin_ajax_callback' ) );
457
		add_action( 'wp_ajax_jetpack_admin_ajax_refresh',  array( $this, 'jetpack_admin_ajax_refresh_data' ) );
458
459
		// Universal ajax callback for all tracking events triggered via js
460
		add_action( 'wp_ajax_jetpack_tracks', array( $this, 'jetpack_admin_ajax_tracks_callback' ) );
461
462
		add_action( 'wp_loaded', array( $this, 'register_assets' ) );
463
		add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) );
464
		add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) );
465
		add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) );
466
467
		add_action( 'jetpack_activate_module', array( $this, 'activate_module_actions' ) );
468
469
		add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 );
470
		
471
		/**
472
		 * These actions run checks to load additional files.
473
		 * They check for external files or plugins, so they need to run as late as possible.
474
		 */
475
		add_action( 'wp_head', array( $this, 'check_open_graph' ),       1 );
476
		add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ),     999 );
477
		add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
478
479
		add_filter( 'plugins_url',      array( 'Jetpack', 'maybe_min_asset' ),     1, 3 );
480
		add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
481
482
		add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
483
484
		add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
485
		add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
486
487
		// A filter to control all just in time messages
488
		add_filter( 'jetpack_just_in_time_msgs', '__return_false' );
489
490
		/**
491
		 * This is the hack to concatinate all css files into one.
492
		 * For description and reasoning see the implode_frontend_css method
493
		 *
494
		 * Super late priority so we catch all the registered styles
495
		 */
496
		if( !is_admin() ) {
497
			add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
498
			add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
499
		}
500
501
	}
502
	
503
	function jetpack_admin_ajax_tracks_callback() {
504
		// Check for nonce
505
		if ( ! isset( $_REQUEST['tracksNonce'] ) || ! wp_verify_nonce( $_REQUEST['tracksNonce'], 'jp-tracks-ajax-nonce' ) ) {
506
			wp_die( 'Permissions check failed.' );
507
		}
508
509
		if ( ! isset( $_REQUEST['tracksEventName'] ) || ! isset( $_REQUEST['tracksEventType'] )  ) {
510
			wp_die( 'No valid event name or type.' );
511
		}
512
513
		$tracks_data = array();
514
		if ( 'click' === $_REQUEST['tracksEventType'] && isset( $_REQUEST['tracksEventProp'] ) ) {
515
			$tracks_data = array( 'clicked' => $_REQUEST['tracksEventProp'] );
516
		}
517
518
		JetpackTracking::record_user_event( $_REQUEST['tracksEventName'], $tracks_data );
519
		wp_send_json_success();
520
		wp_die();
521
	}
522
523
	function jetpack_admin_ajax_callback() {
524
		// Check for nonce
525 View Code Duplication
		if ( ! isset( $_REQUEST['adminNonce'] ) || ! wp_verify_nonce( $_REQUEST['adminNonce'], 'jetpack-admin-nonce' ) || ! current_user_can( 'jetpack_manage_modules' ) ) {
526
			wp_die( 'permissions check failed' );
527
		}
528
529
		if ( isset( $_REQUEST['toggleModule'] ) && 'nux-toggle-module' == $_REQUEST['toggleModule'] ) {
530
			$slug = $_REQUEST['thisModuleSlug'];
531
532
			if ( ! in_array( $slug, Jetpack::get_available_modules() ) ) {
533
				wp_die( 'That is not a Jetpack module slug' );
534
			}
535
536
			if ( Jetpack::is_module_active( $slug ) ) {
537
				Jetpack::deactivate_module( $slug );
538
			} else {
539
				Jetpack::activate_module( $slug, false, false );
540
			}
541
542
			$modules = Jetpack_Admin::init()->get_modules();
543
			echo json_encode( $modules[ $slug ] );
544
545
			exit;
546
		}
547
548
		wp_die();
549
	}
550
551
	/*
552
	 * Sometimes we need to refresh the data,
553
	 * especially if the page is visited via a 'history'
554
	 * event like back/forward
555
	 */
556
	function jetpack_admin_ajax_refresh_data() {
557
		// Check for nonce
558 View Code Duplication
		if ( ! isset( $_REQUEST['adminNonce'] ) || ! wp_verify_nonce( $_REQUEST['adminNonce'], 'jetpack-admin-nonce' ) ) {
559
			wp_die( 'permissions check failed' );
560
		}
561
562
		if ( isset( $_REQUEST['refreshData'] ) && 'refresh' == $_REQUEST['refreshData'] ) {
563
			$modules = Jetpack_Admin::init()->get_modules();
564
			echo json_encode( $modules );
565
			exit;
566
		}
567
568
		wp_die();
569
	}
570
571
	/**
572
	 * The callback for the JITM ajax requests.
573
	 */
574
	function jetpack_jitm_ajax_callback() {
575
		// Check for nonce
576
		if ( ! isset( $_REQUEST['jitmNonce'] ) || ! wp_verify_nonce( $_REQUEST['jitmNonce'], 'jetpack-jitm-nonce' ) ) {
577
			wp_die( 'Module activation failed due to lack of appropriate permissions' );
578
		}
579
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'activate' == $_REQUEST['jitmActionToTake'] ) {
580
			$module_slug = $_REQUEST['jitmModule'];
581
			Jetpack::log( 'activate', $module_slug );
582
			Jetpack::activate_module( $module_slug, false, false );
583
			Jetpack::state( 'message', 'no_message' );
584
585
			//A Jetpack module is being activated through a JITM, track it
586
			$this->stat( 'jitm', $module_slug.'-activated-' . JETPACK__VERSION );
587
			$this->do_stats( 'server_side' );
588
589
			wp_send_json_success();
590
		}
591
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'dismiss' == $_REQUEST['jitmActionToTake'] ) {
592
			// get the hide_jitm options array
593
			$jetpack_hide_jitm = Jetpack_Options::get_option( 'hide_jitm' );
594
			$module_slug = $_REQUEST['jitmModule'];
595
596
			if( ! $jetpack_hide_jitm ) {
597
				$jetpack_hide_jitm = array(
598
					$module_slug => 'hide'
599
				);
600
			} else {
601
				$jetpack_hide_jitm[$module_slug] = 'hide';
602
			}
603
604
			Jetpack_Options::update_option( 'hide_jitm', $jetpack_hide_jitm );
605
606
			//jitm is being dismissed forever, track it
607
			$this->stat( 'jitm', $module_slug.'-dismissed-' . JETPACK__VERSION );
608
			$this->do_stats( 'server_side' );
609
610
			wp_send_json_success();
611
		}
612 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'launch' == $_REQUEST['jitmActionToTake'] ) {
613
			$module_slug = $_REQUEST['jitmModule'];
614
615
			// User went to WordPress.com, track this
616
			$this->stat( 'jitm', $module_slug.'-wordpress-tools-' . JETPACK__VERSION );
617
			$this->do_stats( 'server_side' );
618
619
			wp_send_json_success();
620
		}
621 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'viewed' == $_REQUEST['jitmActionToTake'] ) {
622
			$track = $_REQUEST['jitmModule'];
623
624
			// User is viewing JITM, track it.
625
			$this->stat( 'jitm', $track . '-viewed-' . JETPACK__VERSION );
626
			$this->do_stats( 'server_side' );
627
628
			wp_send_json_success();
629
		}
630
	}
631
632
	/**
633
	 * If there are any stats that need to be pushed, but haven't been, push them now.
634
	 */
635
	function __destruct() {
636
		if ( ! empty( $this->stats ) ) {
637
			$this->do_stats( 'server_side' );
638
		}
639
	}
640
641
	function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
642
		switch( $cap ) {
643
			case 'jetpack_connect' :
644
			case 'jetpack_reconnect' :
645
				if ( Jetpack::is_development_mode() ) {
646
					$caps = array( 'do_not_allow' );
647
					break;
648
				}
649
				/**
650
				 * Pass through. If it's not development mode, these should match disconnect.
651
				 * Let users disconnect if it's development mode, just in case things glitch.
652
				 */
653
			case 'jetpack_disconnect' :
654
				/**
655
				 * In multisite, can individual site admins manage their own connection?
656
				 *
657
				 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
658
				 */
659
				if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
660
					if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
661
						/**
662
						 * We need to update the option name -- it's terribly unclear which
663
						 * direction the override goes.
664
						 *
665
						 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
666
						 */
667
						$caps = array( 'do_not_allow' );
668
						break;
669
					}
670
				}
671
672
				$caps = array( 'manage_options' );
673
				break;
674
			case 'jetpack_manage_modules' :
675
			case 'jetpack_activate_modules' :
676
			case 'jetpack_deactivate_modules' :
677
				$caps = array( 'manage_options' );
678
				break;
679
			case 'jetpack_configure_modules' :
680
				$caps = array( 'manage_options' );
681
				break;
682
			case 'jetpack_network_admin_page':
683
			case 'jetpack_network_settings_page':
684
				$caps = array( 'manage_network_plugins' );
685
				break;
686
			case 'jetpack_network_sites_page':
687
				$caps = array( 'manage_sites' );
688
				break;
689
			case 'jetpack_admin_page' :
690
				if ( Jetpack::is_development_mode() ) {
691
					$caps = array( 'manage_options' );
692
					break;
693
				} else {
694
					$caps = array( 'read' );
695
				}
696
				break;
697
			case 'jetpack_connect_user' :
698
				if ( Jetpack::is_development_mode() ) {
699
					$caps = array( 'do_not_allow' );
700
					break;
701
				}
702
				$caps = array( 'read' );
703
				break;
704
		}
705
		return $caps;
706
	}
707
708
	function require_jetpack_authentication() {
709
		// Don't let anyone authenticate
710
		$_COOKIE = array();
711
		remove_all_filters( 'authenticate' );
712
713
		/**
714
		 * For the moment, remove Limit Login Attempts if its xmlrpc for Jetpack.
715
		 * If Limit Login Attempts is installed as a mu-plugin, it can occasionally
716
		 * generate false-positives.
717
		 */
718
		remove_filter( 'wp_login_failed', 'limit_login_failed' );
719
720
		if ( Jetpack::is_active() ) {
721
			// Allow Jetpack authentication
722
			add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 );
723
		}
724
	}
725
726
	/**
727
	 * Load language files
728
	 * @action plugins_loaded
729
	 */
730
	public static function plugin_textdomain() {
731
		// Note to self, the third argument must not be hardcoded, to account for relocated folders.
732
		load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
733
	}
734
735
	/**
736
	 * Register assets for use in various modules and the Jetpack admin page.
737
	 *
738
	 * @uses wp_script_is, wp_register_script, plugins_url
739
	 * @action wp_loaded
740
	 * @return null
741
	 */
742
	public function register_assets() {
743
		if ( ! wp_script_is( 'spin', 'registered' ) ) {
744
			wp_register_script( 'spin', plugins_url( '_inc/spin.js', JETPACK__PLUGIN_FILE ), false, '1.3' );
745
		}
746
747 View Code Duplication
		if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
748
			wp_register_script( 'jquery.spin', plugins_url( '_inc/jquery.spin.js', JETPACK__PLUGIN_FILE ) , array( 'jquery', 'spin' ), '1.3' );
749
		}
750
751 View Code Duplication
		if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
752
			wp_register_script( 'jetpack-gallery-settings', plugins_url( '_inc/gallery-settings.js', JETPACK__PLUGIN_FILE ), array( 'media-views' ), '20121225' );
753
		}
754
755 View Code Duplication
		if ( ! wp_script_is( 'jetpack-twitter-timeline', 'registered' ) ) {
756
			wp_register_script( 'jetpack-twitter-timeline', plugins_url( '_inc/twitter-timeline.js', JETPACK__PLUGIN_FILE ) , array( 'jquery' ), '4.0.0', true );
757
		}
758
759
		if ( ! wp_script_is( 'jetpack-facebook-embed', 'registered' ) ) {
760
			wp_register_script( 'jetpack-facebook-embed', plugins_url( '_inc/facebook-embed.js', __FILE__ ), array( 'jquery' ), null, true );
761
762
			/** This filter is documented in modules/sharedaddy/sharing-sources.php */
763
			$fb_app_id = apply_filters( 'jetpack_sharing_facebook_app_id', '249643311490' );
764
			if ( ! is_numeric( $fb_app_id ) ) {
765
				$fb_app_id = '';
766
			}
767
			wp_localize_script(
768
				'jetpack-facebook-embed',
769
				'jpfbembed',
770
				array(
771
					'appid' => $fb_app_id,
772
					'locale' => $this->get_locale(),
773
				)
774
			);
775
		}
776
777
		/**
778
		 * As jetpack_register_genericons is by default fired off a hook,
779
		 * the hook may have already fired by this point.
780
		 * So, let's just trigger it manually.
781
		 */
782
		require_once( JETPACK__PLUGIN_DIR . '_inc/genericons.php' );
783
		jetpack_register_genericons();
784
785
		/**
786
		 * Register the social logos 
787
		 */
788
		require_once( JETPACK__PLUGIN_DIR . '_inc/social-logos.php' );
789
		jetpack_register_social_logos();
790
791 View Code Duplication
		if ( ! wp_style_is( 'jetpack-icons', 'registered' ) )
792
			wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
793
	}
794
795
	/**
796
	 * Guess locale from language code.
797
	 *
798
	 * @param string $lang Language code.
799
	 * @return string|bool
800
	 */
801 View Code Duplication
	function guess_locale_from_lang( $lang ) {
802
		if ( 'en' === $lang || 'en_US' === $lang || ! $lang ) {
803
			return 'en_US';
804
		}
805
806
		if ( ! class_exists( 'GP_Locales' ) ) {
807
			if ( ! defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) || ! file_exists( JETPACK__GLOTPRESS_LOCALES_PATH ) ) {
808
				return false;
809
			}
810
811
			require JETPACK__GLOTPRESS_LOCALES_PATH;
812
		}
813
814
		if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
815
			// WP.com: get_locale() returns 'it'
816
			$locale = GP_Locales::by_slug( $lang );
817
		} else {
818
			// Jetpack: get_locale() returns 'it_IT';
819
			$locale = GP_Locales::by_field( 'facebook_locale', $lang );
820
		}
821
822
		if ( ! $locale ) {
823
			return false;
824
		}
825
826
		if ( empty( $locale->facebook_locale ) ) {
827
			if ( empty( $locale->wp_locale ) ) {
828
				return false;
829
			} else {
830
				// Facebook SDK is smart enough to fall back to en_US if a
831
				// locale isn't supported. Since supported Facebook locales
832
				// can fall out of sync, we'll attempt to use the known
833
				// wp_locale value and rely on said fallback.
834
				return $locale->wp_locale;
835
			}
836
		}
837
838
		return $locale->facebook_locale;
839
	}
840
841
	/**
842
	 * Get the locale.
843
	 *
844
	 * @return string|bool
845
	 */
846
	function get_locale() {
847
		$locale = $this->guess_locale_from_lang( get_locale() );
848
849
		if ( ! $locale ) {
850
			$locale = 'en_US';
851
		}
852
853
		return $locale;
854
	}
855
856
	/**
857
	 * Device Pixels support
858
	 * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers.
859
	 */
860
	function devicepx() {
861
		if ( Jetpack::is_active() ) {
862
			wp_enqueue_script( 'devicepx', set_url_scheme( 'http://s0.wp.com/wp-content/js/devicepx-jetpack.js' ), array(), gmdate( 'oW' ), true );
863
		}
864
	}
865
866
	/**
867
	 * Return the network_site_url so that .com knows what network this site is a part of.
868
	 * @param  bool $option
869
	 * @return string
870
	 */
871
	public function jetpack_main_network_site_option( $option ) {
872
		return network_site_url();
873
	}
874
	/**
875
	 * Network Name.
876
	 */
877
	static function network_name( $option = null ) {
878
		global $current_site;
879
		return $current_site->site_name;
880
	}
881
	/**
882
	 * Does the network allow new user and site registrations.
883
	 * @return string
884
	 */
885
	static function network_allow_new_registrations( $option = null ) {
886
		return ( in_array( get_site_option( 'registration' ), array('none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration') : 'none' );
887
	}
888
	/**
889
	 * Does the network allow admins to add new users.
890
	 * @return boolian
891
	 */
892
	static function network_add_new_users( $option = null ) {
893
		return (bool) get_site_option( 'add_new_users' );
894
	}
895
	/**
896
	 * File upload psace left per site in MB.
897
	 *  -1 means NO LIMIT.
898
	 * @return number
899
	 */
900
	static function network_site_upload_space( $option = null ) {
901
		// value in MB
902
		return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
903
	}
904
905
	/**
906
	 * Network allowed file types.
907
	 * @return string
908
	 */
909
	static function network_upload_file_types( $option = null ) {
910
		return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
911
	}
912
913
	/**
914
	 * Maximum file upload size set by the network.
915
	 * @return number
916
	 */
917
	static function network_max_upload_file_size( $option = null ) {
918
		// value in KB
919
		return get_site_option( 'fileupload_maxk', 300 );
920
	}
921
922
	/**
923
	 * Lets us know if a site allows admins to manage the network.
924
	 * @return array
925
	 */
926
	static function network_enable_administration_menus( $option = null ) {
927
		return get_site_option( 'menu_items' );
928
	}
929
930
	/**
931
	 * Return whether we are dealing with a multi network setup or not.
932
	 * The reason we are type casting this is because we want to avoid the situation where
933
	 * the result is false since when is_main_network_option return false it cases
934
	 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
935
	 * database which could be set to anything as opposed to what this function returns.
936
	 * @param  bool  $option
937
	 *
938
	 * @return boolean
939
	 */
940
	public function is_main_network_option( $option ) {
941
		// return '1' or ''
942
		return (string) (bool) Jetpack::is_multi_network();
943
	}
944
945
	/**
946
	 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
947
	 *
948
	 * @param  string  $option
949
	 * @return boolean
950
	 */
951
	public function is_multisite( $option ) {
952
		return (string) (bool) is_multisite();
953
	}
954
955
	/**
956
	 * Implemented since there is no core is multi network function
957
	 * Right now there is no way to tell if we which network is the dominant network on the system
958
	 *
959
	 * @since  3.3
960
	 * @return boolean
961
	 */
962
	public static function is_multi_network() {
963
		global  $wpdb;
964
965
		// if we don't have a multi site setup no need to do any more
966
		if ( ! is_multisite() ) {
967
			return false;
968
		}
969
970
		$num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
971
		if ( $num_sites > 1 ) {
972
			return true;
973
		} else {
974
			return false;
975
		}
976
	}
977
978
	/**
979
	 * Trigger an update to the main_network_site when we update the siteurl of a site.
980
	 * @return null
981
	 */
982
	function update_jetpack_main_network_site_option() {
983
		// do_action( 'add_option_$option', '$option', '$value-of-the-option' );
984
		/**
985
		 * Fires when the site URL is updated.
986
		 * Determines if the site is the main site of a Mulitiste network.
987
		 *
988
		 * @since 3.3.0
989
		 *
990
		 * @param string jetpack_main_network_site.
991
		 * @param string network_site_url() Site URL for the "main" site of the current Multisite network.
992
		 */
993
		do_action( 'add_option_jetpack_main_network_site', 'jetpack_main_network_site', network_site_url() );
994
		/**
995
		 * Fires when the site URL is updated.
996
		 * Determines if the is part of a multi network.
997
		 *
998
		 * @since 3.3.0
999
		 *
1000
		 * @param string jetpack_is_main_network.
1001
		 * @param bool Jetpack::is_multi_network() Is the site part of a multi network.
1002
		 */
1003
		do_action( 'add_option_jetpack_is_main_network', 'jetpack_is_main_network', (string) (bool) Jetpack::is_multi_network() );
1004
		/**
1005
		 * Fires when the site URL is updated.
1006
		 * Determines if the site is part of a multisite network.
1007
		 *
1008
		 * @since 3.4.0
1009
		 *
1010
		 * @param string jetpack_is_multi_site.
1011
		 * @param bool is_multisite() Is the site part of a mutlisite network.
1012
		 */
1013
		do_action( 'add_option_jetpack_is_multi_site', 'jetpack_is_multi_site', (string) (bool) is_multisite() );
1014
	}
1015
	/**
1016
	 * Triggered after a user updates the network settings via Network Settings Admin Page
1017
	 *
1018
	 */
1019
	function update_jetpack_network_settings() {
1020
		// Only sync this info for the main network site.
1021
		do_action( 'add_option_jetpack_network_name', 'jetpack_network_name', Jetpack::network_name() );
1022
		do_action( 'add_option_jetpack_network_allow_new_registrations', 'jetpack_network_allow_new_registrations', Jetpack::network_allow_new_registrations() );
1023
		do_action( 'add_option_jetpack_network_add_new_users', 'jetpack_network_add_new_users', Jetpack::network_add_new_users() );
1024
		do_action( 'add_option_jetpack_network_site_upload_space', 'jetpack_network_site_upload_space', Jetpack::network_site_upload_space() );
1025
		do_action( 'add_option_jetpack_network_upload_file_types', 'jetpack_network_upload_file_types', Jetpack::network_upload_file_types() );
1026
		do_action( 'add_option_jetpack_network_enable_administration_menus', 'jetpack_network_enable_administration_menus', Jetpack::network_enable_administration_menus() );
1027
1028
	}
1029
1030
	/**
1031
	 * Get back if the current site is single user site.
1032
	 *
1033
	 * @return bool
1034
	 */
1035
	public static function is_single_user_site() {
1036
1037
		$user_query = new WP_User_Query( array(
1038
			'blog_id' => get_current_blog_id(),
1039
			'fields'  => 'ID',
1040
			'number' => 2
1041
		) );
1042
		return 1 === (int) $user_query->get_total();
1043
	}
1044
1045
	/**
1046
	 * Returns true if the site has file write access false otherwise.
1047
	 * @return string ( '1' | '0' )
1048
	 **/
1049
	public static function file_system_write_access() {
1050
		if ( ! function_exists( 'get_filesystem_method' ) ) {
1051
			require_once( ABSPATH . 'wp-admin/includes/file.php' );
1052
		}
1053
1054
		require_once( ABSPATH . 'wp-admin/includes/template.php' );
1055
1056
		$filesystem_method = get_filesystem_method();
1057
		if ( $filesystem_method === 'direct' ) {
1058
			return 1;
1059
		}
1060
1061
		ob_start();
1062
		$filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1063
		ob_end_clean();
1064
		if ( $filesystem_credentials_are_stored ) {
1065
			return 1;
1066
		}
1067
		return 0;
1068
	}
1069
1070
	/**
1071
	 * Finds out if a site is using a version control system.
1072
	 * @return string ( '1' | '0' )
1073
	 **/
1074
	public static function is_version_controlled() {
1075
		_deprecated_function( 'Jetpack::is_version_controlled', '4.1', 'Jetpack_Sync_Functions::is_version_controlled' );
1076
		return (string) (int) Jetpack_Sync_Functions::is_version_controlled();
1077
	}
1078
1079
	/**
1080
	 * Determines whether the current theme supports featured images or not.
1081
	 * @return string ( '1' | '0' )
1082
	 */
1083
	public static function featured_images_enabled() {
1084
		return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1085
	}
1086
	
1087
	/**
1088
	 * jetpack_updates is saved in the following schema:
1089
	 *
1090
	 * array (
1091
	 *      'plugins'                       => (int) Number of plugin updates available.
1092
	 *      'themes'                        => (int) Number of theme updates available.
1093
	 *      'wordpress'                     => (int) Number of WordPress core updates available.
1094
	 *      'translations'                  => (int) Number of translation updates available.
1095
	 *      'total'                         => (int) Total of all available updates.
1096
	 *      'wp_update_version'             => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1097
	 * )
1098
	 * @return array
1099
	 */
1100
	public static function get_updates() {
1101
		$update_data = wp_get_update_data();
1102
1103
		// Stores the individual update counts as well as the total count.
1104
		if ( isset( $update_data['counts'] ) ) {
1105
			$updates = $update_data['counts'];
1106
		}
1107
1108
		// If we need to update WordPress core, let's find the latest version number.
1109 View Code Duplication
		if ( ! empty( $updates['wordpress'] ) ) {
1110
			$cur = get_preferred_from_update_core();
1111
			if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1112
				$updates['wp_update_version'] = $cur->current;
1113
			}
1114
		}
1115
		return isset( $updates ) ? $updates : array();
1116
	}
1117
1118
	public static function get_update_details() {
1119
		$update_details = array(
1120
			'update_core' => get_site_transient( 'update_core' ),
1121
			'update_plugins' => get_site_transient( 'update_plugins' ),
1122
			'update_themes' => get_site_transient( 'update_themes' ),
1123
		);
1124
		return $update_details;
1125
	}
1126
1127
	public static function refresh_update_data() {
1128
		if ( current_user_can( 'update_core' ) && current_user_can( 'update_plugins' ) && current_user_can( 'update_themes' ) ) {
1129
			/**
1130
			 * Fires whenever the amount of updates needed for a site changes.
1131
			 * Syncs an array that includes the number of theme, plugin, and core updates available, as well as the latest core version available.
1132
			 *
1133
			 * @since 3.7.0
1134
			 *
1135
			 * @param string jetpack_updates
1136
			 * @param array Update counts calculated by Jetpack::get_updates
1137
			 */
1138
			do_action( 'add_option_jetpack_updates', 'jetpack_updates', Jetpack::get_updates() );
1139
		}
1140
		/**
1141
		 * Fires whenever the amount of updates needed for a site changes.
1142
		 * Syncs an array of core, theme, and plugin data, and which of each is out of date
1143
		 *
1144
		 * @since 3.7.0
1145
		 *
1146
		 * @param string jetpack_update_details
1147
		 * @param array Update details calculated by Jetpack::get_update_details
1148
		 */
1149
		do_action( 'add_option_jetpack_update_details', 'jetpack_update_details', Jetpack::get_update_details() );
1150
	}
1151
1152
	public static function refresh_theme_data() {
1153
		/**
1154
		 * Fires whenever a theme change is made.
1155
		 *
1156
		 * @since 3.8.1
1157
		 *
1158
		 * @param string featured_images_enabled
1159
		 * @param boolean Whether featured images are enabled or not
1160
		 */
1161
		do_action( 'add_option_jetpack_featured_images_enabled', 'jetpack_featured_images_enabled', Jetpack::featured_images_enabled() );
1162
	}
1163
1164
	/**
1165
	 * Is Jetpack active?
1166
	 */
1167
	public static function is_active() {
1168
		return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1169
	}
1170
1171
	/**
1172
	 * Is Jetpack in development (offline) mode?
1173
	 */
1174
	public static function is_development_mode() {
1175
		$development_mode = false;
1176
1177
		if ( defined( 'JETPACK_DEV_DEBUG' ) ) {
1178
			$development_mode = JETPACK_DEV_DEBUG;
1179
		}
1180
1181
		elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1182
			$development_mode = true;
1183
		}
1184
		/**
1185
		 * Filters Jetpack's development mode.
1186
		 *
1187
		 * @see https://jetpack.com/support/development-mode/
1188
		 *
1189
		 * @since 2.2.1
1190
		 *
1191
		 * @param bool $development_mode Is Jetpack's development mode active.
1192
		 */
1193
		return apply_filters( 'jetpack_development_mode', $development_mode );
1194
	}
1195
1196
	/**
1197
	* Get Jetpack development mode notice text and notice class.
1198
	*
1199
	* Mirrors the checks made in Jetpack::is_development_mode
1200
	*
1201
	*/
1202
	public static function show_development_mode_notice() {
1203
		if ( Jetpack::is_development_mode() ) {
1204
			if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1205
				$notice = sprintf(
1206
					/* translators: %s is a URL */
1207
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the JETPACK_DEV_DEBUG constant being defined in wp-config.php or elsewhere.', 'jetpack' ),
1208
					'https://jetpack.com/support/development-mode/'
1209
				);
1210
			} elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1211
				$notice = sprintf(
1212
					/* translators: %s is a URL */
1213
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via site URL lacking a dot (e.g. http://localhost).', 'jetpack' ),
1214
					'https://jetpack.com/support/development-mode/'
1215
				);
1216
			} else {
1217
				$notice = sprintf(
1218
					/* translators: %s is a URL */
1219
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the jetpack_development_mode filter.', 'jetpack' ),
1220
					'https://jetpack.com/support/development-mode/'
1221
				);
1222
			}
1223
1224
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1225
		}
1226
1227
		// Throw up a notice if using a development version and as for feedback.
