Completed
Push — add/social-logos-telegram-what... ( 924fea )
by
unknown
11:30
created

class.jetpack.php (10 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
/*
4
Options:
5
jetpack_options (array)
6
	An array of options.
7
	@see Jetpack_Options::get_option_names()
8
9
jetpack_register (string)
10
	Temporary verification secrets.
11
12
jetpack_activated (int)
13
	1: the plugin was activated normally
14
	2: the plugin was activated on this site because of a network-wide activation
15
	3: the plugin was auto-installed
16
	4: the plugin was manually disconnected (but is still installed)
17
18
jetpack_active_modules (array)
19
	Array of active module slugs.
20
21
jetpack_do_activate (bool)
22
	Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
23
*/
24
25
class Jetpack {
26
	public $xmlrpc_server = null;
27
28
	private $xmlrpc_verification = null;
29
30
	public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
31
32
	/**
33
	 * @var array The handles of styles that are concatenated into jetpack.css
34
	 */
35
	public $concatenated_style_handles = array(
36
		'jetpack-carousel',
37
		'grunion.css',
38
		'the-neverending-homepage',
39
		'jetpack_likes',
40
		'jetpack_related-posts',
41
		'sharedaddy',
42
		'jetpack-slideshow',
43
		'presentations',
44
		'jetpack-subscriptions',
45
		'tiled-gallery',
46
		'widget-conditions',
47
		'jetpack_display_posts_widget',
48
		'gravatar-profile-widget',
49
		'widget-grid-and-list',
50
		'jetpack-widgets',
51
		'goodreads-widget',
52
		'jetpack_social_media_icons_widget',
53
	);
54
55
	public $plugins_to_deactivate = array(
56
		'stats'               => array( 'stats/stats.php', 'WordPress.com Stats' ),
57
		'shortlinks'          => array( 'stats/stats.php', 'WordPress.com Stats' ),
58
		'sharedaddy'          => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
59
		'twitter-widget'      => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
60
		'after-the-deadline'  => array( 'after-the-deadline/after-the-deadline.php', 'After The Deadline' ),
61
		'contact-form'        => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
62
		'contact-form'        => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
63
		'custom-css'          => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
64
		'random-redirect'     => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
65
		'videopress'          => array( 'video/video.php', 'VideoPress' ),
66
		'widget-visibility'   => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
67
		'widget-visibility'   => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
68
		'sharedaddy'          => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
69
		'omnisearch'          => array( 'jetpack-omnisearch/omnisearch.php', 'Jetpack Omnisearch' ),
70
		'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
71
		'latex'               => array( 'wp-latex/wp-latex.php', 'WP LaTeX' )
72
	);
73
74
	public $capability_translations = array(
75
		'administrator' => 'manage_options',
76
		'editor'        => 'edit_others_posts',
77
		'author'        => 'publish_posts',
78
		'contributor'   => 'edit_posts',
79
		'subscriber'    => 'read',
80
	);
81
82
	/**
83
	 * Map of modules that have conflicts with plugins and should not be auto-activated
84
	 * if the plugins are active.  Used by filter_default_modules
85
	 *
86
	 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
87
	 * change `module-slug` and add this to your plugin:
88
	 *
89
	 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
90
	 * function my_jetpack_get_default_modules( $modules ) {
91
	 *     return array_diff( $modules, array( 'module-slug' ) );
92
	 * }
93
	 *
94
	 * @var array
95
	 */
96
	private $conflicting_plugins = array(
97
		'comments'          => array(
98
			'Intense Debate'                       => 'intensedebate/intensedebate.php',
99
			'Disqus'                               => 'disqus-comment-system/disqus.php',
100
			'Livefyre'                             => 'livefyre-comments/livefyre.php',
101
			'Comments Evolved for WordPress'       => 'gplus-comments/comments-evolved.php',
102
			'Google+ Comments'                     => 'google-plus-comments/google-plus-comments.php',
103
			'WP-SpamShield Anti-Spam'              => 'wp-spamshield/wp-spamshield.php',
104
		),
105
		'contact-form'      => array(
106
			'Contact Form 7'                       => 'contact-form-7/wp-contact-form-7.php',
107
			'Gravity Forms'                        => 'gravityforms/gravityforms.php',
108
			'Contact Form Plugin'                  => 'contact-form-plugin/contact_form.php',
109
			'Easy Contact Forms'                   => 'easy-contact-forms/easy-contact-forms.php',
110
			'Fast Secure Contact Form'             => 'si-contact-form/si-contact-form.php',
111
		),
112
		'minileven'         => array(
113
			'WPtouch'                              => 'wptouch/wptouch.php',
114
		),
115
		'latex'             => array(
116
			'LaTeX for WordPress'                  => 'latex/latex.php',
117
			'Youngwhans Simple Latex'              => 'youngwhans-simple-latex/yw-latex.php',
118
			'Easy WP LaTeX'                        => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
119
			'MathJax-LaTeX'                        => 'mathjax-latex/mathjax-latex.php',
120
			'Enable Latex'                         => 'enable-latex/enable-latex.php',
121
			'WP QuickLaTeX'                        => 'wp-quicklatex/wp-quicklatex.php',
122
		),
123
		'protect'           => array(
124
			'Limit Login Attempts'                 => 'limit-login-attempts/limit-login-attempts.php',
125
			'Captcha'                              => 'captcha/captcha.php',
126
			'Brute Force Login Protection'         => 'brute-force-login-protection/brute-force-login-protection.php',
127
			'Login Security Solution'              => 'login-security-solution/login-security-solution.php',
128
			'WPSecureOps Brute Force Protect'      => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
129
			'BulletProof Security'                 => 'bulletproof-security/bulletproof-security.php',
130
			'SiteGuard WP Plugin'                  => 'siteguard/siteguard.php',
131
			'Security-protection'                  => 'security-protection/security-protection.php',
132
			'Login Security'                       => 'login-security/login-security.php',
133
			'Botnet Attack Blocker'                => 'botnet-attack-blocker/botnet-attack-blocker.php',
134
			'Wordfence Security'                   => 'wordfence/wordfence.php',
135
			'All In One WP Security & Firewall'    => 'all-in-one-wp-security-and-firewall/wp-security.php',
136
			'iThemes Security'                     => 'better-wp-security/better-wp-security.php',
137
		),
138
		'random-redirect'   => array(
139
			'Random Redirect 2'                    => 'random-redirect-2/random-redirect.php',
140
		),
141
		'related-posts'     => array(
142
			'YARPP'                                => 'yet-another-related-posts-plugin/yarpp.php',
143
			'WordPress Related Posts'              => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
144
			'nrelate Related Content'              => 'nrelate-related-content/nrelate-related.php',
145
			'Contextual Related Posts'             => 'contextual-related-posts/contextual-related-posts.php',
146
			'Related Posts for WordPress'          => 'microkids-related-posts/microkids-related-posts.php',
147
			'outbrain'                             => 'outbrain/outbrain.php',
148
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
149
			'Sexybookmarks'                        => 'sexybookmarks/shareaholic.php',
150
		),
151
		'sharedaddy'        => array(
152
			'AddThis'                              => 'addthis/addthis_social_widget.php',
153
			'Add To Any'                           => 'add-to-any/add-to-any.php',
154
			'ShareThis'                            => 'share-this/sharethis.php',
155
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
156
		),
157
		'verification-tools' => array(
158
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
159
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
160
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
161
		),
162
		'widget-visibility' => array(
163
			'Widget Logic'                         => 'widget-logic/widget_logic.php',
164
			'Dynamic Widgets'                      => 'dynamic-widgets/dynamic-widgets.php',
165
		),
166
		'sitemaps' => array(
167
			'Google XML Sitemaps'                  => 'google-sitemap-generator/sitemap.php',
168
			'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
169
			'Google XML Sitemaps for qTranslate'   => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
170
			'XML Sitemap & Google News feeds'      => 'xml-sitemap-feed/xml-sitemap.php',
171
			'Google Sitemap by BestWebSoft'        => 'google-sitemap-plugin/google-sitemap-plugin.php',
172
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
173
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
174
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
175
			'Sitemap'                              => 'sitemap/sitemap.php',
176
			'Simple Wp Sitemap'                    => 'simple-wp-sitemap/simple-wp-sitemap.php',
177
			'Simple Sitemap'                       => 'simple-sitemap/simple-sitemap.php',
178
			'XML Sitemaps'                         => 'xml-sitemaps/xml-sitemaps.php',
179
			'MSM Sitemaps'                         => 'msm-sitemap/msm-sitemap.php',
180
		),
181
	);
182
183
	/**
184
	 * Plugins for which we turn off our Facebook OG Tags implementation.
185
	 *
186
	 * Note: WordPress SEO by Yoast and WordPress SEO Premium by Yoast automatically deactivate
187
	 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
188
	 *
189
	 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
190
	 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
191
	 */
192
	private $open_graph_conflicting_plugins = array(
193
		'2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
194
		                                                         // 2 Click Social Media Buttons
195
		'add-link-to-facebook/add-link-to-facebook.php',         // Add Link to Facebook
196
		'add-meta-tags/add-meta-tags.php',                       // Add Meta Tags
197
		'autodescription/autodescription.php',                   // The SEO Framework
198
		'easy-facebook-share-thumbnails/esft.php',               // Easy Facebook Share Thumbnail
199
		'facebook/facebook.php',                                 // Facebook (official plugin)
200
		'facebook-awd/AWD_facebook.php',                         // Facebook AWD All in one
201
		'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
202
		                                                         // Facebook Featured Image & OG Meta Tags
203
		'facebook-meta-tags/facebook-metatags.php',              // Facebook Meta Tags
204
		'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
205
		                                                         // Facebook Open Graph Meta Tags for WordPress
206
		'facebook-revised-open-graph-meta-tag/index.php',        // Facebook Revised Open Graph Meta Tag
207
		'facebook-thumb-fixer/_facebook-thumb-fixer.php',        // Facebook Thumb Fixer
208
		'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
209
		                                                         // Fedmich's Facebook Open Graph Meta
210
		'header-footer/plugin.php',                              // Header and Footer
211
		'network-publisher/networkpub.php',                      // Network Publisher
212
		'nextgen-facebook/nextgen-facebook.php',                 // NextGEN Facebook OG
213
		'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
214
		                                                         // NextScripts SNAP
215
		'opengraph/opengraph.php',                               // Open Graph
216
		'open-graph-protocol-framework/open-graph-protocol-framework.php',
217
		                                                         // Open Graph Protocol Framework
218
		'seo-facebook-comments/seofacebook.php',                 // SEO Facebook Comments
219
		'seo-ultimate/seo-ultimate.php',                         // SEO Ultimate
220
		'sexybookmarks/sexy-bookmarks.php',                      // Shareaholic
221
		'shareaholic/sexy-bookmarks.php',                        // Shareaholic
222
		'sharepress/sharepress.php',                             // SharePress
223
		'simple-facebook-connect/sfc.php',                       // Simple Facebook Connect
224
		'social-discussions/social-discussions.php',             // Social Discussions
225
		'social-sharing-toolkit/social_sharing_toolkit.php',     // Social Sharing Toolkit
226
		'socialize/socialize.php',                               // Socialize
227
		'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
228
		                                                         // Tweet, Like, Google +1 and Share
229
		'wordbooker/wordbooker.php',                             // Wordbooker
230
		'wpsso/wpsso.php',                                       // WordPress Social Sharing Optimization
231
		'wp-caregiver/wp-caregiver.php',                         // WP Caregiver
232
		'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
233
		                                                         // WP Facebook Like Send & Open Graph Meta
234
		'wp-facebook-open-graph-protocol/wp-facebook-ogp.php',   // WP Facebook Open Graph protocol
235
		'wp-ogp/wp-ogp.php',                                     // WP-OGP
236
		'zoltonorg-social-plugin/zosp.php',                      // Zolton.org Social Plugin
237
		'wp-fb-share-like-button/wp_fb_share-like_widget.php'    // WP Facebook Like Button
238
	);
239
240
	/**
241
	 * Plugins for which we turn off our Twitter Cards Tags implementation.
242
	 */
243
	private $twitter_cards_conflicting_plugins = array(
244
	//	'twitter/twitter.php',                       // The official one handles this on its own.
245
	//	                                             // https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
246
		'eewee-twitter-card/index.php',              // Eewee Twitter Card
247
		'ig-twitter-cards/ig-twitter-cards.php',     // IG:Twitter Cards
248
		'jm-twitter-cards/jm-twitter-cards.php',     // JM Twitter Cards
249
		'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
250
		                                             // Pure Web Brilliant's Social Graph Twitter Cards Extension
251
		'twitter-cards/twitter-cards.php',           // Twitter Cards
252
		'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
253
		'wp-twitter-cards/twitter_cards.php',        // WP Twitter Cards
254
	);
255
256
	/**
257
	 * Message to display in admin_notice
258
	 * @var string
259
	 */
260
	public $message = '';
261
262
	/**
263
	 * Error to display in admin_notice
264
	 * @var string
265
	 */
266
	public $error = '';
267
268
	/**
269
	 * Modules that need more privacy description.
270
	 * @var string
271
	 */
272
	public $privacy_checks = '';
273
274
	/**
275
	 * Stats to record once the page loads
276
	 *
277
	 * @var array
278
	 */
279
	public $stats = array();
280
281
	/**
282
	 * Allows us to build a temporary security report
283
	 *
284
	 * @var array
285
	 */
286
	static $security_report = array();
287
288
	/**
289
	 * Jetpack_Sync object
290
	 */
291
	public $sync;
292
293
	/**
294
	 * Verified data for JSON authorization request
295
	 */
296
	public $json_api_authorization_request = array();
297
298
	/**
299
	 * Holds the singleton instance of this class
300
	 * @since 2.3.3
301
	 * @var Jetpack
302
	 */
303
	static $instance = false;
304
305
	/**
306
	 * Singleton
307
	 * @static
308
	 */
309
	public static function init() {
310
		if ( ! self::$instance ) {
311
			self::$instance = new Jetpack;
312
313
			self::$instance->plugin_upgrade();
314
315
			add_action( 'init', array( __CLASS__, 'perform_security_reporting' ) );
316
317
		}
318
319
		return self::$instance;
320
	}
321
322
	/**
323
	 * Must never be called statically
324
	 */
325
	function plugin_upgrade() {
326
		if ( Jetpack::is_active() ) {
327
			list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
328
			if ( JETPACK__VERSION != $version ) {
329
330
				// Check which active modules actually exist and remove others from active_modules list
331
				$unfiltered_modules = Jetpack::get_active_modules();
332
				$modules = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
333
				if ( array_diff( $unfiltered_modules, $modules ) ) {
334
					Jetpack_Options::update_option( 'active_modules', $modules );
335
				}
336
337
				add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
338
				/**
339
				 * Fires when synchronizing all registered options and constants.
340
				 *
341
				 * @since 3.3.0
342
				 */
343
				do_action( 'jetpack_sync_all_registered_options' );
344
			}
345
		}
346
	}
347
348
	static function activate_manage( ) {
349
350
		if ( did_action( 'init' ) || current_filter() == 'init' ) {
351
			self::activate_module( 'manage', false, false );
352
		} else if ( !  has_action( 'init' , array( __CLASS__, 'activate_manage' ) ) ) {
353
			add_action( 'init', array( __CLASS__, 'activate_manage' ) );
354
		}
355
356
	}
357
358
	/**
359
	 * Constructor.  Initializes WordPress hooks
360
	 */
361
	private function __construct() {
362
		/*
363
		 * Check for and alert any deprecated hooks
364
		 */
365
		add_action( 'init', array( $this, 'deprecated_hooks' ) );
366
367
		/**
368
		 * Trigger a wp_version sync when updating WP versions
369
		 **/
370
		add_action( 'upgrader_process_complete', array( 'Jetpack', 'update_get_wp_version' ), 10, 2 );
371
372
		/*
373
		 * Load things that should only be in Network Admin.
374
		 *
375
		 * For now blow away everything else until a more full
376
		 * understanding of what is needed at the network level is
377
		 * available
378
		 */
379
		if( is_multisite() ) {
380
			Jetpack_Network::init();
381
		}
382
383
		// Unlink user before deleting the user from .com
384
		add_action( 'deleted_user', array( $this, 'unlink_user' ), 10, 1 );
385
		add_action( 'remove_user_from_blog', array( $this, 'unlink_user' ), 10, 1 );
386
387
		if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) {
388
			@ini_set( 'display_errors', false ); // Display errors can cause the XML to be not well formed.
389
390
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-xmlrpc-server.php';
391
			$this->xmlrpc_server = new Jetpack_XMLRPC_Server();
392
393
			$this->require_jetpack_authentication();
394
395
			if ( Jetpack::is_active() ) {
396
				// Hack to preserve $HTTP_RAW_POST_DATA
397
				add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
398
399
				$signed = $this->verify_xml_rpc_signature();
400
				if ( $signed && ! is_wp_error( $signed ) ) {
401
					// The actual API methods.
402
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) );
403
				} else {
404
					// The jetpack.authorize method should be available for unauthenticated users on a site with an
405
					// active Jetpack connection, so that additional users can link their account.
406
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) );
407
				}
408
			} else {
409
				// The bootstrap API methods.
410
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) );
411
			}
412
413
			// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on.
414
			add_filter( 'pre_option_enable_xmlrpc', '__return_true' );
415
		} elseif ( is_admin() && isset( $_POST['action'] ) && 'jetpack_upload_file' == $_POST['action'] ) {
416
			$this->require_jetpack_authentication();
417
			$this->add_remote_request_handlers();
418
		} else {
419
			if ( Jetpack::is_active() ) {
420
				add_action( 'login_form_jetpack_json_api_authorization', array( &$this, 'login_form_json_api_authorization' ) );
421
				add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) );
422
			}
423
		}
424
425
		if ( Jetpack::is_active() ) {
426
			Jetpack_Heartbeat::init();
427
		}
428
429
		add_action( 'jetpack_clean_nonces', array( 'Jetpack', 'clean_nonces' ) );
430
		if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) {
431
			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
432
		}
433
434
		add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ) );
435
436
		add_action( 'admin_init', array( $this, 'admin_init' ) );
437
		add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
438
439
		add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
440
441
		add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
442
		// Filter the dashboard meta box order to swap the new one in in place of the old one.
443
		add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
444
445
		add_action( 'wp_ajax_jetpack-sync-reindex-trigger', array( $this, 'sync_reindex_trigger' ) );
446
		add_action( 'wp_ajax_jetpack-sync-reindex-status', array( $this, 'sync_reindex_status' ) );
447
448
		// If any module option is updated before Jump Start is dismissed, hide Jump Start.
449
		add_action( 'update_option', array( $this, 'jumpstart_has_updated_module_option' ) );
450
451
		// Identity Crisis AJAX callback function
452
		add_action( 'wp_ajax_jetpack_resolve_identity_crisis', array( $this, 'resolve_identity_crisis_ajax_callback' ) );
453
454
		// JITM AJAX callback function
455
		add_action( 'wp_ajax_jitm_ajax',  array( $this, 'jetpack_jitm_ajax_callback' ) );
456
457
		add_action( 'wp_ajax_jetpack_admin_ajax',          array( $this, 'jetpack_admin_ajax_callback' ) );
458
		add_action( 'wp_ajax_jetpack_admin_ajax_refresh',  array( $this, 'jetpack_admin_ajax_refresh_data' ) );
459
460
		// Universal ajax callback for all tracking events triggered via js
461
		add_action( 'wp_ajax_jetpack_tracks', array( $this, 'jetpack_admin_ajax_tracks_callback' ) );
462
463
		add_action( 'wp_loaded', array( $this, 'register_assets' ) );
464
		add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) );
465
		add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) );
466
		add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) );
467
468
		add_action( 'jetpack_activate_module', array( $this, 'activate_module_actions' ) );
469
470
		add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 );
471
		
472
		/**
473
		 * These actions run checks to load additional files.
474
		 * They check for external files or plugins, so they need to run as late as possible.
475
		 */
476
		add_action( 'wp_head', array( $this, 'check_open_graph' ),       1 );
477
		add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ),     999 );
478
		add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
479
480
		add_filter( 'plugins_url',      array( 'Jetpack', 'maybe_min_asset' ),     1, 3 );
481
		add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
482
483
		add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
484
485
		add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
486
		add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
487
488
		// A filter to control all just in time messages
489
		add_filter( 'jetpack_just_in_time_msgs', '__return_false' );
490
491
		/**
492
		 * This is the hack to concatinate all css files into one.
493
		 * For description and reasoning see the implode_frontend_css method
494
		 *
495
		 * Super late priority so we catch all the registered styles
496
		 */
497
		if( !is_admin() ) {
498
			add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
499
			add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
500
		}
501
502
	}
503
	
504
	function jetpack_admin_ajax_tracks_callback() {
505
		// Check for nonce
506
		if ( ! isset( $_REQUEST['tracksNonce'] ) || ! wp_verify_nonce( $_REQUEST['tracksNonce'], 'jp-tracks-ajax-nonce' ) ) {
507
			wp_die( 'Permissions check failed.' );
508
		}
509
510
		if ( ! isset( $_REQUEST['tracksEventName'] ) || ! isset( $_REQUEST['tracksEventType'] )  ) {
511
			wp_die( 'No valid event name or type.' );
512
		}
513
514
		$tracks_data = array();
515
		if ( 'click' === $_REQUEST['tracksEventType'] && isset( $_REQUEST['tracksEventProp'] ) ) {
516
			$tracks_data = array( 'clicked' => $_REQUEST['tracksEventProp'] );
517
		}
518
519
		JetpackTracking::record_user_event( $_REQUEST['tracksEventName'], $tracks_data );
520
		wp_send_json_success();
521
		wp_die();
522
	}
523
524
	function jetpack_admin_ajax_callback() {
525
		// Check for nonce
526 View Code Duplication
		if ( ! isset( $_REQUEST['adminNonce'] ) || ! wp_verify_nonce( $_REQUEST['adminNonce'], 'jetpack-admin-nonce' ) || ! current_user_can( 'jetpack_manage_modules' ) ) {
527
			wp_die( 'permissions check failed' );
528
		}
529
530
		if ( isset( $_REQUEST['toggleModule'] ) && 'nux-toggle-module' == $_REQUEST['toggleModule'] ) {
531
			$slug = $_REQUEST['thisModuleSlug'];
532
533
			if ( ! in_array( $slug, Jetpack::get_available_modules() ) ) {
534
				wp_die( 'That is not a Jetpack module slug' );
535
			}
536
537
			if ( Jetpack::is_module_active( $slug ) ) {
538
				Jetpack::deactivate_module( $slug );
539
			} else {
540
				Jetpack::activate_module( $slug, false, false );
541
			}
542
543
			$modules = Jetpack_Admin::init()->get_modules();
544
			echo json_encode( $modules[ $slug ] );
545
546
			exit;
547
		}
548
549
		wp_die();
550
	}
551
552
	/*
553
	 * Sometimes we need to refresh the data,
554
	 * especially if the page is visited via a 'history'
555
	 * event like back/forward
556
	 */
557
	function jetpack_admin_ajax_refresh_data() {
558
		// Check for nonce
559 View Code Duplication
		if ( ! isset( $_REQUEST['adminNonce'] ) || ! wp_verify_nonce( $_REQUEST['adminNonce'], 'jetpack-admin-nonce' ) ) {
560
			wp_die( 'permissions check failed' );
561
		}
562
563
		if ( isset( $_REQUEST['refreshData'] ) && 'refresh' == $_REQUEST['refreshData'] ) {
564
			$modules = Jetpack_Admin::init()->get_modules();
565
			echo json_encode( $modules );
566
			exit;
567
		}
568
569
		wp_die();
570
	}
571
572
	/**
573
	 * The callback for the JITM ajax requests.
574
	 */
575
	function jetpack_jitm_ajax_callback() {
576
		// Check for nonce
577
		if ( ! isset( $_REQUEST['jitmNonce'] ) || ! wp_verify_nonce( $_REQUEST['jitmNonce'], 'jetpack-jitm-nonce' ) ) {
578
			wp_die( 'Module activation failed due to lack of appropriate permissions' );
579
		}
580
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'activate' == $_REQUEST['jitmActionToTake'] ) {
581
			$module_slug = $_REQUEST['jitmModule'];
582
			Jetpack::log( 'activate', $module_slug );
583
			Jetpack::activate_module( $module_slug, false, false );
584
			Jetpack::state( 'message', 'no_message' );
585
586
			//A Jetpack module is being activated through a JITM, track it
587
			$this->stat( 'jitm', $module_slug.'-activated-' . JETPACK__VERSION );
588
			$this->do_stats( 'server_side' );
589
590
			wp_send_json_success();
591
		}
592
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'dismiss' == $_REQUEST['jitmActionToTake'] ) {
593
			// get the hide_jitm options array
594
			$jetpack_hide_jitm = Jetpack_Options::get_option( 'hide_jitm' );
595
			$module_slug = $_REQUEST['jitmModule'];
596
597
			if( ! $jetpack_hide_jitm ) {
598
				$jetpack_hide_jitm = array(
599
					$module_slug => 'hide'
600
				);
601
			} else {
602
				$jetpack_hide_jitm[$module_slug] = 'hide';
603
			}
604
605
			Jetpack_Options::update_option( 'hide_jitm', $jetpack_hide_jitm );
606
607
			//jitm is being dismissed forever, track it
608
			$this->stat( 'jitm', $module_slug.'-dismissed-' . JETPACK__VERSION );
609
			$this->do_stats( 'server_side' );
610
611
			wp_send_json_success();
612
		}
613 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'launch' == $_REQUEST['jitmActionToTake'] ) {
614
			$module_slug = $_REQUEST['jitmModule'];
615
616
			// User went to WordPress.com, track this
617
			$this->stat( 'jitm', $module_slug.'-wordpress-tools-' . JETPACK__VERSION );
618
			$this->do_stats( 'server_side' );
619
620
			wp_send_json_success();
621
		}
622 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'viewed' == $_REQUEST['jitmActionToTake'] ) {
623
			$track = $_REQUEST['jitmModule'];
624
625
			// User is viewing JITM, track it.
626
			$this->stat( 'jitm', $track . '-viewed-' . JETPACK__VERSION );
627
			$this->do_stats( 'server_side' );
628
629
			wp_send_json_success();
630
		}
631
	}
632
633
	/**
634
	 * If there are any stats that need to be pushed, but haven't been, push them now.
635
	 */
636
	function __destruct() {
637
		if ( ! empty( $this->stats ) ) {
638
			$this->do_stats( 'server_side' );
639
		}
640
	}
641
642
	function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
643
		switch( $cap ) {
644
			case 'jetpack_connect' :
645
			case 'jetpack_reconnect' :
646
				if ( Jetpack::is_development_mode() ) {
647
					$caps = array( 'do_not_allow' );
648
					break;
649
				}
650
				/**
651
				 * Pass through. If it's not development mode, these should match disconnect.
652
				 * Let users disconnect if it's development mode, just in case things glitch.
653
				 */
654
			case 'jetpack_disconnect' :
655
				/**
656
				 * In multisite, can individual site admins manage their own connection?
657
				 *
658
				 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
659
				 */
660
				if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
661
					if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
662
						/**
663
						 * We need to update the option name -- it's terribly unclear which
664
						 * direction the override goes.
665
						 *
666
						 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
667
						 */
668
						$caps = array( 'do_not_allow' );
669
						break;
670
					}
671
				}
672
673
				$caps = array( 'manage_options' );
674
				break;
675
			case 'jetpack_manage_modules' :
676
			case 'jetpack_activate_modules' :
677
			case 'jetpack_deactivate_modules' :
678
				$caps = array( 'manage_options' );
679
				break;
680
			case 'jetpack_configure_modules' :
681
				$caps = array( 'manage_options' );
682
				break;
683
			case 'jetpack_network_admin_page':
684
			case 'jetpack_network_settings_page':
685
				$caps = array( 'manage_network_plugins' );
686
				break;
687
			case 'jetpack_network_sites_page':
688
				$caps = array( 'manage_sites' );
689
				break;
690
			case 'jetpack_admin_page' :
691
				if ( Jetpack::is_development_mode() ) {
692
					$caps = array( 'manage_options' );
693
					break;
694
				} else {
695
					$caps = array( 'read' );
696
				}
697
				break;
698
			case 'jetpack_connect_user' :
699
				if ( Jetpack::is_development_mode() ) {
700
					$caps = array( 'do_not_allow' );
701
					break;
702
				}
703
				$caps = array( 'read' );
704
				break;
705
		}
706
		return $caps;
707
	}
708
709
	function require_jetpack_authentication() {
710
		// Don't let anyone authenticate
711
		$_COOKIE = array();
712
		remove_all_filters( 'authenticate' );
713
714
		/**
715
		 * For the moment, remove Limit Login Attempts if its xmlrpc for Jetpack.
716
		 * If Limit Login Attempts is installed as a mu-plugin, it can occasionally
717
		 * generate false-positives.
718
		 */
719
		remove_filter( 'wp_login_failed', 'limit_login_failed' );
720
721
		if ( Jetpack::is_active() ) {
722
			// Allow Jetpack authentication
723
			add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 );
724
		}
725
	}
726
727
	/**
728
	 * Load language files
729
	 * @action plugins_loaded
730
	 */
731
	public static function plugin_textdomain() {
732
		// Note to self, the third argument must not be hardcoded, to account for relocated folders.
733
		load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
734
	}
735
736
	/**
737
	 * Register assets for use in various modules and the Jetpack admin page.
738
	 *
739
	 * @uses wp_script_is, wp_register_script, plugins_url
740
	 * @action wp_loaded
741
	 * @return null
742
	 */
743
	public function register_assets() {
744 View Code Duplication
		if ( ! wp_script_is( 'spin', 'registered' ) ) {
745
			wp_register_script( 'spin', plugins_url( '_inc/spin.js', JETPACK__PLUGIN_FILE ), false, '1.3' );
746
		}
747
748 View Code Duplication
		if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
749
			wp_register_script( 'jquery.spin', plugins_url( '_inc/jquery.spin.js', JETPACK__PLUGIN_FILE ) , array( 'jquery', 'spin' ), '1.3' );
750
		}
751
752 View Code Duplication
		if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
753
			wp_register_script( 'jetpack-gallery-settings', plugins_url( '_inc/gallery-settings.js', JETPACK__PLUGIN_FILE ), array( 'media-views' ), '20121225' );
754
		}
755
756 View Code Duplication
		if ( ! wp_script_is( 'jetpack-twitter-timeline', 'registered' ) ) {
757
			wp_register_script( 'jetpack-twitter-timeline', plugins_url( '_inc/twitter-timeline.js', JETPACK__PLUGIN_FILE ) , array( 'jquery' ), '4.0.0', true );
758
		}
759
760
		if ( ! wp_script_is( 'jetpack-facebook-embed', 'registered' ) ) {
761
			wp_register_script( 'jetpack-facebook-embed', plugins_url( '_inc/facebook-embed.js', __FILE__ ), array( 'jquery' ), null, true );
762
763
			/** This filter is documented in modules/sharedaddy/sharing-sources.php */
764
			$fb_app_id = apply_filters( 'jetpack_sharing_facebook_app_id', '249643311490' );
765
			if ( ! is_numeric( $fb_app_id ) ) {
766
				$fb_app_id = '';
767
			}
768
			wp_localize_script(
769
				'jetpack-facebook-embed',
770
				'jpfbembed',
771
				array(
772
					'appid' => $fb_app_id,
773
					'locale' => $this->get_locale(),
774
				)
775
			);
776
		}
777
778
		/**
779
		 * As jetpack_register_genericons is by default fired off a hook,
780
		 * the hook may have already fired by this point.
781
		 * So, let's just trigger it manually.
782
		 */
783
		require_once( JETPACK__PLUGIN_DIR . '_inc/genericons.php' );
784
		jetpack_register_genericons();
785
786 View Code Duplication
		if ( ! wp_style_is( 'jetpack-icons', 'registered' ) )
787
			wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
788
	}
789
790
	/**
791
	 * Guess locale from language code.
792
	 *
793
	 * @param string $lang Language code.
794
	 * @return string|bool
795
	 */
796
	function guess_locale_from_lang( $lang ) {
797
		if ( 'en' === $lang || 'en_US' === $lang || ! $lang ) {
798
			return 'en_US';
799
		}
800
801
		if ( ! class_exists( 'GP_Locales' ) ) {
802
			if ( ! defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) || ! file_exists( JETPACK__GLOTPRESS_LOCALES_PATH ) ) {
803
				return false;
804
			}
805
806
			require JETPACK__GLOTPRESS_LOCALES_PATH;
807
		}
808
809
		if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
810
			// WP.com: get_locale() returns 'it'
811
			$locale = GP_Locales::by_slug( $lang );
812
		} else {
813
			// Jetpack: get_locale() returns 'it_IT';
814
			$locale = GP_Locales::by_field( 'facebook_locale', $lang );
815
		}
816
817
		if ( ! $locale ) {
818
			return false;
819
		}
820
821
		if ( empty( $locale->facebook_locale ) ) {
822
			if ( empty( $locale->wp_locale ) ) {
823
				return false;
824
			} else {
825
				// Facebook SDK is smart enough to fall back to en_US if a
826
				// locale isn't supported. Since supported Facebook locales
827
				// can fall out of sync, we'll attempt to use the known
828
				// wp_locale value and rely on said fallback.
829
				return $locale->wp_locale;
830
			}
831
		}
832
833
		return $locale->facebook_locale;
834
	}
835
836
	/**
837
	 * Get the locale.
838
	 *
839
	 * @return string|bool
840
	 */
841
	function get_locale() {
842
		$locale = $this->guess_locale_from_lang( get_locale() );
843
844
		if ( ! $locale ) {
845
			$locale = 'en_US';
846
		}
847
848
		return $locale;
849
	}
850
851
	/**
852
	 * Device Pixels support
853
	 * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers.
854
	 */
855
	function devicepx() {
856
		if ( Jetpack::is_active() ) {
857
			wp_enqueue_script( 'devicepx', set_url_scheme( 'http://s0.wp.com/wp-content/js/devicepx-jetpack.js' ), array(), gmdate( 'oW' ), true );
858
		}
859
	}
860
861
	/**
862
	 * Return the network_site_url so that .com knows what network this site is a part of.
863
	 * @param  bool $option
864
	 * @return string
865
	 */
866
	public function jetpack_main_network_site_option( $option ) {
867
		return network_site_url();
868
	}
869
	/**
870
	 * Network Name.
871
	 */
872
	static function network_name( $option = null ) {
873
		global $current_site;
874
		return $current_site->site_name;
875
	}
876
	/**
877
	 * Does the network allow new user and site registrations.
878
	 * @return string
879
	 */
880
	static function network_allow_new_registrations( $option = null ) {
881
		return ( in_array( get_site_option( 'registration' ), array('none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration') : 'none' );
882
	}
883
	/**
884
	 * Does the network allow admins to add new users.
885
	 * @return boolian
886
	 */
887
	static function network_add_new_users( $option = null ) {
888
		return (bool) get_site_option( 'add_new_users' );
889
	}
890
	/**
891
	 * File upload psace left per site in MB.
892
	 *  -1 means NO LIMIT.
893
	 * @return number
894
	 */
895
	static function network_site_upload_space( $option = null ) {
896
		// value in MB
897
		return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
898
	}
899
900
	/**
901
	 * Network allowed file types.
902
	 * @return string
903
	 */
904
	static function network_upload_file_types( $option = null ) {
905
		return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
906
	}
907
908
	/**
909
	 * Maximum file upload size set by the network.
910
	 * @return number
911
	 */
912
	static function network_max_upload_file_size( $option = null ) {
913
		// value in KB
914
		return get_site_option( 'fileupload_maxk', 300 );
915
	}
916
917
	/**
918
	 * Lets us know if a site allows admins to manage the network.
919
	 * @return array
920
	 */
921
	static function network_enable_administration_menus( $option = null ) {
922
		return get_site_option( 'menu_items' );
923
	}
924
925
	/**
926
	 * Return whether we are dealing with a multi network setup or not.
927
	 * The reason we are type casting this is because we want to avoid the situation where
928
	 * the result is false since when is_main_network_option return false it cases
929
	 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
930
	 * database which could be set to anything as opposed to what this function returns.
931
	 * @param  bool  $option
932
	 *
933
	 * @return boolean
934
	 */
935
	public function is_main_network_option( $option ) {
936
		// return '1' or ''
937
		return (string) (bool) Jetpack::is_multi_network();
938
	}
939
940
	/**
941
	 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
942
	 *
943
	 * @param  string  $option
944
	 * @return boolean
945
	 */
946
	public function is_multisite( $option ) {
947
		return (string) (bool) is_multisite();
948
	}
949
950
	/**
951
	 * Implemented since there is no core is multi network function
952
	 * Right now there is no way to tell if we which network is the dominant network on the system
953
	 *
954
	 * @since  3.3
955
	 * @return boolean
956
	 */
957
	public static function is_multi_network() {
958
		global  $wpdb;
959
960
		// if we don't have a multi site setup no need to do any more
961
		if ( ! is_multisite() ) {
962
			return false;
963
		}
964
965
		$num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
966
		if ( $num_sites > 1 ) {
967
			return true;
968
		} else {
969
			return false;
970
		}
971
	}
972
973
	/**
974
	 * Trigger an update to the main_network_site when we update the siteurl of a site.
975
	 * @return null
976
	 */
977
	function update_jetpack_main_network_site_option() {
978
		// do_action( 'add_option_$option', '$option', '$value-of-the-option' );
979
		/**
980
		 * Fires when the site URL is updated.
981
		 * Determines if the site is the main site of a Mulitiste network.
982
		 *
983
		 * @since 3.3.0
984
		 *
985
		 * @param string jetpack_main_network_site.
986
		 * @param string network_site_url() Site URL for the "main" site of the current Multisite network.
987
		 */
988
		do_action( 'add_option_jetpack_main_network_site', 'jetpack_main_network_site', network_site_url() );
989
		/**
990
		 * Fires when the site URL is updated.
991
		 * Determines if the is part of a multi network.
992
		 *
993
		 * @since 3.3.0
994
		 *
995
		 * @param string jetpack_is_main_network.
996
		 * @param bool Jetpack::is_multi_network() Is the site part of a multi network.
997
		 */
998
		do_action( 'add_option_jetpack_is_main_network', 'jetpack_is_main_network', (string) (bool) Jetpack::is_multi_network() );
999
		/**
1000
		 * Fires when the site URL is updated.
1001
		 * Determines if the site is part of a multisite network.
1002
		 *
1003
		 * @since 3.4.0
1004
		 *
1005
		 * @param string jetpack_is_multi_site.
1006
		 * @param bool is_multisite() Is the site part of a mutlisite network.
1007
		 */
1008
		do_action( 'add_option_jetpack_is_multi_site', 'jetpack_is_multi_site', (string) (bool) is_multisite() );
1009
	}
1010
	/**
1011
	 * Triggered after a user updates the network settings via Network Settings Admin Page
1012
	 *
1013
	 */
1014
	function update_jetpack_network_settings() {
1015
		// Only sync this info for the main network site.
1016
		do_action( 'add_option_jetpack_network_name', 'jetpack_network_name', Jetpack::network_name() );
1017
		do_action( 'add_option_jetpack_network_allow_new_registrations', 'jetpack_network_allow_new_registrations', Jetpack::network_allow_new_registrations() );
1018
		do_action( 'add_option_jetpack_network_add_new_users', 'jetpack_network_add_new_users', Jetpack::network_add_new_users() );
1019
		do_action( 'add_option_jetpack_network_site_upload_space', 'jetpack_network_site_upload_space', Jetpack::network_site_upload_space() );
1020
		do_action( 'add_option_jetpack_network_upload_file_types', 'jetpack_network_upload_file_types', Jetpack::network_upload_file_types() );
1021
		do_action( 'add_option_jetpack_network_enable_administration_menus', 'jetpack_network_enable_administration_menus', Jetpack::network_enable_administration_menus() );
1022
1023
	}
1024
1025
	/**
1026
	 * Get back if the current site is single user site.
1027
	 *
1028
	 * @return bool
1029
	 */
1030
	public static function is_single_user_site() {
1031
1032
		$user_query = new WP_User_Query( array(
1033
			'blog_id' => get_current_blog_id(),
1034
			'fields'  => 'ID',
1035
			'number' => 2
1036
		) );
1037
		return 1 === (int) $user_query->get_total();
1038
	}
1039
1040
	/**
1041
	 * Returns true if the site has file write access false otherwise.
1042
	 * @return string ( '1' | '0' )
1043
	 **/
1044 View Code Duplication
	public static function file_system_write_access() {
1045
		if ( ! function_exists( 'get_filesystem_method' ) ) {
1046
			require_once( ABSPATH . 'wp-admin/includes/file.php' );
1047
		}
1048
1049
		require_once( ABSPATH . 'wp-admin/includes/template.php' );
1050
1051
		$filesystem_method = get_filesystem_method();
1052
		if ( $filesystem_method === 'direct' ) {
1053
			return 1;
1054
		}
1055
1056
		ob_start();
1057
		$filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1058
		ob_end_clean();
1059
		if ( $filesystem_credentials_are_stored ) {
1060
			return 1;
1061
		}
1062
		return 0;
1063
	}
1064
1065
	/**
1066
	 * Finds out if a site is using a version control system.
1067
	 * @return string ( '1' | '0' )
1068
	 **/
1069 View Code Duplication
	public static function is_version_controlled() {
1070
1071
		if ( !class_exists( 'WP_Automatic_Updater' ) ) {
1072
			require_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
1073
		}
1074
		$updater = new WP_Automatic_Updater();
1075
		$is_version_controlled = strval( $updater->is_vcs_checkout( $context = ABSPATH ) );
1076
		// transients should not be empty
1077
		if ( empty( $is_version_controlled ) ) {
1078
			$is_version_controlled = '0';
1079
		}
1080
		return $is_version_controlled;
1081
	}
1082
1083
	/**
1084
	 * Determines whether the current theme supports featured images or not.
1085
	 * @return string ( '1' | '0' )
1086
	 */
1087
	public static function featured_images_enabled() {
1088
		return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1089
	}
1090
1091
	/*
1092
	 * Sync back wp_version
1093
	 */
1094
	public static function get_wp_version() {
1095
		global $wp_version;
1096
		return $wp_version;
1097
	}
1098
1099
	/**
1100
	 * Keeps wp_version in sync with .com when WordPress core updates
1101
	 **/
1102
	public static function update_get_wp_version( $update, $meta_data ) {
1103
		if ( 'update' === $meta_data['action'] && 'core' === $meta_data['type'] ) {
1104
			/** This action is documented in wp-includes/option.php */
1105
			/**
1106
			 * This triggers the sync for the jetpack version
1107
			 * See Jetpack_Sync options method for more info.
1108
			 */
1109
			do_action( 'add_option_jetpack_wp_version', 'jetpack_wp_version', (string) Jetpack::get_wp_version() );
1110
		}
1111
	}
1112
1113
	/**
1114
	 * jetpack_updates is saved in the following schema:
1115
	 *
1116
	 * array (
1117
	 *      'plugins'                       => (int) Number of plugin updates available.
1118
	 *      'themes'                        => (int) Number of theme updates available.
1119
	 *      'wordpress'                     => (int) Number of WordPress core updates available.
1120
	 *      'translations'                  => (int) Number of translation updates available.
1121
	 *      'total'                         => (int) Total of all available updates.
1122
	 *      'wp_update_version'             => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1123
	 * )
1124
	 * @return array
1125
	 */
1126
	public static function get_updates() {
1127
		$update_data = wp_get_update_data();
1128
1129
		// Stores the individual update counts as well as the total count.
1130
		if ( isset( $update_data['counts'] ) ) {
1131
			$updates = $update_data['counts'];
1132
		}
1133
1134
		// If we need to update WordPress core, let's find the latest version number.
1135 View Code Duplication
		if ( ! empty( $updates['wordpress'] ) ) {
1136
			$cur = get_preferred_from_update_core();
1137
			if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1138
				$updates['wp_update_version'] = $cur->current;
1139
			}
1140
		}
1141
		return isset( $updates ) ? $updates : array();
1142
	}
1143
1144
	public static function get_update_details() {
1145
		$update_details = array(
1146
			'update_core' => get_site_transient( 'update_core' ),
1147
			'update_plugins' => get_site_transient( 'update_plugins' ),
1148
			'update_themes' => get_site_transient( 'update_themes' ),
1149
		);
1150
		return $update_details;
1151
	}
1152
1153
	public static function refresh_update_data() {
1154
		if ( current_user_can( 'update_core' ) && current_user_can( 'update_plugins' ) && current_user_can( 'update_themes' ) ) {
1155
			/**
1156
			 * Fires whenever the amount of updates needed for a site changes.
1157
			 * Syncs an array that includes the number of theme, plugin, and core updates available, as well as the latest core version available.
1158
			 *
1159
			 * @since 3.7.0
1160
			 *
1161
			 * @param string jetpack_updates
1162
			 * @param array Update counts calculated by Jetpack::get_updates
1163
			 */
1164
			do_action( 'add_option_jetpack_updates', 'jetpack_updates', Jetpack::get_updates() );
1165
		}
1166
		/**
1167
		 * Fires whenever the amount of updates needed for a site changes.
1168
		 * Syncs an array of core, theme, and plugin data, and which of each is out of date
1169
		 *
1170
		 * @since 3.7.0
1171
		 *
1172
		 * @param string jetpack_update_details
1173
		 * @param array Update details calculated by Jetpack::get_update_details
1174
		 */
1175
		do_action( 'add_option_jetpack_update_details', 'jetpack_update_details', Jetpack::get_update_details() );
1176
	}
1177
1178
	public static function refresh_theme_data() {
1179
		/**
1180
		 * Fires whenever a theme change is made.
1181
		 *
1182
		 * @since 3.8.1
1183
		 *
1184
		 * @param string featured_images_enabled
1185
		 * @param boolean Whether featured images are enabled or not
1186
		 */
1187
		do_action( 'add_option_jetpack_featured_images_enabled', 'jetpack_featured_images_enabled', Jetpack::featured_images_enabled() );
1188
	}
1189
1190
	/**
1191
	 * Is Jetpack active?
1192
	 */
1193
	public static function is_active() {
1194
		return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1195
	}
1196
1197
	/**
1198
	 * Is Jetpack in development (offline) mode?
1199
	 */
1200
	public static function is_development_mode() {
1201
		$development_mode = false;
1202
1203
		if ( defined( 'JETPACK_DEV_DEBUG' ) ) {
1204
			$development_mode = JETPACK_DEV_DEBUG;
1205
		}
1206
1207
		elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1208
			$development_mode = true;
1209
		}
1210
		/**
1211
		 * Filters Jetpack's development mode.
1212
		 *
1213
		 * @see https://jetpack.com/support/development-mode/
1214
		 *
1215
		 * @since 2.2.1
1216
		 *
1217
		 * @param bool $development_mode Is Jetpack's development mode active.
1218
		 */
1219
		return apply_filters( 'jetpack_development_mode', $development_mode );
1220
	}
1221
1222
	/**
1223
	* Get Jetpack development mode notice text and notice class.
1224
	*
1225
	* Mirrors the checks made in Jetpack::is_development_mode
1226
	*
1227
	*/
1228
	public static function show_development_mode_notice() {
1229
		if ( Jetpack::is_development_mode() ) {
1230
			if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1231
				$notice = sprintf(
1232
					/* translators: %s is a URL */
1233
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the JETPACK_DEV_DEBUG constant being defined in wp-config.php or elsewhere.', 'jetpack' ),
1234
					'https://jetpack.com/support/development-mode/'
1235
				);
1236
			} elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1237
				$notice = sprintf(
1238
					/* translators: %s is a URL */
1239
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via site URL lacking a dot (e.g. http://localhost).', 'jetpack' ),
1240
					'https://jetpack.com/support/development-mode/'
1241
				);
1242
			} else {
1243
				$notice = sprintf(
1244
					/* translators: %s is a URL */
1245
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the jetpack_development_mode filter.', 'jetpack' ),
1246
					'https://jetpack.com/support/development-mode/'
1247
				);
1248
			}
1249
1250
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1251
		}
1252
1253
		// Throw up a notice if using a development version and as for feedback.
1254
		if ( Jetpack::is_development_version() ) {
1255
			/* translators: %s is a URL */
1256
			$notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.com/contact-support/beta-group/' );
1257
1258
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1259
		}
1260
		// Throw up a notice if using staging mode
1261
		if ( Jetpack::is_staging_site() ) {
1262
			/* translators: %s is a URL */
1263
			$notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', 'jetpack' ), 'https://jetpack.com/support/staging-sites/' );
1264
1265
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1266
		}
1267
	}
1268
1269
	/**
1270
	 * Whether Jetpack's version maps to a public release, or a development version.
1271
	 */
1272
	public static function is_development_version() {
1273
		return ! preg_match( '/^\d+(\.\d+)+$/', JETPACK__VERSION );
1274
	}
1275
1276
	/**
1277
	 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1278
	 */
1279
	public static function is_user_connected( $user_id = false ) {
1280
		$user_id = false === $user_id ? get_current_user_id() : absint( $user_id );
1281
		if ( ! $user_id ) {
1282
			return false;
1283
		}
1284
		return (bool) Jetpack_Data::get_access_token( $user_id );
1285
	}
1286
1287
	/**
1288
	 * Get the wpcom user data of the current|specified connected user.
1289
	 */
1290 View Code Duplication
	public static function get_connected_user_data( $user_id = null ) {
1291
		if ( ! $user_id ) {
1292
			$user_id = get_current_user_id();
1293
		}
1294
		Jetpack::load_xml_rpc_client();
1295
		$xml = new Jetpack_IXR_Client( array(
1296
			'user_id' => $user_id,
1297
		) );
1298
		$xml->query( 'wpcom.getUser' );
1299
		if ( ! $xml->isError() ) {
1300
			return $xml->getResponse();
1301
		}
1302
		return false;
1303
	}
1304
1305
	/**
1306
	 * Get the wpcom email of the current|specified connected user.
1307
	 */
1308 View Code Duplication
	public static function get_connected_user_email( $user_id = null ) {
1309
		if ( ! $user_id ) {
1310
			$user_id = get_current_user_id();
1311
		}
1312
		Jetpack::load_xml_rpc_client();
1313
		$xml = new Jetpack_IXR_Client( array(
1314
			'user_id' => $user_id,
1315
		) );
1316
		$xml->query( 'wpcom.getUserEmail' );
1317
		if ( ! $xml->isError() ) {
1318
			return $xml->getResponse();
1319
		}
1320
		return false;
1321
	}
1322
1323
	/**
1324
	 * Get the wpcom email of the master user.
1325
	 */
1326
	public static function get_master_user_email() {
1327
		$master_user_id = Jetpack_Options::get_option( 'master_user' );
1328
		if ( $master_user_id ) {
1329
			return self::get_connected_user_email( $master_user_id );
1330
		}
1331
		return '';
1332
	}
1333
1334
	function current_user_is_connection_owner() {
1335
		$user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1336
		return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && get_current_user_id() === $user_token->external_user_id;
1337
	}
1338
1339
	/**
1340
	 * Add any extra oEmbed providers that we know about and use on wpcom for feature parity.
1341
	 */
1342
	function extra_oembed_providers() {
1343
		// Cloudup: https://dev.cloudup.com/#oembed
1344
		wp_oembed_add_provider( 'https://cloudup.com/*' , 'https://cloudup.com/oembed' );
1345
		wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' );
1346
		wp_oembed_add_provider( '#https?://(www\.)?gfycat\.com/.*#i', 'https://api.gfycat.com/v1/oembed', true );
1347
		wp_oembed_add_provider( '#https?://[^.]+\.(wistia\.com|wi\.st)/(medias|embed)/.*#', 'https://fast.wistia.com/oembed', true );
1348
		wp_oembed_add_provider( '#https?://sketchfab\.com/.*#i', 'https://sketchfab.com/oembed', true );
1349
	}
1350
1351
	/**
1352
	 * Synchronize connected user role changes
1353
	 */
1354
	function user_role_change( $user_id ) {
1355
		if ( Jetpack::is_active() && Jetpack::is_user_connected( $user_id ) ) {
1356
			$current_user_id = get_current_user_id();
1357
			wp_set_current_user( $user_id );
1358
			$role = $this->translate_current_user_to_role();
1359
			$signed_role = $this->sign_role( $role );
1360
			wp_set_current_user( $current_user_id );
1361
1362
			$master_token   = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1363
			$master_user_id = absint( $master_token->external_user_id );
1364
1365
			if ( ! $master_user_id )
1366
				return; // this shouldn't happen
1367
1368
			Jetpack::xmlrpc_async_call( 'jetpack.updateRole', $user_id, $signed_role );
1369
			//@todo retry on failure
1370
1371
			//try to choose a new master if we're demoting the current one
1372 View Code Duplication
			if ( $user_id == $master_user_id && 'administrator' != $role ) {
1373
				$query = new WP_User_Query(
1374
					array(
1375
						'fields'  => array( 'id' ),
1376
						'role'    => 'administrator',
1377
						'orderby' => 'id',
1378
						'exclude' => array( $master_user_id ),
1379
					)
1380
				);
1381
				$new_master = false;
1382
				foreach ( $query->results as $result ) {
1383
					$uid = absint( $result->id );
1384
					if ( $uid && Jetpack::is_user_connected( $uid ) ) {
1385
						$new_master = $uid;
1386
						break;
1387
					}
1388
				}
1389
1390
				if ( $new_master ) {
1391
					Jetpack_Options::update_option( 'master_user', $new_master );
1392
				}
1393
				// else disconnect..?