1228
		if ( Jetpack::is_development_version() ) {
1229
			/* translators: %s is a URL */
1230
			$notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.com/contact-support/beta-group/' );
1231
1232
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1233
		}
1234
		// Throw up a notice if using staging mode
1235
		if ( Jetpack::is_staging_site() ) {
1236
			/* translators: %s is a URL */
1237
			$notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', 'jetpack' ), 'https://jetpack.com/support/staging-sites/' );
1238
1239
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1240
		}
1241
	}
1242
1243
	/**
1244
	 * Whether Jetpack's version maps to a public release, or a development version.
1245
	 */
1246
	public static function is_development_version() {
1247
		return ! preg_match( '/^\d+(\.\d+)+$/', JETPACK__VERSION );
1248
	}
1249
1250
	/**
1251
	 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1252
	 */
1253
	public static function is_user_connected( $user_id = false ) {
1254
		$user_id = false === $user_id ? get_current_user_id() : absint( $user_id );
1255
		if ( ! $user_id ) {
1256
			return false;
1257
		}
1258
		return (bool) Jetpack_Data::get_access_token( $user_id );
1259
	}
1260
1261
	/**
1262
	 * Get the wpcom user data of the current|specified connected user.
1263
	 */
1264 View Code Duplication
	public static function get_connected_user_data( $user_id = null ) {
1265
		if ( ! $user_id ) {
1266
			$user_id = get_current_user_id();
1267
		}
1268
		Jetpack::load_xml_rpc_client();
1269
		$xml = new Jetpack_IXR_Client( array(
1270
			'user_id' => $user_id,
1271
		) );
1272
		$xml->query( 'wpcom.getUser' );
1273
		if ( ! $xml->isError() ) {
1274
			return $xml->getResponse();
1275
		}
1276
		return false;
1277
	}
1278
1279
	/**
1280
	 * Get the wpcom email of the current|specified connected user.
1281
	 */
1282 View Code Duplication
	public static function get_connected_user_email( $user_id = null ) {
1283
		if ( ! $user_id ) {
1284
			$user_id = get_current_user_id();
1285
		}
1286
		Jetpack::load_xml_rpc_client();
1287
		$xml = new Jetpack_IXR_Client( array(
1288
			'user_id' => $user_id,
1289
		) );
1290
		$xml->query( 'wpcom.getUserEmail' );
1291
		if ( ! $xml->isError() ) {
1292
			return $xml->getResponse();
1293
		}
1294
		return false;
1295
	}
1296
1297
	/**
1298
	 * Get the wpcom email of the master user.
1299
	 */
1300
	public static function get_master_user_email() {
1301
		$master_user_id = Jetpack_Options::get_option( 'master_user' );
1302
		if ( $master_user_id ) {
1303
			return self::get_connected_user_email( $master_user_id );
1304
		}
1305
		return '';
1306
	}
1307
1308
	function current_user_is_connection_owner() {
1309
		$user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1310
		return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && get_current_user_id() === $user_token->external_user_id;
1311
	}
1312
1313
	/**
1314
	 * Add any extra oEmbed providers that we know about and use on wpcom for feature parity.
1315
	 */
1316
	function extra_oembed_providers() {
1317
		// Cloudup: https://dev.cloudup.com/#oembed
1318
		wp_oembed_add_provider( 'https://cloudup.com/*' , 'https://cloudup.com/oembed' );
1319
		wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' );
1320
		wp_oembed_add_provider( '#https?://(www\.)?gfycat\.com/.*#i', 'https://api.gfycat.com/v1/oembed', true );
1321
		wp_oembed_add_provider( '#https?://[^.]+\.(wistia\.com|wi\.st)/(medias|embed)/.*#', 'https://fast.wistia.com/oembed', true );
1322
		wp_oembed_add_provider( '#https?://sketchfab\.com/.*#i', 'https://sketchfab.com/oembed', true );
1323
	}
1324
1325
	/**
1326
	 * Synchronize connected user role changes
1327
	 */
1328
	function user_role_change( $user_id ) {
1329
		if ( Jetpack::is_active() && Jetpack::is_user_connected( $user_id ) ) {
1330
			$current_user_id = get_current_user_id();
1331
			wp_set_current_user( $user_id );
1332
			$role = $this->translate_current_user_to_role();
1333
			$signed_role = $this->sign_role( $role );
1334
			wp_set_current_user( $current_user_id );
1335
1336
			$master_token   = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1337
			$master_user_id = absint( $master_token->external_user_id );
1338
1339
			if ( ! $master_user_id )
1340
				return; // this shouldn't happen
1341
1342
			Jetpack::xmlrpc_async_call( 'jetpack.updateRole', $user_id, $signed_role );
1343
			//@todo retry on failure
1344
1345
			//try to choose a new master if we're demoting the current one
1346 View Code Duplication
			if ( $user_id == $master_user_id && 'administrator' != $role ) {
1347
				$query = new WP_User_Query(
1348
					array(
1349
						'fields'  => array( 'id' ),
1350
						'role'    => 'administrator',
1351
						'orderby' => 'id',
1352
						'exclude' => array( $master_user_id ),
1353
					)
1354
				);
1355
				$new_master = false;
1356
				foreach ( $query->results as $result ) {
1357
					$uid = absint( $result->id );
1358
					if ( $uid && Jetpack::is_user_connected( $uid ) ) {
1359
						$new_master = $uid;
1360
						break;
1361
					}
1362
				}
1363
1364
				if ( $new_master ) {
1365
					Jetpack_Options::update_option( 'master_user', $new_master );
1366
				}
1367
				// else disconnect..?
1368
			}
1369
		}
1370
	}
1371
1372
	/**
1373
	 * Loads the currently active modules.
1374
	 */
1375
	public static function load_modules() {
1376
		if ( ! self::is_active() && !self::is_development_mode() ) {
1377
			if ( ! is_multisite() || ! get_site_option( 'jetpack_protect_active' ) ) {
1378
				return;
1379
			}
1380
		}
1381
1382
		$version = Jetpack_Options::get_option( 'version' );
1383 View Code Duplication
		if ( ! $version ) {
1384
			$version = $old_version = JETPACK__VERSION . ':' . time();
1385
			/** This action is documented in class.jetpack.php */
1386
			do_action( 'updating_jetpack_version', $version, false );
1387
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1388
		}
1389
		list( $version ) = explode( ':', $version );
1390
1391
		$modules = array_filter( Jetpack::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1392
1393
		$modules_data = array();
1394
1395
		// Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1396
		if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1397
			$updated_modules = array();
1398
			foreach ( $modules as $module ) {
1399
				$modules_data[ $module ] = Jetpack::get_module( $module );
1400
				if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1401
					continue;
1402
				}
1403
1404
				if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1405
					continue;
1406
				}
1407
1408
				$updated_modules[] = $module;
1409
			}
1410
1411
			$modules = array_diff( $modules, $updated_modules );
1412
		}
1413
1414
		$is_development_mode = Jetpack::is_development_mode();
1415
1416
		foreach ( $modules as $index => $module ) {
1417
			// If we're in dev mode, disable modules requiring a connection
1418
			if ( $is_development_mode ) {
1419
				// Prime the pump if we need to
1420
				if ( empty( $modules_data[ $module ] ) ) {
1421
					$modules_data[ $module ] = Jetpack::get_module( $module );
1422
				}
1423
				// If the module requires a connection, but we're in local mode, don't include it.
1424
				if ( $modules_data[ $module ]['requires_connection'] ) {
1425
					continue;
1426
				}
1427
			}
1428
1429
			if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1430
				continue;
1431
			}
1432
1433
			if ( ! @include( Jetpack::get_module_path( $module ) ) ) {
1434
				unset( $modules[ $index ] );
1435
				Jetpack_Options::update_option( 'active_modules', array_values( $modules ) );
1436
				continue;
1437
			}
1438
1439
			/**
1440
			 * Fires when a specific module is loaded.
1441
			 * The dynamic part of the hook, $module, is the module slug.
1442
			 *
1443
			 * @since 1.1.0
1444
			 */
1445
			do_action( 'jetpack_module_loaded_' . $module );
1446
		}
1447
1448
		/**
1449
		 * Fires when all the modules are loaded.
1450
		 *
1451
		 * @since 1.1.0
1452
		 */
1453
		do_action( 'jetpack_modules_loaded' );
1454
1455
		// Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1456
		if ( Jetpack::is_active() || Jetpack::is_development_mode() )
1457
			require_once( JETPACK__PLUGIN_DIR . 'modules/module-extras.php' );
1458
	}
1459
1460
	/**
1461
	 * Check if Jetpack's REST API compat file should be included
1462
	 * @action plugins_loaded
1463
	 * @return null
1464
	 */
1465
	public function check_rest_api_compat() {
1466
		/**
1467
		 * Filters the list of REST API compat files to be included.
1468
		 *
1469
		 * @since 2.2.5
1470
		 *
1471
		 * @param array $args Array of REST API compat files to include.
1472
		 */
1473
		$_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1474
1475
		if ( function_exists( 'bbpress' ) )
1476
			$_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php';
1477
1478
		foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include )
1479
			require_once $_jetpack_rest_api_compat_include;
1480
	}
1481
1482
	/**
1483
	 * Gets all plugins currently active in values, regardless of whether they're
1484
	 * traditionally activated or network activated.
1485
	 *
1486
	 * @todo Store the result in core's object cache maybe?
1487
	 */
1488
	public static function get_active_plugins() {
1489
		$active_plugins = (array) get_option( 'active_plugins', array() );
1490
1491
		if ( is_multisite() ) {
1492
			// Due to legacy code, active_sitewide_plugins stores them in the keys,
1493
			// whereas active_plugins stores them in the values.
1494
			$network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
1495
			if ( $network_plugins ) {
1496
				$active_plugins = array_merge( $active_plugins, $network_plugins );
1497
			}
1498
		}
1499
1500
		sort( $active_plugins );
1501
1502
		return array_unique( $active_plugins );
1503
	}
1504
1505
	/**
1506
	 * Gets and parses additional plugin data to send with the heartbeat data
1507
	 *
1508
	 * @since 3.8.1
1509
	 *
1510
	 * @return array Array of plugin data
1511
	 */
1512
	public static function get_parsed_plugin_data() {
1513
		if ( ! function_exists( 'get_plugins' ) ) {
1514
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1515
		}
1516
		$all_plugins    = get_plugins();
1517
		$active_plugins = Jetpack::get_active_plugins();
1518
1519
		$plugins = array();
1520
		foreach ( $all_plugins as $path => $plugin_data ) {
1521
			$plugins[ $path ] = array(
1522
					'is_active' => in_array( $path, $active_plugins ),
1523
					'file'      => $path,
1524
					'name'      => $plugin_data['Name'],
1525
					'version'   => $plugin_data['Version'],
1526
					'author'    => $plugin_data['Author'],
1527
			);
1528
		}
1529
1530
		return $plugins;
1531
	}
1532
1533
	/**
1534
	 * Gets and parses theme data to send with the heartbeat data
1535
	 *
1536
	 * @since 3.8.1
1537
	 *
1538
	 * @return array Array of theme data
1539
	 */
1540
	public static function get_parsed_theme_data() {
1541
		$all_themes = wp_get_themes( array( 'allowed' => true ) );
1542
		$header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
1543
1544
		$themes = array();
1545
		foreach ( $all_themes as $slug => $theme_data ) {
1546
			$theme_headers = array();
1547
			foreach ( $header_keys as $header_key ) {
1548
				$theme_headers[ $header_key ] = $theme_data->get( $header_key );
1549
			}
1550
1551
			$themes[ $slug ] = array(
1552
					'is_active_theme' => $slug == wp_get_theme()->get_template(),
1553
					'slug' => $slug,
1554
					'theme_root' => $theme_data->get_theme_root_uri(),
1555
					'parent' => $theme_data->parent(),
1556
					'headers' => $theme_headers
1557
			);
1558
		}
1559
1560
		return $themes;
1561
	}
1562
1563
	/**
1564
	 * Checks whether a specific plugin is active.
1565
	 *
1566
	 * We don't want to store these in a static variable, in case
1567
	 * there are switch_to_blog() calls involved.
1568
	 */
1569
	public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
1570
		return in_array( $plugin, self::get_active_plugins() );
1571
	}
1572
1573
	/**
1574
	 * Check if Jetpack's Open Graph tags should be used.
1575
	 * If certain plugins are active, Jetpack's og tags are suppressed.
1576
	 *
1577
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1578
	 * @action plugins_loaded
1579
	 * @return null
1580
	 */
1581
	public function check_open_graph() {
1582
		if ( in_array( 'publicize', Jetpack::get_active_modules() ) || in_array( 'sharedaddy', Jetpack::get_active_modules() ) ) {
1583
			add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
1584
		}
1585
1586
		$active_plugins = self::get_active_plugins();
1587
1588
		if ( ! empty( $active_plugins ) ) {
1589
			foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
1590
				if ( in_array( $plugin, $active_plugins ) ) {
1591
					add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
1592
					break;
1593
				}
1594
			}
1595
		}
1596
1597
		/**
1598
		 * Allow the addition of Open Graph Meta Tags to all pages.
1599
		 *
1600
		 * @since 2.0.3
1601
		 *
1602
		 * @param bool false Should Open Graph Meta tags be added. Default to false.
1603
		 */
1604
		if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
1605
			require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
1606
		}
1607
	}
1608
1609
	/**
1610
	 * Check if Jetpack's Twitter tags should be used.
1611
	 * If certain plugins are active, Jetpack's twitter tags are suppressed.
1612
	 *
1613
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1614
	 * @action plugins_loaded
1615
	 * @return null
1616
	 */
1617
	public function check_twitter_tags() {
1618
1619
		$active_plugins = self::get_active_plugins();
1620
1621
		if ( ! empty( $active_plugins ) ) {
1622
			foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
1623
				if ( in_array( $plugin, $active_plugins ) ) {
1624
					add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
1625
					break;
1626
				}
1627
			}
1628
		}
1629
1630
		/**
1631
		 * Allow Twitter Card Meta tags to be disabled.
1632
		 *
1633
		 * @since 2.6.0
1634
		 *
1635
		 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
1636
		 */
1637
		if ( ! apply_filters( 'jetpack_disable_twitter_cards', false ) ) {
1638
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
1639
		}
1640
	}
1641
1642
1643
1644
1645
	/*
1646
	 *
1647
	 * Jetpack Security Reports
1648
	 *
1649
	 * Allowed types: login_form, backup, file_scanning, spam
1650
	 *
1651
	 * Args for login_form and spam: 'blocked'=>(int)(optional), 'status'=>(string)(ok, warning, error), 'message'=>(optional, disregarded if status is ok, allowed tags: a, em, strong)
1652
	 *
1653
	 * Args for backup and file_scanning: 'last'=>(timestamp)(optional), 'next'=>(timestamp)(optional), 'status'=>(string)(ok, warning, error), 'message'=>(optional, disregarded if status is ok, allowed tags: a, em, strong)
1654
	 *
1655
	 *
1656
	 * Example code to submit a security report:
1657
	 *
1658
	 *  function akismet_submit_jetpack_security_report() {
1659
	 *  	Jetpack::submit_security_report( 'spam', __FILE__, $args = array( 'blocked' => 138284, status => 'ok' ) );
1660
	 *  }
1661
	 *  add_action( 'jetpack_security_report', 'akismet_submit_jetpack_security_report' );
1662
	 *
1663
	 */
1664
1665
1666
	/**
1667
	 * Calls for security report submissions.
1668
	 *
1669
	 * @return null
1670
	 */
1671
	public static function perform_security_reporting() {
1672
		$no_check_needed = get_site_transient( 'security_report_performed_recently' );
1673
1674
		if ( $no_check_needed ) {
1675
			return;
1676
		}
1677
1678
		/**
1679
		 * Fires before a security report is created.
1680
		 *
1681
		 * @since 3.4.0
1682
		 */
1683
		do_action( 'jetpack_security_report' );
1684
1685
		Jetpack_Options::update_option( 'security_report', self::$security_report );
1686
		set_site_transient( 'security_report_performed_recently', 1, 15 * MINUTE_IN_SECONDS );
1687
	}
1688
1689
	/**
1690
	 * Allows plugins to submit security reports.
1691
 	 *
1692
	 * @param string  $type         Report type (login_form, backup, file_scanning, spam)
1693
	 * @param string  $plugin_file  Plugin __FILE__, so that we can pull plugin data
1694
	 * @param array   $args         See definitions above
1695
	 */
1696
	public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
1697
1698
		if( !doing_action( 'jetpack_security_report' ) ) {
1699
			return new WP_Error( 'not_collecting_report', 'Not currently collecting security reports.  Please use the jetpack_security_report hook.' );
1700
		}
1701
1702
		if( !is_string( $type ) || !is_string( $plugin_file ) ) {
1703
			return new WP_Error( 'invalid_security_report', 'Invalid Security Report' );
1704
		}
1705
1706
		if( !function_exists( 'get_plugin_data' ) ) {
1707
			include( ABSPATH . 'wp-admin/includes/plugin.php' );
1708
		}
1709
1710
		//Get rid of any non-allowed args
1711
		$args = array_intersect_key( $args, array_flip( array( 'blocked', 'last', 'next', 'status', 'message' ) ) );
1712
1713
		$plugin = get_plugin_data( $plugin_file );
1714
1715
		if ( !$plugin['Name'] ) {
1716
			return new WP_Error( 'security_report_missing_plugin_name', 'Invalid Plugin File Provided' );
1717
		}
1718
1719
		// Sanitize everything to make sure we're not syncing something wonky
1720
		$type = sanitize_key( $type );
1721
1722
		$args['plugin'] = $plugin;
1723
1724
		// Cast blocked, last and next as integers.
1725
		// Last and next should be in unix timestamp format
1726
		if ( isset( $args['blocked'] ) ) {
1727
			$args['blocked'] = (int) $args['blocked'];
1728
		}
1729
		if ( isset( $args['last'] ) ) {
1730
			$args['last'] = (int) $args['last'];
1731
		}
1732
		if ( isset( $args['next'] ) ) {
1733
			$args['next'] = (int) $args['next'];
1734
		}
1735
		if ( !in_array( $args['status'], array( 'ok', 'warning', 'error' ) ) ) {
1736
			$args['status'] = 'ok';
1737
		}
1738
		if ( isset( $args['message'] ) ) {
1739
1740
			if( $args['status'] == 'ok' ) {
1741
				unset( $args['message'] );
1742
			}
1743
1744
			$allowed_html = array(
1745
			    'a' => array(
1746
			        'href' => array(),
1747
			        'title' => array()
1748
			    ),
1749
			    'em' => array(),
1750
			    'strong' => array(),
1751
			);
1752
1753
			$args['message'] = wp_kses( $args['message'], $allowed_html );
1754
		}
1755
1756
		$plugin_name = $plugin[ 'Name' ];
1757
1758
		self::$security_report[ $type ][ $plugin_name ] = $args;
1759
	}
1760
1761
	/**
1762
	 * Collects a new report if needed, then returns it.
1763
	 */
1764
	public function get_security_report() {
1765
		self::perform_security_reporting();
1766
		return Jetpack_Options::get_option( 'security_report' );
1767
	}
1768
1769
1770
/* Jetpack Options API */
1771
1772
	public static function get_option_names( $type = 'compact' ) {
1773
		return Jetpack_Options::get_option_names( $type );
1774
	}
1775
1776
	/**
1777
	 * Returns the requested option.  Looks in jetpack_options or jetpack_$name as appropriate.
1778
 	 *
1779
	 * @param string $name    Option name
1780
	 * @param mixed  $default (optional)
1781
	 */
1782
	public static function get_option( $name, $default = false ) {
1783
		return Jetpack_Options::get_option( $name, $default );
1784
	}
1785
1786
	/**
1787
	* Stores two secrets and a timestamp so WordPress.com can make a request back and verify an action
1788
	* Does some extra verification so urls (such as those to public-api, register, etc) can't just be crafted
1789
	* $name must be a registered option name.
1790
	*/
1791
	public static function create_nonce( $name ) {
1792
		$secret = wp_generate_password( 32, false ) . ':' . wp_generate_password( 32, false ) . ':' . ( time() + 600 );
1793
1794
		Jetpack_Options::update_option( $name, $secret );
1795
		@list( $secret_1, $secret_2, $eol ) = explode( ':', Jetpack_Options::get_option( $name ) );
1796
		if ( empty( $secret_1 ) || empty( $secret_2 ) || $eol < time() )
1797
			return new Jetpack_Error( 'missing_secrets' );
1798
1799
		return array(
1800
			'secret_1' => $secret_1,
1801
			'secret_2' => $secret_2,
1802
			'eol'      => $eol,
1803
		);
1804
	}
1805
1806
	/**
1807
	 * Updates the single given option.  Updates jetpack_options or jetpack_$name as appropriate.
1808
 	 *
1809
	 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
1810
	 * @param string $name  Option name
1811
	 * @param mixed  $value Option value
1812
	 */
1813
	public static function update_option( $name, $value ) {
1814
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
1815
		return Jetpack_Options::update_option( $name, $value );
1816
	}
1817
1818
	/**
1819
	 * Updates the multiple given options.  Updates jetpack_options and/or jetpack_$name as appropriate.
1820
 	 *
1821
	 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
1822
	 * @param array $array array( option name => option value, ... )
1823
	 */
1824
	public static function update_options( $array ) {
1825
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
1826
		return Jetpack_Options::update_options( $array );
1827
	}
1828
1829
	/**
1830
	 * Deletes the given option.  May be passed multiple option names as an array.
1831
	 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
1832
	 *
1833
	 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
1834
	 * @param string|array $names
1835
	 */
1836
	public static function delete_option( $names ) {
1837
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
1838
		return Jetpack_Options::delete_option( $names );
1839
	}
1840
1841
	/**
1842
	 * Enters a user token into the user_tokens option
1843
	 *
1844
	 * @param int $user_id
1845
	 * @param string $token
1846
	 * return bool
1847
	 */
1848
	public static function update_user_token( $user_id, $token, $is_master_user ) {
1849
		// not designed for concurrent updates
1850
		$user_tokens = Jetpack_Options::get_option( 'user_tokens' );
1851
		if ( ! is_array( $user_tokens ) )
1852
			$user_tokens = array();
1853
		$user_tokens[$user_id] = $token;
1854
		if ( $is_master_user ) {
1855
			$master_user = $user_id;
1856
			$options     = compact( 'user_tokens', 'master_user' );
1857
		} else {
1858
			$options = compact( 'user_tokens' );
1859
		}
1860
		return Jetpack_Options::update_options( $options );
1861
	}
1862
1863
	/**
1864
	 * Returns an array of all PHP files in the specified absolute path.
1865
	 * Equivalent to glob( "$absolute_path/*.php" ).
1866
	 *
1867
	 * @param string $absolute_path The absolute path of the directory to search.
1868
	 * @return array Array of absolute paths to the PHP files.
1869
	 */
1870
	public static function glob_php( $absolute_path ) {
1871
		if ( function_exists( 'glob' ) ) {
1872
			return glob( "$absolute_path/*.php" );
1873
		}
1874
1875
		$absolute_path = untrailingslashit( $absolute_path );
1876
		$files = array();
1877
		if ( ! $dir = @opendir( $absolute_path ) ) {
1878
			return $files;
1879
		}
1880
1881
		while ( false !== $file = readdir( $dir ) ) {
1882
			if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
1883
				continue;
1884
			}
1885
1886
			$file = "$absolute_path/$file";
1887
1888
			if ( ! is_file( $file ) ) {
1889
				continue;
1890
			}
1891
1892
			$files[] = $file;
1893
		}
1894
1895
		closedir( $dir );
1896
1897
		return $files;
1898
	}
1899
1900
	public static function activate_new_modules( $redirect = false ) {
1901
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
1902
			return;
1903
		}
1904
1905
		$jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
1906 View Code Duplication
		if ( ! $jetpack_old_version ) {
1907
			$jetpack_old_version = $version = $old_version = '1.1:' . time();
1908
			/** This action is documented in class.jetpack.php */
1909
			do_action( 'updating_jetpack_version', $version, false );
1910
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1911
		}
1912
1913
		list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
1914
1915
		if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
1916
			return;
1917
		}
1918
1919
		$active_modules     = Jetpack::get_active_modules();
1920
		$reactivate_modules = array();
1921
		foreach ( $active_modules as $active_module ) {
1922
			$module = Jetpack::get_module( $active_module );
1923
			if ( ! isset( $module['changed'] ) ) {
1924
				continue;
1925
			}
1926
1927
			if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
1928
				continue;
1929
			}
1930
1931
			$reactivate_modules[] = $active_module;
1932
			Jetpack::deactivate_module( $active_module );
1933
		}
1934
1935
		$new_version = JETPACK__VERSION . ':' . time();
1936
		/** This action is documented in class.jetpack.php */
1937
		do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
1938
		Jetpack_Options::update_options(
1939
			array(
1940
				'version'     => $new_version,
1941
				'old_version' => $jetpack_old_version,
1942
			)
1943
		);
1944
1945
		Jetpack::state( 'message', 'modules_activated' );
1946
		Jetpack::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules );
1947
1948
		if ( $redirect ) {
1949
			$page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
1950
			if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
1951
				$page = $_GET['page'];
1952
			}
1953
1954
			wp_safe_redirect( Jetpack::admin_url( 'page=' . $page ) );
1955
			exit;
1956
		}
1957
	}
1958
1959
	/**
1960
	 * List available Jetpack modules. Simply lists .php files in /modules/.
1961
	 * Make sure to tuck away module "library" files in a sub-directory.
1962
	 */
1963
	public static function get_available_modules( $min_version = false, $max_version = false ) {
1964
		static $modules = null;
1965
1966
		if ( ! isset( $modules ) ) {
1967
			$available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
1968
			// Use the cache if we're on the front-end and it's available...
1969
			if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
1970
				$modules = $available_modules_option[ JETPACK__VERSION ];
1971
			} else {
1972
				$files = Jetpack::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
1973
1974
				$modules = array();
1975
1976
				foreach ( $files as $file ) {
1977
					if ( ! $headers = Jetpack::get_module( $file ) ) {
1978
						continue;
1979
					}
1980
1981
					$modules[ Jetpack::get_module_slug( $file ) ] = $headers['introduced'];
1982
				}
1983
1984
				Jetpack_Options::update_option( 'available_modules', array(
1985
					JETPACK__VERSION => $modules,
1986
				) );
1987
			}
1988
		}
1989
1990
		/**
1991
		 * Filters the array of modules available to be activated.
1992
		 *
1993
		 * @since 2.4.0
1994
		 *
1995
		 * @param array $modules Array of available modules.
1996
		 * @param string $min_version Minimum version number required to use modules.
1997
		 * @param string $max_version Maximum version number required to use modules.
1998
		 */
1999
		$mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2000
2001
		if ( ! $min_version && ! $max_version ) {
2002
			return array_keys( $mods );
2003
		}
2004
2005
		$r = array();
2006
		foreach ( $mods as $slug => $introduced ) {
2007
			if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2008
				continue;
2009
			}
2010
2011
			if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2012
				continue;
2013
			}
2014
2015
			$r[] = $slug;
2016
		}
2017
2018
		return $r;
2019
	}
2020
2021
	/**
2022
	 * Default modules loaded on activation.
2023
	 */
2024
	public static function get_default_modules( $min_version = false, $max_version = false ) {
2025
		$return = array();
2026
2027
		foreach ( Jetpack::get_available_modules( $min_version, $max_version ) as $module ) {
2028
			$module_data = Jetpack::get_module( $module );
2029
2030
			switch ( strtolower( $module_data['auto_activate'] ) ) {
2031
				case 'yes' :
2032
					$return[] = $module;
2033
					break;
2034
				case 'public' :
2035
					if ( Jetpack_Options::get_option( 'public' ) ) {
2036
						$return[] = $module;
2037
					}
2038
					break;
2039
				case 'no' :
2040
				default :
2041
					break;
2042
			}
2043
		}
2044
		/**
2045
		 * Filters the array of default modules.
2046
		 *
2047
		 * @since 2.5.0
2048
		 *
2049
		 * @param array $return Array of default modules.
2050
		 * @param string $min_version Minimum version number required to use modules.
2051
		 * @param string $max_version Maximum version number required to use modules.
2052
		 */
2053
		return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2054
	}
2055
2056
	/**
2057
	 * Checks activated modules during auto-activation to determine
2058
	 * if any of those modules are being deprecated.  If so, close
2059
	 * them out, and add any replacement modules.
2060
	 *
2061
	 * Runs at priority 99 by default.
2062
	 *
2063
	 * This is run late, so that it can still activate a module if
2064
	 * the new module is a replacement for another that the user
2065
	 * currently has active, even if something at the normal priority
2066
	 * would kibosh everything.
2067
	 *
2068
	 * @since 2.6
2069
	 * @uses jetpack_get_default_modules filter
2070
	 * @param array $modules
2071
	 * @return array
2072
	 */
2073
	function handle_deprecated_modules( $modules ) {
2074
		$deprecated_modules = array(
2075
			'debug'            => null,  // Closed out and moved to ./class.jetpack-debugger.php
2076
			'wpcc'             => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2077
			'gplus-authorship' => null,  // Closed out in 3.2 -- Google dropped support.
2078
		);
2079
2080
		// Don't activate SSO if they never completed activating WPCC.
2081
		if ( Jetpack::is_module_active( 'wpcc' ) ) {
2082
			$wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2083
			if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2084
				$deprecated_modules['wpcc'] = null;
2085
			}
2086
		}
2087
2088
		foreach ( $deprecated_modules as $module => $replacement ) {
2089
			if ( Jetpack::is_module_active( $module ) ) {
2090
				self::deactivate_module( $module );
2091
				if ( $replacement ) {
2092
					$modules[] = $replacement;
2093
				}
2094
			}
2095
		}
2096
2097
		return array_unique( $modules );
2098
	}
2099
2100
	/**
2101
	 * Checks activated plugins during auto-activation to determine
2102
	 * if any of those plugins are in the list with a corresponding module
2103
	 * that is not compatible with the plugin. The module will not be allowed
2104
	 * to auto-activate.
2105
	 *
2106
	 * @since 2.6
2107
	 * @uses jetpack_get_default_modules filter
2108
	 * @param array $modules
2109
	 * @return array
2110
	 */
2111
	function filter_default_modules( $modules ) {
2112
2113
		$active_plugins = self::get_active_plugins();
2114
2115
		if ( ! empty( $active_plugins ) ) {
2116
2117
			// For each module we'd like to auto-activate...
2118
			foreach ( $modules as $key => $module ) {
2119
				// If there are potential conflicts for it...
2120
				if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2121
					// For each potential conflict...
2122
					foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2123
						// If that conflicting plugin is active...
2124
						if ( in_array( $plugin, $active_plugins ) ) {
2125
							// Remove that item from being auto-activated.
2126
							unset( $modules[ $key ] );
2127
						}
2128
					}
2129
				}
2130
			}
2131
		}
2132
2133
		return $modules;
2134
	}
2135
2136
	/**
2137
	 * Extract a module's slug from its full path.
2138
	 */
2139
	public static function get_module_slug( $file ) {
2140
		return str_replace( '.php', '', basename( $file ) );
2141
	}
2142
2143
	/**
2144
	 * Generate a module's path from its slug.
2145
	 */
2146
	public static function get_module_path( $slug ) {
2147
		return JETPACK__PLUGIN_DIR . "modules/$slug.php";
2148
	}
2149
2150
	/**
2151
	 * Load module data from module file. Headers differ from WordPress
2152
	 * plugin headers to avoid them being identified as standalone
2153
	 * plugins on the WordPress plugins page.
2154
	 */
2155
	public static function get_module( $module ) {
2156
		$headers = array(
2157
			'name'                      => 'Module Name',
2158
			'description'               => 'Module Description',
2159
			'jumpstart_desc'            => 'Jumpstart Description',
2160
			'sort'                      => 'Sort Order',
2161
			'recommendation_order'      => 'Recommendation Order',
2162
			'introduced'                => 'First Introduced',
2163
			'changed'                   => 'Major Changes In',
2164
			'deactivate'                => 'Deactivate',
2165
			'free'                      => 'Free',
2166
			'requires_connection'       => 'Requires Connection',
2167
			'auto_activate'             => 'Auto Activate',
2168
			'module_tags'               => 'Module Tags',
2169
			'feature'                   => 'Feature',
2170
			'additional_search_queries' => 'Additional Search Queries',
2171
		);
2172
2173
		$file = Jetpack::get_module_path( Jetpack::get_module_slug( $module ) );
2174
2175
		$mod = Jetpack::get_file_data( $file, $headers );
2176
		if ( empty( $mod['name'] ) ) {
2177
			return false;
2178
		}
2179
2180
		$mod['sort']                    = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2181
		$mod['recommendation_order']    = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2182
		$mod['deactivate']              = empty( $mod['deactivate'] );
2183
		$mod['free']                    = empty( $mod['free'] );
2184
		$mod['requires_connection']     = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2185
2186
		if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2187
			$mod['auto_activate'] = 'No';
2188
		} else {
2189
			$mod['auto_activate'] = (string) $mod['auto_activate'];
2190
		}
2191
2192
		if ( $mod['module_tags'] ) {
2193
			$mod['module_tags'] = explode( ',', $mod['module_tags'] );
2194
			$mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2195
			$mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2196
		} else {
2197
			$mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2198
		}
2199
2200
		if ( $mod['feature'] ) {
2201
			$mod['feature'] = explode( ',', $mod['feature'] );
2202
			$mod['feature'] = array_map( 'trim', $mod['feature'] );
2203
		} else {
2204
			$mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2205
		}
2206
2207
		/**
2208
		 * Filters the feature array on a module.
2209
		 *
2210
		 * This filter allows you to control where each module is filtered: Recommended,
2211
		 * Jumpstart, and the default "Other" listing.
2212
		 *
2213
		 * @since 3.5.0
2214
		 *
2215
		 * @param array   $mod['feature'] The areas to feature this module:
2216
		 *     'Jumpstart' adds to the "Jumpstart" option to activate many modules at once.
2217
		 *     'Recommended' shows on the main Jetpack admin screen.
2218
		 *     'Other' should be the default if no other value is in the array.
2219
		 * @param string  $module The slug of the module, e.g. sharedaddy.
2220
		 * @param array   $mod All the currently assembled module data.
2221
		 */
2222
		$mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2223
2224
		/**
2225
		 * Filter the returned data about a module.
2226
		 *
2227
		 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2228
		 * so please be careful.
2229
		 *
2230
		 * @since 3.6.0
2231
		 *
2232
		 * @param array   $mod    The details of the requested module.
2233
		 * @param string  $module The slug of the module, e.g. sharedaddy
2234
		 * @param string  $file   The path to the module source file.
2235
		 */
2236
		return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2237
	}
2238
2239
	/**
2240
	 * Like core's get_file_data implementation, but caches the result.
2241
	 */
2242
	public static function get_file_data( $file, $headers ) {
2243
		//Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2244
		$file_name = basename( $file );
2245
		$file_data_option = Jetpack_Options::get_option( 'file_data', array() );
2246
		$key              = md5( $file_name . serialize( $headers ) );
2247
		$refresh_cache    = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2248
2249
		// If we don't need to refresh the cache, and already have the value, short-circuit!
2250
		if ( ! $refresh_cache && isset( $file_data_option[ JETPACK__VERSION ][ $key ] ) ) {
2251
			return $file_data_option[ JETPACK__VERSION ][ $key ];
2252
		}
2253
2254
		$data = get_file_data( $file, $headers );
2255
2256
		// Strip out any old Jetpack versions that are cluttering the option.
2257
		$file_data_option = array_intersect_key( (array) $file_data_option, array( JETPACK__VERSION => null ) );
2258
		$file_data_option[ JETPACK__VERSION ][ $key ] = $data;
2259
		Jetpack_Options::update_option( 'file_data', $file_data_option );
2260
2261
		return $data;
2262
	}
2263
2264
	/**
2265
	 * Return translated module tag.
2266
	 *
2267
	 * @param string $tag Tag as it appears in each module heading.
2268
	 *
2269
	 * @return mixed
2270
	 */
2271
	public static function translate_module_tag( $tag ) {
2272
		return jetpack_get_module_i18n_tag( $tag );
2273
	}
2274
2275
	/**
2276
	 * Return module name translation. Uses matching string created in modules/module-headings.php.
2277
	 *
2278
	 * @since 3.9.2
2279
	 *
2280
	 * @param array $modules
2281
	 *
2282
	 * @return string|void
2283
	 */
2284
	public static function get_translated_modules( $modules ) {
2285
		foreach ( $modules as $index => $module ) {
2286
			$i18n_module = jetpack_get_module_i18n( $module['module'] );
2287
			if ( isset( $module['name'] ) ) {
2288
				$modules[ $index ]['name'] = $i18n_module['name'];
2289
			}
2290
			if ( isset( $module['description'] ) ) {
2291
				$modules[ $index ]['description'] = $i18n_module['description'];
2292
				$modules[ $index ]['short_description'] = $i18n_module['description'];
2293
			}
2294
		}
2295
		return $modules;
2296
	}
2297
2298
	/**
2299
	 * Get a list of activated modules as an array of module slugs.
2300
	 */
2301
	public static function get_active_modules() {
2302
		$active = Jetpack_Options::get_option( 'active_modules' );
2303
		if ( ! is_array( $active ) )
2304
			$active = array();
2305
		if ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) {
2306
			$active[] = 'vaultpress';
2307
		} else {
2308
			$active = array_diff( $active, array( 'vaultpress' ) );
2309
		}
2310
2311
		//If protect is active on the main site of a multisite, it should be active on all sites.
2312
		if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2313
			$active[] = 'protect';
2314
		}
2315
2316
		return array_unique( $active );
2317
	}
2318
2319
	/**
2320
	 * Check whether or not a Jetpack module is active.
2321
	 *
2322
	 * @param string $module The slug of a Jetpack module.
2323
	 * @return bool
2324
	 *
2325
	 * @static
2326
	 */
2327
	public static function is_module_active( $module ) {
2328
		return in_array( $module, self::get_active_modules() );
2329
	}
2330
2331
	public static function is_module( $module ) {
2332
		return ! empty( $module ) && ! validate_file( $module, Jetpack::get_available_modules() );
2333
	}
2334
2335
	/**
2336
	 * Catches PHP errors.  Must be used in conjunction with output buffering.
2337
	 *
2338
	 * @param bool $catch True to start catching, False to stop.
2339
	 *
2340
	 * @static
2341
	 */
2342
	public static function catch_errors( $catch ) {
2343
		static $display_errors, $error_reporting;
2344
2345
		if ( $catch ) {
2346
			$display_errors  = @ini_set( 'display_errors', 1 );
2347
			$error_reporting = @error_reporting( E_ALL );
2348
			add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2349
		} else {
2350
			@ini_set( 'display_errors', $display_errors );
2351
			@error_reporting( $error_reporting );
2352
			remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2353
		}
2354
	}
2355
2356
	/**
2357
	 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2358
	 */
2359
	public static function catch_errors_on_shutdown() {
2360
		Jetpack::state( 'php_errors', ob_get_clean() );
2361
	}
2362
2363
	public static function activate_default_modules( $min_version = false, $max_version = false, $other_modules = array(), $redirect = true ) {
2364
		$jetpack = Jetpack::init();
2365
2366
		$modules = Jetpack::get_default_modules( $min_version, $max_version );
2367
		$modules = array_merge( $other_modules, $modules );
2368
2369
		// Look for standalone plugins and disable if active.
2370
2371
		$to_deactivate = array();
2372
		foreach ( $modules as $module ) {
2373
			if ( isset( $jetpack->plugins_to_deactivate[$module] ) ) {
2374
				$to_deactivate[$module] = $jetpack->plugins_to_deactivate[$module];
2375
			}
2376
		}
2377
2378
		$deactivated = array();
2379
		foreach ( $to_deactivate as $module => $deactivate_me ) {
2380
			list( $probable_file, $probable_title ) = $deactivate_me;
2381
			if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2382
				$deactivated[] = $module;
2383
			}
2384
		}
2385
2386
		if ( $deactivated && $redirect ) {
2387
			Jetpack::state( 'deactivated_plugins', join( ',', $deactivated ) );
2388
2389
			$url = add_query_arg(
2390
				array(
2391
					'action'   => 'activate_default_modules',
2392
					'_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2393
				),
2394
				add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), Jetpack::admin_url( 'page=jetpack' ) )
2395
			);
2396
			wp_safe_redirect( $url );
2397
			exit;
2398
		}
2399
2400
		/**
2401
		 * Fires before default modules are activated.
2402
		 *
2403
		 * @since 1.9.0
2404
		 *
2405
		 * @param string $min_version Minimum version number required to use modules.
2406
		 * @param string $max_version Maximum version number required to use modules.
2407
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2408
		 */
2409
		do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2410
2411
		// Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2412
		Jetpack::restate();
2413
		Jetpack::catch_errors( true );
2414
2415
		$active = Jetpack::get_active_modules();
2416
2417
		foreach ( $modules as $module ) {
2418
			if ( did_action( "jetpack_module_loaded_$module" ) ) {
2419
				$active[] = $module;
2420
				Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2421
				continue;
2422
			}
2423
2424
			if ( in_array( $module, $active ) ) {
2425
				$module_info = Jetpack::get_module( $module );
2426
				if ( ! $module_info['deactivate'] ) {
2427
					$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2428 View Code Duplication
					if ( $active_state = Jetpack::state( $state ) ) {
2429
						$active_state = explode( ',', $active_state );
2430
					} else {
2431
						$active_state = array();
2432
					}
2433
					$active_state[] = $module;
2434
					Jetpack::state( $state, implode( ',', $active_state ) );
2435
				}
2436
				continue;
2437
			}
2438
2439
			$file = Jetpack::get_module_path( $module );
2440
			if ( ! file_exists( $file ) ) {
2441
				continue;
2442
			}
2443
2444
			// we'll override this later if the plugin can be included without fatal error
2445
			if ( $redirect ) {
2446
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2447
			}
2448
			Jetpack::state( 'error', 'module_activation_failed' );
2449
			Jetpack::state( 'module', $module );
2450
			ob_start();
2451
			require $file;
2452
			/**
2453
			 * Fires when a specific module is activated.
2454
			 *
2455
			 * @since 1.9.0
2456
			 *
2457
			 * @param string $module Module slug.
2458
			 */
2459
			do_action( 'jetpack_activate_module', $module );
2460
			$active[] = $module;
2461
			$state    = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2462 View Code Duplication
			if ( $active_state = Jetpack::state( $state ) ) {
2463
				$active_state = explode( ',', $active_state );
2464
			} else {
2465
				$active_state = array();
2466
			}
2467
			$active_state[] = $module;
2468
			Jetpack::state( $state, implode( ',', $active_state ) );
2469
			Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2470
			ob_end_clean();
2471
		}
2472
		Jetpack::state( 'error', false );
2473
		Jetpack::state( 'module', false );
2474
		Jetpack::catch_errors( false );
2475
		/**
2476
		 * Fires when default modules are activated.
2477
		 *
2478
		 * @since 1.9.0
2479
		 *
2480
		 * @param string $min_version Minimum version number required to use modules.
2481
		 * @param string $max_version Maximum version number required to use modules.
2482
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2483
		 */
2484
		do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
2485
	}
2486
2487
	public static function activate_module( $module, $exit = true, $redirect = true ) {
2488
		/**
2489
		 * Fires before a module is activated.
2490
		 *
2491
		 * @since 2.6.0
2492
		 *
2493
		 * @param string $module Module slug.
2494
		 * @param bool $exit Should we exit after the module has been activated. Default to true.
2495
		 * @param bool $redirect Should the user be redirected after module activation? Default to true.
2496
		 */
2497
		do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
2498
2499
		$jetpack = Jetpack::init();
2500
2501
		if ( ! strlen( $module ) )
2502
			return false;
2503
2504
		if ( ! Jetpack::is_module( $module ) )
2505
			return false;
2506
2507
		// If it's already active, then don't do it again
2508
		$active = Jetpack::get_active_modules();
2509
		foreach ( $active as $act ) {
2510
			if ( $act == $module )
2511
				return true;
2512
		}
2513
2514
		$module_data = Jetpack::get_module( $module );
2515
2516
		if ( ! Jetpack::is_active() ) {
2517
			if ( !Jetpack::is_development_mode() )
2518
				return false;
2519
2520
			// If we're not connected but in development mode, make sure the module doesn't require a connection
2521
			if ( Jetpack::is_development_mode() && $module_data['requires_connection'] )
2522
				return false;
2523
		}
2524
2525
		// Check and see if the old plugin is active
2526
		if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2527
			// Deactivate the old plugin
2528
			if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
2529
				// If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
2530
				// We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
2531
				Jetpack::state( 'deactivated_plugins', $module );
2532
				wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
2533
				exit;
2534
			}
2535
		}
2536
2537
		// Check the file for fatal errors, a la wp-admin/plugins.php::activate
2538
		Jetpack::state( 'module', $module );
2539
		Jetpack::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
2540
2541
		Jetpack::catch_errors( true );
2542
		ob_start();
2543
		require Jetpack::get_module_path( $module );
2544
		/** This action is documented in class.jetpack.php */
2545
		do_action( 'jetpack_activate_module', $module );
2546
		$active[] = $module;
2547
		Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2548
		Jetpack::state( 'error', false ); // the override
2549
		ob_end_clean();
2550
		Jetpack::catch_errors( false );
2551
2552
		// A flag for Jump Start so it's not shown again. Only set if it hasn't been yet.
2553 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2554
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2555
2556
			//Jump start is being dismissed send data to MC Stats
2557
			$jetpack->stat( 'jumpstart', 'manual,'.$module );
2558
2559
			$jetpack->do_stats( 'server_side' );
2560
		}
2561
2562
		if ( $redirect ) {
2563
			wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2564
		}
2565
		if ( $exit ) {
2566
			exit;
2567
		}
2568
		return true;
2569
	}
2570
2571
	function activate_module_actions( $module ) {
2572
		/**
2573
		 * Fires when a module is activated.
2574
		 * The dynamic part of the filter, $module, is the module slug.
2575
		 *
2576
		 * @since 1.9.0
2577
		 *
2578
		 * @param string $module Module slug.
2579
		 */
2580
		do_action( "jetpack_activate_module_$module", $module );
2581
	}
2582
2583
	public static function deactivate_module( $module ) {
2584
		/**
2585
		 * Fires when a module is deactivated.
2586
		 *
2587
		 * @since 1.9.0
2588
		 *
2589
		 * @param string $module Module slug.
2590
		 */
2591
		do_action( 'jetpack_pre_deactivate_module', $module );
2592
2593
		$jetpack = Jetpack::init();
2594
2595
		$active = Jetpack::get_active_modules();
2596
		$new    = array_filter( array_diff( $active, (array) $module ) );
2597
2598
		/**
2599
		 * Fires when a module is deactivated.
2600
		 * The dynamic part of the filter, $module, is the module slug.
2601
		 *
2602
		 * @since 1.9.0
2603
		 *
2604
		 * @param string $module Module slug.
2605
		 */
2606
		do_action( "jetpack_deactivate_module_$module", $module );
2607
2608
		// A flag for Jump Start so it's not shown again.
2609 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2610
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2611
2612
			//Jump start is being dismissed send data to MC Stats
2613
			$jetpack->stat( 'jumpstart', 'manual,deactivated-'.$module );
2614
2615
			$jetpack->do_stats( 'server_side' );
2616
		}
2617
2618
		$success = Jetpack_Options::update_option( 'active_modules', array_unique( $new ) );
2619
		/**
2620
		 * Fired after a module has been deactivated.
2621
		 *
2622
		 * @since 4.1
2623
		 *
2624
		 * @param string $module Module slug.
2625
		 * @param boolean $success whether the module was deactivated.
2626
		 */
2627
		do_action( 'jetpack_deactivate_module', $module, $success );
2628
2629
		return $success;
2630
	}
2631
2632
	public static function enable_module_configurable( $module ) {
2633
		$module = Jetpack::get_module_slug( $module );
2634
		add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
2635
	}
2636
2637
	public static function module_configuration_url( $module ) {
2638
		$module = Jetpack::get_module_slug( $module );
2639
		return Jetpack::admin_url( array( 'page' => 'jetpack', 'configure' => $module ) );
2640
	}
2641
2642
	public static function module_configuration_load( $module, $method ) {
2643
		$module = Jetpack::get_module_slug( $module );
2644
		add_action( 'jetpack_module_configuration_load_' . $module, $method );
2645
	}
2646
2647
	public static function module_configuration_head( $module, $method ) {
2648
		$module = Jetpack::get_module_slug( $module );
2649
		add_action( 'jetpack_module_configuration_head_' . $module, $method );
2650
	}
2651
2652
	public static function module_configuration_screen( $module, $method ) {
2653
		$module = Jetpack::get_module_slug( $module );
2654
		add_action( 'jetpack_module_configuration_screen_' . $module, $method );
2655
	}
2656
2657
	public static function module_configuration_activation_screen( $module, $method ) {
2658
		$module = Jetpack::get_module_slug( $module );
2659
		add_action( 'display_activate_module_setting_' . $module, $method );
2660
	}
2661
2662
/* Installation */
2663
2664
	public static function bail_on_activation( $message, $deactivate = true ) {
2665
?>
2666
<!doctype html>
2667
<html>
2668
<head>
2669
<meta charset="<?php bloginfo( 'charset' ); ?>">
2670
<style>
2671
* {
2672
	text-align: center;
2673
	margin: 0;
2674
	padding: 0;
2675
	font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
2676
}
2677
p {
2678
	margin-top: 1em;
2679
	font-size: 18px;
2680
}
2681
</style>
2682
<body>
2683
<p><?php echo esc_html( $message ); ?></p>
2684
</body>
2685
</html>
2686
<?php
2687
		if ( $deactivate ) {
2688
			$plugins = get_option( 'active_plugins' );
2689
			$jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
2690
			$update  = false;
2691
			foreach ( $plugins as $i => $plugin ) {
2692
				if ( $plugin === $jetpack ) {
2693
					$plugins[$i] = false;
2694
					$update = true;
2695
				}
2696
			}
2697
2698
			if ( $update ) {
2699
				update_option( 'active_plugins', array_filter( $plugins ) );
2700
			}
2701
		}
2702
		exit;
2703
	}
2704
2705
	/**
2706
	 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
2707
	 * @static
2708
	 */
2709
	public static function plugin_activation( $network_wide ) {
2710
		Jetpack_Options::update_option( 'activated', 1 );
2711
2712
		if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
2713
			Jetpack::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
2714
		}
2715
2716
		if ( $network_wide )
2717
			Jetpack::state( 'network_nag', true );
2718
2719
		Jetpack::plugin_initialize();
2720
	}
2721
	/**
2722
	 * Runs before bumping version numbers up to a new version
2723
	 * @param  (string) $version    Version:timestamp
2724
	 * @param  (string) $old_version Old Version:timestamp or false if not set yet.
2725
	 * @return null              [description]
2726
	 */
2727
	public static function do_version_bump( $version, $old_version ) {
2728
2729
		if ( ! $old_version ) { // For new sites
2730
			// Setting up jetpack manage
2731
			Jetpack::activate_manage();
2732
		}
2733
	}
2734
2735
	/**
2736
	 * Sets the internal version number and activation state.
2737
	 * @static
2738
	 */
2739
	public static function plugin_initialize() {
2740
		if ( ! Jetpack_Options::get_option( 'activated' ) ) {
2741
			Jetpack_Options::update_option( 'activated', 2 );
2742
		}
2743
2744 View Code Duplication
		if ( ! Jetpack_Options::get_option( 'version' ) ) {
2745
			$version = $old_version = JETPACK__VERSION . ':' . time();
2746
			/** This action is documented in class.jetpack.php */
2747
			do_action( 'updating_jetpack_version', $version, false );
2748
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2749
		}
2750
2751
		Jetpack::load_modules();
2752
2753
		Jetpack_Options::delete_option( 'do_activate' );
2754
	}
2755
2756
	/**
2757
	 * Removes all connection options
2758
	 * @static
2759
	 */
2760
	public static function plugin_deactivation( ) {
2761
		require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
2762
		if( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
2763
			Jetpack_Network::init()->deactivate();
2764
		} else {
2765
			Jetpack::disconnect( false );
2766
			//Jetpack_Heartbeat::init()->deactivate();
2767
		}
2768
	}
2769
2770
	/**
2771
	 * Disconnects from the Jetpack servers.
2772
	 * Forgets all connection details and tells the Jetpack servers to do the same.
2773
	 * @static
2774
	 */
2775
	public static function disconnect( $update_activated_state = true ) {
2776
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
2777
		Jetpack::clean_nonces( true );
2778
2779
		Jetpack::load_xml_rpc_client();
2780
		$xml = new Jetpack_IXR_Client();
2781
		$xml->query( 'jetpack.deregister' );
2782
2783
		Jetpack_Options::delete_option(
2784
			array(
2785
				'register',
2786
				'blog_token',
2787
				'user_token',
2788
				'user_tokens',
2789
				'master_user',
2790
				'time_diff',
2791
				'fallback_no_verify_ssl_certs',
2792
			)
2793
		);
2794
2795
		if ( $update_activated_state ) {
2796
			Jetpack_Options::update_option( 'activated', 4 );
2797
		}
2798
2799
		$jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' );
2800
		// Check then record unique disconnection if site has never been disconnected previously
2801
		if ( -1 == $jetpack_unique_connection['disconnected'] ) {
2802
			$jetpack_unique_connection['disconnected'] = 1;
2803
		}
2804
		else {
2805
			if ( 0 == $jetpack_unique_connection['disconnected'] ) {
2806
				//track unique disconnect
2807
				$jetpack = Jetpack::init();
2808
2809
				$jetpack->stat( 'connections', 'unique-disconnect' );
2810
				$jetpack->do_stats( 'server_side' );
2811
			}
2812
			// increment number of times disconnected
2813
			$jetpack_unique_connection['disconnected'] += 1;
2814
		}
2815
2816
		Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
2817
2818
		// Disable the Heartbeat cron
2819
		Jetpack_Heartbeat::init()->deactivate();
2820
	}
2821
2822
	/**
2823
	 * Unlinks the current user from the linked WordPress.com user
2824
	 */
2825
	public static function unlink_user( $user_id = null ) {
2826
		if ( ! $tokens = Jetpack_Options::get_option( 'user_tokens' ) )
2827
			return false;
2828
2829
		$user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id );
2830
2831
		if ( Jetpack_Options::get_option( 'master_user' ) == $user_id )
2832
			return false;
2833
2834
		if ( ! isset( $tokens[ $user_id ] ) )
2835
			return false;
2836
2837
		Jetpack::load_xml_rpc_client();
2838
		$xml = new Jetpack_IXR_Client( compact( 'user_id' ) );
2839
		$xml->query( 'jetpack.unlink_user', $user_id );
2840
2841
		unset( $tokens[ $user_id ] );
2842
2843
		Jetpack_Options::update_option( 'user_tokens', $tokens );
2844
2845
		/**
2846
		 * Fires after the current user has been unlinked from WordPress.com.
2847
		 *
2848
		 * @since 4.1.0
2849
		 *
2850
		 * @param int $user_id The current user's ID.
2851
		 */
2852
		do_action( 'jetpack_unlinked_user', $user_id );
2853
2854
		return true;
2855
	}
2856
2857
	/**
2858
	 * Attempts Jetpack registration.  If it fail, a state flag is set: @see ::admin_page_load()
2859
	 */
2860
	public static function try_registration() {
2861
		// Let's get some testing in beta versions and such.
2862
		if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
2863
			// Before attempting to connect, let's make sure that the domains are viable.
2864
			$domains_to_check = array_unique( array(
2865
				'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),
2866
				'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),
2867
			) );
2868
			foreach ( $domains_to_check as $domain ) {
2869
				$result = Jetpack_Data::is_usable_domain( $domain );
2870
				if ( is_wp_error( $result ) ) {
2871
					return $result;
2872
				}
2873
			}
2874
		}
2875
2876
		$result = Jetpack::register();
2877
2878
		// If there was an error with registration and the site was not registered, record this so we can show a message.
2879
		if ( ! $result || is_wp_error( $result ) ) {
2880
			return $result;
2881
		} else {
2882
			return true;
2883
		}
2884
	}
2885
2886
	/**
2887
	 * Tracking an internal event log. Try not to put too much chaff in here.