1394
			}
1395
		}
1396
	}
1397
1398
	/**
1399
	 * Loads the currently active modules.
1400
	 */
1401
	public static function load_modules() {
1402
		if ( ! self::is_active() && !self::is_development_mode() ) {
1403
			if ( ! is_multisite() || ! get_site_option( 'jetpack_protect_active' ) ) {
1404
				return;
1405
			}
1406
		}
1407
1408
		$version = Jetpack_Options::get_option( 'version' );
1409 View Code Duplication
		if ( ! $version ) {
1410
			$version = $old_version = JETPACK__VERSION . ':' . time();
1411
			/** This action is documented in class.jetpack.php */
1412
			do_action( 'updating_jetpack_version', $version, false );
1413
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1414
		}
1415
		list( $version ) = explode( ':', $version );
1416
1417
		$modules = array_filter( Jetpack::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1418
1419
		$modules_data = array();
1420
1421
		// Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1422
		if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1423
			$updated_modules = array();
1424
			foreach ( $modules as $module ) {
1425
				$modules_data[ $module ] = Jetpack::get_module( $module );
1426
				if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1427
					continue;
1428
				}
1429
1430
				if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1431
					continue;
1432
				}
1433
1434
				$updated_modules[] = $module;
1435
			}
1436
1437
			$modules = array_diff( $modules, $updated_modules );
1438
		}
1439
1440
		$is_development_mode = Jetpack::is_development_mode();
1441
1442
		foreach ( $modules as $index => $module ) {
1443
			// If we're in dev mode, disable modules requiring a connection
1444
			if ( $is_development_mode ) {
1445
				// Prime the pump if we need to
1446
				if ( empty( $modules_data[ $module ] ) ) {
1447
					$modules_data[ $module ] = Jetpack::get_module( $module );
1448
				}
1449
				// If the module requires a connection, but we're in local mode, don't include it.
1450
				if ( $modules_data[ $module ]['requires_connection'] ) {
1451
					continue;
1452
				}
1453
			}
1454
1455
			if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1456
				continue;
1457
			}
1458
1459
			if ( ! @include( Jetpack::get_module_path( $module ) ) ) {
1460
				unset( $modules[ $index ] );
1461
				Jetpack_Options::update_option( 'active_modules', array_values( $modules ) );
1462
				continue;
1463
			}
1464
1465
			/**
1466
			 * Fires when a specific module is loaded.
1467
			 * The dynamic part of the hook, $module, is the module slug.
1468
			 *
1469
			 * @since 1.1.0
1470
			 */
1471
			do_action( 'jetpack_module_loaded_' . $module );
1472
		}
1473
1474
		/**
1475
		 * Fires when all the modules are loaded.
1476
		 *
1477
		 * @since 1.1.0
1478
		 */
1479
		do_action( 'jetpack_modules_loaded' );
1480
1481
		// Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1482
		if ( Jetpack::is_active() || Jetpack::is_development_mode() )
1483
			require_once( JETPACK__PLUGIN_DIR . 'modules/module-extras.php' );
1484
	}
1485
1486
	/**
1487
	 * Check if Jetpack's REST API compat file should be included
1488
	 * @action plugins_loaded
1489
	 * @return null
1490
	 */
1491
	public function check_rest_api_compat() {
1492
		/**
1493
		 * Filters the list of REST API compat files to be included.
1494
		 *
1495
		 * @since 2.2.5
1496
		 *
1497
		 * @param array $args Array of REST API compat files to include.
1498
		 */
1499
		$_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1500
1501
		if ( function_exists( 'bbpress' ) )
1502
			$_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php';
1503
1504
		foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include )
1505
			require_once $_jetpack_rest_api_compat_include;
1506
	}
1507
1508
	/**
1509
	 * Gets all plugins currently active in values, regardless of whether they're
1510
	 * traditionally activated or network activated.
1511
	 *
1512
	 * @todo Store the result in core's object cache maybe?
1513
	 */
1514
	public static function get_active_plugins() {
1515
		$active_plugins = (array) get_option( 'active_plugins', array() );
1516
1517
		if ( is_multisite() ) {
1518
			// Due to legacy code, active_sitewide_plugins stores them in the keys,
1519
			// whereas active_plugins stores them in the values.
1520
			$network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
1521
			if ( $network_plugins ) {
1522
				$active_plugins = array_merge( $active_plugins, $network_plugins );
1523
			}
1524
		}
1525
1526
		sort( $active_plugins );
1527
1528
		return array_unique( $active_plugins );
1529
	}
1530
1531
	/**
1532
	 * Gets and parses additional plugin data to send with the heartbeat data
1533
	 *
1534
	 * @since 3.8.1
1535
	 *
1536
	 * @return array Array of plugin data
1537
	 */
1538
	public static function get_parsed_plugin_data() {
1539
		if ( ! function_exists( 'get_plugins' ) ) {
1540
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1541
		}
1542
		$all_plugins    = get_plugins();
1543
		$active_plugins = Jetpack::get_active_plugins();
1544
1545
		$plugins = array();
1546
		foreach ( $all_plugins as $path => $plugin_data ) {
1547
			$plugins[ $path ] = array(
1548
					'is_active' => in_array( $path, $active_plugins ),
1549
					'file'      => $path,
1550
					'name'      => $plugin_data['Name'],
1551
					'version'   => $plugin_data['Version'],
1552
					'author'    => $plugin_data['Author'],
1553
			);
1554
		}
1555
1556
		return $plugins;
1557
	}
1558
1559
	/**
1560
	 * Gets and parses theme data to send with the heartbeat data
1561
	 *
1562
	 * @since 3.8.1
1563
	 *
1564
	 * @return array Array of theme data
1565
	 */
1566
	public static function get_parsed_theme_data() {
1567
		$all_themes = wp_get_themes( array( 'allowed' => true ) );
1568
		$header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
1569
1570
		$themes = array();
1571
		foreach ( $all_themes as $slug => $theme_data ) {
1572
			$theme_headers = array();
1573
			foreach ( $header_keys as $header_key ) {
1574
				$theme_headers[ $header_key ] = $theme_data->get( $header_key );
1575
			}
1576
1577
			$themes[ $slug ] = array(
1578
					'is_active_theme' => $slug == wp_get_theme()->get_template(),
1579
					'slug' => $slug,
1580
					'theme_root' => $theme_data->get_theme_root_uri(),
1581
					'parent' => $theme_data->parent(),
1582
					'headers' => $theme_headers
1583
			);
1584
		}
1585
1586
		return $themes;
1587
	}
1588
1589
	/**
1590
	 * Checks whether a specific plugin is active.
1591
	 *
1592
	 * We don't want to store these in a static variable, in case
1593
	 * there are switch_to_blog() calls involved.
1594
	 */
1595
	public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
1596
		return in_array( $plugin, self::get_active_plugins() );
1597
	}
1598
1599
	/**
1600
	 * Check if Jetpack's Open Graph tags should be used.
1601
	 * If certain plugins are active, Jetpack's og tags are suppressed.
1602
	 *
1603
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1604
	 * @action plugins_loaded
1605
	 * @return null
1606
	 */
1607
	public function check_open_graph() {
1608
		if ( in_array( 'publicize', Jetpack::get_active_modules() ) || in_array( 'sharedaddy', Jetpack::get_active_modules() ) ) {
1609
			add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
1610
		}
1611
1612
		$active_plugins = self::get_active_plugins();
1613
1614
		if ( ! empty( $active_plugins ) ) {
1615
			foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
1616
				if ( in_array( $plugin, $active_plugins ) ) {
1617
					add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
1618
					break;
1619
				}
1620
			}
1621
		}
1622
1623
		/**
1624
		 * Allow the addition of Open Graph Meta Tags to all pages.
1625
		 *
1626
		 * @since 2.0.3
1627
		 *
1628
		 * @param bool false Should Open Graph Meta tags be added. Default to false.
1629
		 */
1630
		if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
1631
			require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
1632
		}
1633
	}
1634
1635
	/**
1636
	 * Check if Jetpack's Twitter tags should be used.
1637
	 * If certain plugins are active, Jetpack's twitter tags are suppressed.
1638
	 *
1639
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1640
	 * @action plugins_loaded
1641
	 * @return null
1642
	 */
1643
	public function check_twitter_tags() {
1644
1645
		$active_plugins = self::get_active_plugins();
1646
1647
		if ( ! empty( $active_plugins ) ) {
1648
			foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
1649
				if ( in_array( $plugin, $active_plugins ) ) {
1650
					add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
1651
					break;
1652
				}
1653
			}
1654
		}
1655
1656
		/**
1657
		 * Allow Twitter Card Meta tags to be disabled.
1658
		 *
1659
		 * @since 2.6.0
1660
		 *
1661
		 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
1662
		 */
1663
		if ( apply_filters( 'jetpack_disable_twitter_cards', true ) ) {
1664
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
1665
		}
1666
	}
1667
1668
1669
1670
1671
	/*
1672
	 *
1673
	 * Jetpack Security Reports
1674
	 *
1675
	 * Allowed types: login_form, backup, file_scanning, spam
1676
	 *
1677
	 * Args for login_form and spam: 'blocked'=>(int)(optional), 'status'=>(string)(ok, warning, error), 'message'=>(optional, disregarded if status is ok, allowed tags: a, em, strong)
1678
	 *
1679
	 * Args for backup and file_scanning: 'last'=>(timestamp)(optional), 'next'=>(timestamp)(optional), 'status'=>(string)(ok, warning, error), 'message'=>(optional, disregarded if status is ok, allowed tags: a, em, strong)
1680
	 *
1681
	 *
1682
	 * Example code to submit a security report:
1683
	 *
1684
	 *  function akismet_submit_jetpack_security_report() {
1685
	 *  	Jetpack::submit_security_report( 'spam', __FILE__, $args = array( 'blocked' => 138284, status => 'ok' ) );
1686
	 *  }
1687
	 *  add_action( 'jetpack_security_report', 'akismet_submit_jetpack_security_report' );
1688
	 *
1689
	 */
1690
1691
1692
	/**
1693
	 * Calls for security report submissions.
1694
	 *
1695
	 * @return null
1696
	 */
1697
	public static function perform_security_reporting() {
1698
		$no_check_needed = get_site_transient( 'security_report_performed_recently' );
1699
1700
		if ( $no_check_needed ) {
1701
			return;
1702
		}
1703
1704
		/**
1705
		 * Fires before a security report is created.
1706
		 *
1707
		 * @since 3.4.0
1708
		 */
1709
		do_action( 'jetpack_security_report' );
1710
1711
		Jetpack_Options::update_option( 'security_report', self::$security_report );
1712
		set_site_transient( 'security_report_performed_recently', 1, 15 * MINUTE_IN_SECONDS );
1713
	}
1714
1715
	/**
1716
	 * Allows plugins to submit security reports.
1717
 	 *
1718
	 * @param string  $type         Report type (login_form, backup, file_scanning, spam)
1719
	 * @param string  $plugin_file  Plugin __FILE__, so that we can pull plugin data
1720
	 * @param array   $args         See definitions above
1721
	 */
1722
	public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
1723
1724
		if( !doing_action( 'jetpack_security_report' ) ) {
1725
			return new WP_Error( 'not_collecting_report', 'Not currently collecting security reports.  Please use the jetpack_security_report hook.' );
1726
		}
1727
1728
		if( !is_string( $type ) || !is_string( $plugin_file ) ) {
1729
			return new WP_Error( 'invalid_security_report', 'Invalid Security Report' );
1730
		}
1731
1732
		if( !function_exists( 'get_plugin_data' ) ) {
1733
			include( ABSPATH . 'wp-admin/includes/plugin.php' );
1734
		}
1735
1736
		//Get rid of any non-allowed args
1737
		$args = array_intersect_key( $args, array_flip( array( 'blocked', 'last', 'next', 'status', 'message' ) ) );
1738
1739
		$plugin = get_plugin_data( $plugin_file );
1740
1741
		if ( !$plugin['Name'] ) {
1742
			return new WP_Error( 'security_report_missing_plugin_name', 'Invalid Plugin File Provided' );
1743
		}
1744
1745
		// Sanitize everything to make sure we're not syncing something wonky
1746
		$type = sanitize_key( $type );
1747
1748
		$args['plugin'] = $plugin;
1749
1750
		// Cast blocked, last and next as integers.
1751
		// Last and next should be in unix timestamp format
1752
		if ( isset( $args['blocked'] ) ) {
1753
			$args['blocked'] = (int) $args['blocked'];
1754
		}
1755
		if ( isset( $args['last'] ) ) {
1756
			$args['last'] = (int) $args['last'];
1757
		}
1758
		if ( isset( $args['next'] ) ) {
1759
			$args['next'] = (int) $args['next'];
1760
		}
1761
		if ( !in_array( $args['status'], array( 'ok', 'warning', 'error' ) ) ) {
1762
			$args['status'] = 'ok';
1763
		}
1764
		if ( isset( $args['message'] ) ) {
1765
1766
			if( $args['status'] == 'ok' ) {
1767
				unset( $args['message'] );
1768
			}
1769
1770
			$allowed_html = array(
1771
			    'a' => array(
1772
			        'href' => array(),
1773
			        'title' => array()
1774
			    ),
1775
			    'em' => array(),
1776
			    'strong' => array(),
1777
			);
1778
1779
			$args['message'] = wp_kses( $args['message'], $allowed_html );
1780
		}
1781
1782
		$plugin_name = $plugin[ 'Name' ];
1783
1784
		self::$security_report[ $type ][ $plugin_name ] = $args;
1785
	}
1786
1787
	/**
1788
	 * Collects a new report if needed, then returns it.
1789
	 */
1790
	public function get_security_report() {
1791
		self::perform_security_reporting();
1792
		return Jetpack_Options::get_option( 'security_report' );
1793
	}
1794
1795
1796
/* Jetpack Options API */
1797
1798
	public static function get_option_names( $type = 'compact' ) {
1799
		return Jetpack_Options::get_option_names( $type );
1800
	}
1801
1802
	/**
1803
	 * Returns the requested option.  Looks in jetpack_options or jetpack_$name as appropriate.
1804
 	 *
1805
	 * @param string $name    Option name
1806
	 * @param mixed  $default (optional)
1807
	 */
1808
	public static function get_option( $name, $default = false ) {
1809
		return Jetpack_Options::get_option( $name, $default );
1810
	}
1811
1812
	/**
1813
	* Stores two secrets and a timestamp so WordPress.com can make a request back and verify an action
1814
	* Does some extra verification so urls (such as those to public-api, register, etc) can't just be crafted
1815
	* $name must be a registered option name.
1816
	*/
1817
	public static function create_nonce( $name ) {
1818
		$secret = wp_generate_password( 32, false ) . ':' . wp_generate_password( 32, false ) . ':' . ( time() + 600 );
1819
1820
		Jetpack_Options::update_option( $name, $secret );
1821
		@list( $secret_1, $secret_2, $eol ) = explode( ':', Jetpack_Options::get_option( $name ) );
1822
		if ( empty( $secret_1 ) || empty( $secret_2 ) || $eol < time() )
1823
			return new Jetpack_Error( 'missing_secrets' );
1824
1825
		return array(
1826
			'secret_1' => $secret_1,
1827
			'secret_2' => $secret_2,
1828
			'eol'      => $eol,
1829
		);
1830
	}
1831
1832
	/**
1833
	 * Updates the single given option.  Updates jetpack_options or jetpack_$name as appropriate.
1834
 	 *
1835
	 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
1836
	 * @param string $name  Option name
1837
	 * @param mixed  $value Option value
1838
	 */
1839
	public static function update_option( $name, $value ) {
1840
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
1841
		return Jetpack_Options::update_option( $name, $value );
1842
	}
1843
1844
	/**
1845
	 * Updates the multiple given options.  Updates jetpack_options and/or jetpack_$name as appropriate.
1846
 	 *
1847
	 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
1848
	 * @param array $array array( option name => option value, ... )
1849
	 */
1850
	public static function update_options( $array ) {
1851
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
1852
		return Jetpack_Options::update_options( $array );
1853
	}
1854
1855
	/**
1856
	 * Deletes the given option.  May be passed multiple option names as an array.
1857
	 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
1858
	 *
1859
	 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
1860
	 * @param string|array $names
1861
	 */
1862
	public static function delete_option( $names ) {
1863
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
1864
		return Jetpack_Options::delete_option( $names );
1865
	}
1866
1867
	/**
1868
	 * Enters a user token into the user_tokens option
1869
	 *
1870
	 * @param int $user_id
1871
	 * @param string $token
1872
	 * return bool
1873
	 */
1874
	public static function update_user_token( $user_id, $token, $is_master_user ) {
1875
		// not designed for concurrent updates
1876
		$user_tokens = Jetpack_Options::get_option( 'user_tokens' );
1877
		if ( ! is_array( $user_tokens ) )
1878
			$user_tokens = array();
1879
		$user_tokens[$user_id] = $token;
1880
		if ( $is_master_user ) {
1881
			$master_user = $user_id;
1882
			$options     = compact( 'user_tokens', 'master_user' );
1883
		} else {
1884
			$options = compact( 'user_tokens' );
1885
		}
1886
		return Jetpack_Options::update_options( $options );
1887
	}
1888
1889
	/**
1890
	 * Returns an array of all PHP files in the specified absolute path.
1891
	 * Equivalent to glob( "$absolute_path/*.php" ).
1892
	 *
1893
	 * @param string $absolute_path The absolute path of the directory to search.
1894
	 * @return array Array of absolute paths to the PHP files.
1895
	 */
1896
	public static function glob_php( $absolute_path ) {
1897
		if ( function_exists( 'glob' ) ) {
1898
			return glob( "$absolute_path/*.php" );
1899
		}
1900
1901
		$absolute_path = untrailingslashit( $absolute_path );
1902
		$files = array();
1903
		if ( ! $dir = @opendir( $absolute_path ) ) {
1904
			return $files;
1905
		}
1906
1907
		while ( false !== $file = readdir( $dir ) ) {
1908
			if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
1909
				continue;
1910
			}
1911
1912
			$file = "$absolute_path/$file";
1913
1914
			if ( ! is_file( $file ) ) {
1915
				continue;
1916
			}
1917
1918
			$files[] = $file;
1919
		}
1920
1921
		closedir( $dir );
1922
1923
		return $files;
1924
	}
1925
1926
	public static function activate_new_modules( $redirect = false ) {
1927
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
1928
			return;
1929
		}
1930
1931
		$jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
1932 View Code Duplication
		if ( ! $jetpack_old_version ) {
1933
			$jetpack_old_version = $version = $old_version = '1.1:' . time();
1934
			/** This action is documented in class.jetpack.php */
1935
			do_action( 'updating_jetpack_version', $version, false );
1936
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1937
		}
1938
1939
		list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
1940
1941
		if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
1942
			return;
1943
		}
1944
1945
		$active_modules     = Jetpack::get_active_modules();
1946
		$reactivate_modules = array();
1947
		foreach ( $active_modules as $active_module ) {
1948
			$module = Jetpack::get_module( $active_module );
1949
			if ( ! isset( $module['changed'] ) ) {
1950
				continue;
1951
			}
1952
1953
			if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
1954
				continue;
1955
			}
1956
1957
			$reactivate_modules[] = $active_module;
1958
			Jetpack::deactivate_module( $active_module );
1959
		}
1960
1961
		$new_version = JETPACK__VERSION . ':' . time();
1962
		/** This action is documented in class.jetpack.php */
1963
		do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
1964
		Jetpack_Options::update_options(
1965
			array(
1966
				'version'     => $new_version,
1967
				'old_version' => $jetpack_old_version,
1968
			)
1969
		);
1970
1971
		Jetpack::state( 'message', 'modules_activated' );
1972
		Jetpack::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules );
1973
1974
		if ( $redirect ) {
1975
			$page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
1976
			if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
1977
				$page = $_GET['page'];
1978
			}
1979
1980
			wp_safe_redirect( Jetpack::admin_url( 'page=' . $page ) );
1981
			exit;
1982
		}
1983
	}
1984
1985
	/**
1986
	 * List available Jetpack modules. Simply lists .php files in /modules/.
1987
	 * Make sure to tuck away module "library" files in a sub-directory.
1988
	 */
1989
	public static function get_available_modules( $min_version = false, $max_version = false ) {
1990
		static $modules = null;
1991
1992
		if ( ! isset( $modules ) ) {
1993
			$available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
1994
			// Use the cache if we're on the front-end and it's available...
1995
			if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
1996
				$modules = $available_modules_option[ JETPACK__VERSION ];
1997
			} else {
1998
				$files = Jetpack::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
1999
2000
				$modules = array();
2001
2002
				foreach ( $files as $file ) {
2003
					if ( ! $headers = Jetpack::get_module( $file ) ) {
2004
						continue;
2005
					}
2006
2007
					$modules[ Jetpack::get_module_slug( $file ) ] = $headers['introduced'];
2008
				}
2009
2010
				Jetpack_Options::update_option( 'available_modules', array(
2011
					JETPACK__VERSION => $modules,
2012
				) );
2013
			}
2014
		}
2015
2016
		/**
2017
		 * Filters the array of modules available to be activated.
2018
		 *
2019
		 * @since 2.4.0
2020
		 *
2021
		 * @param array $modules Array of available modules.
2022
		 * @param string $min_version Minimum version number required to use modules.
2023
		 * @param string $max_version Maximum version number required to use modules.
2024
		 */
2025
		$mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2026
2027
		if ( ! $min_version && ! $max_version ) {
2028
			return array_keys( $mods );
2029
		}
2030
2031
		$r = array();
2032
		foreach ( $mods as $slug => $introduced ) {
2033
			if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2034
				continue;
2035
			}
2036
2037
			if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2038
				continue;
2039
			}
2040
2041
			$r[] = $slug;
2042
		}
2043
2044
		return $r;
2045
	}
2046
2047
	/**
2048
	 * Default modules loaded on activation.
2049
	 */
2050
	public static function get_default_modules( $min_version = false, $max_version = false ) {
2051
		$return = array();
2052
2053
		foreach ( Jetpack::get_available_modules( $min_version, $max_version ) as $module ) {
2054
			$module_data = Jetpack::get_module( $module );
2055
2056
			switch ( strtolower( $module_data['auto_activate'] ) ) {
2057
				case 'yes' :
2058
					$return[] = $module;
2059
					break;
2060
				case 'public' :
2061
					if ( Jetpack_Options::get_option( 'public' ) ) {
2062
						$return[] = $module;
2063
					}
2064
					break;
2065
				case 'no' :
2066
				default :
2067
					break;
2068
			}
2069
		}
2070
		/**
2071
		 * Filters the array of default modules.
2072
		 *
2073
		 * @since 2.5.0
2074
		 *
2075
		 * @param array $return Array of default modules.
2076
		 * @param string $min_version Minimum version number required to use modules.
2077
		 * @param string $max_version Maximum version number required to use modules.
2078
		 */
2079
		return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2080
	}
2081
2082
	/**
2083
	 * Checks activated modules during auto-activation to determine
2084
	 * if any of those modules are being deprecated.  If so, close
2085
	 * them out, and add any replacement modules.
2086
	 *
2087
	 * Runs at priority 99 by default.
2088
	 *
2089
	 * This is run late, so that it can still activate a module if
2090
	 * the new module is a replacement for another that the user
2091
	 * currently has active, even if something at the normal priority
2092
	 * would kibosh everything.
2093
	 *
2094
	 * @since 2.6
2095
	 * @uses jetpack_get_default_modules filter
2096
	 * @param array $modules
2097
	 * @return array
2098
	 */
2099
	function handle_deprecated_modules( $modules ) {
2100
		$deprecated_modules = array(
2101
			'debug'            => null,  // Closed out and moved to ./class.jetpack-debugger.php
2102
			'wpcc'             => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2103
			'gplus-authorship' => null,  // Closed out in 3.2 -- Google dropped support.
2104
		);
2105
2106
		// Don't activate SSO if they never completed activating WPCC.
2107
		if ( Jetpack::is_module_active( 'wpcc' ) ) {
2108
			$wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2109
			if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2110
				$deprecated_modules['wpcc'] = null;
2111
			}
2112
		}
2113
2114
		foreach ( $deprecated_modules as $module => $replacement ) {
2115
			if ( Jetpack::is_module_active( $module ) ) {
2116
				self::deactivate_module( $module );
2117
				if ( $replacement ) {
2118
					$modules[] = $replacement;
2119
				}
2120
			}
2121
		}
2122
2123
		return array_unique( $modules );
2124
	}
2125
2126
	/**
2127
	 * Checks activated plugins during auto-activation to determine
2128
	 * if any of those plugins are in the list with a corresponding module
2129
	 * that is not compatible with the plugin. The module will not be allowed
2130
	 * to auto-activate.
2131
	 *
2132
	 * @since 2.6
2133
	 * @uses jetpack_get_default_modules filter
2134
	 * @param array $modules
2135
	 * @return array
2136
	 */
2137
	function filter_default_modules( $modules ) {
2138
2139
		$active_plugins = self::get_active_plugins();
2140
2141
		if ( ! empty( $active_plugins ) ) {
2142
2143
			// For each module we'd like to auto-activate...
2144
			foreach ( $modules as $key => $module ) {
2145
				// If there are potential conflicts for it...
2146
				if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2147
					// For each potential conflict...
2148
					foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2149
						// If that conflicting plugin is active...
2150
						if ( in_array( $plugin, $active_plugins ) ) {
2151
							// Remove that item from being auto-activated.
2152
							unset( $modules[ $key ] );
2153
						}
2154
					}
2155
				}
2156
			}
2157
		}
2158
2159
		return $modules;
2160
	}
2161
2162
	/**
2163
	 * Extract a module's slug from its full path.
2164
	 */
2165
	public static function get_module_slug( $file ) {
2166
		return str_replace( '.php', '', basename( $file ) );
2167
	}
2168
2169
	/**
2170
	 * Generate a module's path from its slug.
2171
	 */
2172
	public static function get_module_path( $slug ) {
2173
		return JETPACK__PLUGIN_DIR . "modules/$slug.php";
2174
	}
2175
2176
	/**
2177
	 * Load module data from module file. Headers differ from WordPress
2178
	 * plugin headers to avoid them being identified as standalone
2179
	 * plugins on the WordPress plugins page.