2888
	 *
2889
	 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
2890
	 */
2891
	public static function log( $code, $data = null ) {
2892
		// only grab the latest 200 entries
2893
		$log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
2894
2895
		// Append our event to the log
2896
		$log_entry = array(
2897
			'time'    => time(),
2898
			'user_id' => get_current_user_id(),
2899
			'blog_id' => Jetpack_Options::get_option( 'id' ),
2900
			'code'    => $code,
2901
		);
2902
		// Don't bother storing it unless we've got some.
2903
		if ( ! is_null( $data ) ) {
2904
			$log_entry['data'] = $data;
2905
		}
2906
		$log[] = $log_entry;
2907
2908
		// Try add_option first, to make sure it's not autoloaded.
2909
		// @todo: Add an add_option method to Jetpack_Options
2910
		if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
2911
			Jetpack_Options::update_option( 'log', $log );
2912
		}
2913
2914
		/**
2915
		 * Fires when Jetpack logs an internal event.
2916
		 *
2917
		 * @since 3.0.0
2918
		 *
2919
		 * @param array $log_entry {
2920
		 *	Array of details about the log entry.
2921
		 *
2922
		 *	@param string time Time of the event.
2923
		 *	@param int user_id ID of the user who trigerred the event.
2924
		 *	@param int blog_id Jetpack Blog ID.
2925
		 *	@param string code Unique name for the event.
2926
		 *	@param string data Data about the event.
2927
		 * }
2928
		 */
2929
		do_action( 'jetpack_log_entry', $log_entry );
2930
	}
2931
2932
	/**
2933
	 * Get the internal event log.
2934
	 *
2935
	 * @param $event (string) - only return the specific log events
2936
	 * @param $num   (int)    - get specific number of latest results, limited to 200
2937
	 *
2938
	 * @return array of log events || WP_Error for invalid params
2939
	 */
2940
	public static function get_log( $event = false, $num = false ) {
2941
		if ( $event && ! is_string( $event ) ) {
2942
			return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
2943
		}
2944
2945
		if ( $num && ! is_numeric( $num ) ) {
2946
			return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
2947
		}
2948
2949
		$entire_log = Jetpack_Options::get_option( 'log', array() );
2950
2951
		// If nothing set - act as it did before, otherwise let's start customizing the output
2952
		if ( ! $num && ! $event ) {
2953
			return $entire_log;
2954
		} else {
2955
			$entire_log = array_reverse( $entire_log );
2956
		}
2957
2958
		$custom_log_output = array();
2959
2960
		if ( $event ) {
2961
			foreach ( $entire_log as $log_event ) {
2962
				if ( $event == $log_event[ 'code' ] ) {
2963
					$custom_log_output[] = $log_event;
2964
				}
2965
			}
2966
		} else {
2967
			$custom_log_output = $entire_log;
2968
		}
2969
2970
		if ( $num ) {
2971
			$custom_log_output = array_slice( $custom_log_output, 0, $num );
2972
		}
2973
2974
		return $custom_log_output;
2975
	}
2976
2977
	/**
2978
	 * Log modification of important settings.
2979
	 */
2980
	public static function log_settings_change( $option, $old_value, $value ) {
2981
		switch( $option ) {
2982
			case 'jetpack_sync_non_public_post_stati':
2983
				self::log( $option, $value );
2984
				break;
2985
		}
2986
	}
2987
2988
	/**
2989
	 * Return stat data for WPCOM sync
2990
	 */
2991
	function get_stat_data() {
2992
		$heartbeat_data = Jetpack_Heartbeat::generate_stats_array();
2993
		$additional_data = $this->get_additional_stat_data();
2994
2995
		return json_encode( array_merge( $heartbeat_data, $additional_data ) );
2996
	}
2997
2998
	/**
2999
	 * Get additional stat data to sync to WPCOM
3000
	 */
3001
	function get_additional_stat_data( $prefix = '' ) {
3002
		$return["{$prefix}themes"]         = Jetpack::get_parsed_theme_data();
3003
		$return["{$prefix}plugins-extra"]  = Jetpack::get_parsed_plugin_data();
3004
		$return["{$prefix}users"]          = count_users();
3005
		$return["{$prefix}site-count"]     = 0;
3006
		if ( function_exists( 'get_blog_count' ) ) {
3007
			$return["{$prefix}site-count"] = get_blog_count();
3008
		}
3009
		return $return;
3010
	}
3011
3012
	/* Admin Pages */
3013
3014
	function admin_init() {
3015
		// If the plugin is not connected, display a connect message.
3016
		if (
3017
			// the plugin was auto-activated and needs its candy
3018
			Jetpack_Options::get_option( 'do_activate' )
3019
		||
3020
			// the plugin is active, but was never activated.  Probably came from a site-wide network activation
3021
			! Jetpack_Options::get_option( 'activated' )
3022
		) {
3023
			Jetpack::plugin_initialize();
3024
		}
3025
3026
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
3027
			if ( 4 != Jetpack_Options::get_option( 'activated' ) ) {
3028
				// Show connect notice on dashboard and plugins pages
3029
				add_action( 'load-index.php', array( $this, 'prepare_connect_notice' ) );
3030
				add_action( 'load-plugins.php', array( $this, 'prepare_connect_notice' ) );
3031
			}
3032
		} elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3033
			// Upgrade: 1.1 -> 1.1.1
3034
			// Check and see if host can verify the Jetpack servers' SSL certificate
3035
			$args = array();
3036
			Jetpack_Client::_wp_remote_request(
3037
				Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'test' ) ),
3038
				$args,
3039
				true
3040
			);
3041
		} else {
3042
			// Show the notice on the Dashboard only for now
3043
3044
			add_action( 'load-index.php', array( $this, 'prepare_manage_jetpack_notice' ) );
3045
3046
			// Identity crisis notices
3047
			add_action( 'jetpack_notices', array( $this, 'alert_identity_crisis' ) );
3048
		}
3049
3050
		if ( current_user_can( 'manage_options' ) && 'AUTO' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3051
			add_action( 'jetpack_notices', array( $this, 'alert_auto_ssl_fail' ) );
3052
		}
3053
3054
		add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3055
		add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3056
		add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3057
3058
		if ( Jetpack::is_active() || Jetpack::is_development_mode() ) {
3059
			// Artificially throw errors in certain whitelisted cases during plugin activation
3060
			add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3061
3062
			// Kick off synchronization of user role when it changes
3063
			add_action( 'set_user_role', array( $this, 'user_role_change' ) );
3064
		}
3065
3066
		// Jetpack Manage Activation Screen from .com
3067
		Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
3068
3069
		// Add custom column in wp-admin/users.php to show whether user is linked.
3070
		add_filter( 'manage_users_columns',       array( $this, 'jetpack_icon_user_connected' ) );
3071
		add_action( 'manage_users_custom_column', array( $this, 'jetpack_show_user_connected_icon' ), 10, 3 );
3072
		add_action( 'admin_print_styles',         array( $this, 'jetpack_user_col_style' ) );
3073
	}
3074
3075
	function admin_body_class( $admin_body_class = '' ) {
3076
		$classes = explode( ' ', trim( $admin_body_class ) );
3077
3078
		$classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3079
3080
		$admin_body_class = implode( ' ', array_unique( $classes ) );
3081
		return " $admin_body_class ";
3082
	}
3083
3084
	static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3085
		return $admin_body_class . ' jetpack-pagestyles ';
3086
	}
3087
3088
	function prepare_connect_notice() {
3089
		add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) );
3090
3091
		add_action( 'admin_notices', array( $this, 'admin_connect_notice' ) );
3092
3093
		if ( Jetpack::state( 'network_nag' ) )
3094
			add_action( 'network_admin_notices', array( $this, 'network_connect_notice' ) );
3095
	}
3096
	/**
3097
	 * Call this function if you want the Big Jetpack Manage Notice to show up.
3098
	 *
3099
	 * @return null
3100
	 */
3101
	function prepare_manage_jetpack_notice() {
3102
3103
		add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) );
3104
		add_action( 'admin_notices', array( $this, 'admin_jetpack_manage_notice' ) );
3105
	}
3106
3107
	function manage_activate_screen() {
3108
		include ( JETPACK__PLUGIN_DIR . 'modules/manage/activate-admin.php' );
3109
	}
3110
	/**
3111
	 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3112
	 * This function artificially throws errors for such cases (whitelisted).
3113
	 *
3114
	 * @param string $plugin The activated plugin.
3115
	 */
3116
	function throw_error_on_activate_plugin( $plugin ) {
3117
		$active_modules = Jetpack::get_active_modules();
3118
3119
		// The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3120
		if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3121
			$throw = false;
3122
3123
			// Try and make sure it really was the stats plugin
3124
			if ( ! class_exists( 'ReflectionFunction' ) ) {
3125
				if ( 'stats.php' == basename( $plugin ) ) {
3126
					$throw = true;
3127
				}
3128
			} else {
3129
				$reflection = new ReflectionFunction( 'stats_get_api_key' );
3130
				if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3131
					$throw = true;
3132
				}
3133
			}
3134
3135
			if ( $throw ) {
3136
				trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3137
			}
3138
		}
3139
	}
3140
3141
	function intercept_plugin_error_scrape_init() {
3142
		add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3143
	}
3144
3145
	function intercept_plugin_error_scrape( $action, $result ) {
3146
		if ( ! $result ) {
3147
			return;
3148
		}
3149
3150
		foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3151
			if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3152
				Jetpack::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3153
			}
3154
		}
3155
	}
3156
3157
	function add_remote_request_handlers() {
3158
		add_action( 'wp_ajax_nopriv_jetpack_upload_file', array( $this, 'remote_request_handlers' ) );
3159
	}
3160
3161
	function remote_request_handlers() {
3162
		switch ( current_filter() ) {
3163
		case 'wp_ajax_nopriv_jetpack_upload_file' :
3164
			$response = $this->upload_handler();
3165
			break;
3166
		default :
3167
			$response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
3168
			break;
3169
		}
3170
3171
		if ( ! $response ) {
3172
			$response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
3173
		}
3174
3175
		if ( is_wp_error( $response ) ) {
3176
			$status_code       = $response->get_error_data();
3177
			$error             = $response->get_error_code();
3178
			$error_description = $response->get_error_message();
3179
3180
			if ( ! is_int( $status_code ) ) {
3181
				$status_code = 400;
3182
			}
3183
3184
			status_header( $status_code );
3185
			die( json_encode( (object) compact( 'error', 'error_description' ) ) );
3186
		}
3187
3188
		status_header( 200 );
3189
		if ( true === $response ) {
3190
			exit;
3191
		}
3192
3193
		die( json_encode( (object) $response ) );
3194
	}
3195
3196
	function upload_handler() {
3197
		if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3198
			return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
3199
		}
3200
3201
		$user = wp_authenticate( '', '' );
3202
		if ( ! $user || is_wp_error( $user ) ) {
3203
			return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
3204
		}
3205
3206
		wp_set_current_user( $user->ID );
3207
3208
		if ( ! current_user_can( 'upload_files' ) ) {
3209
			return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
3210
		}
3211
3212
		if ( empty( $_FILES ) ) {
3213
			return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
3214
		}
3215
3216
		foreach ( array_keys( $_FILES ) as $files_key ) {
3217
			if ( ! isset( $_POST["_jetpack_file_hmac_{$files_key}"] ) ) {
3218
				return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
3219
			}
3220
		}
3221
3222
		$media_keys = array_keys( $_FILES['media'] );
3223
3224
		$token = Jetpack_Data::get_access_token( get_current_user_id() );
3225
		if ( ! $token || is_wp_error( $token ) ) {
3226
			return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
3227
		}
3228
3229
		$uploaded_files = array();
3230
		$global_post    = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3231
		unset( $GLOBALS['post'] );
3232
		foreach ( $_FILES['media']['name'] as $index => $name ) {
3233
			$file = array();
3234
			foreach ( $media_keys as $media_key ) {
3235
				$file[$media_key] = $_FILES['media'][$media_key][$index];
3236
			}
3237
3238
			list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][$index] );
3239
3240
			$hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3241
			if ( $hmac_provided !== $hmac_file ) {
3242
				$uploaded_files[$index] = (object) array( 'error' => 'invalid_hmac', 'error_description' => 'The corresponding HMAC for this file does not match' );
3243
				continue;
3244
			}
3245
3246
			$_FILES['.jetpack.upload.'] = $file;
3247
			$post_id = isset( $_POST['post_id'][$index] ) ? absint( $_POST['post_id'][$index] ) : 0;
3248
			if ( ! current_user_can( 'edit_post', $post_id ) ) {
3249
				$post_id = 0;
3250
			}
3251
			$attachment_id = media_handle_upload(
3252
				'.jetpack.upload.',
3253
				$post_id,
3254
				array(),
3255
				array(
3256
					'action' => 'jetpack_upload_file',
3257
				)
3258
			);
3259
3260
			if ( ! $attachment_id ) {
3261
				$uploaded_files[$index] = (object) array( 'error' => 'unknown', 'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site' );
3262
			} elseif ( is_wp_error( $attachment_id ) ) {
3263
				$uploaded_files[$index] = (object) array( 'error' => 'attachment_' . $attachment_id->get_error_code(), 'error_description' => $attachment_id->get_error_message() );
3264
			} else {
3265
				$attachment = get_post( $attachment_id );
3266
				$uploaded_files[$index] = (object) array(
3267
					'id'   => (string) $attachment_id,
3268
					'file' => $attachment->post_title,
3269
					'url'  => wp_get_attachment_url( $attachment_id ),
3270
					'type' => $attachment->post_mime_type,
3271
					'meta' => wp_get_attachment_metadata( $attachment_id ),
3272
				);
3273
			}
3274
		}
3275
		if ( ! is_null( $global_post ) ) {
3276
			$GLOBALS['post'] = $global_post;
3277
		}
3278
3279
		return $uploaded_files;
3280
	}
3281
3282
	/**
3283
	 * Add help to the Jetpack page
3284
	 *
3285
	 * @since Jetpack (1.2.3)
3286
	 * @return false if not the Jetpack page
3287
	 */
3288
	function admin_help() {
3289
		$current_screen = get_current_screen();
3290
3291
		// Overview
3292
		$current_screen->add_help_tab(
3293
			array(
3294
				'id'		=> 'home',
3295
				'title'		=> __( 'Home', 'jetpack' ),
3296
				'content'	=>
3297
					'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3298
					'<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3299
					'<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3300
			)
3301
		);
3302
3303
		// Screen Content
3304
		if ( current_user_can( 'manage_options' ) ) {
3305
			$current_screen->add_help_tab(
3306
				array(
3307
					'id'		=> 'settings',
3308
					'title'		=> __( 'Settings', 'jetpack' ),
3309
					'content'	=>
3310
						'<p><strong>' . __( 'Jetpack by WordPress.com',                                              'jetpack' ) . '</strong></p>' .
3311
						'<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3312
						'<ol>' .
3313
							'<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.',														'jetpack' ) . '</li>' .
3314
							'<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.',	'jetpack' ) . '</li>' .
3315
						'</ol>' .
3316
						'<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>'
3317
				)
3318
			);
3319
		}
3320
3321
		// Help Sidebar
3322
		$current_screen->set_help_sidebar(
3323
			'<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3324
			'<p><a href="https://jetpack.com/faq/" target="_blank">'     . __( 'Jetpack FAQ',     'jetpack' ) . '</a></p>' .
3325
			'<p><a href="https://jetpack.com/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3326
			'<p><a href="' . Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) .'">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3327
		);
3328
	}
3329
3330
	function admin_menu_css() {
3331
		wp_enqueue_style( 'jetpack-icons' );
3332
	}
3333
3334
	function admin_menu_order() {
3335
		return true;
3336
	}
3337
3338 View Code Duplication
	function jetpack_menu_order( $menu_order ) {
3339
		$jp_menu_order = array();
3340
3341
		foreach ( $menu_order as $index => $item ) {
3342
			if ( $item != 'jetpack' ) {
3343
				$jp_menu_order[] = $item;
3344
			}
3345
3346
			if ( $index == 0 ) {
3347
				$jp_menu_order[] = 'jetpack';
3348
			}
3349
		}
3350
3351
		return $jp_menu_order;
3352
	}
3353
3354
	function admin_head() {
3355 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) )
3356
			/** This action is documented in class.jetpack-admin-page.php */
3357
			do_action( 'jetpack_module_configuration_head_' . $_GET['configure'] );
3358
	}
3359
3360
	function admin_banner_styles() {
3361
		$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3362
3363
		wp_enqueue_style( 'jetpack', plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION . '-20121016' );
3364
		wp_style_add_data( 'jetpack', 'rtl', 'replace' );
3365
		wp_style_add_data( 'jetpack', 'suffix', $min );
3366
	}
3367
3368
	function admin_scripts() {
3369
		wp_enqueue_script( 'jetpack-js', plugins_url( '_inc/jp.js', JETPACK__PLUGIN_FILE ), array( 'jquery', 'wp-util' ), JETPACK__VERSION . '-20121111' );
3370
		wp_localize_script(
3371
			'jetpack-js',
3372
			'jetpackL10n',
3373
			array(
3374
				'ays_disconnect' => "This will deactivate all Jetpack modules.\nAre you sure you want to disconnect?",
3375
				'ays_unlink'     => "This will prevent user-specific modules such as Publicize, Notifications and Post By Email from working.\nAre you sure you want to unlink?",
3376
				'ays_dismiss'    => "This will deactivate Jetpack.\nAre you sure you want to deactivate Jetpack?",
3377
			)
3378
		);
3379
		add_action( 'admin_footer', array( $this, 'do_stats' ) );
3380
	}
3381
3382
	function plugin_action_links( $actions ) {
3383
3384
		$jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack' ), __( 'Jetpack', 'jetpack' ) ) );
3385
3386
		if( current_user_can( 'jetpack_manage_modules' ) && ( Jetpack::is_active() || Jetpack::is_development_mode() ) ) {
3387
			return array_merge(
3388
				$jetpack_home,
3389
				array( 'settings' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack_modules' ), __( 'Settings', 'jetpack' ) ) ),
3390
				array( 'support' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack-debugger '), __( 'Support', 'jetpack' ) ) ),
3391
				$actions
3392
				);
3393
			}
3394
3395
		return array_merge( $jetpack_home, $actions );
3396
	}
3397
3398
	function admin_connect_notice() {
3399
		// Don't show the connect notice anywhere but the plugins.php after activating
3400
		$current = get_current_screen();
3401
		if ( 'plugins' !== $current->parent_base )
3402
			return;
3403
3404
		if ( ! current_user_can( 'jetpack_connect' ) )
3405
			return;
3406
3407
		$dismiss_and_deactivate_url = wp_nonce_url( Jetpack::admin_url( '?page=jetpack&jetpack-notice=dismiss' ), 'jetpack-deactivate' );
3408
		?>
3409
		<div id="message" class="updated jp-banner">
3410
			<a href="<?php echo esc_url( $dismiss_and_deactivate_url ); ?>" class="notice-dismiss" title="<?php esc_attr_e( 'Dismiss this notice', 'jetpack' ); ?>"></a>
3411
			<?php if ( in_array( Jetpack_Options::get_option( 'activated' ) , array( 1, 2, 3 ) ) ) : ?>
3412
					<div class="jp-banner__description-container">
3413
						<h2 class="jp-banner__header"><?php _e( 'Your Jetpack is almost ready!', 'jetpack' ); ?></h2>
3414
						<p class="jp-banner__description"><?php _e( 'Please connect to or create a WordPress.com account to enable Jetpack, including powerful security, traffic, and customization services.', 'jetpack' ); ?></p>
3415
						<p class="jp-banner__button-container">
3416
							<a href="<?php echo $this->build_connect_url( false, false, 'banner' ) ?>" class="button button-primary" id="wpcom-connect"><?php _e( 'Connect to WordPress.com', 'jetpack' ); ?></a>
3417
							<a href="<?php echo Jetpack::admin_url( 'admin.php?page=jetpack' ) ?>" class="button" title="<?php esc_attr_e( 'Learn about the benefits you receive when you connect Jetpack to WordPress.com', 'jetpack' ); ?>"><?php _e( 'Learn more', 'jetpack' ); ?></a>
3418
						</p>
3419
					</div>
3420 View Code Duplication
			<?php else : ?>
3421
				<div class="jp-banner__content">
3422
					<h2><?php _e( 'Jetpack is installed!', 'jetpack' ) ?></h2>
3423
					<p><?php _e( 'It\'s ready to bring awesome, WordPress.com cloud-powered features to your site.', 'jetpack' ) ?></p>
3424
				</div>
3425
				<div class="jp-banner__action-container">
3426
					<a href="<?php echo Jetpack::admin_url() ?>" class="jp-banner__button" id="wpcom-connect"><?php _e( 'Learn More', 'jetpack' ); ?></a>
3427
				</div>
3428
			<?php endif; ?>
3429
		</div>
3430
3431
		<?php
3432
	}
3433
3434
	/**
3435
	 * This is the first banner
3436
	 * It should be visible only to user that can update the option
3437
	 * Are not connected
3438
	 *
3439
	 * @return null
3440
	 */
3441
	function admin_jetpack_manage_notice() {
3442
		$screen = get_current_screen();
3443
3444
		// Don't show the connect notice on the jetpack settings page.
3445
		if ( ! in_array( $screen->base, array( 'dashboard' ) ) || $screen->is_network || $screen->action )
3446
			return;
3447
3448
		// Only show it if don't have the managment option set.
3449
		// And not dismissed it already.
3450
		if ( ! $this->can_display_jetpack_manage_notice() || Jetpack_Options::get_option( 'dismissed_manage_banner' ) ) {
3451
			return;
3452
		}
3453
3454
		$opt_out_url = $this->opt_out_jetpack_manage_url();
3455
		$opt_in_url  = $this->opt_in_jetpack_manage_url();
3456
		/**
3457
		 * I think it would be great to have different wordsing depending on where you are
3458
		 * for example if we show the notice on dashboard and a different one if we show it on Plugins screen
3459
		 * etc..
3460
		 */
3461
3462
		?>
3463
		<div id="message" class="updated jp-banner">
3464
				<a href="<?php echo esc_url( $opt_out_url ); ?>" class="notice-dismiss" title="<?php esc_attr_e( 'Dismiss this notice', 'jetpack' ); ?>"></a>
3465
				<div class="jp-banner__description-container">
3466
					<h2 class="jp-banner__header"><?php esc_html_e( 'Jetpack Centralized Site Management', 'jetpack' ); ?></h2>
3467
					<p class="jp-banner__description"><?php printf( __( 'Manage multiple Jetpack enabled sites from one single dashboard at wordpress.com. Allows all existing, connected Administrators to modify your site.', 'jetpack' ), 'https://jetpack.com/support/site-management' ); ?></p>
3468
					<p class="jp-banner__button-container">
3469
						<a href="<?php echo esc_url( $opt_in_url ); ?>" class="button button-primary" id="wpcom-connect"><?php _e( 'Activate Jetpack Manage', 'jetpack' ); ?></a>
3470
						<a href="https://jetpack.com/support/site-management" class="button" target="_blank" title="<?php esc_attr_e( 'Learn more about Jetpack Manage on Jetpack.com', 'jetpack' ); ?>"><?php _e( 'Learn more', 'jetpack' ); ?></a>
3471
					</p>
3472
				</div>
3473
		</div>
3474
		<?php
3475
	}
3476
3477
	/**
3478
	 * Returns the url that the user clicks to remove the notice for the big banner
3479
	 * @return (string)
3480
	 */
3481
	function opt_out_jetpack_manage_url() {
3482
		$referer = '&_wp_http_referer=' . add_query_arg( '_wp_http_referer', null );
3483
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-out' . $referer ), 'jetpack_manage_banner_opt_out' );
3484
	}
3485
	/**
3486
	 * Returns the url that the user clicks to opt in to Jetpack Manage
3487
	 * @return (string)
3488
	 */
3489
	function opt_in_jetpack_manage_url() {
3490
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-in' ), 'jetpack_manage_banner_opt_in' );
3491
	}
3492
3493
	function opt_in_jetpack_manage_notice() {
3494
		?>
3495
		<div class="wrap">
3496
			<div id="message" class="jetpack-message is-opt-in">
3497
				<?php echo sprintf( __( '<p><a href="%1$s" title="Opt in to WordPress.com Site Management" >Activate Site Management</a> to manage multiple sites from our centralized dashboard at wordpress.com/sites. <a href="%2$s" target="_blank">Learn more</a>.</p><a href="%1$s" class="jp-button">Activate Now</a>', 'jetpack' ), $this->opt_in_jetpack_manage_url(), 'https://jetpack.com/support/site-management' ); ?>
3498
			</div>
3499
		</div>
3500
		<?php
3501
3502
	}
3503
	/**
3504
	 * Determines whether to show the notice of not true = display notice
3505
	 * @return (bool)
3506
	 */
3507
	function can_display_jetpack_manage_notice() {
3508
		// never display the notice to users that can't do anything about it anyways
3509
		if( ! current_user_can( 'jetpack_manage_modules' ) )
3510
			return false;
3511
3512
		// don't display if we are in development more
3513
		if( Jetpack::is_development_mode() ) {
3514
			return false;
3515
		}
3516
		// don't display if the site is private
3517
		if(  ! Jetpack_Options::get_option( 'public' ) )
3518
			return false;
3519
3520
		/**
3521
		 * Should the Jetpack Remote Site Management notice be displayed.
3522
		 *
3523
		 * @since 3.3.0
3524
		 *
3525
		 * @param bool ! self::is_module_active( 'manage' ) Is the Manage module inactive.
3526
		 */
3527
		return apply_filters( 'can_display_jetpack_manage_notice', ! self::is_module_active( 'manage' ) );
3528
	}
3529
3530
	function network_connect_notice() {
3531
		?>
3532
		<div id="message" class="updated jetpack-message">
3533
			<div class="squeezer">
3534
				<h2><?php _e( '<strong>Jetpack is activated!</strong> Each site on your network must be connected individually by an admin on that site.', 'jetpack' ) ?></h2>
3535
			</div>
3536
		</div>
3537
		<?php
3538
	}
3539
3540
	/*
3541
	 * Registration flow:
3542
	 * 1 - ::admin_page_load() action=register
3543
	 * 2 - ::try_registration()
3544
	 * 3 - ::register()
3545
	 *     - Creates jetpack_register option containing two secrets and a timestamp
3546
	 *     - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
3547
	 *       siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
3548
	 *     - That request to jetpack.wordpress.com does not immediately respond.  It first makes a request BACK to this site's
3549
	 *       xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
3550
	 *     - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
3551
	 *     - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
3552
	 *       jetpack_id, jetpack_secret, jetpack_public
3553
	 *     - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
3554
	 * 4 - redirect to https://wordpress.com/start/jetpack-connect
3555
	 * 5 - user logs in with WP.com account
3556
	 * 6 - remote request to this site's xmlrpc.php with action remoteAuthorize, Jetpack_XMLRPC_Server->remote_authorize
3557
	 *		- Jetpack_Client_Server::authorize()
3558
	 *		- Jetpack_Client_Server::get_token()
3559
	 *		- GET https://jetpack.wordpress.com/jetpack.token/1/ with
3560
	 *        client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
3561
	 *			- which responds with access_token, token_type, scope
3562
	 *		- Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id
3563
	 *		- Jetpack::activate_default_modules()
3564
	 *     		- Deactivates deprecated plugins
3565
	 *     		- Activates all default modules
3566
	 *		- Responds with either error, or 'connected' for new connection, or 'linked' for additional linked users
3567
	 * 7 - For a new connection, user selects a Jetpack plan on wordpress.com
3568
	 * 8 - User is redirected back to wp-admin/index.php?page=jetpack with state:message=authorized
3569
	 *     Done!
3570
	 */
3571
3572
	/**
3573
	 * Handles the page load events for the Jetpack admin page
3574
	 */
3575
	function admin_page_load() {
3576
		$error = false;
3577
3578
		// Make sure we have the right body class to hook stylings for subpages off of.
3579
		add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ) );
3580
3581
		if ( ! empty( $_GET['jetpack_restate'] ) ) {
3582
			// Should only be used in intermediate redirects to preserve state across redirects
3583
			Jetpack::restate();
3584
		}
3585
3586
		if ( isset( $_GET['connect_url_redirect'] ) ) {
3587
			// User clicked in the iframe to link their accounts
3588
			if ( ! Jetpack::is_user_connected() ) {
3589
				$connect_url = $this->build_connect_url( true, false, 'iframe' );
3590
				if ( isset( $_GET['notes_iframe'] ) )
3591
					$connect_url .= '&notes_iframe';
3592
				wp_redirect( $connect_url );
3593
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3594
			} else {
3595
				if ( ! isset( $_GET['calypso_env'] ) ) {
3596
					Jetpack::state( 'message', 'already_authorized' );
3597
					wp_safe_redirect( Jetpack::admin_url() );
3598
				} else {
3599
					$connect_url = $this->build_connect_url( true, false, 'iframe' );
3600
					$connect_url .= '&already_authorized=true';
3601
					wp_redirect( $connect_url );
3602
				}
3603
			}
3604
		}
3605
3606
3607
		if ( isset( $_GET['action'] ) ) {
3608
			switch ( $_GET['action'] ) {
3609
			case 'authorize':
3610
				if ( Jetpack::is_active() && Jetpack::is_user_connected() ) {
3611
					Jetpack::state( 'message', 'already_authorized' );
3612
					wp_safe_redirect( Jetpack::admin_url() );
3613
					exit;
3614
				}
3615
				Jetpack::log( 'authorize' );
3616
				$client_server = new Jetpack_Client_Server;
3617
				$client_server->client_authorize();
3618
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3619
			case 'register' :
3620
				if ( ! current_user_can( 'jetpack_connect' ) ) {
3621
					$error = 'cheatin';
3622
					break;
3623
				}
3624
				check_admin_referer( 'jetpack-register' );
3625
				Jetpack::log( 'register' );
3626
				Jetpack::maybe_set_version_option();
3627
				$registered = Jetpack::try_registration();
3628
				if ( is_wp_error( $registered ) ) {
3629
					$error = $registered->get_error_code();
3630
					Jetpack::state( 'error_description', $error );
3631
					Jetpack::state( 'error_description', $registered->get_error_message() );
3632
					break;
3633
				}
3634
3635
				$from = isset( $_GET['from'] ) ? $_GET['from'] : false;
3636
3637
				wp_redirect( $this->build_connect_url( true, false, $from ) );
3638
				exit;
3639
			case 'activate' :
3640
				if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
3641
					$error = 'cheatin';
3642
					break;
3643
				}
3644
3645
				$module = stripslashes( $_GET['module'] );
3646
				check_admin_referer( "jetpack_activate-$module" );
3647
				Jetpack::log( 'activate', $module );
3648
				Jetpack::activate_module( $module );
3649
				// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
3650
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3651
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3652
			case 'activate_default_modules' :
3653
				check_admin_referer( 'activate_default_modules' );
3654
				Jetpack::log( 'activate_default_modules' );
3655
				Jetpack::restate();
3656
				$min_version   = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
3657
				$max_version   = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
3658
				$other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
3659
				Jetpack::activate_default_modules( $min_version, $max_version, $other_modules );
3660
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3661
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3662
			case 'disconnect' :
3663
				if ( ! current_user_can( 'jetpack_disconnect' ) ) {
3664
					$error = 'cheatin';
3665
					break;
3666
				}
3667
3668
				check_admin_referer( 'jetpack-disconnect' );
3669
				Jetpack::log( 'disconnect' );
3670
				Jetpack::disconnect();
3671
				wp_safe_redirect( Jetpack::admin_url( 'disconnected=true' ) );
3672
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3673
			case 'reconnect' :
3674
				if ( ! current_user_can( 'jetpack_reconnect' ) ) {
3675
					$error = 'cheatin';
3676
					break;
3677
				}
3678
3679
				check_admin_referer( 'jetpack-reconnect' );
3680
				Jetpack::log( 'reconnect' );
3681
				$this->disconnect();
3682
				wp_redirect( $this->build_connect_url( true, false, 'reconnect' ) );
3683
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3684 View Code Duplication
			case 'deactivate' :
3685
				if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
3686
					$error = 'cheatin';
3687
					break;
3688
				}
3689
3690
				$modules = stripslashes( $_GET['module'] );
3691
				check_admin_referer( "jetpack_deactivate-$modules" );
3692
				foreach ( explode( ',', $modules ) as $module ) {
3693
					Jetpack::log( 'deactivate', $module );
3694
					Jetpack::deactivate_module( $module );
3695
					Jetpack::state( 'message', 'module_deactivated' );
3696
				}
3697
				Jetpack::state( 'module', $modules );
3698
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3699
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3700
			case 'unlink' :
3701
				$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
3702
				check_admin_referer( 'jetpack-unlink' );
3703
				Jetpack::log( 'unlink' );
3704
				$this->unlink_user();
3705
				Jetpack::state( 'message', 'unlinked' );
3706
				if ( 'sub-unlink' == $redirect ) {
3707
					wp_safe_redirect( admin_url() );
3708
				} else {
3709
					wp_safe_redirect( Jetpack::admin_url( array( 'page' => $redirect ) ) );
3710
				}
3711
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3712
			default:
3713
				/**
3714
				 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
3715
				 *
3716
				 * @since 2.6.0
3717
				 *
3718
				 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
3719
				 */
3720
				do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
3721
			}
3722
		}
3723
3724
		if ( ! $error = $error ? $error : Jetpack::state( 'error' ) ) {
3725
			self::activate_new_modules( true );
3726
		}
3727
3728
		$message_code = Jetpack::state( 'message' );
3729
		if ( Jetpack::state( 'optin-manage' ) ) {
3730
			$activated_manage = $message_code;
3731
			$message_code = 'jetpack-manage';
3732
		}
3733
3734
		switch ( $message_code ) {
3735
		case 'jetpack-manage':
3736
			$this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>';
3737
			if ( $activated_manage ) {
3738
				$this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack'  ) . '</strong>';
3739
			}
3740
			break;
3741
3742
		}
3743
3744
		$deactivated_plugins = Jetpack::state( 'deactivated_plugins' );
3745
3746
		if ( ! empty( $deactivated_plugins ) ) {
3747
			$deactivated_plugins = explode( ',', $deactivated_plugins );
3748
			$deactivated_titles  = array();
3749
			foreach ( $deactivated_plugins as $deactivated_plugin ) {
3750
				if ( ! isset( $this->plugins_to_deactivate[$deactivated_plugin] ) ) {
3751
					continue;
3752
				}
3753
3754
				$deactivated_titles[] = '<strong>' . str_replace( ' ', '&nbsp;', $this->plugins_to_deactivate[$deactivated_plugin][1] ) . '</strong>';
3755
			}
3756
3757
			if ( $deactivated_titles ) {
3758
				if ( $this->message ) {
3759
					$this->message .= "<br /><br />\n";
3760
				}
3761
3762
				$this->message .= wp_sprintf(
3763
					_n(
3764
						'Jetpack contains the most recent version of the old %l plugin.',
3765
						'Jetpack contains the most recent versions of the old %l plugins.',
3766
						count( $deactivated_titles ),
3767
						'jetpack'
3768
					),
3769
					$deactivated_titles
3770
				);
3771
3772
				$this->message .= "<br />\n";
3773
3774
				$this->message .= _n(
3775
					'The old version has been deactivated and can be removed from your site.',
3776
					'The old versions have been deactivated and can be removed from your site.',
3777
					count( $deactivated_titles ),
3778
					'jetpack'
3779
				);
3780
			}
3781
		}
3782
3783
		$this->privacy_checks = Jetpack::state( 'privacy_checks' );
3784
3785
		if ( $this->message || $this->error || $this->privacy_checks || $this->can_display_jetpack_manage_notice() ) {
3786
			add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
3787
		}
3788
3789 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) ) {
3790
			/**
3791
			 * Fires when a module configuration page is loaded.
3792
			 * The dynamic part of the hook is the configure parameter from the URL.
3793
			 *
3794
			 * @since 1.1.0
3795
			 */
3796
			do_action( 'jetpack_module_configuration_load_' . $_GET['configure'] );
3797
		}
3798
3799
		add_filter( 'jetpack_short_module_description', 'wptexturize' );
3800
	}
3801
3802
	function admin_notices() {
3803
3804
		if ( $this->error ) {
3805
?>
3806
<div id="message" class="jetpack-message jetpack-err">
3807
	<div class="squeezer">
3808
		<h2><?php echo wp_kses( $this->error, array( 'a' => array( 'href' => array() ), 'small' => true, 'code' => true, 'strong' => true, 'br' => true, 'b' => true ) ); ?></h2>
3809
<?php	if ( $desc = Jetpack::state( 'error_description' ) ) : ?>
3810
		<p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
3811
<?php	endif; ?>
3812
	</div>
3813
</div>
3814
<?php
3815
		}
3816
3817
		if ( $this->message ) {
3818
?>
3819
<div id="message" class="jetpack-message">
3820
	<div class="squeezer">
3821
		<h2><?php echo wp_kses( $this->message, array( 'strong' => array(), 'a' => array( 'href' => true ), 'br' => true ) ); ?></h2>
3822
	</div>
3823
</div>
3824
<?php
3825
		}
3826
3827
		if ( $this->privacy_checks ) :
3828
			$module_names = $module_slugs = array();
3829
3830
			$privacy_checks = explode( ',', $this->privacy_checks );
3831
			$privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
3832
			foreach ( $privacy_checks as $module_slug ) {
3833
				$module = Jetpack::get_module( $module_slug );
3834
				if ( ! $module ) {
3835
					continue;
3836
				}
3837
3838
				$module_slugs[] = $module_slug;
3839
				$module_names[] = "<strong>{$module['name']}</strong>";
3840
			}
3841
3842
			$module_slugs = join( ',', $module_slugs );
3843
?>
3844
<div id="message" class="jetpack-message jetpack-err">
3845
	<div class="squeezer">
3846
		<h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
3847
		<p><?php
3848
			echo wp_kses(
3849
				wptexturize(
3850
					wp_sprintf(
3851
						_nx(
3852
							"Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
3853
							"Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
3854
							count( $privacy_checks ),
3855
							'%l = list of Jetpack module/feature names',
3856
							'jetpack'
3857
						),
3858
						$module_names
3859
					)
3860
				),
3861
				array( 'strong' => true )
3862
			);
3863
3864
			echo "\n<br />\n";
3865
3866
			echo wp_kses(
3867
				sprintf(
3868
					_nx(
3869
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
3870
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
3871
						count( $privacy_checks ),
3872
						'%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
3873
						'jetpack'
3874
					),
3875
					wp_nonce_url(
3876
						Jetpack::admin_url(
3877
							array(
3878
								'page'   => 'jetpack',
3879
								'action' => 'deactivate',
3880
								'module' => urlencode( $module_slugs ),
3881
							)
3882
						),
3883
						"jetpack_deactivate-$module_slugs"
3884
					),
3885
					esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
3886
				),
3887
				array( 'a' => array( 'href' => true, 'title' => true ) )
3888
			);
3889
		?></p>
3890
	</div>
3891
</div>
3892
<?php endif;
3893
	// only display the notice if the other stuff is not there
3894
	if( $this->can_display_jetpack_manage_notice() && !  $this->error && ! $this->message && ! $this->privacy_checks ) {
3895
		if( isset( $_GET['page'] ) && 'jetpack' != $_GET['page'] )
3896
			$this->opt_in_jetpack_manage_notice();
3897
		}
3898
	}
3899
3900
	/**
3901
	 * Record a stat for later output.  This will only currently output in the admin_footer.
3902
	 */
3903
	function stat( $group, $detail ) {
3904
		if ( ! isset( $this->stats[ $group ] ) )
3905
			$this->stats[ $group ] = array();
3906
		$this->stats[ $group ][] = $detail;
3907
	}
3908
3909
	/**
3910
	 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
3911
	 */
3912
	function do_stats( $method = '' ) {
3913
		if ( is_array( $this->stats ) && count( $this->stats ) ) {
3914
			foreach ( $this->stats as $group => $stats ) {
3915
				if ( is_array( $stats ) && count( $stats ) ) {
3916
					$args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
3917
					if ( 'server_side' === $method ) {
3918
						self::do_server_side_stat( $args );
3919
					} else {
3920
						echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
3921
					}
3922
				}
3923
				unset( $this->stats[ $group ] );
3924
			}
3925
		}
3926
	}
3927
3928
	/**
3929
	 * Runs stats code for a one-off, server-side.
3930
	 *
3931
	 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
3932
	 *
3933
	 * @return bool If it worked.
3934
	 */
3935
	static function do_server_side_stat( $args ) {
3936
		$response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
3937
		if ( is_wp_error( $response ) )
3938
			return false;
3939
3940
		if ( 200 !== wp_remote_retrieve_response_code( $response ) )
3941
			return false;
3942
3943
		return true;
3944
	}
3945
3946
	/**
3947
	 * Builds the stats url.
3948
	 *
3949
	 * @param $args array|string The arguments to append to the URL.
3950
	 *
3951
	 * @return string The URL to be pinged.
3952
	 */
3953
	static function build_stats_url( $args ) {
3954
		$defaults = array(
3955
			'v'    => 'wpcom2',
3956
			'rand' => md5( mt_rand( 0, 999 ) . time() ),
3957
		);
3958
		$args     = wp_parse_args( $args, $defaults );
3959
		/**
3960
		 * Filter the URL used as the Stats tracking pixel.
3961
		 *
3962
		 * @since 2.3.2
3963
		 *
3964
		 * @param string $url Base URL used as the Stats tracking pixel.
3965
		 */
3966
		$base_url = apply_filters(
3967
			'jetpack_stats_base_url',
3968
			set_url_scheme( 'http://pixel.wp.com/g.gif' )
3969
		);
3970
		$url      = add_query_arg( $args, $base_url );
3971
		return $url;
3972
	}
3973
3974
	function translate_current_user_to_role() {
3975
		foreach ( $this->capability_translations as $role => $cap ) {
3976
			if ( current_user_can( $role ) || current_user_can( $cap ) ) {
3977
				return $role;
3978
			}
3979
		}
3980
3981
		return false;
3982
	}
3983
3984
	function translate_role_to_cap( $role ) {
3985
		if ( ! isset( $this->capability_translations[$role] ) ) {
3986
			return false;
3987
		}
3988
3989
		return $this->capability_translations[$role];
3990
	}
3991
3992
	function sign_role( $role ) {
3993
		if ( ! $user_id = (int) get_current_user_id() ) {
3994
			return false;
3995
		}
3996
3997
		$token = Jetpack_Data::get_access_token();
3998
		if ( ! $token || is_wp_error( $token ) ) {
3999
			return false;
4000
		}
4001
4002
		return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret );
4003
	}
4004
4005
4006
	/**
4007
	 * Builds a URL to the Jetpack connection auth page
4008
	 *
4009
	 * @since 3.9.5
4010
	 *
4011
	 * @param bool $raw If true, URL will not be escaped.
4012
	 * @param bool|string $redirect If true, will redirect back to Jetpack wp-admin landing page after connection.
4013
	 *                              If string, will be a custom redirect.
4014
	 * @param bool|string $from If not false, adds 'from=$from' param to the connect URL.
4015
	 *
4016
	 * @return string Connect URL
4017
	 */
4018
	function build_connect_url( $raw = false, $redirect = false, $from = false ) {
4019
		if ( ! Jetpack_Options::get_option( 'blog_token' ) || ! Jetpack_Options::get_option( 'id' ) ) {
4020
			$url = Jetpack::nonce_url_no_esc( Jetpack::admin_url( 'action=register' ), 'jetpack-register' );
4021
			if( is_network_admin() ) {
4022
			    $url = add_query_arg( 'is_multisite', network_admin_url(
4023
			    'admin.php?page=jetpack-settings' ), $url );
4024
			}
4025
		} else {
4026
			require_once JETPACK__GLOTPRESS_LOCALES_PATH;
4027
			$role = $this->translate_current_user_to_role();
4028
			$signed_role = $this->sign_role( $role );
4029
4030
			$user = wp_get_current_user();
4031
4032
			$jetpack_admin_page = esc_url_raw( admin_url( 'admin.php?page=jetpack' ) );
4033
			$redirect = $redirect
4034
				? wp_validate_redirect( esc_url_raw( $redirect ), $jetpack_admin_page )
4035
				: $jetpack_admin_page;
4036
4037
			$gp_locale = GP_Locales::by_field( 'wp_locale', get_locale() );
4038
4039
			if( isset( $_REQUEST['is_multisite'] ) ) {
4040
				$redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4041
			}
4042
4043
			$secrets = Jetpack::init()->generate_secrets( 'authorize' );
4044
			@list( $secret ) = explode( ':', $secrets );
4045
			
4046
			$site_icon = ( function_exists( 'has_site_icon') && has_site_icon() )
4047
				? get_site_icon_url()
4048
				: false;
4049
4050
			$args = urlencode_deep(
4051
				array(
4052
					'response_type' => 'code',
4053
					'client_id'     => Jetpack_Options::get_option( 'id' ),
4054
					'redirect_uri'  => add_query_arg(
4055
						array(
4056
							'action'   => 'authorize',
4057
							'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
4058
							'redirect' => urlencode( $redirect ),
4059
						),
4060
						esc_url( admin_url( 'admin.php?page=jetpack' ) )
4061
					),
4062
					'state'         => $user->ID,
4063
					'scope'         => $signed_role,
4064
					'user_email'    => $user->user_email,
4065
					'user_login'    => $user->user_login,
4066
					'is_active'     => Jetpack::is_active(),
4067
					'jp_version'    => JETPACK__VERSION,
4068
					'auth_type'     => 'calypso',
4069
					'secret'        => $secret,
4070
					'locale'        => isset( $gp_locale->slug ) ? $gp_locale->slug : '',
4071
					'blogname'      => get_option( 'blogname' ),
4072
					'site_url'      => site_url(),
4073
					'home_url'      => home_url(),
4074
					'site_icon'     => $site_icon,
4075
				)
4076
			);
4077
4078
			$url = add_query_arg( $args, Jetpack::api_url( 'authorize' ) );
4079
		}
4080
4081
		if ( $from ) {
4082
			$url = add_query_arg( 'from', $from, $url );
4083
		}
4084
4085
		if ( isset( $_GET['calypso_env'] ) ) {
4086
			$url = add_query_arg( 'calypso_env', sanitize_key( $_GET['calypso_env'] ), $url );
4087
		}
4088
4089
		return $raw ? $url : esc_url( $url );
4090
	}
4091
4092
	function build_reconnect_url( $raw = false ) {
4093
		$url = wp_nonce_url( Jetpack::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4094
		return $raw ? $url : esc_url( $url );
4095
	}
4096
4097
	public static function admin_url( $args = null ) {
4098
		$args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4099
		$url = add_query_arg( $args, admin_url( 'admin.php' ) );
4100
		return $url;
4101
	}
4102
4103
	public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4104
		$actionurl = str_replace( '&amp;', '&', $actionurl );
4105
		return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4106
	}
4107
4108
	function dismiss_jetpack_notice() {
4109
4110
		if ( ! isset( $_GET['jetpack-notice'] ) ) {
4111
			return;
4112
		}
4113
4114
		switch( $_GET['jetpack-notice'] ) {
4115
			case 'dismiss':
4116
				if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4117
4118
					require_once ABSPATH . 'wp-admin/includes/plugin.php';
4119
					deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4120
					wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4121
				}
4122
				break;
4123 View Code Duplication
			case 'jetpack-manage-opt-out':
4124
4125
				if ( check_admin_referer( 'jetpack_manage_banner_opt_out' ) ) {
4126
					// Don't show the banner again
4127
4128
					Jetpack_Options::update_option( 'dismissed_manage_banner', true );
4129
					// redirect back to the page that had the notice
4130
					if ( wp_get_referer() ) {
4131
						wp_safe_redirect( wp_get_referer() );
4132
					} else {
4133
						// Take me to Jetpack
4134
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4135
					}
4136
				}
4137
				break;
4138 View Code Duplication
			case 'jetpack-protect-multisite-opt-out':
4139
4140
				if ( check_admin_referer( 'jetpack_protect_multisite_banner_opt_out' ) ) {
4141
					// Don't show the banner again
4142
4143
					update_site_option( 'jetpack_dismissed_protect_multisite_banner', true );
4144
					// redirect back to the page that had the notice
4145
					if ( wp_get_referer() ) {
4146
						wp_safe_redirect( wp_get_referer() );
4147
					} else {
4148
						// Take me to Jetpack
4149
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4150
					}
4151
				}
4152
				break;
4153
			case 'jetpack-manage-opt-in':
4154
				if ( check_admin_referer( 'jetpack_manage_banner_opt_in' ) ) {
4155
					// This makes sure that we are redirect to jetpack home so that we can see the Success Message.
4156
4157
					$redirection_url = Jetpack::admin_url();
4158
					remove_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4159
4160
					// Don't redirect form the Jetpack Setting Page
4161
					$referer_parsed = parse_url ( wp_get_referer() );
4162
					// check that we do have a wp_get_referer and the query paramater is set orderwise go to the Jetpack Home
4163
					if ( isset( $referer_parsed['query'] ) && false !== strpos( $referer_parsed['query'], 'page=jetpack_modules' ) ) {
4164
						// Take the user to Jetpack home except when on the setting page
4165
						$redirection_url = wp_get_referer();
4166
						add_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4167
					}
4168
					// Also update the JSON API FULL MANAGEMENT Option
4169
					Jetpack::activate_module( 'manage', false, false );
4170
4171
					// Special Message when option in.
4172
					Jetpack::state( 'optin-manage', 'true' );
4173
					// Activate the Module if not activated already
4174
4175
					// Redirect properly
4176
					wp_safe_redirect( $redirection_url );
4177
4178
				}
4179
				break;
4180
		}
4181
	}
4182
4183
	function debugger_page() {
4184
		nocache_headers();
4185
		if ( ! current_user_can( 'manage_options' ) ) {
4186
			die( '-1' );
4187
		}
4188
		Jetpack_Debugger::jetpack_debug_display_handler();
4189
		exit;
4190
	}
4191
4192
	public static function admin_screen_configure_module( $module_id ) {
4193
4194
		// User that doesn't have 'jetpack_configure_modules' will never end up here since Jetpack Landing Page woun't let them.
4195
		if ( ! in_array( $module_id, Jetpack::get_active_modules() ) && current_user_can( 'manage_options' ) ) {
4196
			if ( has_action( 'display_activate_module_setting_' . $module_id ) ) {
4197
				/**
4198
				 * Fires to diplay a custom module activation screen.
4199
				 *
4200
				 * To add a module actionation screen use Jetpack::module_configuration_activation_screen method.
4201
				 * Example: Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
4202
				 *
4203
				 * @module manage
4204
				 *
4205
				 * @since 3.8.0
4206
				 *
4207
				 * @param int $module_id Module ID.
4208
				 */
4209
				do_action( 'display_activate_module_setting_' . $module_id );
4210
			} else {
4211
				self::display_activate_module_link( $module_id );
4212
			}
4213
4214
			return false;
4215
		} ?>
4216
4217
		<div id="jp-settings-screen" style="position: relative">
4218
			<h3>
4219
			<?php
4220
				$module = Jetpack::get_module( $module_id );
4221
				echo '<a href="' . Jetpack::admin_url( 'page=jetpack_modules' ) . '">' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</a> &rarr; ';
4222
				printf( __( 'Configure %s', 'jetpack' ), $module['name'] );
4223
			?>
4224
			</h3>
4225
			<?php
4226
				/**
4227
				 * Fires within the displayed message when a feature configuation is updated.
4228
				 *
4229
				 * @since 3.4.0
4230
				 *
4231
				 * @param int $module_id Module ID.
4232
				 */
4233
				do_action( 'jetpack_notices_update_settings', $module_id );
4234
				/**
4235
				 * Fires when a feature configuation screen is loaded.
4236
				 * The dynamic part of the hook, $module_id, is the module ID.
4237
				 *
4238
				 * @since 1.1.0
4239
				 */
4240
				do_action( 'jetpack_module_configuration_screen_' . $module_id );
4241
			?>
4242
		</div><?php
4243
	}
4244
4245
	/**
4246
	 * Display link to activate the module to see the settings screen.
4247
	 * @param  string $module_id
4248
	 * @return null
4249
	 */
4250
	public static function display_activate_module_link( $module_id ) {
4251
4252
		$info =  Jetpack::get_module( $module_id );
4253
		$extra = '';
4254
		$activate_url = wp_nonce_url(
4255
				Jetpack::admin_url(
4256
					array(
4257
						'page'   => 'jetpack',
4258
						'action' => 'activate',
4259
						'module' => $module_id,
4260
					)
4261
				),
4262
				"jetpack_activate-$module_id"
4263
			);
4264
4265
		?>
4266
4267
		<div class="wrap configure-module">
4268
			<div id="jp-settings-screen">
4269
				<?php
4270
				if ( $module_id == 'json-api' ) {
4271
4272
					$info['name'] = esc_html__( 'Activate Site Management and JSON API', 'jetpack' );
4273
4274
					$activate_url = Jetpack::init()->opt_in_jetpack_manage_url();
4275
4276
					$info['description'] = sprintf( __( 'Manage your multiple Jetpack sites from our centralized dashboard at wordpress.com/sites. <a href="%s" target="_blank">Learn more</a>.', 'jetpack' ), 'https://jetpack.com/support/site-management' );
4277
4278
					// $extra = __( 'To use Site Management, you need to first activate JSON API to allow remote management of your site. ', 'jetpack' );
4279
				} ?>
4280
4281
				<h3><?php echo esc_html( $info['name'] ); ?></h3>
4282
				<div class="narrow">
4283
					<p><?php echo  $info['description']; ?></p>
4284
					<?php if( $extra ) { ?>
4285
					<p><?php echo esc_html( $extra ); ?></p>
4286
					<?php } ?>
4287
					<p>
4288
						<?php
4289
						if( wp_get_referer() ) {
4290
							printf( __( '<a class="button-primary" href="%s">Activate Now</a> or <a href="%s" >return to previous page</a>.', 'jetpack' ) , $activate_url, wp_get_referer() );
4291
						} else {
4292
							printf( __( '<a class="button-primary" href="%s">Activate Now</a>', 'jetpack' ) , $activate_url  );
4293
						} ?>
4294
					</p>
4295
				</div>
4296
4297
			</div>
4298
		</div>
4299
4300
		<?php
4301
	}
4302
4303
	public static function sort_modules( $a, $b ) {
4304
		if ( $a['sort'] == $b['sort'] )
4305
			return 0;
4306
4307
		return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4308
	}
4309
4310 View Code Duplication
	function sync_reindex_trigger() {
4311
		if ( $this->current_user_is_connection_owner() && current_user_can( 'manage_options' ) ) {
4312
			echo json_encode( $this->sync->reindex_trigger() );
4313
		} else {
4314
			echo '{"status":"ERROR"}';
4315
		}
4316
		exit;
4317
	}
4318
4319 View Code Duplication
	function sync_reindex_status(){
4320
		if ( $this->current_user_is_connection_owner() && current_user_can( 'manage_options' ) ) {
4321
			echo json_encode( $this->sync->reindex_status() );
4322
		} else {
4323
			echo '{"status":"ERROR"}';
4324
		}
4325
		exit;
4326
	}
4327
4328
	function ajax_recheck_ssl() {
4329
		check_ajax_referer( 'recheck-ssl', 'ajax-nonce' );
4330
		$result = Jetpack::permit_ssl( true );
4331
		wp_send_json( array(
4332
			'enabled' => $result,
4333
			'message' => get_transient( 'jetpack_https_test_message' )
4334
		) );
4335
	}
4336
4337
/* Client API */
4338
4339
	/**
4340
	 * Returns the requested Jetpack API URL
4341
	 *
4342
	 * @return string
4343
	 */
4344
	public static function api_url( $relative_url ) {
4345
		return trailingslashit( JETPACK__API_BASE . $relative_url  ) . JETPACK__API_VERSION . '/';
4346
	}
4347
4348
	/**
4349
	 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
4350
	 */
4351
	public static function fix_url_for_bad_hosts( $url ) {
4352
		if ( 0 !== strpos( $url, 'https://' ) ) {
4353
			return $url;
4354
		}
4355
4356
		switch ( JETPACK_CLIENT__HTTPS ) {
4357
			case 'ALWAYS' :
4358
				return $url;
4359
			case 'NEVER' :
4360
				return set_url_scheme( $url, 'http' );
4361
			// default : case 'AUTO' :
4362
		}
4363
4364
		// we now return the unmodified SSL URL by default, as a security precaution
4365
		return $url;
4366
	}
4367
4368
	/**
4369
	 * Checks to see if the URL is using SSL to connect with Jetpack
4370
	 *
4371
	 * @since 2.3.3
4372
	 * @return boolean
4373
	 */
4374
	public static function permit_ssl( $force_recheck = false ) {
4375
		// Do some fancy tests to see if ssl is being supported
4376
		if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
4377
			$message = '';
4378
			if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
4379
				$ssl = 0;
4380
			} else {
4381
				switch ( JETPACK_CLIENT__HTTPS ) {
4382
					case 'NEVER':
4383
						$ssl = 0;
4384
						$message = __( 'JETPACK_CLIENT__HTTPS is set to NEVER', 'jetpack' );
4385
						break;
4386
					case 'ALWAYS':
4387
					case 'AUTO':
4388
					default:
4389
						$ssl = 1;
4390
						break;
4391
				}
4392
4393
				// If it's not 'NEVER', test to see
4394
				if ( $ssl ) {
4395
					if ( ! wp_http_supports( array( 'ssl' => true ) ) ) {
4396
						$ssl = 0;
4397
						$message = __( 'WordPress reports no SSL support', 'jetpack' );
4398
					} else {
4399
						$response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
4400
						if ( is_wp_error( $response ) ) {
4401
							$ssl = 0;
4402
							$message = __( 'WordPress reports no SSL support', 'jetpack' );
4403
						} elseif ( 'OK' !== wp_remote_retrieve_body( $response ) ) {
4404
							$ssl = 0;
4405
							$message = __( 'Response was not OK: ', 'jetpack' ) . wp_remote_retrieve_body( $response );
4406
						}
4407
					}
4408
				}
4409
			}
4410
			set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
4411
			set_transient( 'jetpack_https_test_message', $message, DAY_IN_SECONDS );
4412
		}
4413
4414
		return (bool) $ssl;
4415
	}
4416
4417
	/*
4418
	 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'AUTO' but SSL isn't working.