2180
	 */
2181
	public static function get_module( $module ) {
2182
		$headers = array(
2183
			'name'                      => 'Module Name',
2184
			'description'               => 'Module Description',
2185
			'jumpstart_desc'            => 'Jumpstart Description',
2186
			'sort'                      => 'Sort Order',
2187
			'recommendation_order'      => 'Recommendation Order',
2188
			'introduced'                => 'First Introduced',
2189
			'changed'                   => 'Major Changes In',
2190
			'deactivate'                => 'Deactivate',
2191
			'free'                      => 'Free',
2192
			'requires_connection'       => 'Requires Connection',
2193
			'auto_activate'             => 'Auto Activate',
2194
			'module_tags'               => 'Module Tags',
2195
			'feature'                   => 'Feature',
2196
			'additional_search_queries' => 'Additional Search Queries',
2197
		);
2198
2199
		$file = Jetpack::get_module_path( Jetpack::get_module_slug( $module ) );
2200
2201
		$mod = Jetpack::get_file_data( $file, $headers );
2202
		if ( empty( $mod['name'] ) ) {
2203
			return false;
2204
		}
2205
2206
		$mod['sort']                    = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2207
		$mod['recommendation_order']    = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2208
		$mod['deactivate']              = empty( $mod['deactivate'] );
2209
		$mod['free']                    = empty( $mod['free'] );
2210
		$mod['requires_connection']     = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2211
2212
		if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2213
			$mod['auto_activate'] = 'No';
2214
		} else {
2215
			$mod['auto_activate'] = (string) $mod['auto_activate'];
2216
		}
2217
2218
		if ( $mod['module_tags'] ) {
2219
			$mod['module_tags'] = explode( ',', $mod['module_tags'] );
2220
			$mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2221
			$mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2222
		} else {
2223
			$mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2224
		}
2225
2226
		if ( $mod['feature'] ) {
2227
			$mod['feature'] = explode( ',', $mod['feature'] );
2228
			$mod['feature'] = array_map( 'trim', $mod['feature'] );
2229
		} else {
2230
			$mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2231
		}
2232
2233
		/**
2234
		 * Filters the feature array on a module.
2235
		 *
2236
		 * This filter allows you to control where each module is filtered: Recommended,
2237
		 * Jumpstart, and the default "Other" listing.
2238
		 *
2239
		 * @since 3.5.0
2240
		 *
2241
		 * @param array   $mod['feature'] The areas to feature this module:
2242
		 *     'Jumpstart' adds to the "Jumpstart" option to activate many modules at once.
2243
		 *     'Recommended' shows on the main Jetpack admin screen.
2244
		 *     'Other' should be the default if no other value is in the array.
2245
		 * @param string  $module The slug of the module, e.g. sharedaddy.
2246
		 * @param array   $mod All the currently assembled module data.
2247
		 */
2248
		$mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2249
2250
		/**
2251
		 * Filter the returned data about a module.
2252
		 *
2253
		 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2254
		 * so please be careful.
2255
		 *
2256
		 * @since 3.6.0
2257
		 *
2258
		 * @param array   $mod    The details of the requested module.
2259
		 * @param string  $module The slug of the module, e.g. sharedaddy
2260
		 * @param string  $file   The path to the module source file.
2261
		 */
2262
		return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2263
	}
2264
2265
	/**
2266
	 * Like core's get_file_data implementation, but caches the result.
2267
	 */
2268
	public static function get_file_data( $file, $headers ) {
2269
		//Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2270
		$file_name = basename( $file );
2271
		$file_data_option = Jetpack_Options::get_option( 'file_data', array() );
2272
		$key              = md5( $file_name . serialize( $headers ) );
2273
		$refresh_cache    = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2274
2275
		// If we don't need to refresh the cache, and already have the value, short-circuit!
2276
		if ( ! $refresh_cache && isset( $file_data_option[ JETPACK__VERSION ][ $key ] ) ) {
2277
			return $file_data_option[ JETPACK__VERSION ][ $key ];
2278
		}
2279
2280
		$data = get_file_data( $file, $headers );
2281
2282
		// Strip out any old Jetpack versions that are cluttering the option.
2283
		$file_data_option = array_intersect_key( (array) $file_data_option, array( JETPACK__VERSION => null ) );
2284
		$file_data_option[ JETPACK__VERSION ][ $key ] = $data;
2285
		Jetpack_Options::update_option( 'file_data', $file_data_option );
2286
2287
		return $data;
2288
	}
2289
2290
	/**
2291
	 * Return translated module tag.
2292
	 *
2293
	 * @param string $tag Tag as it appears in each module heading.
2294
	 *
2295
	 * @return mixed
2296
	 */
2297
	public static function translate_module_tag( $tag ) {
2298
		return jetpack_get_module_i18n_tag( $tag );
2299
	}
2300
2301
	/**
2302
	 * Return module name translation. Uses matching string created in modules/module-headings.php.
2303
	 *
2304
	 * @since 3.9.2
2305
	 *
2306
	 * @param array $modules
2307
	 *
2308
	 * @return string|void
2309
	 */
2310
	public static function get_translated_modules( $modules ) {
2311
		foreach ( $modules as $index => $module ) {
2312
			$i18n_module = jetpack_get_module_i18n( $module['module'] );
2313
			if ( isset( $module['name'] ) ) {
2314
				$modules[ $index ]['name'] = $i18n_module['name'];
2315
			}
2316
			if ( isset( $module['description'] ) ) {
2317
				$modules[ $index ]['description'] = $i18n_module['description'];
2318
				$modules[ $index ]['short_description'] = $i18n_module['description'];
2319
			}
2320
		}
2321
		return $modules;
2322
	}
2323
2324
	/**
2325
	 * Get a list of activated modules as an array of module slugs.
2326
	 */
2327
	public static function get_active_modules() {
2328
		$active = Jetpack_Options::get_option( 'active_modules' );
2329
		if ( ! is_array( $active ) )
2330
			$active = array();
2331
		if ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) {
2332
			$active[] = 'vaultpress';
2333
		} else {
2334
			$active = array_diff( $active, array( 'vaultpress' ) );
2335
		}
2336
2337
		//If protect is active on the main site of a multisite, it should be active on all sites.
2338
		if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2339
			$active[] = 'protect';
2340
		}
2341
2342
		return array_unique( $active );
2343
	}
2344
2345
	/**
2346
	 * Check whether or not a Jetpack module is active.
2347
	 *
2348
	 * @param string $module The slug of a Jetpack module.
2349
	 * @return bool
2350
	 *
2351
	 * @static
2352
	 */
2353
	public static function is_module_active( $module ) {
2354
		return in_array( $module, self::get_active_modules() );
2355
	}
2356
2357
	public static function is_module( $module ) {
2358
		return ! empty( $module ) && ! validate_file( $module, Jetpack::get_available_modules() );
2359
	}
2360
2361
	/**
2362
	 * Catches PHP errors.  Must be used in conjunction with output buffering.
2363
	 *
2364
	 * @param bool $catch True to start catching, False to stop.
2365
	 *
2366
	 * @static
2367
	 */
2368
	public static function catch_errors( $catch ) {
2369
		static $display_errors, $error_reporting;
2370
2371
		if ( $catch ) {
2372
			$display_errors  = @ini_set( 'display_errors', 1 );
2373
			$error_reporting = @error_reporting( E_ALL );
2374
			add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2375
		} else {
2376
			@ini_set( 'display_errors', $display_errors );
2377
			@error_reporting( $error_reporting );
2378
			remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2379
		}
2380
	}
2381
2382
	/**
2383
	 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2384
	 */
2385
	public static function catch_errors_on_shutdown() {
2386
		Jetpack::state( 'php_errors', ob_get_clean() );
2387
	}
2388
2389
	public static function activate_default_modules( $min_version = false, $max_version = false, $other_modules = array(), $redirect = true ) {
2390
		$jetpack = Jetpack::init();
2391
2392
		$modules = Jetpack::get_default_modules( $min_version, $max_version );
2393
		$modules = array_merge( $other_modules, $modules );
2394
2395
		// Look for standalone plugins and disable if active.
2396
2397
		$to_deactivate = array();
2398
		foreach ( $modules as $module ) {
2399
			if ( isset( $jetpack->plugins_to_deactivate[$module] ) ) {
2400
				$to_deactivate[$module] = $jetpack->plugins_to_deactivate[$module];
2401
			}
2402
		}
2403
2404
		$deactivated = array();
2405
		foreach ( $to_deactivate as $module => $deactivate_me ) {
2406
			list( $probable_file, $probable_title ) = $deactivate_me;
2407
			if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2408
				$deactivated[] = $module;
2409
			}
2410
		}
2411
2412
		if ( $deactivated && $redirect ) {
2413
			Jetpack::state( 'deactivated_plugins', join( ',', $deactivated ) );
2414
2415
			$url = add_query_arg(
2416
				array(
2417
					'action'   => 'activate_default_modules',
2418
					'_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2419
				),
2420
				add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), Jetpack::admin_url( 'page=jetpack' ) )
2421
			);
2422
			wp_safe_redirect( $url );
2423
			exit;
2424
		}
2425
2426
		/**
2427
		 * Fires before default modules are activated.
2428
		 *
2429
		 * @since 1.9.0
2430
		 *
2431
		 * @param string $min_version Minimum version number required to use modules.
2432
		 * @param string $max_version Maximum version number required to use modules.
2433
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2434
		 */
2435
		do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2436
2437
		// Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2438
		Jetpack::restate();
2439
		Jetpack::catch_errors( true );
2440
2441
		$active = Jetpack::get_active_modules();
2442
2443
		foreach ( $modules as $module ) {
2444
			if ( did_action( "jetpack_module_loaded_$module" ) ) {
2445
				$active[] = $module;
2446
				Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2447
				continue;
2448
			}
2449
2450
			if ( in_array( $module, $active ) ) {
2451
				$module_info = Jetpack::get_module( $module );
2452
				if ( ! $module_info['deactivate'] ) {
2453
					$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2454 View Code Duplication
					if ( $active_state = Jetpack::state( $state ) ) {
2455
						$active_state = explode( ',', $active_state );
2456
					} else {
2457
						$active_state = array();
2458
					}
2459
					$active_state[] = $module;
2460
					Jetpack::state( $state, implode( ',', $active_state ) );
2461
				}
2462
				continue;
2463
			}
2464
2465
			$file = Jetpack::get_module_path( $module );
2466
			if ( ! file_exists( $file ) ) {
2467
				continue;
2468
			}
2469
2470
			// we'll override this later if the plugin can be included without fatal error
2471
			if ( $redirect ) {
2472
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2473
			}
2474
			Jetpack::state( 'error', 'module_activation_failed' );
2475
			Jetpack::state( 'module', $module );
2476
			ob_start();
2477
			require $file;
2478
			/**
2479
			 * Fires when a specific module is activated.
2480
			 *
2481
			 * @since 1.9.0
2482
			 *
2483
			 * @param string $module Module slug.
2484
			 */
2485
			do_action( 'jetpack_activate_module', $module );
2486
			$active[] = $module;
2487
			$state    = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2488 View Code Duplication
			if ( $active_state = Jetpack::state( $state ) ) {
2489
				$active_state = explode( ',', $active_state );
2490
			} else {
2491
				$active_state = array();
2492
			}
2493
			$active_state[] = $module;
2494
			Jetpack::state( $state, implode( ',', $active_state ) );
2495
			Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2496
			ob_end_clean();
2497
		}
2498
		Jetpack::state( 'error', false );
2499
		Jetpack::state( 'module', false );
2500
		Jetpack::catch_errors( false );
2501
		/**
2502
		 * Fires when default modules are activated.
2503
		 *
2504
		 * @since 1.9.0
2505
		 *
2506
		 * @param string $min_version Minimum version number required to use modules.
2507
		 * @param string $max_version Maximum version number required to use modules.
2508
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2509
		 */
2510
		do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
2511
	}
2512
2513
	public static function activate_module( $module, $exit = true, $redirect = true ) {
2514
		/**
2515
		 * Fires before a module is activated.
2516
		 *
2517
		 * @since 2.6.0
2518
		 *
2519
		 * @param string $module Module slug.
2520
		 * @param bool $exit Should we exit after the module has been activated. Default to true.
2521
		 * @param bool $redirect Should the user be redirected after module activation? Default to true.
2522
		 */
2523
		do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
2524
2525
		$jetpack = Jetpack::init();
2526
2527
		if ( ! strlen( $module ) )
2528
			return false;
2529
2530
		if ( ! Jetpack::is_module( $module ) )
2531
			return false;
2532
2533
		// If it's already active, then don't do it again
2534
		$active = Jetpack::get_active_modules();
2535
		foreach ( $active as $act ) {
2536
			if ( $act == $module )
2537
				return true;
2538
		}
2539
2540
		$module_data = Jetpack::get_module( $module );
2541
2542
		if ( ! Jetpack::is_active() ) {
2543
			if ( !Jetpack::is_development_mode() )
2544
				return false;
2545
2546
			// If we're not connected but in development mode, make sure the module doesn't require a connection
2547
			if ( Jetpack::is_development_mode() && $module_data['requires_connection'] )
2548
				return false;
2549
		}
2550
2551
		// Check and see if the old plugin is active
2552
		if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2553
			// Deactivate the old plugin
2554
			if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
2555
				// If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
2556
				// We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
2557
				Jetpack::state( 'deactivated_plugins', $module );
2558
				wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
2559
				exit;
2560
			}
2561
		}
2562
2563
		// Check the file for fatal errors, a la wp-admin/plugins.php::activate
2564
		Jetpack::state( 'module', $module );
2565
		Jetpack::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
2566
2567
		Jetpack::catch_errors( true );
2568
		ob_start();
2569
		require Jetpack::get_module_path( $module );
2570
		/** This action is documented in class.jetpack.php */
2571
		do_action( 'jetpack_activate_module', $module );
2572
		$active[] = $module;
2573
		Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2574
		Jetpack::state( 'error', false ); // the override
2575
		Jetpack::state( 'message', 'module_activated' );
2576
		Jetpack::state( 'module', $module );
2577
		ob_end_clean();
2578
		Jetpack::catch_errors( false );
2579
2580
		// A flag for Jump Start so it's not shown again. Only set if it hasn't been yet.
2581 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2582
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2583
2584
			//Jump start is being dismissed send data to MC Stats
2585
			$jetpack->stat( 'jumpstart', 'manual,'.$module );
2586
2587
			$jetpack->do_stats( 'server_side' );
2588
		}
2589
2590
		if ( $redirect ) {
2591
			wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2592
		}
2593
		if ( $exit ) {
2594
			exit;
2595
		}
2596
		return true;
2597
	}
2598
2599
	function activate_module_actions( $module ) {
2600
		/**
2601
		 * Fires when a module is activated.
2602
		 * The dynamic part of the filter, $module, is the module slug.
2603
		 *
2604
		 * @since 1.9.0
2605
		 *
2606
		 * @param string $module Module slug.
2607
		 */
2608
		do_action( "jetpack_activate_module_$module", $module );
2609
	}
2610
2611
	public static function deactivate_module( $module ) {
2612
		/**
2613
		 * Fires when a module is deactivated.
2614
		 *
2615
		 * @since 1.9.0
2616
		 *
2617
		 * @param string $module Module slug.
2618
		 */
2619
		do_action( 'jetpack_pre_deactivate_module', $module );
2620
2621
		$jetpack = Jetpack::init();
2622
2623
		$active = Jetpack::get_active_modules();
2624
		$new    = array_filter( array_diff( $active, (array) $module ) );
2625
2626
		/**
2627
		 * Fires when a module is deactivated.
2628
		 * The dynamic part of the filter, $module, is the module slug.
2629
		 *
2630
		 * @since 1.9.0
2631
		 *
2632
		 * @param string $module Module slug.
2633
		 */
2634
		do_action( "jetpack_deactivate_module_$module", $module );
2635
2636
		// A flag for Jump Start so it's not shown again.
2637 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2638
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2639
2640
			//Jump start is being dismissed send data to MC Stats
2641
			$jetpack->stat( 'jumpstart', 'manual,deactivated-'.$module );
2642
2643
			$jetpack->do_stats( 'server_side' );
2644
		}
2645
2646
		$success = Jetpack_Options::update_option( 'active_modules', array_unique( $new ) );
2647
		/**
2648
		 * Fired after a module has been deactivated.
2649
		 *
2650
		 * @since 4.1
2651
		 *
2652
		 * @param string $module Module slug.
2653
		 * @param boolean $success whether the module was deactivated.
2654
		 */
2655
		do_action( 'jetpack_deactivate_module', $module, $success );
2656
2657
		return $success;
2658
	}
2659
2660
	public static function enable_module_configurable( $module ) {
2661
		$module = Jetpack::get_module_slug( $module );
2662
		add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
2663
	}
2664
2665
	public static function module_configuration_url( $module ) {
2666
		$module = Jetpack::get_module_slug( $module );
2667
		return Jetpack::admin_url( array( 'page' => 'jetpack', 'configure' => $module ) );
2668
	}
2669
2670
	public static function module_configuration_load( $module, $method ) {
2671
		$module = Jetpack::get_module_slug( $module );
2672
		add_action( 'jetpack_module_configuration_load_' . $module, $method );
2673
	}
2674
2675
	public static function module_configuration_head( $module, $method ) {
2676
		$module = Jetpack::get_module_slug( $module );
2677
		add_action( 'jetpack_module_configuration_head_' . $module, $method );
2678
	}
2679
2680
	public static function module_configuration_screen( $module, $method ) {
2681
		$module = Jetpack::get_module_slug( $module );
2682
		add_action( 'jetpack_module_configuration_screen_' . $module, $method );
2683
	}
2684
2685
	public static function module_configuration_activation_screen( $module, $method ) {
2686
		$module = Jetpack::get_module_slug( $module );
2687
		add_action( 'display_activate_module_setting_' . $module, $method );
2688
	}
2689
2690
/* Installation */
2691
2692
	public static function bail_on_activation( $message, $deactivate = true ) {
2693
?>
2694
<!doctype html>
2695
<html>
2696
<head>
2697
<meta charset="<?php bloginfo( 'charset' ); ?>">
2698
<style>
2699
* {
2700
	text-align: center;
2701
	margin: 0;
2702
	padding: 0;
2703
	font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
2704
}
2705
p {
2706
	margin-top: 1em;
2707
	font-size: 18px;
2708
}
2709
</style>
2710
<body>
2711
<p><?php echo esc_html( $message ); ?></p>
2712
</body>
2713
</html>
2714
<?php
2715
		if ( $deactivate ) {
2716
			$plugins = get_option( 'active_plugins' );
2717
			$jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
2718
			$update  = false;
2719
			foreach ( $plugins as $i => $plugin ) {
2720
				if ( $plugin === $jetpack ) {
2721
					$plugins[$i] = false;
2722
					$update = true;
2723
				}
2724
			}
2725
2726
			if ( $update ) {
2727
				update_option( 'active_plugins', array_filter( $plugins ) );
2728
			}
2729
		}
2730
		exit;
2731
	}
2732
2733
	/**
2734
	 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
2735
	 * @static
2736
	 */
2737
	public static function plugin_activation( $network_wide ) {
2738
		Jetpack_Options::update_option( 'activated', 1 );
2739
2740
		if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
2741
			Jetpack::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
2742
		}
2743
2744
		if ( $network_wide )
2745
			Jetpack::state( 'network_nag', true );
2746
2747
		Jetpack::plugin_initialize();
2748
	}
2749
	/**
2750
	 * Runs before bumping version numbers up to a new version
2751
	 * @param  (string) $version    Version:timestamp
2752
	 * @param  (string) $old_version Old Version:timestamp or false if not set yet.
2753
	 * @return null              [description]
2754
	 */
2755
	public static function do_version_bump( $version, $old_version ) {
2756
2757
		if ( ! $old_version ) { // For new sites
2758
			// Setting up jetpack manage
2759
			Jetpack::activate_manage();
2760
		}
2761
	}
2762
2763
	/**
2764
	 * Sets the internal version number and activation state.
2765
	 * @static
2766
	 */
2767
	public static function plugin_initialize() {
2768
		if ( ! Jetpack_Options::get_option( 'activated' ) ) {
2769
			Jetpack_Options::update_option( 'activated', 2 );
2770
		}
2771
2772 View Code Duplication
		if ( ! Jetpack_Options::get_option( 'version' ) ) {
2773
			$version = $old_version = JETPACK__VERSION . ':' . time();
2774
			/** This action is documented in class.jetpack.php */
2775
			do_action( 'updating_jetpack_version', $version, false );
2776
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2777
		}
2778
2779
		Jetpack::load_modules();
2780
2781
		Jetpack_Options::delete_option( 'do_activate' );
2782
	}
2783
2784
	/**
2785
	 * Removes all connection options
2786
	 * @static
2787
	 */
2788
	public static function plugin_deactivation( ) {
2789
		require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
2790
		if( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
2791
			Jetpack_Network::init()->deactivate();
2792
		} else {
2793
			Jetpack::disconnect( false );
2794
			//Jetpack_Heartbeat::init()->deactivate();
2795
		}
2796
	}
2797
2798
	/**
2799
	 * Disconnects from the Jetpack servers.
2800
	 * Forgets all connection details and tells the Jetpack servers to do the same.
2801
	 * @static
2802
	 */
2803
	public static function disconnect( $update_activated_state = true ) {
2804
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
2805
		Jetpack::clean_nonces( true );
2806
2807
		Jetpack::load_xml_rpc_client();
2808
		$xml = new Jetpack_IXR_Client();
2809
		$xml->query( 'jetpack.deregister' );
2810
2811
		Jetpack_Options::delete_option(
2812
			array(
2813
				'register',
2814
				'blog_token',
2815
				'user_token',
2816
				'user_tokens',
2817
				'master_user',
2818
				'time_diff',
2819
				'fallback_no_verify_ssl_certs',
2820
			)
2821
		);
2822
2823
		if ( $update_activated_state ) {
2824
			Jetpack_Options::update_option( 'activated', 4 );
2825
		}
2826
2827
		$jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' );
2828
		// Check then record unique disconnection if site has never been disconnected previously
2829
		if ( -1 == $jetpack_unique_connection['disconnected'] ) {
2830
			$jetpack_unique_connection['disconnected'] = 1;
2831
		}
2832
		else {
2833
			if ( 0 == $jetpack_unique_connection['disconnected'] ) {
2834
				//track unique disconnect
2835
				$jetpack = Jetpack::init();
2836
2837
				$jetpack->stat( 'connections', 'unique-disconnect' );
2838
				$jetpack->do_stats( 'server_side' );
2839
			}
2840
			// increment number of times disconnected
2841
			$jetpack_unique_connection['disconnected'] += 1;
2842
		}
2843
2844
		Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
2845
2846
		// Disable the Heartbeat cron
2847
		Jetpack_Heartbeat::init()->deactivate();
2848
	}
2849
2850
	/**
2851
	 * Unlinks the current user from the linked WordPress.com user
2852
	 */
2853
	public static function unlink_user( $user_id = null ) {
2854
		if ( ! $tokens = Jetpack_Options::get_option( 'user_tokens' ) )
2855
			return false;
2856
2857
		$user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id );
2858
2859
		if ( Jetpack_Options::get_option( 'master_user' ) == $user_id )
2860
			return false;
2861
2862
		if ( ! isset( $tokens[ $user_id ] ) )
2863
			return false;
2864
2865
		Jetpack::load_xml_rpc_client();
2866
		$xml = new Jetpack_IXR_Client( compact( 'user_id' ) );
2867
		$xml->query( 'jetpack.unlink_user', $user_id );
2868
2869
		unset( $tokens[ $user_id ] );
2870
2871
		Jetpack_Options::update_option( 'user_tokens', $tokens );
2872
2873
		/**
2874
		 * Fires after the current user has been unlinked from WordPress.com.
2875
		 *
2876
		 * @since 4.1.0
2877
		 *
2878
		 * @param int $user_id The current user's ID.
2879
		 */
2880
		do_action( 'jetpack_unlinked_user', $user_id );
2881
2882
		return true;
2883
	}
2884
2885
	/**
2886
	 * Attempts Jetpack registration.  If it fail, a state flag is set: @see ::admin_page_load()
2887
	 */
2888
	public static function try_registration() {
2889
		// Let's get some testing in beta versions and such.
2890
		if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
2891
			// Before attempting to connect, let's make sure that the domains are viable.
2892
			$domains_to_check = array_unique( array(
2893
				'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),
2894
				'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),
2895
			) );
2896
			foreach ( $domains_to_check as $domain ) {
2897
				$result = Jetpack_Data::is_usable_domain( $domain );
2898
				if ( is_wp_error( $result ) ) {
2899
					return $result;
2900
				}
2901
			}
2902
		}
2903
2904
		$result = Jetpack::register();
2905
2906
		// If there was an error with registration and the site was not registered, record this so we can show a message.
2907
		if ( ! $result || is_wp_error( $result ) ) {
2908
			return $result;
2909
		} else {
2910
			return true;
2911
		}
2912
	}
2913
2914
	/**
2915
	 * Tracking an internal event log. Try not to put too much chaff in here.
2916
	 *
2917
	 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
2918
	 */
2919
	public static function log( $code, $data = null ) {
2920
		// only grab the latest 200 entries
2921
		$log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
2922
2923
		// Append our event to the log
2924
		$log_entry = array(
2925
			'time'    => time(),
2926
			'user_id' => get_current_user_id(),
2927
			'blog_id' => Jetpack_Options::get_option( 'id' ),
2928
			'code'    => $code,
2929
		);
2930
		// Don't bother storing it unless we've got some.
2931
		if ( ! is_null( $data ) ) {
2932
			$log_entry['data'] = $data;
2933
		}
2934
		$log[] = $log_entry;
2935
2936
		// Try add_option first, to make sure it's not autoloaded.
2937
		// @todo: Add an add_option method to Jetpack_Options
2938
		if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
2939
			Jetpack_Options::update_option( 'log', $log );
2940
		}
2941
2942
		/**
2943
		 * Fires when Jetpack logs an internal event.
2944
		 *
2945
		 * @since 3.0.0
2946
		 *
2947
		 * @param array $log_entry {
2948
		 *	Array of details about the log entry.
2949
		 *
2950
		 *	@param string time Time of the event.
2951
		 *	@param int user_id ID of the user who trigerred the event.
2952
		 *	@param int blog_id Jetpack Blog ID.
2953
		 *	@param string code Unique name for the event.
2954
		 *	@param string data Data about the event.
2955
		 * }
2956
		 */
2957
		do_action( 'jetpack_log_entry', $log_entry );
2958
	}
2959
2960
	/**
2961
	 * Get the internal event log.
2962
	 *
2963
	 * @param $event (string) - only return the specific log events
2964
	 * @param $num   (int)    - get specific number of latest results, limited to 200
2965
	 *
2966
	 * @return array of log events || WP_Error for invalid params
2967
	 */
2968
	public static function get_log( $event = false, $num = false ) {
2969
		if ( $event && ! is_string( $event ) ) {
2970
			return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
2971
		}
2972
2973
		if ( $num && ! is_numeric( $num ) ) {
2974
			return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
2975
		}
2976
2977
		$entire_log = Jetpack_Options::get_option( 'log', array() );
2978
2979
		// If nothing set - act as it did before, otherwise let's start customizing the output
2980
		if ( ! $num && ! $event ) {
2981
			return $entire_log;
2982
		} else {
2983
			$entire_log = array_reverse( $entire_log );
2984
		}
2985
2986
		$custom_log_output = array();
2987
2988
		if ( $event ) {
2989
			foreach ( $entire_log as $log_event ) {
2990
				if ( $event == $log_event[ 'code' ] ) {
2991
					$custom_log_output[] = $log_event;
2992
				}
2993
			}
2994
		} else {
2995
			$custom_log_output = $entire_log;
2996
		}
2997
2998
		if ( $num ) {
2999
			$custom_log_output = array_slice( $custom_log_output, 0, $num );
3000
		}
3001
3002
		return $custom_log_output;
3003
	}
3004
3005
	/**
3006
	 * Log modification of important settings.