4419
	 */
4420
	public function alert_auto_ssl_fail() {
4421
		if ( ! current_user_can( 'manage_options' ) )
4422
			return;
4423
4424
		$ajax_nonce = wp_create_nonce( 'recheck-ssl' );
4425
		?>
4426
4427
		<div id="jetpack-ssl-warning" class="error jp-identity-crisis">
4428
			<div class="jp-banner__content">
4429
				<h2><?php _e( 'Outbound HTTPS not working', 'jetpack' ); ?></h2>
4430
				<p><?php _e( 'Your site could not connect to WordPress.com via HTTPS. This could be due to any number of reasons, including faulty SSL certificates, misconfigured or missing SSL libraries, or network issues.', 'jetpack' ); ?></p>
4431
				<p>
4432
					<?php _e( 'Jetpack will re-test for HTTPS support once a day, but you can click here to try again immediately: ', 'jetpack' ); ?>
4433
					<a href="#" id="jetpack-recheck-ssl-button"><?php _e( 'Try again', 'jetpack' ); ?></a>
4434
					<span id="jetpack-recheck-ssl-output"><?php echo get_transient( 'jetpack_https_test_message' ); ?></span>
4435
				</p>
4436
				<p>
4437
					<?php printf( __( 'For more help, try our <a href="%1$s">connection debugger</a> or <a href="%2$s" target="_blank">troubleshooting tips</a>.', 'jetpack' ), 
4438
							esc_url( Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) ),
4439
							esc_url( 'https://jetpack.com/support/getting-started-with-jetpack/troubleshooting-tips/' ) ); ?>
4440
				</p>
4441
			</div>
4442
		</div>
4443
		<style>
4444
			#jetpack-recheck-ssl-output { margin-left: 5px; color: red; }
4445
		</style>
4446
		<script type="text/javascript">
4447
			jQuery( document ).ready( function( $ ) {
4448
				$( '#jetpack-recheck-ssl-button' ).click( function( e ) {
4449
					var $this = $( this );
4450
					$this.html( <?php echo json_encode( __( 'Checking', 'jetpack' ) ); ?> );
4451
					$( '#jetpack-recheck-ssl-output' ).html( '' );
4452
					e.preventDefault();
4453
					var data = { action: 'jetpack-recheck-ssl', 'ajax-nonce': '<?php echo $ajax_nonce; ?>' };
4454
					$.post( ajaxurl, data )
4455
					  .done( function( response ) {
4456
					  	if ( response.enabled ) {
4457
					  		$( '#jetpack-ssl-warning' ).hide();
4458
					  	} else {
4459
					  		this.html( <?php echo json_encode( __( 'Try again', 'jetpack' ) ); ?> );
4460
					  		$( '#jetpack-recheck-ssl-output' ).html( 'SSL Failed: ' + response.message );
4461
					  	}
4462
					  }.bind( $this ) );
4463
				} );
4464
			} );
4465
		</script>
4466
4467
		<?php
4468
	}
4469
4470
	/**
4471
	 * Returns the Jetpack XML-RPC API
4472
	 *
4473
	 * @return string
4474
	 */
4475
	public static function xmlrpc_api_url() {
4476
		$base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE );
4477
		return untrailingslashit( $base ) . '/xmlrpc.php';
4478
	}
4479
4480
	/**
4481
	 * Creates two secret tokens and the end of life timestamp for them.
4482
	 *
4483
	 * Note these tokens are unique per call, NOT static per site for connecting.
4484
	 *
4485
	 * @since 2.6
4486
	 * @return array
4487
	 */
4488
	public function generate_secrets( $action, $exp = 600 ) {
4489
	    $secret = wp_generate_password( 32, false ) // secret_1
4490
	    		. ':' . wp_generate_password( 32, false ) // secret_2
4491
	    		. ':' . ( time() + $exp ) // eol ( End of Life )
4492
	    		. ':' . get_current_user_id(); // ties the secrets to the current user
4493
		Jetpack_Options::update_option( $action, $secret );
4494
	    return Jetpack_Options::get_option( $action );
4495
	}
4496
4497
	/**
4498
	 * Builds the timeout limit for queries talking with the wpcom servers.
4499
	 *
4500
	 * Based on local php max_execution_time in php.ini
4501
	 *
4502
	 * @since 2.6
4503
	 * @return int
4504
	 **/
4505
	public function get_remote_query_timeout_limit() {
4506
	    $timeout = (int) ini_get( 'max_execution_time' );
4507
	    if ( ! $timeout ) // Ensure exec time set in php.ini
4508
		$timeout = 30;
4509
	    return intval( $timeout / 2 );
4510
	}
4511
4512
4513
	/**
4514
	 * Takes the response from the Jetpack register new site endpoint and
4515
	 * verifies it worked properly.
4516
	 *
4517
	 * @since 2.6
4518
	 * @return true or Jetpack_Error
4519
	 **/
4520
	public function validate_remote_register_response( $response ) {
4521
	    	if ( is_wp_error( $response ) ) {
4522
			return new Jetpack_Error( 'register_http_request_failed', $response->get_error_message() );
4523
		}
4524
4525
		$code   = wp_remote_retrieve_response_code( $response );
4526
		$entity = wp_remote_retrieve_body( $response );
4527
		if ( $entity )
4528
			$json = json_decode( $entity );
4529
		else
4530
			$json = false;
4531
4532
		$code_type = intval( $code / 100 );
4533
		if ( 5 == $code_type ) {
4534
			return new Jetpack_Error( 'wpcom_5??', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4535
		} elseif ( 408 == $code ) {
4536
			return new Jetpack_Error( 'wpcom_408', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4537
		} elseif ( ! empty( $json->error ) ) {
4538
			$error_description = isset( $json->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $json->error_description ) : '';
4539
			return new Jetpack_Error( (string) $json->error, $error_description, $code );
4540
		} elseif ( 200 != $code ) {
4541
			return new Jetpack_Error( 'wpcom_bad_response', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4542
		}
4543
4544
		// Jetpack ID error block
4545
		if ( empty( $json->jetpack_id ) ) {
4546
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ), $entity );
4547
		} elseif ( ! is_scalar( $json->jetpack_id ) ) {
4548
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4549
		} elseif ( preg_match( '/[^0-9]/', $json->jetpack_id ) ) {
4550
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4551
		}
4552
4553
	    return true;
4554
	}
4555
	/**
4556
	 * @return bool|WP_Error
4557
	 */
4558
	public static function register() {
4559
		add_action( 'pre_update_jetpack_option_register', array( 'Jetpack_Options', 'delete_option' ) );
4560
		$secrets = Jetpack::init()->generate_secrets( 'register' );
4561
4562
		@list( $secret_1, $secret_2, $secret_eol ) = explode( ':', $secrets );
4563 View Code Duplication
		if ( empty( $secret_1 ) || empty( $secret_2 ) || empty( $secret_eol ) || $secret_eol < time() ) {
4564
			return new Jetpack_Error( 'missing_secrets' );
4565
		}
4566
4567
		$timeout = Jetpack::init()->get_remote_query_timeout_limit();
4568
4569
		$gmt_offset = get_option( 'gmt_offset' );
4570
		if ( ! $gmt_offset ) {
4571
			$gmt_offset = 0;
4572
		}
4573
4574
		$stats_options = get_option( 'stats_options' );
4575
		$stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null;
4576
4577
		$args = array(
4578
			'method'  => 'POST',
4579
			'body'    => array(
4580
				'siteurl'         => site_url(),
4581
				'home'            => home_url(),
4582
				'gmt_offset'      => $gmt_offset,
4583
				'timezone_string' => (string) get_option( 'timezone_string' ),
4584
				'site_name'       => (string) get_option( 'blogname' ),
4585
				'secret_1'        => $secret_1,
4586
				'secret_2'        => $secret_2,
4587
				'site_lang'       => get_locale(),
4588
				'timeout'         => $timeout,
4589
				'stats_id'        => $stats_id,
4590
				'state'           => get_current_user_id(),
4591
			),
4592
			'headers' => array(
4593
				'Accept' => 'application/json',
4594
			),
4595
			'timeout' => $timeout,
4596
		);
4597
		$response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'register' ) ), $args, true );
4598
4599
4600
		// Make sure the response is valid and does not contain any Jetpack errors
4601
		$valid_response = Jetpack::init()->validate_remote_register_response( $response );
4602
		if( is_wp_error( $valid_response ) || !$valid_response ) {
4603
		    return $valid_response;
4604
		}
4605
4606
		// Grab the response values to work with
4607
		$code   = wp_remote_retrieve_response_code( $response );
4608
		$entity = wp_remote_retrieve_body( $response );
4609
4610
		if ( $entity )
4611
			$json = json_decode( $entity );
4612
		else
4613
			$json = false;
4614
4615 View Code Duplication
		if ( empty( $json->jetpack_secret ) || ! is_string( $json->jetpack_secret ) )
4616
			return new Jetpack_Error( 'jetpack_secret', '', $code );
4617
4618
		if ( isset( $json->jetpack_public ) ) {
4619
			$jetpack_public = (int) $json->jetpack_public;
4620
		} else {
4621
			$jetpack_public = false;
4622
		}
4623
4624
		Jetpack_Options::update_options(
4625
			array(
4626
				'id'         => (int)    $json->jetpack_id,
4627
				'blog_token' => (string) $json->jetpack_secret,
4628
				'public'     => $jetpack_public,
4629
			)
4630
		);
4631
4632
		/**
4633
		 * Fires when a site is registered on WordPress.com.
4634
		 *
4635
		 * @since 3.7.0
4636
		 *
4637
		 * @param int $json->jetpack_id Jetpack Blog ID.
4638
		 * @param string $json->jetpack_secret Jetpack Blog Token.
4639
		 * @param int|bool $jetpack_public Is the site public.
4640
		 */
4641
		do_action( 'jetpack_site_registered', $json->jetpack_id, $json->jetpack_secret, $jetpack_public );
4642
4643
		// Initialize Jump Start for the first and only time.
4644
		if ( ! Jetpack_Options::get_option( 'jumpstart' ) ) {
4645
			Jetpack_Options::update_option( 'jumpstart', 'new_connection' );
4646
4647
			$jetpack = Jetpack::init();
4648
4649
			$jetpack->stat( 'jumpstart', 'unique-views' );
4650
			$jetpack->do_stats( 'server_side' );
4651
		};
4652
4653
		return true;
4654
	}
4655
4656
	/**
4657
	 * If the db version is showing something other that what we've got now, bump it to current.
4658
	 *
4659
	 * @return bool: True if the option was incorrect and updated, false if nothing happened.
4660
	 */
4661
	public static function maybe_set_version_option() {
4662
		list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
4663
		if ( JETPACK__VERSION != $version ) {
4664
			Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
4665
			return true;
4666
		}
4667
		return false;
4668
	}
4669
4670
/* Client Server API */
4671
4672
	/**
4673
	 * Loads the Jetpack XML-RPC client
4674
	 */
4675
	public static function load_xml_rpc_client() {
4676
		require_once ABSPATH . WPINC . '/class-IXR.php';
4677
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-ixr-client.php';
4678
	}
4679
4680
	function verify_xml_rpc_signature() {
4681
		if ( $this->xmlrpc_verification ) {
4682
			return $this->xmlrpc_verification;
4683
		}
4684
4685
		// It's not for us
4686
		if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) {
4687
			return false;
4688
		}
4689
4690
		@list( $token_key, $version, $user_id ) = explode( ':', $_GET['token'] );
4691
		if (
4692
			empty( $token_key )
4693
		||
4694
			empty( $version ) || strval( JETPACK__API_VERSION ) !== $version
4695
		) {
4696
			return false;
4697
		}
4698
4699
		if ( '0' === $user_id ) {
4700
			$token_type = 'blog';
4701
			$user_id = 0;
4702
		} else {
4703
			$token_type = 'user';
4704
			if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) {
4705
				return false;
4706
			}
4707
			$user_id = (int) $user_id;
4708
4709
			$user = new WP_User( $user_id );
4710
			if ( ! $user || ! $user->exists() ) {
4711
				return false;
4712
			}
4713
		}
4714
4715
		$token = Jetpack_Data::get_access_token( $user_id );
4716
		if ( ! $token ) {
4717
			return false;
4718
		}
4719
4720
		$token_check = "$token_key.";
4721
		if ( ! hash_equals( substr( $token->secret, 0, strlen( $token_check ) ), $token_check ) ) {
4722
			return false;
4723
		}
4724
4725
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
4726
4727
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
4728
		if ( isset( $_POST['_jetpack_is_multipart'] ) ) {
4729
			$post_data   = $_POST;
4730
			$file_hashes = array();
4731
			foreach ( $post_data as $post_data_key => $post_data_value ) {
4732
				if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) {
4733
					continue;
4734
				}
4735
				$post_data_key = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) );
4736
				$file_hashes[$post_data_key] = $post_data_value;
4737
			}
4738
4739
			foreach ( $file_hashes as $post_data_key => $post_data_value ) {
4740
				unset( $post_data["_jetpack_file_hmac_{$post_data_key}"] );
4741
				$post_data[$post_data_key] = $post_data_value;
4742
			}
4743
4744
			ksort( $post_data );
4745
4746
			$body = http_build_query( stripslashes_deep( $post_data ) );
4747
		} elseif ( is_null( $this->HTTP_RAW_POST_DATA ) ) {
4748
			$body = file_get_contents( 'php://input' );
4749
		} else {
4750
			$body = null;
4751
		}
4752
		$signature = $jetpack_signature->sign_current_request(
4753
			array( 'body' => is_null( $body ) ? $this->HTTP_RAW_POST_DATA : $body, )
4754
		);
4755
4756
		if ( ! $signature ) {
4757
			return false;
4758
		} else if ( is_wp_error( $signature ) ) {
4759
			return $signature;
4760
		} else if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
4761
			return false;
4762
		}
4763
4764
		$timestamp = (int) $_GET['timestamp'];
4765
		$nonce     = stripslashes( (string) $_GET['nonce'] );
4766
4767
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
4768
			return false;
4769
		}
4770
4771
		$this->xmlrpc_verification = array(
4772
			'type'    => $token_type,
4773
			'user_id' => $token->external_user_id,
4774
		);
4775
4776
		return $this->xmlrpc_verification;
4777
	}
4778
4779
	/**
4780
	 * Authenticates XML-RPC and other requests from the Jetpack Server
4781
	 */
4782
	function authenticate_jetpack( $user, $username, $password ) {
4783
		if ( is_a( $user, 'WP_User' ) ) {
4784
			return $user;
4785
		}
4786
4787
		$token_details = $this->verify_xml_rpc_signature();
4788
4789
		if ( ! $token_details || is_wp_error( $token_details ) ) {
4790
			return $user;
4791
		}
4792
4793
		if ( 'user' !== $token_details['type'] ) {
4794
			return $user;
4795
		}
4796
4797
		if ( ! $token_details['user_id'] ) {
4798
			return $user;
4799
		}
4800
4801
		nocache_headers();
4802
4803
		return new WP_User( $token_details['user_id'] );
4804
	}
4805
4806
	function add_nonce( $timestamp, $nonce ) {
4807
		global $wpdb;
4808
		static $nonces_used_this_request = array();
4809
4810
		if ( isset( $nonces_used_this_request["$timestamp:$nonce"] ) ) {
4811
			return $nonces_used_this_request["$timestamp:$nonce"];
4812
		}
4813
4814
		// This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce
4815
		$timestamp = (int) $timestamp;
4816
		$nonce     = esc_sql( $nonce );
4817
4818
		// Raw query so we can avoid races: add_option will also update
4819
		$show_errors = $wpdb->show_errors( false );
4820
4821
		$old_nonce = $wpdb->get_row(
4822
			$wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" )
4823
		);
4824
4825
		if ( is_null( $old_nonce ) ) {
4826
			$return = $wpdb->query(
4827
				$wpdb->prepare(
4828
					"INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",
4829
					"jetpack_nonce_{$timestamp}_{$nonce}",
4830
					time(),
4831
					'no'
4832
				)
4833
			);
4834
		} else {
4835
			$return = false;
4836
		}
4837
4838
		$wpdb->show_errors( $show_errors );
4839
4840
		$nonces_used_this_request["$timestamp:$nonce"] = $return;
4841
4842
		return $return;
4843
	}
4844
4845
	/**
4846
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
4847
	 * Capture it here so we can verify the signature later.
4848
	 */
4849
	function xmlrpc_methods( $methods ) {
4850
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
4851
		return $methods;
4852
	}
4853
4854
	function public_xmlrpc_methods( $methods ) {
4855
		if ( array_key_exists( 'wp.getOptions', $methods ) ) {
4856
			$methods['wp.getOptions'] = array( $this, 'jetpack_getOptions' );
4857
		}
4858
		return $methods;
4859
	}
4860
4861
	function jetpack_getOptions( $args ) {
4862
		global $wp_xmlrpc_server;
4863
4864
		$wp_xmlrpc_server->escape( $args );
4865
4866
		$username	= $args[1];
4867
		$password	= $args[2];
4868
4869
		if ( !$user = $wp_xmlrpc_server->login($username, $password) ) {
4870
			return $wp_xmlrpc_server->error;
4871
		}
4872
4873
		$options = array();
4874
		$user_data = $this->get_connected_user_data();
4875
		if ( is_array( $user_data ) ) {
4876
			$options['jetpack_user_id'] = array(
4877
				'desc'          => __( 'The WP.com user ID of the connected user', 'jetpack' ),
4878
				'readonly'      => true,
4879
				'value'         => $user_data['ID'],
4880
			);
4881
			$options['jetpack_user_login'] = array(
4882
				'desc'          => __( 'The WP.com username of the connected user', 'jetpack' ),
4883
				'readonly'      => true,
4884
				'value'         => $user_data['login'],
4885
			);
4886
			$options['jetpack_user_email'] = array(
4887
				'desc'          => __( 'The WP.com user email of the connected user', 'jetpack' ),
4888
				'readonly'      => true,
4889
				'value'         => $user_data['email'],
4890
			);
4891
			$options['jetpack_user_site_count'] = array(
4892
				'desc'          => __( 'The number of sites of the connected WP.com user', 'jetpack' ),
4893
				'readonly'      => true,
4894
				'value'         => $user_data['site_count'],
4895
			);
4896
		}
4897
		$wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options );
4898
		$args = stripslashes_deep( $args );
4899
		return $wp_xmlrpc_server->wp_getOptions( $args );
4900
	}
4901
4902
	function xmlrpc_options( $options ) {
4903
		$jetpack_client_id = false;
4904
		if ( self::is_active() ) {
4905
			$jetpack_client_id = Jetpack_Options::get_option( 'id' );
4906
		}
4907
		$options['jetpack_version'] = array(
4908
				'desc'          => __( 'Jetpack Plugin Version', 'jetpack' ),
4909
				'readonly'      => true,
4910
				'value'         => JETPACK__VERSION,
4911
		);
4912
4913
		$options['jetpack_client_id'] = array(
4914
				'desc'          => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),
4915
				'readonly'      => true,
4916
				'value'         => $jetpack_client_id,
4917
		);
4918
		return $options;
4919
	}
4920
4921
	public static function clean_nonces( $all = false ) {
4922
		global $wpdb;
4923
4924
		$sql = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s";
4925
		if ( method_exists ( $wpdb , 'esc_like' ) ) {
4926
			$sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' );
4927
		} else {
4928
			$sql_args = array( like_escape( 'jetpack_nonce_' ) . '%' );
4929
		}
4930
4931
		if ( true !== $all ) {
4932
			$sql .= ' AND CAST( `option_value` AS UNSIGNED ) < %d';
4933
			$sql_args[] = time() - 3600;
4934
		}
4935
4936
		$sql .= ' ORDER BY `option_id` LIMIT 100';
4937
4938
		$sql = $wpdb->prepare( $sql, $sql_args );
4939
4940
		for ( $i = 0; $i < 1000; $i++ ) {
4941
			if ( ! $wpdb->query( $sql ) ) {
4942
				break;
4943
			}
4944
		}
4945
	}
4946
4947
	/**
4948
	 * State is passed via cookies from one request to the next, but never to subsequent requests.
4949
	 * SET: state( $key, $value );
4950
	 * GET: $value = state( $key );
4951
	 *
4952
	 * @param string $key
4953
	 * @param string $value
4954
	 * @param bool $restate private
4955
	 */
4956
	public static function state( $key = null, $value = null, $restate = false ) {
4957
		static $state = array();
4958
		static $path, $domain;
4959
		if ( ! isset( $path ) ) {
4960
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
4961
			$admin_url = Jetpack::admin_url();
4962
			$bits      = parse_url( $admin_url );
4963
4964
			if ( is_array( $bits ) ) {
4965
				$path   = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
4966
				$domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
4967
			} else {
4968
				$path = $domain = null;
4969
			}
4970
		}
4971
4972
		// Extract state from cookies and delete cookies
4973
		if ( isset( $_COOKIE[ 'jetpackState' ] ) && is_array( $_COOKIE[ 'jetpackState' ] ) ) {
4974
			$yum = $_COOKIE[ 'jetpackState' ];
4975
			unset( $_COOKIE[ 'jetpackState' ] );
4976
			foreach ( $yum as $k => $v ) {
4977
				if ( strlen( $v ) )
4978
					$state[ $k ] = $v;
4979
				setcookie( "jetpackState[$k]", false, 0, $path, $domain );
4980
			}
4981
		}
4982
4983
		if ( $restate ) {
4984
			foreach ( $state as $k => $v ) {
4985
				setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
4986
			}
4987
			return;
4988
		}
4989
4990
		// Get a state variable
4991
		if ( isset( $key ) && ! isset( $value ) ) {
4992
			if ( array_key_exists( $key, $state ) )
4993
				return $state[ $key ];
4994
			return null;
4995
		}
4996
4997
		// Set a state variable
4998
		if ( isset ( $key ) && isset( $value ) ) {
4999
			if( is_array( $value ) && isset( $value[0] ) ) {
5000
				$value = $value[0];
5001
			}
5002
			$state[ $key ] = $value;
5003
			setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5004
		}
5005
	}
5006
5007
	public static function restate() {
5008
		Jetpack::state( null, null, true );
5009
	}
5010
5011
	public static function check_privacy( $file ) {
5012
		static $is_site_publicly_accessible = null;
5013
5014
		if ( is_null( $is_site_publicly_accessible ) ) {
5015
			$is_site_publicly_accessible = false;
5016
5017
			Jetpack::load_xml_rpc_client();
5018
			$rpc = new Jetpack_IXR_Client();
5019
5020
			$success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5021
			if ( $success ) {
5022
				$response = $rpc->getResponse();
5023
				if ( $response ) {
5024
					$is_site_publicly_accessible = true;
5025
				}
5026
			}
5027
5028
			Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5029
		}
5030
5031
		if ( $is_site_publicly_accessible ) {
5032
			return;
5033
		}
5034
5035
		$module_slug = self::get_module_slug( $file );
5036
5037
		$privacy_checks = Jetpack::state( 'privacy_checks' );
5038
		if ( ! $privacy_checks ) {
5039
			$privacy_checks = $module_slug;
5040
		} else {
5041
			$privacy_checks .= ",$module_slug";
5042
		}
5043
5044
		Jetpack::state( 'privacy_checks', $privacy_checks );
5045
	}
5046
5047
	/**
5048
	 * Helper method for multicall XMLRPC.
5049
	 */
5050
	public static function xmlrpc_async_call() {
5051
		global $blog_id;
5052
		static $clients = array();
5053
5054
		$client_blog_id = is_multisite() ? $blog_id : 0;
5055
5056
		if ( ! isset( $clients[$client_blog_id] ) ) {
5057
			Jetpack::load_xml_rpc_client();
5058
			$clients[$client_blog_id] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER, ) );
5059
			if ( function_exists( 'ignore_user_abort' ) ) {
5060
				ignore_user_abort( true );
5061
			}
5062
			add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5063
		}
5064
5065
		$args = func_get_args();
5066
5067
		if ( ! empty( $args[0] ) ) {
5068
			call_user_func_array( array( $clients[$client_blog_id], 'addCall' ), $args );
5069
		} elseif ( is_multisite() ) {
5070
			foreach ( $clients as $client_blog_id => $client ) {
5071
				if ( ! $client_blog_id || empty( $client->calls ) ) {
5072
					continue;
5073
				}
5074
5075
				$switch_success = switch_to_blog( $client_blog_id, true );
5076
				if ( ! $switch_success ) {
5077
					continue;
5078
				}
5079
5080
				flush();
5081
				$client->query();
5082
5083
				restore_current_blog();
5084
			}
5085
		} else {
5086
			if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5087
				flush();
5088
				$clients[0]->query();
5089
			}
5090
		}
5091
	}
5092
5093
	public static function staticize_subdomain( $url ) {
5094
5095
		// Extract hostname from URL
5096
		$host = parse_url( $url, PHP_URL_HOST );
5097
5098
		// Explode hostname on '.'
5099
		$exploded_host = explode( '.', $host );
5100
5101
		// Retrieve the name and TLD
5102
		if ( count( $exploded_host ) > 1 ) {
5103
			$name = $exploded_host[ count( $exploded_host ) - 2 ];
5104
			$tld = $exploded_host[ count( $exploded_host ) - 1 ];
5105
			// Rebuild domain excluding subdomains
5106
			$domain = $name . '.' . $tld;
5107
		} else {
5108
			$domain = $host;
5109
		}
5110
		// Array of Automattic domains
5111
		$domain_whitelist = array( 'wordpress.com', 'wp.com' );
5112
5113
		// Return $url if not an Automattic domain
5114
		if ( ! in_array( $domain, $domain_whitelist ) ) {
5115
			return $url;
5116
		}
5117
5118
		if ( is_ssl() ) {
5119
			return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5120
		}
5121
5122
		srand( crc32( basename( $url ) ) );
5123
		$static_counter = rand( 0, 2 );
5124
		srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5125
5126
		return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5127
	}
5128
5129
/* JSON API Authorization */
5130
5131
	/**
5132
	 * Handles the login action for Authorizing the JSON API
5133
	 */
5134
	function login_form_json_api_authorization() {
5135
		$this->verify_json_api_authorization_request();
5136
5137
		add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5138
5139
		add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5140
		add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5141
		add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5142
	}
5143
5144
	// Make sure the login form is POSTed to the signed URL so we can reverify the request
5145
	function post_login_form_to_signed_url( $url, $path, $scheme ) {
5146
		if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5147
			return $url;
5148
		}
5149
5150
		$parsed_url = parse_url( $url );
5151
		$url = strtok( $url, '?' );
5152
		$url = "$url?{$_SERVER['QUERY_STRING']}";
5153
		if ( ! empty( $parsed_url['query'] ) )
5154
			$url .= "&{$parsed_url['query']}";
5155
5156
		return $url;
5157
	}
5158
5159
	// Make sure the POSTed request is handled by the same action
5160
	function preserve_action_in_login_form_for_json_api_authorization() {
5161
		echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
5162
		echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
5163
	}
5164
5165
	// If someone logs in to approve API access, store the Access Code in usermeta
5166
	function store_json_api_authorization_token( $user_login, $user ) {
5167
		add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
5168
		add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
5169
		$token = wp_generate_password( 32, false );
5170
		update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
5171
	}
5172
5173
	// Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
5174
	function allow_wpcom_public_api_domain( $domains ) {
5175
		$domains[] = 'public-api.wordpress.com';
5176
		return $domains;
5177
	}
5178
5179
	// Add the Access Code details to the public-api.wordpress.com redirect
5180
	function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
5181
		return add_query_arg(
5182
			urlencode_deep(
5183
				array(
5184
					'jetpack-code'    => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
5185
					'jetpack-user-id' => (int) $user->ID,
5186
					'jetpack-state'   => $this->json_api_authorization_request['state'],
5187
				)
5188
			),
5189
			$redirect_to
5190
		);
5191
	}
5192
5193
	// Verifies the request by checking the signature
5194
	function verify_json_api_authorization_request() {
5195
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5196
5197
		$token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
5198
		if ( ! $token || empty( $token->secret ) ) {
5199
			wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.' , 'jetpack' ) );
5200
		}
5201
5202
		$die_error = __( 'Someone may be trying to trick you into giving them access to your site.  Or it could be you just encountered a bug :).  Either way, please close this window.', 'jetpack' );
5203
5204
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5205
5206
		if ( isset( $_POST['jetpack_json_api_original_query'] ) ) {
5207
			$signature = $jetpack_signature->sign_request( $_GET['token'], $_GET['timestamp'], $_GET['nonce'], '', 'GET', $_POST['jetpack_json_api_original_query'], null, true );
5208
		} else {
5209
			$signature = $jetpack_signature->sign_current_request( array( 'body' => null, 'method' => 'GET' ) );
5210
		}
5211
5212
		if ( ! $signature ) {
5213
			wp_die( $die_error );
5214
		} else if ( is_wp_error( $signature ) ) {
5215
			wp_die( $die_error );
5216
		} else if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
5217
			if ( is_ssl() ) {
5218
				// If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
5219
				$signature = $jetpack_signature->sign_current_request( array( 'scheme' => 'http', 'body' => null, 'method' => 'GET' ) );
5220
				if ( ! $signature || is_wp_error( $signature ) || ! hash_equals( $signature, $_GET['signature'] ) ) {
5221
					wp_die( $die_error );
5222
				}
5223
			} else {
5224
				wp_die( $die_error );
5225
			}
5226
		}
5227
5228
		$timestamp = (int) $_GET['timestamp'];
5229
		$nonce     = stripslashes( (string) $_GET['nonce'] );
5230
5231
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5232
			// De-nonce the nonce, at least for 5 minutes.
5233
			// We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
5234
			$old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
5235
			if ( $old_nonce_time < time() - 300 ) {
5236
				wp_die( __( 'The authorization process expired.  Please go back and try again.' , 'jetpack' ) );
5237
			}
5238
		}
5239
5240
		$data = json_decode( base64_decode( stripslashes( $_GET['data'] ) ) );
5241
		$data_filters = array(
5242
			'state'        => 'opaque',
5243
			'client_id'    => 'int',
5244
			'client_title' => 'string',
5245
			'client_image' => 'url',
5246
		);
5247
5248
		foreach ( $data_filters as $key => $sanitation ) {
5249
			if ( ! isset( $data->$key ) ) {
5250
				wp_die( $die_error );
5251
			}
5252
5253
			switch ( $sanitation ) {
5254
			case 'int' :
5255
				$this->json_api_authorization_request[$key] = (int) $data->$key;
5256
				break;
5257
			case 'opaque' :
5258
				$this->json_api_authorization_request[$key] = (string) $data->$key;
5259
				break;
5260
			case 'string' :
5261
				$this->json_api_authorization_request[$key] = wp_kses( (string) $data->$key, array() );
5262
				break;
5263
			case 'url' :
5264
				$this->json_api_authorization_request[$key] = esc_url_raw( (string) $data->$key );
5265
				break;
5266
			}
5267
		}
5268
5269
		if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
5270
			wp_die( $die_error );
5271
		}
5272
	}
5273
5274
	function login_message_json_api_authorization( $message ) {
5275
		return '<p class="message">' . sprintf(
5276
			esc_html__( '%s wants to access your site&#8217;s data.  Log in to authorize that access.' , 'jetpack' ),
5277
			'<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
5278
		) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
5279
	}
5280
5281
	/**
5282
	 * Get $content_width, but with a <s>twist</s> filter.
5283
	 */
5284
	public static function get_content_width() {
5285
		$content_width = isset( $GLOBALS['content_width'] ) ? $GLOBALS['content_width'] : false;
5286
		/**
5287
		 * Filter the Content Width value.
5288
		 *
5289
		 * @since 2.2.3
5290
		 *
5291
		 * @param string $content_width Content Width value.
5292
		 */
5293
		return apply_filters( 'jetpack_content_width', $content_width );
5294
	}
5295
5296
	/**
5297
	 * Centralize the function here until it gets added to core.
5298
	 *
5299
	 * @param int|string|object $id_or_email A user ID,  email address, or comment object
5300
	 * @param int $size Size of the avatar image
5301
	 * @param string $default URL to a default image to use if no avatar is available
5302
	 * @param bool $force_display Whether to force it to return an avatar even if show_avatars is disabled
5303
	 *
5304
	 * @return array First element is the URL, second is the class.
5305
	 */
5306
	public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
5307
		// Don't bother adding the __return_true filter if it's already there.
5308
		$has_filter = has_filter( 'pre_option_show_avatars', '__return_true' );
5309
5310
		if ( $force_display && ! $has_filter )
5311
			add_filter( 'pre_option_show_avatars', '__return_true' );
5312
5313
		$avatar = get_avatar( $id_or_email, $size, $default );
5314
5315
		if ( $force_display && ! $has_filter )
5316
			remove_filter( 'pre_option_show_avatars', '__return_true' );
5317
5318
		// If no data, fail out.
5319
		if ( is_wp_error( $avatar ) || ! $avatar )
5320
			return array( null, null );
5321
5322
		// Pull out the URL.  If it's not there, fail out.
5323
		if ( ! preg_match( '/src=["\']([^"\']+)["\']/', $avatar, $url_matches ) )
5324
			return array( null, null );
5325
		$url = wp_specialchars_decode( $url_matches[1], ENT_QUOTES );
5326
5327
		// Pull out the class, but it's not a big deal if it's missing.
5328
		$class = '';
5329
		if ( preg_match( '/class=["\']([^"\']+)["\']/', $avatar, $class_matches ) )
5330
			$class = wp_specialchars_decode( $class_matches[1], ENT_QUOTES );
5331
5332
		return array( $url, $class );
5333
	}
5334
5335
	/**
5336
	 * Pings the WordPress.com Mirror Site for the specified options.
5337
	 *
5338
	 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
5339
	 *
5340
	 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
5341
	 */
5342
	public function get_cloud_site_options( $option_names ) {
5343
		$option_names = array_filter( (array) $option_names, 'is_string' );
5344
5345
		Jetpack::load_xml_rpc_client();
5346
		$xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER, ) );
5347
		$xml->query( 'jetpack.fetchSiteOptions', $option_names );
5348
		if ( $xml->isError() ) {
5349
			return array(
5350
				'error_code' => $xml->getErrorCode(),
5351
				'error_msg'  => $xml->getErrorMessage(),
5352
			);
5353
		}
5354
		$cloud_site_options = $xml->getResponse();
5355
5356
		return $cloud_site_options;
5357
	}
5358
5359
	/**
5360
	 * Fetch the filtered array of options that we should compare to determine an identity crisis.
5361
	 *
5362
	 * @return array An array of options to check.
5363
	 */
5364
	public static function identity_crisis_options_to_check() {
5365
		return array(
5366
			'siteurl',
5367
			'home',
5368
		);
5369
	}
5370
5371
	/**
5372
	 * Checks to make sure that local options have the same values as remote options.  Will cache the results for up to 24 hours.
5373
	 *
5374
	 * @param bool $force_recheck Whether to ignore any cached transient and manually re-check.
5375
	 *
5376
	 * @return array An array of options that do not match.  If everything is good, it will evaluate to false.
5377
	 */
5378
	public static function check_identity_crisis( $force_recheck = false ) {
5379
		if ( ! Jetpack::is_active() || Jetpack::is_development_mode() || Jetpack::is_staging_site() )
5380
			return false;
5381
5382
		if ( $force_recheck || false === ( $errors = get_transient( 'jetpack_has_identity_crisis' ) ) ) {
5383
			$options_to_check = self::identity_crisis_options_to_check();
5384
			$cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check );
5385
			$errors        = array();
5386
5387
			foreach ( $cloud_options as $cloud_key => $cloud_value ) {
5388
5389
				// If it's not the same as the local value...
5390
				if ( $cloud_value !== get_option( $cloud_key ) ) {
5391
5392
					// Break out if we're getting errors.  We are going to check the error keys later when we alert.
5393
					if ( 'error_code' == $cloud_key ) {
5394
						$errors[ $cloud_key ] = $cloud_value;
5395
						break;
5396
					}
5397
5398
					$parsed_cloud_value = parse_url( $cloud_value );
5399
					// If the current options is an IP address
5400
					if ( filter_var( $parsed_cloud_value['host'], FILTER_VALIDATE_IP ) ) {
5401
						// Give the new value a Jetpack to fly in to the clouds
5402
						Jetpack::resolve_identity_crisis( $cloud_key );
5403
						continue;
5404
					}
5405
5406
					// And it's not been added to the whitelist...
5407
					if ( ! self::is_identity_crisis_value_whitelisted( $cloud_key, $cloud_value ) ) {
5408
						/*
5409
						 * This should be a temporary hack until a cleaner solution is found.
5410
						 *
5411
						 * The siteurl and home can be set to use http in General > Settings
5412
						 * however some constants can be defined that can force https in wp-admin
5413
						 * when this happens wpcom can confuse wporg with a fake identity
5414
						 * crisis with a mismatch of http vs https when it should be allowed.
5415
						 * we need to check that here.
5416
						 *
5417
						 * @see https://github.com/Automattic/jetpack/issues/1006
5418
						 */
5419
						if ( ( 'home' == $cloud_key || 'siteurl' == $cloud_key )
5420
							&& ( substr( $cloud_value, 0, 8 ) == "https://" )
5421
							&& Jetpack::init()->is_ssl_required_to_visit_site() ) {
5422
							// Ok, we found a mismatch of http and https because of wp-config, not an invalid url
5423
							continue;
5424
						}
5425
5426
5427
						// Then kick an error!
5428
						$errors[ $cloud_key ] = $cloud_value;
5429
					}
5430
				}
5431
			}
5432
		}
5433
5434
		/**
5435
		 * Filters the errors returned when checking for an Identity Crisis.
5436
		 *
5437
		 * @since 2.3.2
5438
		 *
5439
		 * @param array $errors Array of Identity Crisis errors.
5440
		 * @param bool $force_recheck Ignore any cached transient and manually re-check. Default to false.
5441
		 */
5442
		return apply_filters( 'jetpack_has_identity_crisis', $errors, $force_recheck );
5443
	}
5444
5445
	/*
5446
	 * Resolve ID crisis
5447
	 *
5448
	 * If the URL has changed, but the rest of the options are the same (i.e. blog/user tokens)
5449
	 * The user has the option to update the shadow site with the new URL before a new
5450
	 * token is created.
5451
	 *
5452
	 * @param $key : Which option to sync.  null defautlts to home and siteurl
5453
	 */
5454
	public static function resolve_identity_crisis( $key = null ) {
5455
		if ( $key ) {
5456
			$identity_options = array( $key );
5457
		} else {
5458
			$identity_options = self::identity_crisis_options_to_check();
5459
		}
5460
5461
		if ( is_array( $identity_options ) ) {
5462
			foreach( $identity_options as $identity_option ) {
5463
				/**
5464
				 * Fires when a shadow site option is updated.
5465
				 * These options are updated via the Identity Crisis UI.
5466
				 * $identity_option is the option that gets updated.
5467
				 *
5468
				 * @since 3.7.0
5469
				 */
5470
				do_action( "update_option_{$identity_option}" );
5471
			}
5472
		}
5473
	}
5474
5475
	/*
5476
	 * Whitelist URL
5477
	 *
5478
	 * Ignore the URL differences between the blog and the shadow site.
5479
	 */
5480
	public static function whitelist_current_url() {
5481
		$options_to_check = Jetpack::identity_crisis_options_to_check();
5482
		$cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check );
5483
5484
		foreach ( $cloud_options as $cloud_key => $cloud_value ) {
5485
			Jetpack::whitelist_identity_crisis_value( $cloud_key, $cloud_value );
5486
		}
5487
	}
5488
5489
	/*
5490
	 * Ajax callbacks for ID crisis resolutions
5491
	 *
5492
	 * Things that could happen here:
5493
	 *  - site_migrated : Update the URL on the shadow blog to match new domain
5494
	 *  - whitelist     : Ignore the URL difference
5495
	 *  - default       : Error message
5496
	 */
5497
	public static function resolve_identity_crisis_ajax_callback() {
5498
		check_ajax_referer( 'resolve-identity-crisis', 'ajax-nonce' );
5499
5500
		switch ( $_POST[ 'crisis_resolution_action' ] ) {
5501
			case 'site_migrated':
5502
				Jetpack::resolve_identity_crisis();
5503
				echo 'resolved';
5504
				break;
5505
5506
			case 'whitelist':
5507
				Jetpack::whitelist_current_url();
5508
				echo 'whitelisted';
5509
				break;
5510
5511
			case 'reset_connection':
5512
				// Delete the options first so it doesn't get confused which site to disconnect dotcom-side
5513
				Jetpack_Options::delete_option(
5514
					array(
5515
						'register',
5516
						'blog_token',
5517
						'user_token',
5518
						'user_tokens',
5519
						'master_user',
5520
						'time_diff',
5521
						'fallback_no_verify_ssl_certs',
5522
						'id',
5523
					)
5524
				);
5525
				delete_transient( 'jetpack_has_identity_crisis' );
5526
5527
				echo 'reset-connection-success';
5528
				break;
5529
5530
			default:
5531
				echo 'missing action';
5532
				break;
5533
		}
5534
5535
		wp_die();
5536
	}
5537
5538
	/**
5539
	 * Adds a value to the whitelist for the specified key.
5540
	 *
5541
	 * @param string $key The option name that we're whitelisting the value for.
5542
	 * @param string $value The value that we're intending to add to the whitelist.
5543
	 *
5544
	 * @return bool Whether the value was added to the whitelist, or false if it was already there.
5545
	 */
5546
	public static function whitelist_identity_crisis_value( $key, $value ) {
5547
		if ( Jetpack::is_identity_crisis_value_whitelisted( $key, $value ) ) {
5548
			return false;
5549
		}
5550
5551
		$whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist', array() );
5552
		if ( empty( $whitelist[ $key ] ) || ! is_array( $whitelist[ $key ] ) ) {
5553
			$whitelist[ $key ] = array();
5554
		}
5555
		array_push( $whitelist[ $key ], $value );
5556
5557
		Jetpack_Options::update_option( 'identity_crisis_whitelist', $whitelist );
5558
		return true;
5559
	}
5560
5561
	/**
5562
	 * Checks whether a value is already whitelisted.
5563
	 *
5564
	 * @param string $key The option name that we're checking the value for.
5565
	 * @param string $value The value that we're curious to see if it's on the whitelist.
5566
	 *
5567
	 * @return bool Whether the value is whitelisted.
5568
	 */
5569
	public static function is_identity_crisis_value_whitelisted( $key, $value ) {
5570
		$whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist', array() );
5571
		if ( ! empty( $whitelist[ $key ] ) && is_array( $whitelist[ $key ] ) && in_array( $value, $whitelist[ $key ] ) ) {
5572
			return true;
5573
		}
5574
		return false;
5575
	}
5576
5577
	/**
5578
	 * Checks whether the home and siteurl specifically are whitelisted
5579
	 * Written so that we don't have re-check $key and $value params every time
5580
	 * we want to check if this site is whitelisted, for example in footer.php
5581
	 *
5582
	 * @return bool True = already whitelsisted False = not whitelisted
5583
	 */
5584
	public static function is_staging_site() {
5585
		$is_staging = false;
5586
5587
		$current_whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist' );
5588
		if ( $current_whitelist ) {
5589
			$options_to_check  = Jetpack::identity_crisis_options_to_check();
5590
			$cloud_options     = Jetpack::init()->get_cloud_site_options( $options_to_check );
5591
5592
			foreach ( $cloud_options as $cloud_key => $cloud_value ) {
5593
				if ( self::is_identity_crisis_value_whitelisted( $cloud_key, $cloud_value ) ) {
5594
					$is_staging = true;
5595
					break;
5596
				}
5597
			}
5598
		}
5599
		$known_staging = array(
5600
			'urls' => array(
5601
				'#\.staging\.wpengine\.com$#i',
5602
				),
5603
			'constants' => array(
5604
				'IS_WPE_SNAPSHOT',
5605
				'KINSTA_DEV_ENV',
5606
				'JETPACK_STAGING_MODE',
5607
				)
5608
			);
5609
		/**
5610
		 * Filters the flags of known staging sites.
5611
		 *
5612
		 * @since 3.9.0
5613
		 *
5614
		 * @param array $known_staging {
5615
		 *     An array of arrays that each are used to check if the current site is staging.
5616
		 *     @type array $urls      URLs of staging sites in regex to check against site_url.
5617
		 *     @type array $constants PHP constants of known staging/developement environments.
5618
		 *  }
5619
		 */
5620
		$known_staging = apply_filters( 'jetpack_known_staging', $known_staging );
5621
5622
		if ( isset( $known_staging['urls'] ) ) {
5623
			foreach ( $known_staging['urls'] as $url ){
5624
				if ( preg_match( $url, site_url() ) ) {
5625
					$is_staging = true;
5626
					break;
5627
				}
5628
			}
5629
		}
5630
5631
		if ( isset( $known_staging['constants'] ) ) {
5632
			foreach ( $known_staging['constants'] as $constant ) {
5633
				if ( defined( $constant ) && constant( $constant ) ) {
5634
					$is_staging = true;
5635
				}
5636
			}
5637
		}
5638
5639
		/**
5640
		 * Filters is_staging_site check.
5641
		 *
5642
		 * @since 3.9.0
5643
		 *
5644
		 * @param bool $is_staging If the current site is a staging site.
5645
		 */
5646
		return apply_filters( 'jetpack_is_staging_site', $is_staging );
5647
	}
5648
5649
	public function identity_crisis_js( $nonce ) {
5650
?>
5651
<script>
5652
(function( $ ) {
5653
	var SECOND_IN_MS = 1000;
5654
5655
	function contactSupport( e ) {
5656
		e.preventDefault();
5657
		$( '.jp-id-crisis-question' ).hide();
5658
		$( '#jp-id-crisis-contact-support' ).show();
5659
	}
5660
5661
	function autodismissSuccessBanner() {
5662
		$( '.jp-identity-crisis' ).fadeOut(600); //.addClass( 'dismiss' );
5663
	}
5664
5665
	var data = { action: 'jetpack_resolve_identity_crisis', 'ajax-nonce': '<?php echo $nonce; ?>' };
5666
5667
	$( document ).ready(function() {
5668
5669
		// Site moved: Update the URL on the shadow blog
5670
		$( '.site-moved' ).click(function( e ) {
5671
			e.preventDefault();
5672
			data.crisis_resolution_action = 'site_migrated';
5673
			$( '#jp-id-crisis-question-1 .spinner' ).show();
5674
			$.post( ajaxurl, data, function() {
5675
				$( '.jp-id-crisis-question' ).hide();
5676
				$( '.banner-title' ).hide();
5677
				$( '#jp-id-crisis-success' ).show();
5678
				setTimeout( autodismissSuccessBanner, 6 * SECOND_IN_MS );
5679
			});
5680
5681
		});
5682
5683
		// URL hasn't changed, next question please.
5684
		$( '.site-not-moved' ).click(function( e ) {
5685
			e.preventDefault();
5686
			$( '.jp-id-crisis-question' ).hide();
5687
			$( '#jp-id-crisis-question-2' ).show();
5688
		});
5689
5690
		// Reset connection: two separate sites.
5691
		$( '.reset-connection' ).click(function( e ) {
5692
			data.crisis_resolution_action = 'reset_connection';
5693
			$.post( ajaxurl, data, function( response ) {
5694
				if ( 'reset-connection-success' === response ) {
5695
					window.location.replace( '<?php echo Jetpack::admin_url(); ?>' );
5696
				}
5697
			});
5698
		});
5699
5700
		// It's a dev environment.  Ignore.
5701
		$( '.is-dev-env' ).click(function( e ) {
5702
			data.crisis_resolution_action = 'whitelist';
5703
			$( '#jp-id-crisis-question-2 .spinner' ).show();
5704
			$.post( ajaxurl, data, function() {
5705
				$( '.jp-id-crisis-question' ).hide();
5706
				$( '.banner-title' ).hide();
5707
				$( '#jp-id-crisis-success' ).show();
5708
				setTimeout( autodismissSuccessBanner, 4 * SECOND_IN_MS );
5709
			});
5710
		});
5711
5712
		$( '.not-reconnecting' ).click(contactSupport);
5713
		$( '.not-staging-or-dev' ).click(contactSupport);
5714
	});
5715
})( jQuery );
5716
</script>
5717
<?php
5718
	}
5719
5720
	/**
5721
	 * Displays an admin_notice, alerting the user to an identity crisis.
5722
	 */
5723
	public function alert_identity_crisis() {
5724
		// @todo temporary killing of feature in 3.8.1 as it revealed a number of scenarios not foreseen.
5725
		if ( ! Jetpack::is_development_version() ) {
5726
			return;
5727
		}
5728
5729
		// @todo temporary copout for dealing with domain mapping
5730
		// @see https://github.com/Automattic/jetpack/issues/2702
5731
		if ( is_multisite() && defined( 'SUNRISE' ) && ! Jetpack::is_development_version() ) {
5732
			return;
5733
		}
5734
5735
		if ( ! current_user_can( 'jetpack_disconnect' ) ) {
5736
			return;
5737
		}
5738
5739
		if ( ! $errors = self::check_identity_crisis() ) {
5740
			return;
5741
		}
5742
5743
		// Only show on dashboard and jetpack pages
5744
		$screen = get_current_screen();
5745
		if ( 'dashboard' !== $screen->base && ! did_action( 'jetpack_notices' ) ) {
5746
			return;
5747
		}
5748
5749
		// Include the js!
5750
		$ajax_nonce = wp_create_nonce( 'resolve-identity-crisis' );
5751
		$this->identity_crisis_js( $ajax_nonce );
5752
5753
		// Include the CSS!
5754
		if ( ! wp_script_is( 'jetpack', 'done' ) ) {
5755
			$this->admin_banner_styles();
5756
		}
5757
5758
		if ( ! array_key_exists( 'error_code', $errors ) ) {
5759
			$key = 'siteurl';
5760
			if ( ! $errors[ $key ] ) {
5761
				$key = 'home';
5762
			}
5763
		} else {
5764
			$key = 'error_code';
5765
			// 401 is the only error we care about.  Any other errors should not trigger the alert.
5766
			if ( 401 !== $errors[ $key ] ) {
5767
				return;
5768
			}
5769
		}
5770
5771
		?>
5772
5773
		<style>
5774
			.jp-identity-crisis .jp-btn-group {
5775
					margin: 15px 0;
5776
				}
5777
			.jp-identity-crisis strong {
5778
					color: #518d2a;
5779
				}
5780
			.jp-identity-crisis.dismiss {
5781
				display: none;
5782
			}
5783
			.jp-identity-crisis .button {
5784
				margin-right: 4px;
5785
			}
5786
		</style>
5787
5788
		<div id="message" class="error jetpack-message jp-identity-crisis stay-visible">
5789
			<div class="service-mark"></div>
5790
			<div class="jp-id-banner__content">
5791
				<!-- <h3 class="banner-title"><?php _e( 'Something\'s not quite right with your Jetpack connection! Let\'s fix that.', 'jetpack' ); ?></h3> -->
5792
5793
				<div class="jp-id-crisis-question" id="jp-id-crisis-question-1">
5794
					<?php
5795
					// 401 means that this site has been disconnected from wpcom, but the remote site still thinks it's connected.
5796
					if ( 'error_code' == $key && '401' == $errors[ $key ] ) : ?>
5797
						<div class="banner-content">
5798
							<p><?php
5799
								/* translators: %s is a URL */
5800
								printf( __( 'Our records show that this site does not have a valid connection to WordPress.com. Please reset your connection to fix this. <a href="%s" target="_blank">What caused this?</a>', 'jetpack' ), 'https://jetpack.com/support/no-valid-wordpress-com-connection/' );
5801
							?></p>
5802
						</div>
5803
						<div class="jp-btn-group">
5804
							<a href="#" class="reset-connection"><?php _e( 'Reset the connection', 'jetpack' ); ?></a>
5805
							<span class="idc-separator">|</span>
5806
							<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=dismiss' ), 'jetpack-deactivate' ) ); ?>"><?php _e( 'Deactivate Jetpack', 'jetpack' ); ?></a>
5807
						</div>
5808
					<?php else : ?>
5809
							<div class="banner-content">
5810
							<p><?php printf( __( 'It looks like you may have changed your domain. Is <strong>%1$s</strong> still your site\'s domain, or have you updated it to <strong> %2$s </strong>?', 'jetpack' ), $errors[ $key ], (string) get_option( $key ) ); ?></p>
5811
							</div>
5812
						<div class="jp-btn-group">
5813
							<a href="#" class="regular site-moved"><?php printf( __( '%s is now my domain.', 'jetpack' ), $errors[ $key ] ); ?></a> <span class="idc-separator">|</span> <a href="#" class="site-not-moved" ><?php printf( __( '%s is still my domain.', 'jetpack' ), (string) get_option( $key ) ); ?></a>
5814
							<span class="spinner"></span>
5815
						</div>
5816
					<?php endif ; ?>
5817
				</div>
5818
5819
				<div class="jp-id-crisis-question" id="jp-id-crisis-question-2" style="display: none;">
5820
					<div class="banner-content">
5821
						<p><?php printf(
5822
							/* translators: %1$s, %2$s and %3$s are URLs */
5823
							__(
5824
								'Are <strong> %2$s </strong> and <strong> %1$s </strong> two completely separate websites? If so we should create a new connection, which will reset your followers and linked services. <a href="%3$s"><em>What does this mean?</em></a>',
5825
								'jetpack'
5826
							),
5827
							$errors[ $key ],
5828
							(string) get_option( $key ),
5829
							'https://jetpack.com/support/what-does-resetting-the-connection-mean/'
5830
						); ?></p>
5831
					</div>
5832
					<div class="jp-btn-group">
5833
						<a href="#" class="reset-connection"><?php _e( 'Reset the connection', 'jetpack' ); ?></a> <span class="idc-separator">|</span>
5834
						<a href="#" class="is-dev-env"><?php _e( 'This is a development environment', 'jetpack' ); ?></a> <span class="idc-separator">|</span>
5835
						<a href="https://jetpack.com/contact-support/" class="contact-support"><?php _e( 'Submit a support ticket', 'jetpack' ); ?></a>
5836
						<span class="spinner"></span>
5837
					</div>
5838
				</div>
5839
5840
				<div class="jp-id-crisis-success" id="jp-id-crisis-success" style="display: none;">
5841
					<h3 class="success-notice"><?php printf( __( 'Thanks for taking the time to sort things out. We&#039;ve updated our records accordingly!', 'jetpack' ) ); ?></h3>
5842
				</div>
5843
			</div>
5844
		</div>
5845
5846
		<?php
5847
	}
5848
5849
	/**
5850
	 * Maybe Use a .min.css stylesheet, maybe not.