3007
	 */
3008
	public static function log_settings_change( $option, $old_value, $value ) {
3009
		switch( $option ) {
3010
			case 'jetpack_sync_non_public_post_stati':
3011
				self::log( $option, $value );
3012
				break;
3013
		}
3014
	}
3015
3016
	/**
3017
	 * Return stat data for WPCOM sync
3018
	 */
3019
	function get_stat_data() {
3020
		$heartbeat_data = Jetpack_Heartbeat::generate_stats_array();
3021
		$additional_data = $this->get_additional_stat_data();
3022
3023
		return json_encode( array_merge( $heartbeat_data, $additional_data ) );
3024
	}
3025
3026
	/**
3027
	 * Get additional stat data to sync to WPCOM
3028
	 */
3029
	function get_additional_stat_data( $prefix = '' ) {
3030
		$return["{$prefix}themes"]         = Jetpack::get_parsed_theme_data();
3031
		$return["{$prefix}plugins-extra"]  = Jetpack::get_parsed_plugin_data();
3032
		$return["{$prefix}users"]          = count_users();
3033
		$return["{$prefix}site-count"]     = 0;
3034
		if ( function_exists( 'get_blog_count' ) ) {
3035
			$return["{$prefix}site-count"] = get_blog_count();
3036
		}
3037
		return $return;
3038
	}
3039
3040
	/* Admin Pages */
3041
3042
	function admin_init() {
3043
		// If the plugin is not connected, display a connect message.
3044
		if (
3045
			// the plugin was auto-activated and needs its candy
3046
			Jetpack_Options::get_option( 'do_activate' )
3047
		||
3048
			// the plugin is active, but was never activated.  Probably came from a site-wide network activation
3049
			! Jetpack_Options::get_option( 'activated' )
3050
		) {
3051
			Jetpack::plugin_initialize();
3052
		}
3053
3054
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
3055
			if ( 4 != Jetpack_Options::get_option( 'activated' ) ) {
3056
				// Show connect notice on dashboard and plugins pages
3057
				add_action( 'load-index.php', array( $this, 'prepare_connect_notice' ) );
3058
				add_action( 'load-plugins.php', array( $this, 'prepare_connect_notice' ) );
3059
			}
3060
		} elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3061
			// Upgrade: 1.1 -> 1.1.1
3062
			// Check and see if host can verify the Jetpack servers' SSL certificate
3063
			$args = array();
3064
			Jetpack_Client::_wp_remote_request(
3065
				Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'test' ) ),
3066
				$args,
3067
				true
3068
			);
3069
		} else {
3070
			// Show the notice on the Dashboard only for now
3071
3072
			add_action( 'load-index.php', array( $this, 'prepare_manage_jetpack_notice' ) );
3073
3074
			// Identity crisis notices
3075
			add_action( 'jetpack_notices', array( $this, 'alert_identity_crisis' ) );
3076
		}
3077
3078
		if ( current_user_can( 'manage_options' ) && 'AUTO' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3079
			add_action( 'jetpack_notices', array( $this, 'alert_auto_ssl_fail' ) );
3080
		}
3081
3082
		add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3083
		add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3084
		add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3085
3086
		if ( Jetpack::is_active() || Jetpack::is_development_mode() ) {
3087
			// Artificially throw errors in certain whitelisted cases during plugin activation
3088
			add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3089
3090
			// Kick off synchronization of user role when it changes
3091
			add_action( 'set_user_role', array( $this, 'user_role_change' ) );
3092
		}
3093
3094
		// Jetpack Manage Activation Screen from .com
3095
		Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
3096
	}
3097
3098
	function admin_body_class( $admin_body_class = '' ) {
3099
		$classes = explode( ' ', trim( $admin_body_class ) );
3100
3101
		$classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3102
3103
		$admin_body_class = implode( ' ', array_unique( $classes ) );
3104
		return " $admin_body_class ";
3105
	}
3106
3107
	static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3108
		return $admin_body_class . ' jetpack-pagestyles ';
3109
	}
3110
3111
	function prepare_connect_notice() {
3112
		add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) );
3113
3114
		add_action( 'admin_notices', array( $this, 'admin_connect_notice' ) );
3115
3116
		if ( Jetpack::state( 'network_nag' ) )
3117
			add_action( 'network_admin_notices', array( $this, 'network_connect_notice' ) );
3118
	}
3119
	/**
3120
	 * Call this function if you want the Big Jetpack Manage Notice to show up.
3121
	 *
3122
	 * @return null
3123
	 */
3124
	function prepare_manage_jetpack_notice() {
3125
3126
		add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) );
3127
		add_action( 'admin_notices', array( $this, 'admin_jetpack_manage_notice' ) );
3128
	}
3129
3130
	function manage_activate_screen() {
3131
		include ( JETPACK__PLUGIN_DIR . 'modules/manage/activate-admin.php' );
3132
	}
3133
	/**
3134
	 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3135
	 * This function artificially throws errors for such cases (whitelisted).
3136
	 *
3137
	 * @param string $plugin The activated plugin.
3138
	 */
3139
	function throw_error_on_activate_plugin( $plugin ) {
3140
		$active_modules = Jetpack::get_active_modules();
3141
3142
		// The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3143
		if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3144
			$throw = false;
3145
3146
			// Try and make sure it really was the stats plugin
3147
			if ( ! class_exists( 'ReflectionFunction' ) ) {
3148
				if ( 'stats.php' == basename( $plugin ) ) {
3149
					$throw = true;
3150
				}
3151
			} else {
3152
				$reflection = new ReflectionFunction( 'stats_get_api_key' );
3153
				if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3154
					$throw = true;
3155
				}
3156
			}
3157
3158
			if ( $throw ) {
3159
				trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3160
			}
3161
		}
3162
	}
3163
3164
	function intercept_plugin_error_scrape_init() {
3165
		add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3166
	}
3167
3168
	function intercept_plugin_error_scrape( $action, $result ) {
3169
		if ( ! $result ) {
3170
			return;
3171
		}
3172
3173
		foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3174
			if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3175
				Jetpack::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3176
			}
3177
		}
3178
	}
3179
3180
	function add_remote_request_handlers() {
3181
		add_action( 'wp_ajax_nopriv_jetpack_upload_file', array( $this, 'remote_request_handlers' ) );
3182
	}
3183
3184
	function remote_request_handlers() {
3185
		switch ( current_filter() ) {
3186
		case 'wp_ajax_nopriv_jetpack_upload_file' :
3187
			$response = $this->upload_handler();
3188
			break;
3189
		default :
3190
			$response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
3191
			break;
3192
		}
3193
3194
		if ( ! $response ) {
3195
			$response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
3196
		}
3197
3198
		if ( is_wp_error( $response ) ) {
3199
			$status_code       = $response->get_error_data();
3200
			$error             = $response->get_error_code();
3201
			$error_description = $response->get_error_message();
3202
3203
			if ( ! is_int( $status_code ) ) {
3204
				$status_code = 400;
3205
			}
3206
3207
			status_header( $status_code );
3208
			die( json_encode( (object) compact( 'error', 'error_description' ) ) );
3209
		}
3210
3211
		status_header( 200 );
3212
		if ( true === $response ) {
3213
			exit;
3214
		}
3215
3216
		die( json_encode( (object) $response ) );
3217
	}
3218
3219
	function upload_handler() {
3220
		if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3221
			return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
3222
		}
3223
3224
		$user = wp_authenticate( '', '' );
3225
		if ( ! $user || is_wp_error( $user ) ) {
3226
			return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
3227
		}
3228
3229
		wp_set_current_user( $user->ID );
3230
3231
		if ( ! current_user_can( 'upload_files' ) ) {
3232
			return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
3233
		}
3234
3235
		if ( empty( $_FILES ) ) {
3236
			return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
3237
		}
3238
3239
		foreach ( array_keys( $_FILES ) as $files_key ) {
3240
			if ( ! isset( $_POST["_jetpack_file_hmac_{$files_key}"] ) ) {
3241
				return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
3242
			}
3243
		}
3244
3245
		$media_keys = array_keys( $_FILES['media'] );
3246
3247
		$token = Jetpack_Data::get_access_token( get_current_user_id() );
3248
		if ( ! $token || is_wp_error( $token ) ) {
3249
			return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
3250
		}
3251
3252
		$uploaded_files = array();
3253
		$global_post    = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3254
		unset( $GLOBALS['post'] );
3255
		foreach ( $_FILES['media']['name'] as $index => $name ) {
3256
			$file = array();
3257
			foreach ( $media_keys as $media_key ) {
3258
				$file[$media_key] = $_FILES['media'][$media_key][$index];
3259
			}
3260
3261
			list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][$index] );
3262
3263
			$hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3264
			if ( $hmac_provided !== $hmac_file ) {
3265
				$uploaded_files[$index] = (object) array( 'error' => 'invalid_hmac', 'error_description' => 'The corresponding HMAC for this file does not match' );
3266
				continue;
3267
			}
3268
3269
			$_FILES['.jetpack.upload.'] = $file;
3270
			$post_id = isset( $_POST['post_id'][$index] ) ? absint( $_POST['post_id'][$index] ) : 0;
3271
			if ( ! current_user_can( 'edit_post', $post_id ) ) {
3272
				$post_id = 0;
3273
			}
3274
			$attachment_id = media_handle_upload(
3275
				'.jetpack.upload.',
3276
				$post_id,
3277
				array(),
3278
				array(
3279
					'action' => 'jetpack_upload_file',
3280
				)
3281
			);
3282
3283
			if ( ! $attachment_id ) {
3284
				$uploaded_files[$index] = (object) array( 'error' => 'unknown', 'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site' );
3285
			} elseif ( is_wp_error( $attachment_id ) ) {
3286
				$uploaded_files[$index] = (object) array( 'error' => 'attachment_' . $attachment_id->get_error_code(), 'error_description' => $attachment_id->get_error_message() );
3287
			} else {
3288
				$attachment = get_post( $attachment_id );
3289
				$uploaded_files[$index] = (object) array(
3290
					'id'   => (string) $attachment_id,
3291
					'file' => $attachment->post_title,
3292
					'url'  => wp_get_attachment_url( $attachment_id ),
3293
					'type' => $attachment->post_mime_type,
3294
					'meta' => wp_get_attachment_metadata( $attachment_id ),
3295
				);
3296
			}
3297
		}
3298
		if ( ! is_null( $global_post ) ) {
3299
			$GLOBALS['post'] = $global_post;
3300
		}
3301
3302
		return $uploaded_files;
3303
	}
3304
3305
	/**
3306
	 * Add help to the Jetpack page
3307
	 *
3308
	 * @since Jetpack (1.2.3)
3309
	 * @return false if not the Jetpack page
3310
	 */
3311
	function admin_help() {
3312
		$current_screen = get_current_screen();
3313
3314
		// Overview
3315
		$current_screen->add_help_tab(
3316
			array(
3317
				'id'		=> 'home',
3318
				'title'		=> __( 'Home', 'jetpack' ),
3319
				'content'	=>
3320
					'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3321
					'<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3322
					'<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3323
			)
3324
		);
3325
3326
		// Screen Content
3327
		if ( current_user_can( 'manage_options' ) ) {
3328
			$current_screen->add_help_tab(
3329
				array(
3330
					'id'		=> 'settings',
3331
					'title'		=> __( 'Settings', 'jetpack' ),
3332
					'content'	=>
3333
						'<p><strong>' . __( 'Jetpack by WordPress.com',                                              'jetpack' ) . '</strong></p>' .
3334
						'<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3335
						'<ol>' .
3336
							'<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.',														'jetpack' ) . '</li>' .
3337
							'<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.',	'jetpack' ) . '</li>' .
3338
						'</ol>' .
3339
						'<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>'
3340
				)
3341
			);
3342
		}
3343
3344
		// Help Sidebar
3345
		$current_screen->set_help_sidebar(
3346
			'<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3347
			'<p><a href="https://jetpack.com/faq/" target="_blank">'     . __( 'Jetpack FAQ',     'jetpack' ) . '</a></p>' .
3348
			'<p><a href="https://jetpack.com/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3349
			'<p><a href="' . Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) .'">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3350
		);
3351
	}
3352
3353
	function admin_menu_css() {
3354
		wp_enqueue_style( 'jetpack-icons' );
3355
	}
3356
3357
	function admin_menu_order() {
3358
		return true;
3359
	}
3360
3361 View Code Duplication
	function jetpack_menu_order( $menu_order ) {
3362
		$jp_menu_order = array();
3363
3364
		foreach ( $menu_order as $index => $item ) {
3365
			if ( $item != 'jetpack' ) {
3366
				$jp_menu_order[] = $item;
3367
			}
3368
3369
			if ( $index == 0 ) {
3370
				$jp_menu_order[] = 'jetpack';
3371
			}
3372
		}
3373
3374
		return $jp_menu_order;
3375
	}
3376
3377
	function admin_head() {
3378 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) )
3379
			/** This action is documented in class.jetpack-admin-page.php */
3380
			do_action( 'jetpack_module_configuration_head_' . $_GET['configure'] );
3381
	}
3382
3383
	function admin_banner_styles() {
3384
		$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3385
3386
		wp_enqueue_style( 'jetpack', plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION . '-20121016' );
3387
		wp_style_add_data( 'jetpack', 'rtl', 'replace' );
3388
		wp_style_add_data( 'jetpack', 'suffix', $min );
3389
	}
3390
3391
	function admin_scripts() {
3392
		wp_enqueue_script( 'jetpack-js', plugins_url( '_inc/jp.js', JETPACK__PLUGIN_FILE ), array( 'jquery', 'wp-util' ), JETPACK__VERSION . '-20121111' );
3393
		wp_localize_script(
3394
			'jetpack-js',
3395
			'jetpackL10n',
3396
			array(
3397
				'ays_disconnect' => "This will deactivate all Jetpack modules.\nAre you sure you want to disconnect?",
3398
				'ays_unlink'     => "This will prevent user-specific modules such as Publicize, Notifications and Post By Email from working.\nAre you sure you want to unlink?",
3399
				'ays_dismiss'    => "This will deactivate Jetpack.\nAre you sure you want to deactivate Jetpack?",
3400
			)
3401
		);
3402
		add_action( 'admin_footer', array( $this, 'do_stats' ) );
3403
	}
3404
3405
	function plugin_action_links( $actions ) {
3406
3407
		$jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack' ), __( 'Jetpack', 'jetpack' ) ) );
3408
3409
		if( current_user_can( 'jetpack_manage_modules' ) && ( Jetpack::is_active() || Jetpack::is_development_mode() ) ) {
3410
			return array_merge(
3411
				$jetpack_home,
3412
				array( 'settings' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack_modules' ), __( 'Settings', 'jetpack' ) ) ),
3413
				array( 'support' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack-debugger '), __( 'Support', 'jetpack' ) ) ),
3414
				$actions
3415
				);
3416
			}
3417
3418
		return array_merge( $jetpack_home, $actions );
3419
	}
3420
3421
	function admin_connect_notice() {
3422
		// Don't show the connect notice anywhere but the plugins.php after activating
3423
		$current = get_current_screen();
3424
		if ( 'plugins' !== $current->parent_base )
3425
			return;
3426
3427
		if ( ! current_user_can( 'jetpack_connect' ) )
3428
			return;
3429
3430
		$dismiss_and_deactivate_url = wp_nonce_url( Jetpack::admin_url( '?page=jetpack&jetpack-notice=dismiss' ), 'jetpack-deactivate' );
3431
		?>
3432
		<div id="message" class="updated jp-banner">
3433
			<a href="<?php echo esc_url( $dismiss_and_deactivate_url ); ?>" class="notice-dismiss" title="<?php esc_attr_e( 'Dismiss this notice', 'jetpack' ); ?>"></a>
3434
			<?php if ( in_array( Jetpack_Options::get_option( 'activated' ) , array( 1, 2, 3 ) ) ) : ?>
3435
					<div class="jp-banner__description-container">
3436
						<h2 class="jp-banner__header"><?php _e( 'Your Jetpack is almost ready!', 'jetpack' ); ?></h2>
3437
						<p class="jp-banner__description"><?php _e( 'Please connect to or create a WordPress.com account to enable Jetpack, including powerful security, traffic, and customization services.', 'jetpack' ); ?></p>
3438
						<p class="jp-banner__button-container">
3439
							<a href="<?php echo $this->build_connect_url( false, false, 'banner' ) ?>" class="button button-primary" id="wpcom-connect"><?php _e( 'Connect to WordPress.com', 'jetpack' ); ?></a>
3440
							<a href="<?php echo Jetpack::admin_url( 'admin.php?page=jetpack' ) ?>" class="button" title="<?php esc_attr_e( 'Learn about the benefits you receive when you connect Jetpack to WordPress.com', 'jetpack' ); ?>"><?php _e( 'Learn more', 'jetpack' ); ?></a>
3441
						</p>
3442
					</div>
3443 View Code Duplication
			<?php else : ?>
3444
				<div class="jp-banner__content">
3445
					<h2><?php _e( 'Jetpack is installed!', 'jetpack' ) ?></h2>
3446
					<p><?php _e( 'It\'s ready to bring awesome, WordPress.com cloud-powered features to your site.', 'jetpack' ) ?></p>
3447
				</div>
3448
				<div class="jp-banner__action-container">
3449
					<a href="<?php echo Jetpack::admin_url() ?>" class="jp-banner__button" id="wpcom-connect"><?php _e( 'Learn More', 'jetpack' ); ?></a>
3450
				</div>
3451
			<?php endif; ?>
3452
		</div>
3453
3454
		<?php
3455
	}
3456
3457
	/**
3458
	 * This is the first banner
3459
	 * It should be visible only to user that can update the option
3460
	 * Are not connected
3461
	 *
3462
	 * @return null
3463
	 */
3464
	function admin_jetpack_manage_notice() {
3465
		$screen = get_current_screen();
3466
3467
		// Don't show the connect notice on the jetpack settings page.
3468
		if ( ! in_array( $screen->base, array( 'dashboard' ) ) || $screen->is_network || $screen->action )
3469
			return;
3470
3471
		// Only show it if don't have the managment option set.
3472
		// And not dismissed it already.
3473
		if ( ! $this->can_display_jetpack_manage_notice() || Jetpack_Options::get_option( 'dismissed_manage_banner' ) ) {
3474
			return;
3475
		}
3476
3477
		$opt_out_url = $this->opt_out_jetpack_manage_url();
3478
		$opt_in_url  = $this->opt_in_jetpack_manage_url();
3479
		/**
3480
		 * I think it would be great to have different wordsing depending on where you are
3481
		 * for example if we show the notice on dashboard and a different one if we show it on Plugins screen
3482
		 * etc..
3483
		 */
3484
3485
		?>
3486
		<div id="message" class="updated jp-banner">
3487
				<a href="<?php echo esc_url( $opt_out_url ); ?>" class="notice-dismiss" title="<?php esc_attr_e( 'Dismiss this notice', 'jetpack' ); ?>"></a>
3488
				<div class="jp-banner__description-container">
3489
					<h2 class="jp-banner__header"><?php esc_html_e( 'Jetpack Centralized Site Management', 'jetpack' ); ?></h2>
3490
					<p class="jp-banner__description"><?php printf( __( 'Manage multiple Jetpack enabled sites from one single dashboard at wordpress.com. Allows all existing, connected Administrators to modify your site.', 'jetpack' ), 'https://jetpack.com/support/site-management' ); ?></p>
3491
					<p class="jp-banner__button-container">
3492
						<a href="<?php echo esc_url( $opt_in_url ); ?>" class="button button-primary" id="wpcom-connect"><?php _e( 'Activate Jetpack Manage', 'jetpack' ); ?></a>
3493
						<a href="https://jetpack.com/support/site-management" class="button" target="_blank" title="<?php esc_attr_e( 'Learn more about Jetpack Manage on Jetpack.com', 'jetpack' ); ?>"><?php _e( 'Learn more', 'jetpack' ); ?></a>
3494
					</p>
3495
				</div>
3496
		</div>
3497
		<?php
3498
	}
3499
3500
	/**
3501
	 * Returns the url that the user clicks to remove the notice for the big banner
3502
	 * @return (string)
3503
	 */
3504
	function opt_out_jetpack_manage_url() {
3505
		$referer = '&_wp_http_referer=' . add_query_arg( '_wp_http_referer', null );
3506
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-out' . $referer ), 'jetpack_manage_banner_opt_out' );
3507
	}
3508
	/**
3509
	 * Returns the url that the user clicks to opt in to Jetpack Manage
3510
	 * @return (string)
3511
	 */
3512
	function opt_in_jetpack_manage_url() {
3513
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-in' ), 'jetpack_manage_banner_opt_in' );
3514
	}
3515
3516
	function opt_in_jetpack_manage_notice() {
3517
		?>
3518
		<div class="wrap">
3519
			<div id="message" class="jetpack-message is-opt-in">
3520
				<?php echo sprintf( __( '<p><a href="%1$s" title="Opt in to WordPress.com Site Management" >Activate Site Management</a> to manage multiple sites from our centralized dashboard at wordpress.com/sites. <a href="%2$s" target="_blank">Learn more</a>.</p><a href="%1$s" class="jp-button">Activate Now</a>', 'jetpack' ), $this->opt_in_jetpack_manage_url(), 'https://jetpack.com/support/site-management' ); ?>
3521
			</div>
3522
		</div>
3523
		<?php
3524
3525
	}
3526
	/**
3527
	 * Determines whether to show the notice of not true = display notice
3528
	 * @return (bool)
3529
	 */
3530
	function can_display_jetpack_manage_notice() {
3531
		// never display the notice to users that can't do anything about it anyways
3532
		if( ! current_user_can( 'jetpack_manage_modules' ) )
3533
			return false;
3534
3535
		// don't display if we are in development more
3536
		if( Jetpack::is_development_mode() ) {
3537
			return false;
3538
		}
3539
		// don't display if the site is private
3540
		if(  ! Jetpack_Options::get_option( 'public' ) )
3541
			return false;
3542
3543
		/**
3544
		 * Should the Jetpack Remote Site Management notice be displayed.
3545
		 *
3546
		 * @since 3.3.0
3547
		 *
3548
		 * @param bool ! self::is_module_active( 'manage' ) Is the Manage module inactive.
3549
		 */
3550
		return apply_filters( 'can_display_jetpack_manage_notice', ! self::is_module_active( 'manage' ) );
3551
	}
3552
3553
	function network_connect_notice() {
3554
		?>
3555
		<div id="message" class="updated jetpack-message">
3556
			<div class="squeezer">
3557
				<h2><?php _e( '<strong>Jetpack is activated!</strong> Each site on your network must be connected individually by an admin on that site.', 'jetpack' ) ?></h2>
3558
			</div>
3559
		</div>
3560
		<?php
3561
	}
3562
3563
	/*
3564
	 * Registration flow:
3565
	 * 1 - ::admin_page_load() action=register
3566
	 * 2 - ::try_registration()
3567
	 * 3 - ::register()
3568
	 *     - Creates jetpack_register option containing two secrets and a timestamp
3569
	 *     - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
3570
	 *       siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
3571
	 *     - That request to jetpack.wordpress.com does not immediately respond.  It first makes a request BACK to this site's
3572
	 *       xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
3573
	 *     - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
3574
	 *     - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
3575
	 *       jetpack_id, jetpack_secret, jetpack_public
3576
	 *     - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
3577
	 * 4 - redirect to https://wordpress.com/start/jetpack-connect
3578
	 * 5 - user logs in with WP.com account
3579
	 * 6 - remote request to this site's xmlrpc.php with action remoteAuthorize, Jetpack_XMLRPC_Server->remote_authorize
3580
	 *		- Jetpack_Client_Server::authorize()
3581
	 *		- Jetpack_Client_Server::get_token()
3582
	 *		- GET https://jetpack.wordpress.com/jetpack.token/1/ with
3583
	 *        client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
3584
	 *			- which responds with access_token, token_type, scope
3585
	 *		- Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id
3586
	 *		- Jetpack::activate_default_modules()
3587
	 *     		- Deactivates deprecated plugins
3588
	 *     		- Activates all default modules
3589
	 *		- Responds with either error, or 'connected' for new connection, or 'linked' for additional linked users
3590
	 * 7 - For a new connection, user selects a Jetpack plan on wordpress.com
3591
	 * 8 - User is redirected back to wp-admin/index.php?page=jetpack with state:message=authorized
3592
	 *     Done!
3593
	 */
3594
3595
	/**
3596
	 * Handles the page load events for the Jetpack admin page
3597
	 */
3598
	function admin_page_load() {
3599
		$error = false;
3600
3601
		// Make sure we have the right body class to hook stylings for subpages off of.