5851
	 *
5852
	 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
5853
	 */
5854
	public static function maybe_min_asset( $url, $path, $plugin ) {
5855
		// Short out on things trying to find actual paths.
5856
		if ( ! $path || empty( $plugin ) ) {
5857
			return $url;
5858
		}
5859
5860
		// Strip out the abspath.
5861
		$base = dirname( plugin_basename( $plugin ) );
5862
5863
		// Short out on non-Jetpack assets.
5864
		if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
5865
			return $url;
5866
		}
5867
5868
		// File name parsing.
5869
		$file              = "{$base}/{$path}";
5870
		$full_path         = JETPACK__PLUGIN_DIR . substr( $file, 8 );
5871
		$file_name         = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
5872
		$file_name_parts_r = array_reverse( explode( '.', $file_name ) );
5873
		$extension         = array_shift( $file_name_parts_r );
5874
5875
		if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
5876
			// Already pointing at the minified version.
5877
			if ( 'min' === $file_name_parts_r[0] ) {
5878
				return $url;
5879
			}
5880
5881
			$min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
5882
			if ( file_exists( $min_full_path ) ) {
5883
				$url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
5884
			}
5885
		}
5886
5887
		return $url;
5888
	}
5889
5890
	/**
5891
	 * Maybe inlines a stylesheet.
5892
	 *
5893
	 * If you'd like to inline a stylesheet instead of printing a link to it,
5894
	 * wp_style_add_data( 'handle', 'jetpack-inline', true );
5895
	 *
5896
	 * Attached to `style_loader_tag` filter.
5897
	 *
5898
	 * @param string $tag The tag that would link to the external asset.
5899
	 * @param string $handle The registered handle of the script in question.
5900
	 *
5901
	 * @return string
5902
	 */
5903
	public static function maybe_inline_style( $tag, $handle ) {
5904
		global $wp_styles;
5905
		$item = $wp_styles->registered[ $handle ];
5906
5907
		if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
5908
			return $tag;
5909
		}
5910
5911
		if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
5912
			$href = $matches[1];
5913
			// Strip off query string
5914
			if ( $pos = strpos( $href, '?' ) ) {
5915
				$href = substr( $href, 0, $pos );
5916
			}
5917
			// Strip off fragment
5918
			if ( $pos = strpos( $href, '#' ) ) {
5919
				$href = substr( $href, 0, $pos );
5920
			}
5921
		} else {
5922
			return $tag;
5923
		}
5924
5925
		$plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
5926
		if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
5927
			return $tag;
5928
		}
5929
5930
		// If this stylesheet has a RTL version, and the RTL version replaces normal...
5931
		if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
5932
			// And this isn't the pass that actually deals with the RTL version...
5933
			if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
5934
				// Short out, as the RTL version will deal with it in a moment.
5935
				return $tag;
5936
			}
5937
		}
5938
5939
		$file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
5940
		$css  = Jetpack::absolutize_css_urls( file_get_contents( $file ), $href );
5941
		if ( $css ) {
5942
			$tag = "<!-- Inline {$item->handle} -->\r\n";
5943
			if ( empty( $item->extra['after'] ) ) {
5944
				wp_add_inline_style( $handle, $css );
5945
			} else {
5946
				array_unshift( $item->extra['after'], $css );
5947
				wp_style_add_data( $handle, 'after', $item->extra['after'] );
5948
			}
5949
		}
5950
5951
		return $tag;
5952
	}
5953
5954
	/**
5955
	 * Loads a view file from the views
5956
	 *
5957
	 * Data passed in with the $data parameter will be available in the
5958
	 * template file as $data['value']
5959
	 *
5960
	 * @param string $template - Template file to load
5961
	 * @param array $data - Any data to pass along to the template
5962
	 * @return boolean - If template file was found
5963
	 **/
5964
	public function load_view( $template, $data = array() ) {
5965
		$views_dir = JETPACK__PLUGIN_DIR . 'views/';
5966
5967
		if( file_exists( $views_dir . $template ) ) {
5968
			require_once( $views_dir . $template );
5969
			return true;
5970
		}
5971
5972
		error_log( "Jetpack: Unable to find view file $views_dir$template" );
5973
		return false;
5974
	}
5975
5976
	/**
5977
	 * Throws warnings for deprecated hooks to be removed from Jetpack
5978
	 */
5979
	public function deprecated_hooks() {
5980
		global $wp_filter;
5981
5982
		/*
5983
		 * Format:
5984
		 * deprecated_filter_name => replacement_name
5985
		 *
5986
		 * If there is no replacement us null for replacement_name
5987
		 */
5988
		$deprecated_list = array(
5989
			'jetpack_bail_on_shortcode'                => 'jetpack_shortcodes_to_include',
5990
			'wpl_sharing_2014_1'                       => null,
5991
			'jetpack-tools-to-include'                 => 'jetpack_tools_to_include',
5992
			'jetpack_identity_crisis_options_to_check' => null,
5993
			'update_option_jetpack_single_user_site'   => null,
5994
			'audio_player_default_colors'              => null,
5995
		);
5996
5997
		// This is a silly loop depth. Better way?
5998
		foreach( $deprecated_list AS $hook => $hook_alt ) {
5999
			if( isset( $wp_filter[ $hook ] ) && is_array( $wp_filter[ $hook ] ) ) {
6000
				foreach( $wp_filter[$hook] AS $func => $values ) {
6001
					foreach( $values AS $hooked ) {
6002
						_deprecated_function( $hook . ' used for ' . $hooked['function'], null, $hook_alt );
6003
					}
6004
				}
6005
			}
6006
		}
6007
	}
6008
6009
	/**
6010
	 * Converts any url in a stylesheet, to the correct absolute url.
6011
	 *
6012
	 * Considerations:
6013
	 *  - Normal, relative URLs     `feh.png`
6014
	 *  - Data URLs                 `data:image/gif;base64,eh129ehiuehjdhsa==`
6015
	 *  - Schema-agnostic URLs      `//domain.com/feh.png`
6016
	 *  - Absolute URLs             `http://domain.com/feh.png`
6017
	 *  - Domain root relative URLs `/feh.png`
6018
	 *
6019
	 * @param $css string: The raw CSS -- should be read in directly from the file.
6020
	 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
6021
	 *
6022
	 * @return mixed|string
6023
	 */
6024
	public static function absolutize_css_urls( $css, $css_file_url ) {
6025
		$pattern = '#url\((?P<path>[^)]*)\)#i';
6026
		$css_dir = dirname( $css_file_url );
6027
		$p       = parse_url( $css_dir );
6028
		$domain  = sprintf(
6029
					'%1$s//%2$s%3$s%4$s',
6030
					isset( $p['scheme'] )           ? "{$p['scheme']}:" : '',
6031
					isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
6032
					$p['host'],
6033
					isset( $p['port'] )             ? ":{$p['port']}" : ''
6034
				);
6035
6036
		if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
6037
			$find = $replace = array();
6038
			foreach ( $matches as $match ) {
6039
				$url = trim( $match['path'], "'\" \t" );
6040
6041
				// If this is a data url, we don't want to mess with it.
6042
				if ( 'data:' === substr( $url, 0, 5 ) ) {
6043
					continue;
6044
				}
6045
6046
				// If this is an absolute or protocol-agnostic url,
6047
				// we don't want to mess with it.
6048
				if ( preg_match( '#^(https?:)?//#i', $url ) ) {
6049
					continue;
6050
				}
6051
6052
				switch ( substr( $url, 0, 1 ) ) {
6053
					case '/':
6054
						$absolute = $domain . $url;
6055
						break;
6056
					default:
6057
						$absolute = $css_dir . '/' . $url;
6058
				}
6059
6060
				$find[]    = $match[0];
6061
				$replace[] = sprintf( 'url("%s")', $absolute );
6062
			}
6063
			$css = str_replace( $find, $replace, $css );
6064
		}
6065
6066
		return $css;
6067
	}
6068
6069
	/**
6070
	 * This method checks to see if SSL is required by the site in
6071
	 * order to visit it in some way other than only setting the
6072
	 * https value in the home or siteurl values.
6073
	 *
6074
	 * @since 3.2
6075
	 * @return boolean
6076
	 **/
6077
	private function is_ssl_required_to_visit_site() {
6078
		global $wp_version;
6079
		$ssl = is_ssl();
6080
6081
		if ( force_ssl_admin() ) {
6082
			$ssl = true;
6083
		}
6084
		return $ssl;
6085
	}
6086
6087
	/**
6088
	 * This methods removes all of the registered css files on the frontend
6089
	 * from Jetpack in favor of using a single file. In effect "imploding"
6090
	 * all the files into one file.
6091
	 *
6092
	 * Pros:
6093
	 * - Uses only ONE css asset connection instead of 15
6094
	 * - Saves a minimum of 56k
6095
	 * - Reduces server load
6096
	 * - Reduces time to first painted byte
6097
	 *
6098
	 * Cons:
6099
	 * - Loads css for ALL modules. However all selectors are prefixed so it
6100
	 *		should not cause any issues with themes.
6101
	 * - Plugins/themes dequeuing styles no longer do anything. See
6102
	 *		jetpack_implode_frontend_css filter for a workaround
6103
	 *
6104
	 * For some situations developers may wish to disable css imploding and
6105
	 * instead operate in legacy mode where each file loads seperately and
6106
	 * can be edited individually or dequeued. This can be accomplished with
6107
	 * the following line:
6108
	 *
6109
	 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
6110
	 *
6111
	 * @since 3.2
6112
	 **/
6113
	public function implode_frontend_css( $travis_test = false ) {
6114
		$do_implode = true;
6115
		if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
6116
			$do_implode = false;
6117
		}
6118
6119
		/**
6120
		 * Allow CSS to be concatenated into a single jetpack.css file.
6121
		 *
6122
		 * @since 3.2.0
6123
		 *
6124
		 * @param bool $do_implode Should CSS be concatenated? Default to true.
6125
		 */
6126
		$do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
6127
6128
		// Do not use the imploded file when default behaviour was altered through the filter
6129
		if ( ! $do_implode ) {
6130
			return;
6131
		}
6132
6133
		// We do not want to use the imploded file in dev mode, or if not connected
6134
		if ( Jetpack::is_development_mode() || ! self::is_active() ) {
6135
			if ( ! $travis_test ) {
6136
				return;
6137
			}
6138
		}
6139
6140
		// Do not use the imploded file if sharing css was dequeued via the sharing settings screen
6141
		if ( get_option( 'sharedaddy_disable_resources' ) ) {
6142
			return;
6143
		}
6144
6145
		/*
6146
		 * Now we assume Jetpack is connected and able to serve the single
6147
		 * file.
6148
		 *
6149
		 * In the future there will be a check here to serve the file locally
6150
		 * or potentially from the Jetpack CDN
6151
		 *
6152
		 * For now:
6153
		 * - Enqueue a single imploded css file
6154
		 * - Zero out the style_loader_tag for the bundled ones
6155
		 * - Be happy, drink scotch
6156
		 */
6157
6158
		add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
6159
6160
		$version = Jetpack::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
6161
6162
		wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
6163
		wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
6164
	}
6165
6166
	function concat_remove_style_loader_tag( $tag, $handle ) {
6167
		if ( in_array( $handle, $this->concatenated_style_handles ) ) {
6168
			$tag = '';
6169
			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
6170
				$tag = "<!-- `" . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
6171
			}
6172
		}
6173
6174
		return $tag;
6175
	}
6176
6177
	/*
6178
	 * Check the heartbeat data
6179
	 *
6180
	 * Organizes the heartbeat data by severity.  For example, if the site
6181
	 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
6182
	 *
6183
	 * Data will be added to "caution" array, if it either:
6184
	 *  - Out of date Jetpack version
6185
	 *  - Out of date WP version
6186
	 *  - Out of date PHP version
6187
	 *
6188
	 * $return array $filtered_data
6189
	 */
6190
	public static function jetpack_check_heartbeat_data() {
6191
		$raw_data = Jetpack_Heartbeat::generate_stats_array();
6192
6193
		$good    = array();
6194
		$caution = array();
6195
		$bad     = array();
6196
6197
		foreach ( $raw_data as $stat => $value ) {
6198
6199
			// Check jetpack version
6200
			if ( 'version' == $stat ) {
6201
				if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
6202
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__VERSION;
6203
					continue;
6204
				}
6205
			}
6206
6207
			// Check WP version
6208
			if ( 'wp-version' == $stat ) {
6209
				if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
6210
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_WP_VERSION;
6211
					continue;
6212
				}
6213
			}
6214
6215
			// Check PHP version
6216
			if ( 'php-version' == $stat ) {
6217
				if ( version_compare( PHP_VERSION, '5.2.4', '<' ) ) {
6218
					$caution[ $stat ] = $value . " - min supported is 5.2.4";
6219
					continue;
6220
				}
6221
			}
6222
6223
			// Check ID crisis
6224
			if ( 'identitycrisis' == $stat ) {
6225
				if ( 'yes' == $value ) {
6226
					$bad[ $stat ] = $value;
6227
					continue;
6228
				}
6229
			}
6230
6231
			// The rest are good :)
6232
			$good[ $stat ] = $value;
6233
		}
6234
6235
		$filtered_data = array(
6236
			'good'    => $good,
6237
			'caution' => $caution,
6238
			'bad'     => $bad
6239
		);
6240
6241
		return $filtered_data;
6242
	}
6243
6244
6245
	/*
6246
	 * This method is used to organize all options that can be reset
6247
	 * without disconnecting Jetpack.
6248
	 *
6249
	 * It is used in class.jetpack-cli.php to reset options
6250
	 *
6251
	 * @return array of options to delete.
6252
	 */
6253
	public static function get_jetpack_options_for_reset() {
6254
		$jetpack_options            = Jetpack_Options::get_option_names();
6255
		$jetpack_options_non_compat = Jetpack_Options::get_option_names( 'non_compact' );
6256
		$jetpack_options_private    = Jetpack_Options::get_option_names( 'private' );
6257
6258
		$all_jp_options = array_merge( $jetpack_options, $jetpack_options_non_compat, $jetpack_options_private );
6259
6260
		// A manual build of the wp options
6261
		$wp_options = array(
6262
			'sharing-options',
6263
			'disabled_likes',
6264
			'disabled_reblogs',
6265
			'jetpack_comments_likes_enabled',
6266
			'wp_mobile_excerpt',
6267
			'wp_mobile_featured_images',
6268
			'wp_mobile_app_promos',
6269
			'stats_options',
6270
			'stats_dashboard_widget',
6271
			'safecss_preview_rev',
6272
			'safecss_rev',
6273
			'safecss_revision_migrated',
6274
			'nova_menu_order',
6275
			'jetpack_portfolio',
6276
			'jetpack_portfolio_posts_per_page',
6277
			'jetpack_testimonial',
6278
			'jetpack_testimonial_posts_per_page',
6279
			'wp_mobile_custom_css',
6280
			'sharedaddy_disable_resources',
6281
			'sharing-options',
6282
			'sharing-services',
6283
			'site_icon_temp_data',
6284
			'featured-content',
6285
			'site_logo',
6286
			'jetpack_dismissed_notices',
6287
		);
6288
6289
		// Flag some Jetpack options as unsafe
6290
		$unsafe_options = array(
6291
			'id',                           // (int)    The Client ID/WP.com Blog ID of this site.
6292
			'master_user',                  // (int)    The local User ID of the user who connected this site to jetpack.wordpress.com.
6293
			'version',                      // (string) Used during upgrade procedure to auto-activate new modules. version:time
6294
			'jumpstart',                    // (string) A flag for whether or not to show the Jump Start.  Accepts: new_connection, jumpstart_activated, jetpack_action_taken, jumpstart_dismissed.
6295
6296
			// non_compact
6297
			'activated',
6298
6299
			// private
6300
			'register',
6301
			'blog_token',                  // (string) The Client Secret/Blog Token of this site.
6302
			'user_token',                  // (string) The User Token of this site. (deprecated)
6303
			'user_tokens'
6304
		);
6305
6306
		// Remove the unsafe Jetpack options
6307
		foreach ( $unsafe_options as $unsafe_option ) {
6308
			if ( false !== ( $key = array_search( $unsafe_option, $all_jp_options ) ) ) {
6309
				unset( $all_jp_options[ $key ] );
6310
			}
6311
		}
6312
6313
		$options = array(
6314
			'jp_options' => $all_jp_options,
6315
			'wp_options' => $wp_options
6316
		);
6317
6318
		return $options;
6319
	}
6320
6321
	/**
6322
	 * Check if an option of a Jetpack module has been updated.
6323
	 *
6324
	 * If any module option has been updated before Jump Start has been dismissed,
6325
	 * update the 'jumpstart' option so we can hide Jump Start.
6326
	 *
6327
	 * @param string $option_name
6328
	 *
6329
	 * @return bool
6330
	 */
6331
	public static function jumpstart_has_updated_module_option( $option_name = '' ) {
6332
		// Bail if Jump Start has already been dismissed
6333
		if ( 'new_connection' !== Jetpack_Options::get_option( 'jumpstart' ) ) {
6334
			return false;
6335
		}
6336
6337
		$jetpack = Jetpack::init();
6338
6339
		// Manual build of module options
6340
		$option_names = self::get_jetpack_options_for_reset();
6341
6342
		if ( in_array( $option_name, $option_names['wp_options'] ) ) {
6343
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
6344
6345
			//Jump start is being dismissed send data to MC Stats
6346
			$jetpack->stat( 'jumpstart', 'manual,'.$option_name );
6347
6348
			$jetpack->do_stats( 'server_side' );
6349
		}
6350
6351
	}
6352
6353
	/*
6354
	 * Strip http:// or https:// from a url, replaces forward slash with ::,
6355
	 * so we can bring them directly to their site in calypso.
6356
	 *
6357
	 * @param string | url
6358
	 * @return string | url without the guff
6359
	 */
6360
	public static function build_raw_urls( $url ) {
6361
		$strip_http = '/.*?:\/\//i';
6362
		$url = preg_replace( $strip_http, '', $url  );
6363
		$url = str_replace( '/', '::', $url );
6364
		return $url;
6365
	}
6366
6367
	/**
6368
	 * Stores and prints out domains to prefetch for page speed optimization.
6369
	 *
6370
	 * @param mixed $new_urls
6371
	 */
6372
	public static function dns_prefetch( $new_urls = null ) {
6373
		static $prefetch_urls = array();
6374
		if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6375
			echo "\r\n";
6376
			foreach ( $prefetch_urls as $this_prefetch_url ) {
6377
				printf( "<link rel='dns-prefetch' href='%s'>\r\n", esc_attr( $this_prefetch_url ) );
6378
			}
6379
		} elseif ( ! empty( $new_urls ) ) {
6380
			if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6381
				add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6382
			}
6383
			foreach ( (array) $new_urls as $this_new_url ) {
6384
				$prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6385
			}
6386
			$prefetch_urls = array_unique( $prefetch_urls );
6387
		}
6388
	}
6389
6390
	public function wp_dashboard_setup() {
6391
		if ( self::is_active() ) {
6392
			add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6393
			$widget_title = __( 'Site Stats', 'jetpack' );
6394
		} elseif ( ! self::is_development_mode() && current_user_can( 'jetpack_connect' ) ) {
6395
			add_action( 'jetpack_dashboard_widget', array( $this, 'dashboard_widget_connect_to_wpcom' ) );
6396
			$widget_title = __( 'Please Connect Jetpack', 'jetpack' );
6397
		}
6398
6399
		if ( has_action( 'jetpack_dashboard_widget' ) ) {
6400
			wp_add_dashboard_widget(
6401
				'jetpack_summary_widget',
6402
				$widget_title,
6403
				array( __CLASS__, 'dashboard_widget' )
6404
			);
6405
			wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6406
6407
			// If we're inactive and not in development mode, sort our box to the top.
6408
			if ( ! self::is_active() && ! self::is_development_mode() ) {
6409
				global $wp_meta_boxes;
6410
6411
				$dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6412
				$ours      = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6413
6414
				$wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6415
			}
6416
		}
6417
	}
6418
6419
	/**
6420
	 * @param mixed $result Value for the user's option
6421
	 * @return mixed
6422
	 */
6423
	function get_user_option_meta_box_order_dashboard( $sorted ) {
6424
		if ( ! is_array( $sorted ) ) {
6425
			return $sorted;
6426
		}
6427
6428
		foreach ( $sorted as $box_context => $ids ) {
6429
			if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6430
				// If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6431
				continue;
6432
			}
6433
6434
			$ids_array = explode( ',', $ids );
6435
			$key = array_search( 'dashboard_stats', $ids_array );
6436
6437
			if ( false !== $key ) {
6438
				// If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6439
				$ids_array[ $key ] = 'jetpack_summary_widget';
6440
				$sorted[ $box_context ] = implode( ',', $ids_array );
6441
				// We've found it, stop searching, and just return.
6442
				break;
6443
			}
6444
		}
6445
6446
		return $sorted;
6447
	}
6448
6449
	public static function dashboard_widget() {
6450
		/**
6451
		 * Fires when the dashboard is loaded.
6452
		 *
6453
		 * @since 3.4.0
6454
		 */
6455
		do_action( 'jetpack_dashboard_widget' );
6456
	}
6457
6458
	public static function dashboard_widget_footer() {
6459
		?>
6460
		<footer>
6461
6462
		<div class="protect">
6463
			<?php if ( Jetpack::is_module_active( 'protect' ) ) : ?>
6464
				<h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3>
6465
				<p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6466
			<?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?>
6467
				<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( array( 'action' => 'activate', 'module' => 'protect' ) ), 'jetpack_activate-protect' ) ); ?>" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
6468
					<?php esc_html_e( 'Activate Protect', 'jetpack' ); ?>
6469
				</a>
6470
			<?php else : ?>
6471
				<?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?>
6472
			<?php endif; ?>
6473
		</div>
6474
6475
		<div class="akismet">
6476
			<?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
6477
				<h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3>
6478
				<p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6479
			<?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
6480
				<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => 'akismet/akismet.php' ), admin_url( 'plugins.php' ) ), 'activate-plugin_akismet/akismet.php' ) ); ?>" class="button button-jetpack">
6481
					<?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?>
6482
				</a>
6483
			<?php else : ?>
6484
				<p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
6485
			<?php endif; ?>
6486
		</div>
6487
6488
		</footer>
6489
		<?php
6490
	}
6491
6492
	public function dashboard_widget_connect_to_wpcom() {
6493
		if ( Jetpack::is_active() || Jetpack::is_development_mode() || ! current_user_can( 'jetpack_connect' ) ) {
6494
			return;
6495
		}
6496
		?>
6497
		<div class="wpcom-connect">
6498
			<div class="jp-emblem">
6499
			<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0" y="0" viewBox="0 0 172.9 172.9" enable-background="new 0 0 172.9 172.9" xml:space="preserve">
6500
				<path d="M86.4 0C38.7 0 0 38.7 0 86.4c0 47.7 38.7 86.4 86.4 86.4s86.4-38.7 86.4-86.4C172.9 38.7 134.2 0 86.4 0zM83.1 106.6l-27.1-6.9C49 98 45.7 90.1 49.3 84l33.8-58.5V106.6zM124.9 88.9l-33.8 58.5V66.3l27.1 6.9C125.1 74.9 128.4 82.8 124.9 88.9z"/>
6501
			</svg>
6502
			</div>
6503
			<h3><?php esc_html_e( 'Please Connect Jetpack', 'jetpack' ); ?></h3>
6504
			<p><?php echo wp_kses( __( 'Connecting Jetpack will show you <strong>stats</strong> about your traffic, <strong>protect</strong> you from brute force attacks, <strong>speed up</strong> your images and photos, and enable other <strong>traffic and security</strong> features.', 'jetpack' ), 'jetpack' ) ?></p>
6505
6506
			<div class="actions">
6507
				<a href="<?php echo $this->build_connect_url( false, false, 'widget-btn' ); ?>" class="button button-primary">
6508
					<?php esc_html_e( 'Connect Jetpack', 'jetpack' ); ?>
6509
				</a>
6510
			</div>
6511
		</div>
6512
		<?php
6513
	}
6514
6515
	/*
6516
	 * A graceful transition to using Core's site icon.
6517
	 *
6518
	 * All of the hard work has already been done with the image
6519
	 * in all_done_page(). All that needs to be done now is update
6520
	 * the option and display proper messaging.
6521
	 *
6522
	 * @todo remove when WP 4.3 is minimum
6523
	 *
6524
	 * @since 3.6.1
6525
	 *
6526
	 * @return bool false = Core's icon not available || true = Core's icon is available
6527
	 */
6528
	public static function jetpack_site_icon_available_in_core() {
6529
		global $wp_version;
6530
		$core_icon_available = function_exists( 'has_site_icon' ) && version_compare( $wp_version, '4.3-beta' ) >= 0;
6531
6532
		if ( ! $core_icon_available ) {
6533
			return false;
6534
		}
6535
6536
		// No need for Jetpack's site icon anymore if core's is already set
6537
		if ( has_site_icon() ) {
6538
			if ( Jetpack::is_module_active( 'site-icon' ) ) {
6539
				Jetpack::log( 'deactivate', 'site-icon' );
6540
				Jetpack::deactivate_module( 'site-icon' );
6541
			}
6542
			return true;
6543
		}
6544
6545
		// Transfer Jetpack's site icon to use core.
6546
		$site_icon_id = Jetpack::get_option( 'site_icon_id' );
6547
		if ( $site_icon_id ) {
6548
			// Update core's site icon
6549
			update_option( 'site_icon', $site_icon_id );
6550
6551
			// Delete Jetpack's icon option. We still want the blavatar and attached data though.
6552
			delete_option( 'site_icon_id' );
6553
		}
6554
6555
		// No need for Jetpack's site icon anymore
6556
		if ( Jetpack::is_module_active( 'site-icon' ) ) {
6557
			Jetpack::log( 'deactivate', 'site-icon' );
6558
			Jetpack::deactivate_module( 'site-icon' );
6559
		}
6560
6561
		return true;
6562
	}
6563
6564
	/**
6565
	 * Return string containing the Jetpack logo.
6566
	 *
6567
	 * @since 3.9.0
6568
	 *
6569
	 * @return string
6570
	 */
6571
	public static function get_jp_emblem() {
6572
		return '<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0" y="0" viewBox="0 0 172.9 172.9" enable-background="new 0 0 172.9 172.9" xml:space="preserve">	<path d="M86.4 0C38.7 0 0 38.7 0 86.4c0 47.7 38.7 86.4 86.4 86.4s86.4-38.7 86.4-86.4C172.9 38.7 134.2 0 86.4 0zM83.1 106.6l-27.1-6.9C49 98 45.7 90.1 49.3 84l33.8-58.5V106.6zM124.9 88.9l-33.8 58.5V66.3l27.1 6.9C125.1 74.9 128.4 82.8 124.9 88.9z" /></svg>';
6573
	}
6574
6575
	/*
6576
	 * Adds a "blank" column in the user admin table to display indication of user connection.
6577
	 */
6578
	function jetpack_icon_user_connected( $columns ) {
6579
		$columns['user_jetpack'] = '';
6580
		return $columns;
6581
	}
6582
6583
	/*
6584
	 * Show Jetpack icon if the user is linked.
6585
	 */
6586
	function jetpack_show_user_connected_icon( $val, $col, $user_id ) {
6587
		if ( 'user_jetpack' == $col && Jetpack::is_user_connected( $user_id ) ) {
6588
			$emblem_html = sprintf(
6589
				'<a title="%1$s" class="jp-emblem-user-admin">%2$s</a>',
6590
				esc_attr__( 'This user is linked and ready to fly with Jetpack.', 'jetpack' ),
6591
				Jetpack::get_jp_emblem()
6592
			);
6593
			return $emblem_html;
6594
		}
6595
6596
		return $val;
6597
	}
6598
6599
	/*
6600
	 * Style the Jetpack user column
6601
	 */
6602
	function jetpack_user_col_style() {
6603
		global $current_screen;
6604
		if ( 'users' == $current_screen->base ) { ?>
6605
			<style>
6606
				.fixed .column-user_jetpack {
6607
					width: 21px;
6608
				}
6609
				.jp-emblem-user-admin path {
6610
					fill: #8cc258;
6611
				}
6612
			</style>
6613
		<?php }
6614
	}
6615
6616
}
6617