3602
		add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ) );
3603
3604
		if ( ! empty( $_GET['jetpack_restate'] ) ) {
3605
			// Should only be used in intermediate redirects to preserve state across redirects
3606
			Jetpack::restate();
3607
		}
3608
3609
		if ( isset( $_GET['connect_url_redirect'] ) ) {
3610
			// User clicked in the iframe to link their accounts
3611
			if ( ! Jetpack::is_user_connected() ) {
3612
				$connect_url = $this->build_connect_url( true, false, 'iframe' );
3613
				if ( isset( $_GET['notes_iframe'] ) )
3614
					$connect_url .= '&notes_iframe';
3615
				wp_redirect( $connect_url );
3616
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3617
			} else {
3618
				Jetpack::state( 'message', 'already_authorized' );
3619
				wp_safe_redirect( Jetpack::admin_url() );
3620
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3621
			}
3622
		}
3623
3624
3625
		if ( isset( $_GET['action'] ) ) {
3626
			switch ( $_GET['action'] ) {
3627
			case 'authorize':
3628
				if ( Jetpack::is_active() && Jetpack::is_user_connected() ) {
3629
					Jetpack::state( 'message', 'already_authorized' );
3630
					wp_safe_redirect( Jetpack::admin_url() );
3631
					exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3632
				}
3633
				Jetpack::log( 'authorize' );
3634
				$client_server = new Jetpack_Client_Server;
3635
				$client_server->client_authorize();
3636
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3637
			case 'register' :
3638
				if ( ! current_user_can( 'jetpack_connect' ) ) {
3639
					$error = 'cheatin';
3640
					break;
3641
				}
3642
				check_admin_referer( 'jetpack-register' );
3643
				Jetpack::log( 'register' );
3644
				Jetpack::maybe_set_version_option();
3645
				$registered = Jetpack::try_registration();
3646
				if ( is_wp_error( $registered ) ) {
3647
					$error = $registered->get_error_code();
3648
					Jetpack::state( 'error_description', $error );
3649
					Jetpack::state( 'error_description', $registered->get_error_message() );
3650
					break;
3651
				}
3652
3653
				$from = isset( $_GET['from'] ) ? $_GET['from'] : false;
3654
3655
				wp_redirect( $this->build_connect_url( true, false, $from ) );
3656
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3657
			case 'activate' :
3658
				if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
3659
					$error = 'cheatin';
3660
					break;
3661
				}
3662
3663
				$module = stripslashes( $_GET['module'] );
3664
				check_admin_referer( "jetpack_activate-$module" );
3665
				Jetpack::log( 'activate', $module );
3666
				Jetpack::activate_module( $module );
3667
				// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
3668
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3669
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3670
			case 'activate_default_modules' :
3671
				check_admin_referer( 'activate_default_modules' );
3672
				Jetpack::log( 'activate_default_modules' );
3673
				Jetpack::restate();
3674
				$min_version   = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
3675
				$max_version   = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
3676
				$other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
3677
				Jetpack::activate_default_modules( $min_version, $max_version, $other_modules );
3678
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3679
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3680
			case 'disconnect' :
3681
				if ( ! current_user_can( 'jetpack_disconnect' ) ) {
3682
					$error = 'cheatin';
3683
					break;
3684
				}
3685
3686
				check_admin_referer( 'jetpack-disconnect' );
3687
				Jetpack::log( 'disconnect' );
3688
				Jetpack::disconnect();
3689
				wp_safe_redirect( Jetpack::admin_url( 'disconnected=true' ) );
3690
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3691
			case 'reconnect' :
3692
				if ( ! current_user_can( 'jetpack_reconnect' ) ) {
3693
					$error = 'cheatin';
3694
					break;
3695
				}
3696
3697
				check_admin_referer( 'jetpack-reconnect' );
3698
				Jetpack::log( 'reconnect' );
3699
				$this->disconnect();
3700
				wp_redirect( $this->build_connect_url( true, false, 'reconnect' ) );
3701
				exit;
3702 View Code Duplication
			case 'deactivate' :
3703
				if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
3704
					$error = 'cheatin';
3705
					break;
3706
				}
3707
3708
				$modules = stripslashes( $_GET['module'] );
3709
				check_admin_referer( "jetpack_deactivate-$modules" );
3710
				foreach ( explode( ',', $modules ) as $module ) {
3711
					Jetpack::log( 'deactivate', $module );
3712
					Jetpack::deactivate_module( $module );
3713
					Jetpack::state( 'message', 'module_deactivated' );
3714
				}
3715
				Jetpack::state( 'module', $modules );
3716
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3717
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3718
			case 'unlink' :
3719
				$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
3720
				check_admin_referer( 'jetpack-unlink' );
3721
				Jetpack::log( 'unlink' );
3722
				$this->unlink_user();
3723
				Jetpack::state( 'message', 'unlinked' );
3724
				if ( 'sub-unlink' == $redirect ) {
3725
					wp_safe_redirect( admin_url() );
3726
				} else {
3727
					wp_safe_redirect( Jetpack::admin_url( array( 'page' => $redirect ) ) );
3728
				}
3729
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3730
			default:
3731
				/**
3732
				 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
3733
				 *
3734
				 * @since 2.6.0
3735
				 *
3736
				 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
3737
				 */
3738
				do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
3739
			}
3740
		}
3741
3742
		if ( ! $error = $error ? $error : Jetpack::state( 'error' ) ) {
3743
			self::activate_new_modules( true );
3744
		}
3745
3746
		$message_code = Jetpack::state( 'message' );
3747
		if ( Jetpack::state( 'optin-manage' ) ) {
3748
			$activated_manage = $message_code;
3749
			$message_code = 'jetpack-manage';
3750
		}
3751
3752
		switch ( $message_code ) {
3753
		case 'jetpack-manage':
3754
			$this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>';
3755
			if ( $activated_manage ) {
3756
				$this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack'  ) . '</strong>';
3757
			}
3758
			break;
3759
3760
		}
3761
3762
		$deactivated_plugins = Jetpack::state( 'deactivated_plugins' );
3763
3764
		if ( ! empty( $deactivated_plugins ) ) {
3765
			$deactivated_plugins = explode( ',', $deactivated_plugins );
3766
			$deactivated_titles  = array();
3767
			foreach ( $deactivated_plugins as $deactivated_plugin ) {
3768
				if ( ! isset( $this->plugins_to_deactivate[$deactivated_plugin] ) ) {
3769
					continue;
3770
				}
3771
3772
				$deactivated_titles[] = '<strong>' . str_replace( ' ', '&nbsp;', $this->plugins_to_deactivate[$deactivated_plugin][1] ) . '</strong>';
3773
			}
3774
3775
			if ( $deactivated_titles ) {
3776
				if ( $this->message ) {
3777
					$this->message .= "<br /><br />\n";
3778
				}
3779
3780
				$this->message .= wp_sprintf(
3781
					_n(
3782
						'Jetpack contains the most recent version of the old %l plugin.',
3783
						'Jetpack contains the most recent versions of the old %l plugins.',
3784
						count( $deactivated_titles ),
3785
						'jetpack'
3786
					),
3787
					$deactivated_titles
3788
				);
3789
3790
				$this->message .= "<br />\n";
3791
3792
				$this->message .= _n(
3793
					'The old version has been deactivated and can be removed from your site.',
3794
					'The old versions have been deactivated and can be removed from your site.',
3795
					count( $deactivated_titles ),
3796
					'jetpack'
3797
				);
3798
			}
3799
		}
3800
3801
		$this->privacy_checks = Jetpack::state( 'privacy_checks' );
3802
3803
		if ( $this->message || $this->error || $this->privacy_checks || $this->can_display_jetpack_manage_notice() ) {
3804
			add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
3805
		}
3806
3807 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) ) {
3808
			/**
3809
			 * Fires when a module configuration page is loaded.
3810
			 * The dynamic part of the hook is the configure parameter from the URL.
3811
			 *
3812
			 * @since 1.1.0
3813
			 */
3814
			do_action( 'jetpack_module_configuration_load_' . $_GET['configure'] );
3815
		}
3816
3817
		add_filter( 'jetpack_short_module_description', 'wptexturize' );
3818
	}
3819
3820
	function admin_notices() {
3821
3822
		if ( $this->error ) {
3823
?>
3824
<div id="message" class="jetpack-message jetpack-err">
3825
	<div class="squeezer">
3826
		<h2><?php echo wp_kses( $this->error, array( 'a' => array( 'href' => array() ), 'small' => true, 'code' => true, 'strong' => true, 'br' => true, 'b' => true ) ); ?></h2>
3827
<?php	if ( $desc = Jetpack::state( 'error_description' ) ) : ?>
3828
		<p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
3829
<?php	endif; ?>
3830
	</div>
3831
</div>
3832
<?php
3833
		}
3834
3835
		if ( $this->message ) {
3836
?>
3837
<div id="message" class="jetpack-message">
3838
	<div class="squeezer">
3839
		<h2><?php echo wp_kses( $this->message, array( 'strong' => array(), 'a' => array( 'href' => true ), 'br' => true ) ); ?></h2>
3840
	</div>
3841
</div>
3842
<?php
3843
		}
3844
3845
		if ( $this->privacy_checks ) :
3846
			$module_names = $module_slugs = array();
3847
3848
			$privacy_checks = explode( ',', $this->privacy_checks );
3849
			$privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
3850
			foreach ( $privacy_checks as $module_slug ) {
3851
				$module = Jetpack::get_module( $module_slug );
3852
				if ( ! $module ) {
3853
					continue;
3854
				}
3855
3856
				$module_slugs[] = $module_slug;
3857
				$module_names[] = "<strong>{$module['name']}</strong>";
3858
			}
3859
3860
			$module_slugs = join( ',', $module_slugs );
3861
?>
3862
<div id="message" class="jetpack-message jetpack-err">
3863
	<div class="squeezer">
3864
		<h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
3865
		<p><?php
3866
			echo wp_kses(
3867
				wptexturize(
3868
					wp_sprintf(
3869
						_nx(
3870
							"Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
3871
							"Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
3872
							count( $privacy_checks ),
3873
							'%l = list of Jetpack module/feature names',
3874
							'jetpack'
3875
						),
3876
						$module_names
3877
					)
3878
				),
3879
				array( 'strong' => true )
3880
			);
3881
3882
			echo "\n<br />\n";
3883
3884
			echo wp_kses(
3885
				sprintf(
3886
					_nx(
3887
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
3888
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
3889
						count( $privacy_checks ),
3890
						'%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
3891
						'jetpack'
3892
					),
3893
					wp_nonce_url(
3894
						Jetpack::admin_url(
3895
							array(
3896
								'page'   => 'jetpack',
3897
								'action' => 'deactivate',
3898
								'module' => urlencode( $module_slugs ),
3899
							)
3900
						),
3901
						"jetpack_deactivate-$module_slugs"
3902
					),
3903
					esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
3904
				),
3905
				array( 'a' => array( 'href' => true, 'title' => true ) )
3906
			);
3907
		?></p>
3908
	</div>
3909
</div>
3910
<?php endif;
3911
	// only display the notice if the other stuff is not there
3912
	if( $this->can_display_jetpack_manage_notice() && !  $this->error && ! $this->message && ! $this->privacy_checks ) {
3913
		if( isset( $_GET['page'] ) && 'jetpack' != $_GET['page'] )
3914
			$this->opt_in_jetpack_manage_notice();
3915
		}
3916
	}
3917
3918
	/**
3919
	 * Record a stat for later output.  This will only currently output in the admin_footer.
3920
	 */
3921
	function stat( $group, $detail ) {
3922
		if ( ! isset( $this->stats[ $group ] ) )
3923
			$this->stats[ $group ] = array();
3924
		$this->stats[ $group ][] = $detail;
3925
	}
3926
3927
	/**
3928
	 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
3929
	 */
3930
	function do_stats( $method = '' ) {
3931
		if ( is_array( $this->stats ) && count( $this->stats ) ) {
3932
			foreach ( $this->stats as $group => $stats ) {
3933
				if ( is_array( $stats ) && count( $stats ) ) {
3934
					$args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
3935
					if ( 'server_side' === $method ) {
3936
						self::do_server_side_stat( $args );
3937
					} else {
3938
						echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
3939
					}
3940
				}
3941
				unset( $this->stats[ $group ] );
3942
			}
3943
		}
3944
	}
3945
3946
	/**
3947
	 * Runs stats code for a one-off, server-side.
3948
	 *
3949
	 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
3950
	 *
3951
	 * @return bool If it worked.
3952
	 */
3953
	static function do_server_side_stat( $args ) {
3954
		$response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
3955
		if ( is_wp_error( $response ) )
3956
			return false;
3957
3958
		if ( 200 !== wp_remote_retrieve_response_code( $response ) )
3959
			return false;
3960
3961
		return true;
3962
	}
3963
3964
	/**
3965
	 * Builds the stats url.
3966
	 *
3967
	 * @param $args array|string The arguments to append to the URL.
3968
	 *
3969
	 * @return string The URL to be pinged.
3970
	 */
3971
	static function build_stats_url( $args ) {
3972
		$defaults = array(
3973
			'v'    => 'wpcom2',
3974
			'rand' => md5( mt_rand( 0, 999 ) . time() ),
3975
		);
3976
		$args     = wp_parse_args( $args, $defaults );
3977
		/**
3978
		 * Filter the URL used as the Stats tracking pixel.
3979
		 *
3980
		 * @since 2.3.2
3981
		 *
3982
		 * @param string $url Base URL used as the Stats tracking pixel.
3983
		 */
3984
		$base_url = apply_filters(
3985
			'jetpack_stats_base_url',
3986
			set_url_scheme( 'http://pixel.wp.com/g.gif' )
3987
		);
3988
		$url      = add_query_arg( $args, $base_url );
3989
		return $url;
3990
	}
3991
3992
	function translate_current_user_to_role() {
3993
		foreach ( $this->capability_translations as $role => $cap ) {
3994
			if ( current_user_can( $role ) || current_user_can( $cap ) ) {
3995
				return $role;
3996
			}
3997
		}
3998
3999
		return false;
4000
	}
4001
4002
	function translate_role_to_cap( $role ) {
4003
		if ( ! isset( $this->capability_translations[$role] ) ) {
4004
			return false;
4005
		}
4006
4007
		return $this->capability_translations[$role];
4008
	}
4009
4010
	function sign_role( $role ) {
4011
		if ( ! $user_id = (int) get_current_user_id() ) {
4012
			return false;
4013
		}
4014
4015
		$token = Jetpack_Data::get_access_token();
4016
		if ( ! $token || is_wp_error( $token ) ) {
4017
			return false;
4018
		}
4019
4020
		return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret );
4021
	}
4022
4023
4024
	/**
4025
	 * Builds a URL to the Jetpack connection auth page
4026
	 *
4027
	 * @since 3.9.5
4028
	 *
4029
	 * @param bool $raw If true, URL will not be escaped.
4030
	 * @param bool|string $redirect If true, will redirect back to Jetpack wp-admin landing page after connection.
4031
	 *                              If string, will be a custom redirect.
4032
	 * @param bool|string $from If not false, adds 'from=$from' param to the connect URL.
4033
	 *
4034
	 * @return string Connect URL
4035
	 */
4036
	function build_connect_url( $raw = false, $redirect = false, $from = false ) {
4037
		if ( ! Jetpack_Options::get_option( 'blog_token' ) || ! Jetpack_Options::get_option( 'id' ) ) {
4038
			$url = Jetpack::nonce_url_no_esc( Jetpack::admin_url( 'action=register' ), 'jetpack-register' );
4039
			if( is_network_admin() ) {
4040
			    $url = add_query_arg( 'is_multisite', network_admin_url(
4041
			    'admin.php?page=jetpack-settings' ), $url );
4042
			}
4043
		} else {
4044
			require_once JETPACK__GLOTPRESS_LOCALES_PATH;
4045
			$role = $this->translate_current_user_to_role();
4046
			$signed_role = $this->sign_role( $role );
4047
4048
			$user = wp_get_current_user();
4049
4050
			$jetpack_admin_page = esc_url_raw( admin_url( 'admin.php?page=jetpack' ) );
4051
			$redirect = $redirect
4052
				? wp_validate_redirect( esc_url_raw( $redirect ), $jetpack_admin_page )
4053
				: $jetpack_admin_page;
4054
4055
			$gp_locale = GP_Locales::by_field( 'wp_locale', get_locale() );
4056
4057
			if( isset( $_REQUEST['is_multisite'] ) ) {
4058
				$redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4059
			}
4060
4061
			$secrets = Jetpack::init()->generate_secrets( 'authorize' );
4062
			@list( $secret ) = explode( ':', $secrets );
4063
			
4064
			$site_icon = ( function_exists( 'has_site_icon') && has_site_icon() )
4065
				? get_site_icon_url()
4066
				: false;
4067
4068
			$args = urlencode_deep(
4069
				array(
4070
					'response_type' => 'code',
4071
					'client_id'     => Jetpack_Options::get_option( 'id' ),
4072
					'redirect_uri'  => add_query_arg(
4073
						array(
4074
							'action'   => 'authorize',
4075
							'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
4076
							'redirect' => urlencode( $redirect ),
4077
						),
4078
						esc_url( admin_url( 'admin.php?page=jetpack' ) )
4079
					),
4080
					'state'         => $user->ID,
4081
					'scope'         => $signed_role,
4082
					'user_email'    => $user->user_email,
4083
					'user_login'    => $user->user_login,
4084
					'is_active'     => Jetpack::is_active(),
4085
					'jp_version'    => JETPACK__VERSION,
4086
					'auth_type'     => 'calypso',
4087
					'secret'        => $secret,
4088
					'locale'        => isset( $gp_locale->slug ) ? $gp_locale->slug : '',
4089
					'blogname'      => get_option( 'blogname' ),
4090
					'site_url'      => site_url(),
4091
					'home_url'      => home_url(),
4092
					'site_icon'     => $site_icon,
4093
				)
4094
			);
4095
4096
			$url = add_query_arg( $args, Jetpack::api_url( 'authorize' ) );
4097
		}
4098
4099
		if ( $from ) {
4100
			$url = add_query_arg( 'from', $from, $url );
4101
		}
4102
4103
		if ( isset( $_GET['calypso_env'] ) ) {
4104
			$url = add_query_arg( 'calypso_env', sanitize_key( $_GET['calypso_env'] ), $url );
4105
		}
4106
4107
		return $raw ? $url : esc_url( $url );
4108
	}
4109
4110
	function build_reconnect_url( $raw = false ) {
4111
		$url = wp_nonce_url( Jetpack::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4112
		return $raw ? $url : esc_url( $url );
4113
	}
4114
4115
	public static function admin_url( $args = null ) {
4116
		$args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4117
		$url = add_query_arg( $args, admin_url( 'admin.php' ) );
4118
		return $url;
4119
	}
4120
4121
	public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4122
		$actionurl = str_replace( '&amp;', '&', $actionurl );
4123
		return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4124
	}
4125
4126
	function dismiss_jetpack_notice() {
4127
4128
		if ( ! isset( $_GET['jetpack-notice'] ) ) {
4129
			return;
4130
		}
4131
4132
		switch( $_GET['jetpack-notice'] ) {
4133
			case 'dismiss':
4134
				if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4135
4136
					require_once ABSPATH . 'wp-admin/includes/plugin.php';
4137
					deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4138
					wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4139
				}
4140
				break;
4141 View Code Duplication
			case 'jetpack-manage-opt-out':
4142
4143
				if ( check_admin_referer( 'jetpack_manage_banner_opt_out' ) ) {
4144
					// Don't show the banner again
4145
4146
					Jetpack_Options::update_option( 'dismissed_manage_banner', true );
4147
					// redirect back to the page that had the notice
4148
					if ( wp_get_referer() ) {
4149
						wp_safe_redirect( wp_get_referer() );
4150
					} else {
4151
						// Take me to Jetpack
4152
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4153
					}
4154
				}
4155
				break;
4156 View Code Duplication
			case 'jetpack-protect-multisite-opt-out':
4157
4158
				if ( check_admin_referer( 'jetpack_protect_multisite_banner_opt_out' ) ) {
4159
					// Don't show the banner again
4160
4161
					update_site_option( 'jetpack_dismissed_protect_multisite_banner', true );
4162
					// redirect back to the page that had the notice
4163
					if ( wp_get_referer() ) {
4164
						wp_safe_redirect( wp_get_referer() );
4165
					} else {
4166
						// Take me to Jetpack
4167
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4168
					}
4169
				}
4170
				break;
4171
			case 'jetpack-manage-opt-in':
4172
				if ( check_admin_referer( 'jetpack_manage_banner_opt_in' ) ) {
4173
					// This makes sure that we are redirect to jetpack home so that we can see the Success Message.
4174
4175
					$redirection_url = Jetpack::admin_url();
4176
					remove_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4177
4178
					// Don't redirect form the Jetpack Setting Page
4179
					$referer_parsed = parse_url ( wp_get_referer() );
4180
					// check that we do have a wp_get_referer and the query paramater is set orderwise go to the Jetpack Home
4181
					if ( isset( $referer_parsed['query'] ) && false !== strpos( $referer_parsed['query'], 'page=jetpack_modules' ) ) {
4182
						// Take the user to Jetpack home except when on the setting page
4183
						$redirection_url = wp_get_referer();
4184
						add_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4185
					}
4186
					// Also update the JSON API FULL MANAGEMENT Option
4187
					Jetpack::activate_module( 'manage', false, false );
4188
4189
					// Special Message when option in.
4190
					Jetpack::state( 'optin-manage', 'true' );
4191
					// Activate the Module if not activated already
4192
4193
					// Redirect properly
4194
					wp_safe_redirect( $redirection_url );
4195
4196
				}
4197
				break;
4198
		}
4199
	}
4200
4201
	function debugger_page() {
4202
		nocache_headers();
4203
		if ( ! current_user_can( 'manage_options' ) ) {
4204
			die( '-1' );
4205
		}
4206
		Jetpack_Debugger::jetpack_debug_display_handler();
4207
		exit;
4208
	}
4209
4210
	public static function admin_screen_configure_module( $module_id ) {
4211
4212
		// User that doesn't have 'jetpack_configure_modules' will never end up here since Jetpack Landing Page woun't let them.
4213
		if ( ! in_array( $module_id, Jetpack::get_active_modules() ) && current_user_can( 'manage_options' ) ) {
4214
			if ( has_action( 'display_activate_module_setting_' . $module_id ) ) {
4215
				/**
4216
				 * Fires to diplay a custom module activation screen.
4217
				 *
4218
				 * To add a module actionation screen use Jetpack::module_configuration_activation_screen method.
4219
				 * Example: Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
4220
				 *
4221
				 * @module manage
4222
				 *
4223
				 * @since 3.8.0
4224
				 *
4225
				 * @param int $module_id Module ID.
4226
				 */
4227
				do_action( 'display_activate_module_setting_' . $module_id );
4228
			} else {
4229
				self::display_activate_module_link( $module_id );
4230
			}
4231
4232
			return false;
4233
		} ?>
4234
4235
		<div id="jp-settings-screen" style="position: relative">
4236
			<h3>
4237
			<?php
4238
				$module = Jetpack::get_module( $module_id );
4239
				echo '<a href="' . Jetpack::admin_url( 'page=jetpack_modules' ) . '">' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</a> &rarr; ';
4240
				printf( __( 'Configure %s', 'jetpack' ), $module['name'] );
4241
			?>
4242
			</h3>
4243
			<?php
4244
				/**
4245
				 * Fires within the displayed message when a feature configuation is updated.
4246
				 *
4247
				 * @since 3.4.0
4248
				 *
4249
				 * @param int $module_id Module ID.
4250
				 */
4251
				do_action( 'jetpack_notices_update_settings', $module_id );
4252
				/**
4253
				 * Fires when a feature configuation screen is loaded.
4254
				 * The dynamic part of the hook, $module_id, is the module ID.
4255
				 *
4256
				 * @since 1.1.0
4257
				 */
4258
				do_action( 'jetpack_module_configuration_screen_' . $module_id );
4259
			?>
4260
		</div><?php
4261
	}
4262
4263
	/**
4264
	 * Display link to activate the module to see the settings screen.
4265
	 * @param  string $module_id
4266
	 * @return null
4267
	 */
4268
	public static function display_activate_module_link( $module_id ) {
4269
4270
		$info =  Jetpack::get_module( $module_id );
4271
		$extra = '';
4272
		$activate_url = wp_nonce_url(
4273
				Jetpack::admin_url(
4274
					array(
4275
						'page'   => 'jetpack',
4276
						'action' => 'activate',
4277
						'module' => $module_id,
4278
					)
4279
				),
4280
				"jetpack_activate-$module_id"
4281
			);
4282
4283
		?>
4284
4285
		<div class="wrap configure-module">
4286
			<div id="jp-settings-screen">
4287
				<?php
4288
				if ( $module_id == 'json-api' ) {
4289
4290
					$info['name'] = esc_html__( 'Activate Site Management and JSON API', 'jetpack' );
4291
4292
					$activate_url = Jetpack::init()->opt_in_jetpack_manage_url();
4293
4294
					$info['description'] = sprintf( __( 'Manage your multiple Jetpack sites from our centralized dashboard at wordpress.com/sites. <a href="%s" target="_blank">Learn more</a>.', 'jetpack' ), 'https://jetpack.com/support/site-management' );
4295
4296
					// $extra = __( 'To use Site Management, you need to first activate JSON API to allow remote management of your site. ', 'jetpack' );
4297
				} ?>
4298
4299
				<h3><?php echo esc_html( $info['name'] ); ?></h3>
4300
				<div class="narrow">
4301
					<p><?php echo  $info['description']; ?></p>
4302
					<?php if( $extra ) { ?>
4303
					<p><?php echo esc_html( $extra ); ?></p>
4304
					<?php } ?>
4305
					<p>
4306
						<?php
4307
						if( wp_get_referer() ) {
4308
							printf( __( '<a class="button-primary" href="%s">Activate Now</a> or <a href="%s" >return to previous page</a>.', 'jetpack' ) , $activate_url, wp_get_referer() );
4309
						} else {
4310
							printf( __( '<a class="button-primary" href="%s">Activate Now</a>', 'jetpack' ) , $activate_url  );
4311
						} ?>
4312
					</p>
4313
				</div>
4314
4315
			</div>
4316
		</div>
4317
4318
		<?php
4319
	}
4320
4321
	public static function sort_modules( $a, $b ) {
4322
		if ( $a['sort'] == $b['sort'] )
4323
			return 0;
4324
4325
		return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4326
	}
4327
4328 View Code Duplication
	function sync_reindex_trigger() {
4329
		if ( $this->current_user_is_connection_owner() && current_user_can( 'manage_options' ) ) {
4330
			echo json_encode( $this->sync->reindex_trigger() );
4331
		} else {
4332
			echo '{"status":"ERROR"}';
4333
		}
4334
		exit;
4335
	}
4336
4337 View Code Duplication
	function sync_reindex_status(){
4338
		if ( $this->current_user_is_connection_owner() && current_user_can( 'manage_options' ) ) {
4339
			echo json_encode( $this->sync->reindex_status() );
4340
		} else {
4341
			echo '{"status":"ERROR"}';
4342
		}
4343
		exit;
4344
	}
4345
4346
/* Client API */
4347
4348
	/**
4349
	 * Returns the requested Jetpack API URL
4350
	 *
4351
	 * @return string
4352
	 */
4353
	public static function api_url( $relative_url ) {
4354
		return trailingslashit( JETPACK__API_BASE . $relative_url  ) . JETPACK__API_VERSION . '/';
4355
	}
4356
4357
	/**
4358
	 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
4359
	 */
4360
	public static function fix_url_for_bad_hosts( $url ) {
4361
		if ( 0 !== strpos( $url, 'https://' ) ) {
4362
			return $url;
4363
		}
4364
4365
		switch ( JETPACK_CLIENT__HTTPS ) {
4366
			case 'ALWAYS' :
4367
				return $url;
4368
			case 'NEVER' :
4369
				return set_url_scheme( $url, 'http' );
4370
			// default : case 'AUTO' :
4371
		}
4372
4373
		// we now return the unmodified SSL URL by default, as a security precaution
4374
		return $url;
4375
	}
4376
4377
	/**
4378
	 * Checks to see if the URL is using SSL to connect with Jetpack
4379
	 *
4380
	 * @since 2.3.3
4381
	 * @return boolean
4382
	 */
4383
	public static function permit_ssl( $force_recheck = false ) {
4384
		// Do some fancy tests to see if ssl is being supported
4385
		if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
4386
			$message = '';
4387
			if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
4388
				$ssl = 0;
4389
			} else {
4390
				switch ( JETPACK_CLIENT__HTTPS ) {
4391
					case 'NEVER':
4392
						$ssl = 0;
4393
						$message = __( 'JETPACK_CLIENT__HTTPS is set to NEVER', 'jetpack' );
4394
						break;
4395
					case 'ALWAYS':
4396
					case 'AUTO':
4397
					default:
4398
						$ssl = 1;
4399
						break;
4400
				}
4401
4402
				// If it's not 'NEVER', test to see
4403
				if ( $ssl ) {
4404
					if ( ! wp_http_supports( array( 'ssl' => true ) ) ) {
4405
						$ssl = 0;
4406
						$message = __( 'WordPress reports no SSL support', 'jetpack' );
4407
					} else {
4408
						$response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
4409
						if ( is_wp_error( $response ) ) {
4410
							$ssl = 0;
4411
							$message = __( 'WordPress reports no SSL support', 'jetpack' );
4412
						} elseif ( 'OK' !== wp_remote_retrieve_body( $response ) ) {
4413
							$ssl = 0;
4414
							$message = __( 'Response was not OK: ', 'jetpack' ) . wp_remote_retrieve_body( $response );
4415
						}
4416
					}
4417
				}
4418
			}
4419
			set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
4420
			set_transient( 'jetpack_https_test_message', $message, DAY_IN_SECONDS );
4421
		}
4422
4423
		return (bool) $ssl;
4424
	}
4425
4426
	/*
4427
	 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'AUTO' but SSL isn't working.
4428
	 */
4429
	public function alert_auto_ssl_fail() {
4430
		if ( ! current_user_can( 'manage_options' ) )
4431
			return;
4432
		?>
4433
4434
		<div id="jetpack-ssl-warning" class="error jp-identity-crisis">
4435
			<div class="jp-banner__content">
4436
				<h2><?php _e( 'Outbound HTTPS not working', 'jetpack' ); ?></h2>
4437
				<p><?php _e( 'Your site could not connect to WordPress.com via HTTPS. This could be due to any number of reasons, including faulty SSL certificates, misconfigured or missing SSL libraries, or network issues.', 'jetpack' ); ?></p>
4438
				<p>
4439
					<?php _e( 'Jetpack will re-test for HTTPS support once a day, but you can click here to try again immediately: ', 'jetpack' ); ?>
4440
					<a href="#" id="jetpack-recheck-ssl-button"><?php _e( 'Try again', 'jetpack' ); ?></a>
4441
					<span id="jetpack-recheck-ssl-output"><?php echo get_transient( 'jetpack_https_test_message' ); ?></span>
4442
				</p>
4443
				<p>
4444
					<?php printf( __( 'For more help, try our <a href="$1%s">connection debugger</a> or <a href="$2%s" target="_blank">troubleshooting tips</a>', 'jetpack' ), 
4445
							esc_url( Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) ),
4446
							esc_url( 'https://jetpack.com/support/getting-started-with-jetpack/troubleshooting-tips/' ) ); ?>
4447
				</p>
4448
			</div>
4449
		</div>
4450
		<style>
4451
			#jetpack-recheck-ssl-output { margin-left: 5px; color: red; }
4452
		</style>
4453
		<script type="text/javascript">
4454
			jQuery( document ).ready( function( $ ) {
4455
				$( '#jetpack-recheck-ssl-button' ).click( function( e ) {
4456
					var $this = $( this );
4457
					$this.html( <?php echo json_encode( __( 'Checking', 'jetpack' ) ); ?> );
4458
					$( '#jetpack-recheck-ssl-output' ).html( '' );
4459
					e.preventDefault();
4460
					$.post( '/wp-json/jetpack/v4/recheck-ssl' )
4461
					  .done( function( response ) {
4462
					  	if ( response.enabled ) {
4463
					  		$( '#jetpack-ssl-warning' ).hide();
4464
					  	} else {
4465
					  		this.html( <?php echo json_encode( __( 'Try again', 'jetpack' ) ); ?> );
4466
					  		$( '#jetpack-recheck-ssl-output' ).html( 'SSL Failed: ' + response.message );
4467
					  	}
4468
					  }.bind( $this ) );
4469
				} );
4470
			} );
4471
		</script>
4472
4473
		<?php
4474
	}
4475
4476
	/**
4477
	 * Returns the Jetpack XML-RPC API
4478
	 *
4479
	 * @return string
4480
	 */
4481
	public static function xmlrpc_api_url() {
4482
		$base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE );
4483
		return untrailingslashit( $base ) . '/xmlrpc.php';
4484
	}
4485
4486
	/**
4487
	 * Creates two secret tokens and the end of life timestamp for them.
4488
	 *
4489
	 * Note these tokens are unique per call, NOT static per site for connecting.
4490
	 *
4491
	 * @since 2.6
4492
	 * @return array
4493
	 */
4494
	public function generate_secrets( $action, $exp = 600 ) {
4495
	    $secret = wp_generate_password( 32, false ) // secret_1
4496
	    		. ':' . wp_generate_password( 32, false ) // secret_2
4497
	    		. ':' . ( time() + $exp ) // eol ( End of Life )
4498
	    		. ':' . get_current_user_id(); // ties the secrets to the current user
4499
		Jetpack_Options::update_option( $action, $secret );
4500
	    return Jetpack_Options::get_option( $action );
4501
	}
4502
4503
	/**
4504
	 * Builds the timeout limit for queries talking with the wpcom servers.
4505
	 *
4506
	 * Based on local php max_execution_time in php.ini
4507
	 *
4508
	 * @since 2.6
4509
	 * @return int
4510
	 **/
4511
	public function get_remote_query_timeout_limit() {
4512
	    $timeout = (int) ini_get( 'max_execution_time' );
4513
	    if ( ! $timeout ) // Ensure exec time set in php.ini
4514
		$timeout = 30;
4515
	    return intval( $timeout / 2 );
4516
	}
4517
4518
4519
	/**
4520
	 * Takes the response from the Jetpack register new site endpoint and
4521
	 * verifies it worked properly.
4522
	 *
4523
	 * @since 2.6
4524
	 * @return true or Jetpack_Error
4525
	 **/
4526
	public function validate_remote_register_response( $response ) {
4527
	    	if ( is_wp_error( $response ) ) {
4528
			return new Jetpack_Error( 'register_http_request_failed', $response->get_error_message() );
4529
		}
4530
4531
		$code   = wp_remote_retrieve_response_code( $response );
4532
		$entity = wp_remote_retrieve_body( $response );
4533
		if ( $entity )
4534
			$json = json_decode( $entity );
4535
		else
4536
			$json = false;
4537
4538
		$code_type = intval( $code / 100 );
4539
		if ( 5 == $code_type ) {
4540
			return new Jetpack_Error( 'wpcom_5??', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4541
		} elseif ( 408 == $code ) {
4542
			return new Jetpack_Error( 'wpcom_408', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4543
		} elseif ( ! empty( $json->error ) ) {
4544
			$error_description = isset( $json->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $json->error_description ) : '';
4545
			return new Jetpack_Error( (string) $json->error, $error_description, $code );
4546
		} elseif ( 200 != $code ) {
4547
			return new Jetpack_Error( 'wpcom_bad_response', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4548
		}
4549
4550
		// Jetpack ID error block
4551
		if ( empty( $json->jetpack_id ) ) {
4552
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ), $entity );
4553
		} elseif ( ! is_scalar( $json->jetpack_id ) ) {
4554
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4555
		} elseif ( preg_match( '/[^0-9]/', $json->jetpack_id ) ) {
4556
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4557
		}
4558
4559
	    return true;
4560
	}
4561
	/**
4562
	 * @return bool|WP_Error
4563
	 */
4564
	public static function register() {
4565
		add_action( 'pre_update_jetpack_option_register', array( 'Jetpack_Options', 'delete_option' ) );
4566
		$secrets = Jetpack::init()->generate_secrets( 'register' );
4567
4568
		@list( $secret_1, $secret_2, $secret_eol ) = explode( ':', $secrets );
4569 View Code Duplication
		if ( empty( $secret_1 ) || empty( $secret_2 ) || empty( $secret_eol ) || $secret_eol < time() ) {
4570
			return new Jetpack_Error( 'missing_secrets' );
4571
		}
4572
4573
		$timeout = Jetpack::init()->get_remote_query_timeout_limit();
4574
4575
		$gmt_offset = get_option( 'gmt_offset' );
4576
		if ( ! $gmt_offset ) {
4577
			$gmt_offset = 0;
4578
		}
4579
4580
		$stats_options = get_option( 'stats_options' );
4581
		$stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null;
4582
4583
		$args = array(
4584
			'method'  => 'POST',
4585
			'body'    => array(
4586
				'siteurl'         => site_url(),
4587
				'home'            => home_url(),
4588
				'gmt_offset'      => $gmt_offset,
4589
				'timezone_string' => (string) get_option( 'timezone_string' ),
4590
				'site_name'       => (string) get_option( 'blogname' ),
4591
				'secret_1'        => $secret_1,
4592
				'secret_2'        => $secret_2,
4593
				'site_lang'       => get_locale(),
4594
				'timeout'         => $timeout,
4595
				'stats_id'        => $stats_id,
4596
				'state'           => get_current_user_id(),
4597
			),
4598
			'headers' => array(
4599
				'Accept' => 'application/json',
4600
			),
4601
			'timeout' => $timeout,
4602
		);
4603
		$response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'register' ) ), $args, true );
4604
4605
4606
		// Make sure the response is valid and does not contain any Jetpack errors
4607
		$valid_response = Jetpack::init()->validate_remote_register_response( $response );
4608
		if( is_wp_error( $valid_response ) || !$valid_response ) {
4609
		    return $valid_response;
4610
		}
4611
4612
		// Grab the response values to work with
4613
		$code   = wp_remote_retrieve_response_code( $response );
4614
		$entity = wp_remote_retrieve_body( $response );
4615
4616
		if ( $entity )
4617
			$json = json_decode( $entity );
4618
		else
4619
			$json = false;
4620
4621 View Code Duplication
		if ( empty( $json->jetpack_secret ) || ! is_string( $json->jetpack_secret ) )
4622
			return new Jetpack_Error( 'jetpack_secret', '', $code );
4623
4624
		if ( isset( $json->jetpack_public ) ) {
4625
			$jetpack_public = (int) $json->jetpack_public;
4626
		} else {
4627
			$jetpack_public = false;
4628
		}
4629
4630
		Jetpack_Options::update_options(
4631
			array(
4632
				'id'         => (int)    $json->jetpack_id,
4633
				'blog_token' => (string) $json->jetpack_secret,
4634
				'public'     => $jetpack_public,
4635
			)
4636
		);
4637
4638
		/**
4639
		 * Fires when a site is registered on WordPress.com.
4640
		 *
4641
		 * @since 3.7.0
4642
		 *
4643
		 * @param int $json->jetpack_id Jetpack Blog ID.
4644
		 * @param string $json->jetpack_secret Jetpack Blog Token.
4645
		 * @param int|bool $jetpack_public Is the site public.
4646
		 */
4647
		do_action( 'jetpack_site_registered', $json->jetpack_id, $json->jetpack_secret, $jetpack_public );
4648
4649
		// Initialize Jump Start for the first and only time.
4650
		if ( ! Jetpack_Options::get_option( 'jumpstart' ) ) {
4651
			Jetpack_Options::update_option( 'jumpstart', 'new_connection' );
4652
4653
			$jetpack = Jetpack::init();
4654
4655
			$jetpack->stat( 'jumpstart', 'unique-views' );
4656
			$jetpack->do_stats( 'server_side' );
4657
		};
4658
4659
		return true;
4660
	}
4661
4662
	/**
4663
	 * If the db version is showing something other that what we've got now, bump it to current.
4664
	 *
4665
	 * @return bool: True if the option was incorrect and updated, false if nothing happened.
4666
	 */
4667
	public static function maybe_set_version_option() {
4668
		list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
4669
		if ( JETPACK__VERSION != $version ) {
4670
			Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
4671
			return true;
4672
		}
4673
		return false;
4674
	}
4675
4676
/* Client Server API */
4677
4678
	/**
4679
	 * Loads the Jetpack XML-RPC client
4680
	 */
4681
	public static function load_xml_rpc_client() {
4682
		require_once ABSPATH . WPINC . '/class-IXR.php';
4683
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-ixr-client.php';
4684
	}
4685
4686
	function verify_xml_rpc_signature() {
4687
		if ( $this->xmlrpc_verification ) {
4688
			return $this->xmlrpc_verification;
4689
		}
4690
4691
		// It's not for us
4692
		if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) {
4693
			return false;
4694
		}
4695
4696
		@list( $token_key, $version, $user_id ) = explode( ':', $_GET['token'] );
4697
		if (
4698
			empty( $token_key )
4699
		||
4700
			empty( $version ) || strval( JETPACK__API_VERSION ) !== $version
4701
		) {
4702
			return false;
4703
		}
4704
4705
		if ( '0' === $user_id ) {
4706
			$token_type = 'blog';
4707
			$user_id = 0;
4708
		} else {
4709
			$token_type = 'user';
4710
			if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) {
4711
				return false;
4712
			}
4713
			$user_id = (int) $user_id;
4714
4715
			$user = new WP_User( $user_id );
4716
			if ( ! $user || ! $user->exists() ) {
4717
				return false;
4718
			}
4719
		}
4720
4721
		$token = Jetpack_Data::get_access_token( $user_id );
4722
		if ( ! $token ) {
4723
			return false;
4724
		}
4725
4726
		$token_check = "$token_key.";
4727
		if ( ! hash_equals( substr( $token->secret, 0, strlen( $token_check ) ), $token_check ) ) {
4728
			return false;
4729
		}
4730
4731
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
4732
4733
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
4734
		if ( isset( $_POST['_jetpack_is_multipart'] ) ) {
4735
			$post_data   = $_POST;
4736
			$file_hashes = array();
4737
			foreach ( $post_data as $post_data_key => $post_data_value ) {
4738
				if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) {
4739
					continue;
4740
				}
4741
				$post_data_key = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) );
4742
				$file_hashes[$post_data_key] = $post_data_value;
4743
			}
4744
4745
			foreach ( $file_hashes as $post_data_key => $post_data_value ) {
4746
				unset( $post_data["_jetpack_file_hmac_{$post_data_key}"] );
4747
				$post_data[$post_data_key] = $post_data_value;
4748
			}
4749
4750
			ksort( $post_data );
4751
4752
			$body = http_build_query( stripslashes_deep( $post_data ) );
4753
		} elseif ( is_null( $this->HTTP_RAW_POST_DATA ) ) {
4754
			$body = file_get_contents( 'php://input' );
4755
		} else {
4756
			$body = null;
4757
		}
4758
		$signature = $jetpack_signature->sign_current_request(
4759
			array( 'body' => is_null( $body ) ? $this->HTTP_RAW_POST_DATA : $body, )
4760
		);
4761
4762
		if ( ! $signature ) {
4763
			return false;
4764
		} else if ( is_wp_error( $signature ) ) {
4765
			return $signature;
4766
		} else if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
4767
			return false;
4768
		}
4769
4770
		$timestamp = (int) $_GET['timestamp'];
4771
		$nonce     = stripslashes( (string) $_GET['nonce'] );
4772
4773
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
4774
			return false;
4775
		}
4776
4777
		$this->xmlrpc_verification = array(
4778
			'type'    => $token_type,
4779
			'user_id' => $token->external_user_id,
4780
		);
4781
4782
		return $this->xmlrpc_verification;
4783
	}
4784
4785
	/**
4786
	 * Authenticates XML-RPC and other requests from the Jetpack Server
4787
	 */
4788
	function authenticate_jetpack( $user, $username, $password ) {
4789
		if ( is_a( $user, 'WP_User' ) ) {
4790
			return $user;
4791
		}
4792
4793
		$token_details = $this->verify_xml_rpc_signature();
4794
4795
		if ( ! $token_details || is_wp_error( $token_details ) ) {
4796
			return $user;
4797
		}
4798
4799
		if ( 'user' !== $token_details['type'] ) {
4800
			return $user;
4801
		}
4802
4803
		if ( ! $token_details['user_id'] ) {
4804
			return $user;
4805
		}
4806
4807
		nocache_headers();
4808
4809
		return new WP_User( $token_details['user_id'] );
4810
	}
4811
4812
	function add_nonce( $timestamp, $nonce ) {
4813
		global $wpdb;
4814
		static $nonces_used_this_request = array();
4815
4816
		if ( isset( $nonces_used_this_request["$timestamp:$nonce"] ) ) {
4817
			return $nonces_used_this_request["$timestamp:$nonce"];
4818
		}
4819
4820
		// This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce
4821
		$timestamp = (int) $timestamp;
4822
		$nonce     = esc_sql( $nonce );
4823
4824
		// Raw query so we can avoid races: add_option will also update
4825
		$show_errors = $wpdb->show_errors( false );
4826
4827
		$old_nonce = $wpdb->get_row(
4828
			$wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" )
4829
		);
4830
4831
		if ( is_null( $old_nonce ) ) {
4832
			$return = $wpdb->query(
4833
				$wpdb->prepare(
4834
					"INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",
4835
					"jetpack_nonce_{$timestamp}_{$nonce}",
4836
					time(),
4837
					'no'
4838
				)
4839
			);
4840
		} else {
4841
			$return = false;
4842
		}
4843
4844
		$wpdb->show_errors( $show_errors );
4845
4846
		$nonces_used_this_request["$timestamp:$nonce"] = $return;
4847
4848
		return $return;
4849
	}
4850
4851
	/**
4852
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
4853
	 * Capture it here so we can verify the signature later.
4854
	 */
4855
	function xmlrpc_methods( $methods ) {
4856
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
4857
		return $methods;
4858
	}
4859
4860
	function public_xmlrpc_methods( $methods ) {
4861
		if ( array_key_exists( 'wp.getOptions', $methods ) ) {
4862
			$methods['wp.getOptions'] = array( $this, 'jetpack_getOptions' );
4863
		}
4864
		return $methods;
4865
	}
4866
4867
	function jetpack_getOptions( $args ) {
4868
		global $wp_xmlrpc_server;
4869
4870
		$wp_xmlrpc_server->escape( $args );
4871
4872
		$username	= $args[1];
4873
		$password	= $args[2];
4874
4875
		if ( !$user = $wp_xmlrpc_server->login($username, $password) ) {
4876
			return $wp_xmlrpc_server->error;
4877
		}
4878
4879
		$options = array();
4880
		$user_data = $this->get_connected_user_data();
4881
		if ( is_array( $user_data ) ) {
4882
			$options['jetpack_user_id'] = array(
4883
				'desc'          => __( 'The WP.com user ID of the connected user', 'jetpack' ),
4884
				'readonly'      => true,
4885
				'value'         => $user_data['ID'],
4886
			);
4887
			$options['jetpack_user_login'] = array(
4888
				'desc'          => __( 'The WP.com username of the connected user', 'jetpack' ),
4889
				'readonly'      => true,
4890
				'value'         => $user_data['login'],
4891
			);
4892
			$options['jetpack_user_email'] = array(
4893
				'desc'          => __( 'The WP.com user email of the connected user', 'jetpack' ),
4894
				'readonly'      => true,
4895
				'value'         => $user_data['email'],
4896
			);
4897
			$options['jetpack_user_site_count'] = array(
4898
				'desc'          => __( 'The number of sites of the connected WP.com user', 'jetpack' ),
4899
				'readonly'      => true,
4900
				'value'         => $user_data['site_count'],
4901
			);
4902
		}
4903
		$wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options );
4904
		$args = stripslashes_deep( $args );
4905
		return $wp_xmlrpc_server->wp_getOptions( $args );
4906
	}
4907
4908
	function xmlrpc_options( $options ) {
4909
		$jetpack_client_id = false;
4910
		if ( self::is_active() ) {
4911
			$jetpack_client_id = Jetpack_Options::get_option( 'id' );
4912
		}
4913
		$options['jetpack_version'] = array(
4914
				'desc'          => __( 'Jetpack Plugin Version', 'jetpack' ),
4915
				'readonly'      => true,
4916
				'value'         => JETPACK__VERSION,
4917
		);
4918
4919
		$options['jetpack_client_id'] = array(
4920
				'desc'          => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),
4921
				'readonly'      => true,
4922
				'value'         => $jetpack_client_id,
4923
		);
4924
		return $options;
4925
	}
4926
4927
	public static function clean_nonces( $all = false ) {
4928
		global $wpdb;
4929
4930
		$sql = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s";
4931
		if ( method_exists ( $wpdb , 'esc_like' ) ) {
4932
			$sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' );
4933
		} else {
4934
			$sql_args = array( like_escape( 'jetpack_nonce_' ) . '%' );
4935
		}
4936
4937
		if ( true !== $all ) {
4938
			$sql .= ' AND CAST( `option_value` AS UNSIGNED ) < %d';
4939
			$sql_args[] = time() - 3600;
4940
		}
4941
4942
		$sql .= ' ORDER BY `option_id` LIMIT 100';
4943
4944
		$sql = $wpdb->prepare( $sql, $sql_args );
4945
4946
		for ( $i = 0; $i < 1000; $i++ ) {
4947
			if ( ! $wpdb->query( $sql ) ) {
4948
				break;
4949
			}
4950
		}
4951
	}
4952
4953
	/**
4954
	 * State is passed via cookies from one request to the next, but never to subsequent requests.
4955
	 * SET: state( $key, $value );
4956
	 * GET: $value = state( $key );
4957
	 *
4958
	 * @param string $key
4959
	 * @param string $value
4960
	 * @param bool $restate private
4961
	 */
4962
	public static function state( $key = null, $value = null, $restate = false ) {
4963
		static $state = array();
4964
		static $path, $domain;
4965
		if ( ! isset( $path ) ) {
4966
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
4967
			$admin_url = Jetpack::admin_url();
4968
			$bits      = parse_url( $admin_url );
4969
4970
			if ( is_array( $bits ) ) {
4971
				$path   = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
4972
				$domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
4973
			} else {
4974
				$path = $domain = null;
4975
			}
4976
		}
4977
4978
		// Extract state from cookies and delete cookies
4979
		if ( isset( $_COOKIE[ 'jetpackState' ] ) && is_array( $_COOKIE[ 'jetpackState' ] ) ) {
4980
			$yum = $_COOKIE[ 'jetpackState' ];
4981
			unset( $_COOKIE[ 'jetpackState' ] );
4982
			foreach ( $yum as $k => $v ) {
4983
				if ( strlen( $v ) )
4984
					$state[ $k ] = $v;
4985
				setcookie( "jetpackState[$k]", false, 0, $path, $domain );
4986
			}
4987
		}
4988
4989
		if ( $restate ) {
4990
			foreach ( $state as $k => $v ) {
4991
				setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
4992
			}
4993
			return;
4994
		}
4995
4996
		// Get a state variable
4997
		if ( isset( $key ) && ! isset( $value ) ) {
4998
			if ( array_key_exists( $key, $state ) )
4999
				return $state[ $key ];
5000
			return null;
5001
		}
5002
5003
		// Set a state variable
5004
		if ( isset ( $key ) && isset( $value ) ) {
5005
			if( is_array( $value ) && isset( $value[0] ) ) {
5006
				$value = $value[0];
5007
			}
5008
			$state[ $key ] = $value;
5009
			setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5010
		}
5011
	}
5012
5013
	public static function restate() {
5014
		Jetpack::state( null, null, true );
5015
	}
5016
5017
	public static function check_privacy( $file ) {
5018
		static $is_site_publicly_accessible = null;
5019
5020
		if ( is_null( $is_site_publicly_accessible ) ) {
5021
			$is_site_publicly_accessible = false;
5022
5023
			Jetpack::load_xml_rpc_client();
5024
			$rpc = new Jetpack_IXR_Client();
5025
5026
			$success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5027
			if ( $success ) {
5028
				$response = $rpc->getResponse();
5029
				if ( $response ) {
5030
					$is_site_publicly_accessible = true;
5031
				}
5032
			}
5033
5034
			Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5035
		}
5036
5037
		if ( $is_site_publicly_accessible ) {
5038
			return;
5039
		}
5040
5041
		$module_slug = self::get_module_slug( $file );
5042
5043
		$privacy_checks = Jetpack::state( 'privacy_checks' );
5044
		if ( ! $privacy_checks ) {
5045
			$privacy_checks = $module_slug;
5046
		} else {
5047
			$privacy_checks .= ",$module_slug";
5048
		}
5049
5050
		Jetpack::state( 'privacy_checks', $privacy_checks );
5051
	}
5052
5053
	/**
5054
	 * Helper method for multicall XMLRPC.
5055
	 */
5056
	public static function xmlrpc_async_call() {
5057
		global $blog_id;
5058
		static $clients = array();
5059
5060
		$client_blog_id = is_multisite() ? $blog_id : 0;
5061
5062
		if ( ! isset( $clients[$client_blog_id] ) ) {
5063
			Jetpack::load_xml_rpc_client();
5064
			$clients[$client_blog_id] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER, ) );
5065
			if ( function_exists( 'ignore_user_abort' ) ) {
5066
				ignore_user_abort( true );
5067
			}
5068
			add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5069
		}
5070
5071
		$args = func_get_args();
5072
5073
		if ( ! empty( $args[0] ) ) {
5074
			call_user_func_array( array( $clients[$client_blog_id], 'addCall' ), $args );
5075
		} elseif ( is_multisite() ) {
5076
			foreach ( $clients as $client_blog_id => $client ) {
5077
				if ( ! $client_blog_id || empty( $client->calls ) ) {
5078
					continue;
5079
				}
5080
5081
				$switch_success = switch_to_blog( $client_blog_id, true );
5082
				if ( ! $switch_success ) {
5083
					continue;
5084
				}
5085
5086
				flush();
5087
				$client->query();
5088
5089
				restore_current_blog();
5090
			}
5091
		} else {
5092
			if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5093
				flush();
5094
				$clients[0]->query();
5095
			}
5096
		}
5097
	}
5098
5099
	public static function staticize_subdomain( $url ) {
5100
5101
		// Extract hostname from URL
5102
		$host = parse_url( $url, PHP_URL_HOST );
5103
5104
		// Explode hostname on '.'
5105
		$exploded_host = explode( '.', $host );
5106
5107
		// Retrieve the name and TLD
5108
		if ( count( $exploded_host ) > 1 ) {
5109
			$name = $exploded_host[ count( $exploded_host ) - 2 ];
5110
			$tld = $exploded_host[ count( $exploded_host ) - 1 ];
5111
			// Rebuild domain excluding subdomains
5112
			$domain = $name . '.' . $tld;
5113
		} else {
5114
			$domain = $host;
5115
		}
5116
		// Array of Automattic domains
5117
		$domain_whitelist = array( 'wordpress.com', 'wp.com' );
5118
5119
		// Return $url if not an Automattic domain
5120
		if ( ! in_array( $domain, $domain_whitelist ) ) {
5121
			return $url;
5122
		}
5123
5124
		if ( is_ssl() ) {
5125
			return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5126
		}
5127
5128
		srand( crc32( basename( $url ) ) );
5129
		$static_counter = rand( 0, 2 );
5130
		srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5131
5132
		return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5133
	}
5134
5135
/* JSON API Authorization */
5136
5137
	/**
5138
	 * Handles the login action for Authorizing the JSON API
5139
	 */
5140
	function login_form_json_api_authorization() {
5141
		$this->verify_json_api_authorization_request();
5142
5143
		add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5144
5145
		add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5146
		add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5147
		add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5148
	}
5149
5150
	// Make sure the login form is POSTed to the signed URL so we can reverify the request
5151
	function post_login_form_to_signed_url( $url, $path, $scheme ) {
5152
		if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5153
			return $url;
5154
		}
5155
5156
		$parsed_url = parse_url( $url );
5157
		$url = strtok( $url, '?' );
5158
		$url = "$url?{$_SERVER['QUERY_STRING']}";
5159
		if ( ! empty( $parsed_url['query'] ) )
5160
			$url .= "&{$parsed_url['query']}";
5161
5162
		return $url;
5163
	}
5164
5165
	// Make sure the POSTed request is handled by the same action
5166
	function preserve_action_in_login_form_for_json_api_authorization() {
5167
		echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
5168
		echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
5169
	}
5170
5171
	// If someone logs in to approve API access, store the Access Code in usermeta
5172
	function store_json_api_authorization_token( $user_login, $user ) {
5173
		add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
5174
		add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
5175
		$token = wp_generate_password( 32, false );
5176
		update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
5177
	}
5178
5179
	// Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
5180
	function allow_wpcom_public_api_domain( $domains ) {
5181
		$domains[] = 'public-api.wordpress.com';
5182
		return $domains;
5183
	}
5184
5185
	// Add the Access Code details to the public-api.wordpress.com redirect
5186
	function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
5187
		return add_query_arg(
5188
			urlencode_deep(
5189
				array(
5190
					'jetpack-code'    => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
5191
					'jetpack-user-id' => (int) $user->ID,
5192
					'jetpack-state'   => $this->json_api_authorization_request['state'],
5193
				)
5194
			),
5195
			$redirect_to
5196
		);
5197
	}
5198
5199
	// Verifies the request by checking the signature
5200
	function verify_json_api_authorization_request() {
5201
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5202
5203
		$token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
5204
		if ( ! $token || empty( $token->secret ) ) {
5205
			wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.' , 'jetpack' ) );
5206
		}
5207
5208
		$die_error = __( 'Someone may be trying to trick you into giving them access to your site.  Or it could be you just encountered a bug :).  Either way, please close this window.', 'jetpack' );
5209
5210
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5211
5212
		if ( isset( $_POST['jetpack_json_api_original_query'] ) ) {
5213
			$signature = $jetpack_signature->sign_request( $_GET['token'], $_GET['timestamp'], $_GET['nonce'], '', 'GET', $_POST['jetpack_json_api_original_query'], null, true );
5214
		} else {
5215
			$signature = $jetpack_signature->sign_current_request( array( 'body' => null, 'method' => 'GET' ) );
5216
		}
5217
5218
		if ( ! $signature ) {
5219
			wp_die( $die_error );
5220
		} else if ( is_wp_error( $signature ) ) {
5221
			wp_die( $die_error );
5222
		} else if ( $signature !== $_GET['signature'] ) {
5223
			if ( is_ssl() ) {
5224
				// If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
5225
				$signature = $jetpack_signature->sign_current_request( array( 'scheme' => 'http', 'body' => null, 'method' => 'GET' ) );
5226
				if ( ! $signature || is_wp_error( $signature ) || $signature !== $_GET['signature'] ) {
5227
					wp_die( $die_error );
5228
				}
5229
			} else {
5230
				wp_die( $die_error );
5231
			}
5232
		}
5233
5234
		$timestamp = (int) $_GET['timestamp'];
5235
		$nonce     = stripslashes( (string) $_GET['nonce'] );
5236
5237
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5238
			// De-nonce the nonce, at least for 5 minutes.
5239
			// We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
5240
			$old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
5241
			if ( $old_nonce_time < time() - 300 ) {
5242
				wp_die( __( 'The authorization process expired.  Please go back and try again.' , 'jetpack' ) );
5243
			}
5244
		}
5245
5246
		$data = json_decode( base64_decode( stripslashes( $_GET['data'] ) ) );
5247
		$data_filters = array(
5248
			'state'        => 'opaque',
5249
			'client_id'    => 'int',
5250
			'client_title' => 'string',
5251
			'client_image' => 'url',
5252
		);
5253
5254
		foreach ( $data_filters as $key => $sanitation ) {
5255
			if ( ! isset( $data->$key ) ) {
5256
				wp_die( $die_error );
5257
			}
5258
5259
			switch ( $sanitation ) {
5260
			case 'int' :
5261
				$this->json_api_authorization_request[$key] = (int) $data->$key;
5262
				break;
5263
			case 'opaque' :
5264
				$this->json_api_authorization_request[$key] = (string) $data->$key;
5265
				break;
5266
			case 'string' :
5267
				$this->json_api_authorization_request[$key] = wp_kses( (string) $data->$key, array() );
5268
				break;
5269
			case 'url' :
5270
				$this->json_api_authorization_request[$key] = esc_url_raw( (string) $data->$key );
5271
				break;
5272
			}
5273
		}
5274
5275
		if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
5276
			wp_die( $die_error );
5277
		}
5278
	}
5279
5280
	function login_message_json_api_authorization( $message ) {
5281
		return '<p class="message">' . sprintf(
5282
			esc_html__( '%s wants to access your site&#8217;s data.  Log in to authorize that access.' , 'jetpack' ),
5283
			'<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
5284
		) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
5285
	}
5286
5287
	/**
5288
	 * Get $content_width, but with a <s>twist</s> filter.
5289
	 */
5290
	public static function get_content_width() {
5291
		$content_width = isset( $GLOBALS['content_width'] ) ? $GLOBALS['content_width'] : false;
5292
		/**
5293
		 * Filter the Content Width value.
5294
		 *
5295
		 * @since 2.2.3
5296
		 *
5297
		 * @param string $content_width Content Width value.
5298
		 */
5299
		return apply_filters( 'jetpack_content_width', $content_width );
5300
	}
5301
5302
	/**
5303
	 * Centralize the function here until it gets added to core.
5304
	 *
5305
	 * @param int|string|object $id_or_email A user ID,  email address, or comment object
5306
	 * @param int $size Size of the avatar image
5307
	 * @param string $default URL to a default image to use if no avatar is available
5308
	 * @param bool $force_display Whether to force it to return an avatar even if show_avatars is disabled
5309
	 *
5310
	 * @return array First element is the URL, second is the class.
5311
	 */
5312
	public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
5313
		// Don't bother adding the __return_true filter if it's already there.
5314
		$has_filter = has_filter( 'pre_option_show_avatars', '__return_true' );
5315
5316
		if ( $force_display && ! $has_filter )
5317
			add_filter( 'pre_option_show_avatars', '__return_true' );
5318
5319
		$avatar = get_avatar( $id_or_email, $size, $default );
5320
5321
		if ( $force_display && ! $has_filter )
5322
			remove_filter( 'pre_option_show_avatars', '__return_true' );
5323
5324
		// If no data, fail out.
5325
		if ( is_wp_error( $avatar ) || ! $avatar )
5326
			return array( null, null );
5327
5328
		// Pull out the URL.  If it's not there, fail out.
5329
		if ( ! preg_match( '/src=["\']([^"\']+)["\']/', $avatar, $url_matches ) )
5330
			return array( null, null );
5331
		$url = wp_specialchars_decode( $url_matches[1], ENT_QUOTES );
5332
5333
		// Pull out the class, but it's not a big deal if it's missing.
5334
		$class = '';
5335
		if ( preg_match( '/class=["\']([^"\']+)["\']/', $avatar, $class_matches ) )
5336
			$class = wp_specialchars_decode( $class_matches[1], ENT_QUOTES );
5337
5338
		return array( $url, $class );
5339
	}
5340
5341
	/**
5342
	 * Pings the WordPress.com Mirror Site for the specified options.
5343
	 *
5344
	 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
5345
	 *
5346
	 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
5347
	 */
5348
	public function get_cloud_site_options( $option_names ) {
5349
		$option_names = array_filter( (array) $option_names, 'is_string' );
5350
5351
		Jetpack::load_xml_rpc_client();
5352
		$xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER, ) );
5353
		$xml->query( 'jetpack.fetchSiteOptions', $option_names );
5354
		if ( $xml->isError() ) {
5355
			return array(
5356
				'error_code' => $xml->getErrorCode(),
5357
				'error_msg'  => $xml->getErrorMessage(),
5358
			);
5359
		}
5360
		$cloud_site_options = $xml->getResponse();
5361
5362
		return $cloud_site_options;
5363
	}
5364
5365
	/**
5366
	 * Fetch the filtered array of options that we should compare to determine an identity crisis.
5367
	 *
5368
	 * @return array An array of options to check.
5369
	 */
5370
	public static function identity_crisis_options_to_check() {
5371
		return array(
5372
			'siteurl',
5373
			'home',
5374
		);
5375
	}
5376
5377
	/**
5378
	 * Checks to make sure that local options have the same values as remote options.  Will cache the results for up to 24 hours.
5379
	 *
5380
	 * @param bool $force_recheck Whether to ignore any cached transient and manually re-check.
5381
	 *
5382
	 * @return array An array of options that do not match.  If everything is good, it will evaluate to false.
5383
	 */
5384
	public static function check_identity_crisis( $force_recheck = false ) {
5385
		if ( ! Jetpack::is_active() || Jetpack::is_development_mode() || Jetpack::is_staging_site() )
5386
			return false;
5387
5388
		if ( $force_recheck || false === ( $errors = get_transient( 'jetpack_has_identity_crisis' ) ) ) {
5389
			$options_to_check = self::identity_crisis_options_to_check();
5390
			$cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check );
5391
			$errors        = array();
5392
5393
			foreach ( $cloud_options as $cloud_key => $cloud_value ) {
5394
5395
				// If it's not the same as the local value...
5396
				if ( $cloud_value !== get_option( $cloud_key ) ) {
5397
5398
					// Break out if we're getting errors.  We are going to check the error keys later when we alert.
5399
					if ( 'error_code' == $cloud_key ) {
5400
						$errors[ $cloud_key ] = $cloud_value;
5401
						break;
5402
					}
5403
5404
					$parsed_cloud_value = parse_url( $cloud_value );
5405
					// If the current options is an IP address
5406
					if ( filter_var( $parsed_cloud_value['host'], FILTER_VALIDATE_IP ) ) {
5407
						// Give the new value a Jetpack to fly in to the clouds
5408
						Jetpack::resolve_identity_crisis( $cloud_key );
5409
						continue;
5410
					}
5411
5412
					// And it's not been added to the whitelist...
5413
					if ( ! self::is_identity_crisis_value_whitelisted( $cloud_key, $cloud_value ) ) {
5414
						/*
5415
						 * This should be a temporary hack until a cleaner solution is found.
5416
						 *
5417
						 * The siteurl and home can be set to use http in General > Settings
5418
						 * however some constants can be defined that can force https in wp-admin
5419
						 * when this happens wpcom can confuse wporg with a fake identity
5420
						 * crisis with a mismatch of http vs https when it should be allowed.
5421
						 * we need to check that here.
5422
						 *
5423
						 * @see https://github.com/Automattic/jetpack/issues/1006
5424
						 */
5425
						if ( ( 'home' == $cloud_key || 'siteurl' == $cloud_key )
5426
							&& ( substr( $cloud_value, 0, 8 ) == "https://" )
5427
							&& Jetpack::init()->is_ssl_required_to_visit_site() ) {
5428
							// Ok, we found a mismatch of http and https because of wp-config, not an invalid url
5429
							continue;
5430
						}
5431
5432
5433
						// Then kick an error!
5434
						$errors[ $cloud_key ] = $cloud_value;
5435
					}
5436
				}
5437
			}
5438
		}
5439
5440
		/**
5441
		 * Filters the errors returned when checking for an Identity Crisis.
5442
		 *
5443
		 * @since 2.3.2
5444
		 *
5445
		 * @param array $errors Array of Identity Crisis errors.
5446
		 * @param bool $force_recheck Ignore any cached transient and manually re-check. Default to false.
5447
		 */
5448
		return apply_filters( 'jetpack_has_identity_crisis', $errors, $force_recheck );
5449
	}
5450
5451
	/*
5452
	 * Resolve ID crisis
5453
	 *
5454
	 * If the URL has changed, but the rest of the options are the same (i.e. blog/user tokens)
5455
	 * The user has the option to update the shadow site with the new URL before a new
5456
	 * token is created.
5457
	 *
5458
	 * @param $key : Which option to sync.  null defautlts to home and siteurl
5459
	 */
5460
	public static function resolve_identity_crisis( $key = null ) {
5461
		if ( $key ) {
5462
			$identity_options = array( $key );
5463
		} else {
5464
			$identity_options = self::identity_crisis_options_to_check();
5465
		}
5466
5467
		if ( is_array( $identity_options ) ) {
5468
			foreach( $identity_options as $identity_option ) {
5469
				/**
5470
				 * Fires when a shadow site option is updated.
5471
				 * These options are updated via the Identity Crisis UI.
5472
				 * $identity_option is the option that gets updated.
5473
				 *
5474
				 * @since 3.7.0
5475
				 */
5476
				do_action( "update_option_{$identity_option}" );
5477
			}
5478
		}
5479
	}
5480
5481
	/*
5482
	 * Whitelist URL
5483
	 *
5484
	 * Ignore the URL differences between the blog and the shadow site.
5485
	 */
5486
	public static function whitelist_current_url() {
5487
		$options_to_check = Jetpack::identity_crisis_options_to_check();
5488
		$cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check );
5489
5490
		foreach ( $cloud_options as $cloud_key => $cloud_value ) {
5491
			Jetpack::whitelist_identity_crisis_value( $cloud_key, $cloud_value );
5492
		}
5493
	}
5494
5495
	/*
5496
	 * Ajax callbacks for ID crisis resolutions
5497
	 *
5498
	 * Things that could happen here:
5499
	 *  - site_migrated : Update the URL on the shadow blog to match new domain
5500
	 *  - whitelist     : Ignore the URL difference
5501
	 *  - default       : Error message
5502
	 */
5503
	public static function resolve_identity_crisis_ajax_callback() {
5504
		check_ajax_referer( 'resolve-identity-crisis', 'ajax-nonce' );
5505
5506
		switch ( $_POST[ 'crisis_resolution_action' ] ) {
5507
			case 'site_migrated':
5508
				Jetpack::resolve_identity_crisis();
5509
				echo 'resolved';
5510
				break;
5511
5512
			case 'whitelist':
5513
				Jetpack::whitelist_current_url();
5514
				echo 'whitelisted';
5515
				break;
5516
5517
			case 'reset_connection':
5518
				// Delete the options first so it doesn't get confused which site to disconnect dotcom-side
5519
				Jetpack_Options::delete_option(
5520
					array(
5521
						'register',
5522
						'blog_token',
5523
						'user_token',
5524
						'user_tokens',
5525
						'master_user',
5526
						'time_diff',
5527
						'fallback_no_verify_ssl_certs',
5528
						'id',
5529
					)
5530
				);
5531
				delete_transient( 'jetpack_has_identity_crisis' );
5532
5533
				echo 'reset-connection-success';
5534
				break;
5535
5536
			default:
5537
				echo 'missing action';
5538
				break;
5539
		}
5540
5541
		wp_die();
5542
	}
5543
5544
	/**
5545
	 * Adds a value to the whitelist for the specified key.
5546
	 *
5547
	 * @param string $key The option name that we're whitelisting the value for.
5548
	 * @param string $value The value that we're intending to add to the whitelist.
5549
	 *
5550
	 * @return bool Whether the value was added to the whitelist, or false if it was already there.
5551
	 */
5552
	public static function whitelist_identity_crisis_value( $key, $value ) {
5553
		if ( Jetpack::is_identity_crisis_value_whitelisted( $key, $value ) ) {
5554
			return false;
5555
		}
5556
5557
		$whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist', array() );
5558
		if ( empty( $whitelist[ $key ] ) || ! is_array( $whitelist[ $key ] ) ) {
5559
			$whitelist[ $key ] = array();
5560
		}
5561
		array_push( $whitelist[ $key ], $value );
5562
5563
		Jetpack_Options::update_option( 'identity_crisis_whitelist', $whitelist );
5564
		return true;
5565
	}
5566
5567
	/**
5568
	 * Checks whether a value is already whitelisted.
5569
	 *
5570
	 * @param string $key The option name that we're checking the value for.
5571
	 * @param string $value The value that we're curious to see if it's on the whitelist.
5572
	 *
5573
	 * @return bool Whether the value is whitelisted.
5574
	 */
5575
	public static function is_identity_crisis_value_whitelisted( $key, $value ) {
5576
		$whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist', array() );
5577
		if ( ! empty( $whitelist[ $key ] ) && is_array( $whitelist[ $key ] ) && in_array( $value, $whitelist[ $key ] ) ) {
5578
			return true;
5579
		}
5580
		return false;
5581
	}
5582
5583
	/**
5584
	 * Checks whether the home and siteurl specifically are whitelisted
5585
	 * Written so that we don't have re-check $key and $value params every time
5586
	 * we want to check if this site is whitelisted, for example in footer.php
5587
	 *
5588
	 * @return bool True = already whitelsisted False = not whitelisted
5589
	 */
5590
	public static function is_staging_site() {
5591
		$is_staging = false;
5592
5593
		$current_whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist' );
5594
		if ( $current_whitelist ) {
5595
			$options_to_check  = Jetpack::identity_crisis_options_to_check();
5596
			$cloud_options     = Jetpack::init()->get_cloud_site_options( $options_to_check );
5597
5598
			foreach ( $cloud_options as $cloud_key => $cloud_value ) {
5599
				if ( self::is_identity_crisis_value_whitelisted( $cloud_key, $cloud_value ) ) {
5600
					$is_staging = true;
5601
					break;
5602
				}
5603
			}
5604
		}
5605
		$known_staging = array(
5606
			'urls' => array(
5607
				'#\.staging\.wpengine\.com$#i',
5608
				),
5609
			'constants' => array(
5610
				'IS_WPE_SNAPSHOT',
5611
				'KINSTA_DEV_ENV',
5612
				'JETPACK_STAGING_MODE',
5613
				)
5614
			);
5615
		/**
5616
		 * Filters the flags of known staging sites.
5617
		 *
5618
		 * @since 3.9.0
5619
		 *
5620
		 * @param array $known_staging {
5621
		 *     An array of arrays that each are used to check if the current site is staging.
5622
		 *     @type array $urls      URLs of staging sites in regex to check against site_url.
5623
		 *     @type array $cosntants PHP constants of known staging/developement environments.
5624
		 *  }
5625
		 */
5626
		$known_staging = apply_filters( 'jetpack_known_staging', $known_staging );
5627
5628
		if ( isset( $known_staging['urls'] ) ) {
5629
			foreach ( $known_staging['urls'] as $url ){
5630
				if ( preg_match( $url, site_url() ) ) {
5631
					$is_staging = true;
5632
					break;
5633
				}
5634
			}
5635
		}
5636
5637
		if ( isset( $known_staging['constants'] ) ) {
5638
			foreach ( $known_staging['constants'] as $constant ) {
5639
				if ( defined( $constant ) && constant( $constant ) ) {
5640
					$is_staging = true;
5641
				}
5642
			}
5643
		}
5644
5645
		/**
5646
		 * Filters is_staging_site check.
5647
		 *
5648
		 * @since 3.9.0
5649
		 *
5650
		 * @param bool $is_staging If the current site is a staging site.
5651
		 */
5652
		return apply_filters( 'jetpack_is_staging_site', $is_staging );
5653
	}
5654
5655
	public function identity_crisis_js( $nonce ) {
5656
?>
5657
<script>
5658
(function( $ ) {
5659
	var SECOND_IN_MS = 1000;
5660
5661
	function contactSupport( e ) {
5662
		e.preventDefault();
5663
		$( '.jp-id-crisis-question' ).hide();
5664
		$( '#jp-id-crisis-contact-support' ).show();
5665
	}
5666
5667
	function autodismissSuccessBanner() {
5668
		$( '.jp-identity-crisis' ).fadeOut(600); //.addClass( 'dismiss' );
5669
	}
5670
5671
	var data = { action: 'jetpack_resolve_identity_crisis', 'ajax-nonce': '<?php echo $nonce; ?>' };
5672
5673
	$( document ).ready(function() {
5674
5675
		// Site moved: Update the URL on the shadow blog
5676
		$( '.site-moved' ).click(function( e ) {
5677
			e.preventDefault();
5678
			data.crisis_resolution_action = 'site_migrated';
5679
			$( '#jp-id-crisis-question-1 .spinner' ).show();
5680
			$.post( ajaxurl, data, function() {
5681
				$( '.jp-id-crisis-question' ).hide();
5682
				$( '.banner-title' ).hide();
5683
				$( '#jp-id-crisis-success' ).show();
5684
				setTimeout( autodismissSuccessBanner, 6 * SECOND_IN_MS );
5685
			});
5686
5687
		});
5688
5689
		// URL hasn't changed, next question please.
5690
		$( '.site-not-moved' ).click(function( e ) {
5691
			e.preventDefault();
5692
			$( '.jp-id-crisis-question' ).hide();
5693
			$( '#jp-id-crisis-question-2' ).show();
5694
		});
5695
5696
		// Reset connection: two separate sites.
5697
		$( '.reset-connection' ).click(function( e ) {
5698
			data.crisis_resolution_action = 'reset_connection';
5699
			$.post( ajaxurl, data, function( response ) {
5700
				if ( 'reset-connection-success' === response ) {
5701
					window.location.replace( '<?php echo Jetpack::admin_url(); ?>' );
5702
				}
5703
			});
5704
		});
5705
5706
		// It's a dev environment.  Ignore.
5707
		$( '.is-dev-env' ).click(function( e ) {
5708
			data.crisis_resolution_action = 'whitelist';
5709
			$( '#jp-id-crisis-question-2 .spinner' ).show();
5710
			$.post( ajaxurl, data, function() {
5711
				$( '.jp-id-crisis-question' ).hide();
5712
				$( '.banner-title' ).hide();
5713
				$( '#jp-id-crisis-success' ).show();
5714
				setTimeout( autodismissSuccessBanner, 4 * SECOND_IN_MS );
5715
			});
5716
		});
5717
5718
		$( '.not-reconnecting' ).click(contactSupport);
5719
		$( '.not-staging-or-dev' ).click(contactSupport);
5720
	});
5721
})( jQuery );
5722
</script>
5723
<?php
5724
	}
5725
5726
	/**
5727
	 * Displays an admin_notice, alerting the user to an identity crisis.
5728
	 */
5729
	public function alert_identity_crisis() {
5730
		// @todo temporary killing of feature in 3.8.1 as it revealed a number of scenarios not foreseen.
5731
		if ( ! Jetpack::is_development_version() ) {
5732
			return;
5733
		}
5734
5735
		// @todo temporary copout for dealing with domain mapping
5736
		// @see https://github.com/Automattic/jetpack/issues/2702
5737
		if ( is_multisite() && defined( 'SUNRISE' ) && ! Jetpack::is_development_version() ) {
5738
			return;
5739
		}
5740
5741
		if ( ! current_user_can( 'jetpack_disconnect' ) ) {
5742
			return;
5743
		}
5744
5745
		if ( ! $errors = self::check_identity_crisis() ) {
5746
			return;
5747
		}
5748
5749
		// Only show on dashboard and jetpack pages
5750
		$screen = get_current_screen();
5751
		if ( 'dashboard' !== $screen->base && ! did_action( 'jetpack_notices' ) ) {
5752
			return;
5753
		}
5754
5755
		// Include the js!
5756
		$ajax_nonce = wp_create_nonce( 'resolve-identity-crisis' );
5757
		$this->identity_crisis_js( $ajax_nonce );
5758
5759
		// Include the CSS!
5760
		if ( ! wp_script_is( 'jetpack', 'done' ) ) {
5761
			$this->admin_banner_styles();
5762
		}
5763
5764
		if ( ! array_key_exists( 'error_code', $errors ) ) {
5765
			$key = 'siteurl';
5766
			if ( ! $errors[ $key ] ) {
5767
				$key = 'home';
5768
			}
5769
		} else {
5770
			$key = 'error_code';
5771
			// 401 is the only error we care about.  Any other errors should not trigger the alert.
5772
			if ( 401 !== $errors[ $key ] ) {
5773
				return;
5774
			}
5775
		}
5776
5777
		?>
5778
5779
		<style>
5780
			.jp-identity-crisis .jp-btn-group {
5781
					margin: 15px 0;
5782
				}
5783
			.jp-identity-crisis strong {
5784
					color: #518d2a;
5785
				}
5786
			.jp-identity-crisis.dismiss {
5787
				display: none;
5788
			}
5789
			.jp-identity-crisis .button {
5790
				margin-right: 4px;
5791
			}
5792
		</style>
5793
5794
		<div id="message" class="error jetpack-message jp-identity-crisis stay-visible">
5795
			<div class="service-mark"></div>
5796
			<div class="jp-id-banner__content">
5797
				<!-- <h3 class="banner-title"><?php _e( 'Something\'s not quite right with your Jetpack connection! Let\'s fix that.', 'jetpack' ); ?></h3> -->
5798
5799
				<div class="jp-id-crisis-question" id="jp-id-crisis-question-1">
5800
					<?php
5801
					// 401 means that this site has been disconnected from wpcom, but the remote site still thinks it's connected.
5802
					if ( 'error_code' == $key && '401' == $errors[ $key ] ) : ?>
5803
						<div class="banner-content">
5804
							<p><?php
5805
								/* translators: %s is a URL */
5806
								printf( __( 'Our records show that this site does not have a valid connection to WordPress.com. Please reset your connection to fix this. <a href="%s" target="_blank">What caused this?</a>', 'jetpack' ), 'https://jetpack.com/support/no-valid-wordpress-com-connection/' );
5807
							?></p>
5808
						</div>
5809
						<div class="jp-btn-group">
5810
							<a href="#" class="reset-connection"><?php _e( 'Reset the connection', 'jetpack' ); ?></a>
5811
							<span class="idc-separator">|</span>
5812
							<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=dismiss' ), 'jetpack-deactivate' ) ); ?>"><?php _e( 'Deactivate Jetpack', 'jetpack' ); ?></a>
5813
						</div>
5814
					<?php else : ?>
5815
							<div class="banner-content">
5816
							<p><?php printf( __( 'It looks like you may have changed your domain. Is <strong>%1$s</strong> still your site\'s domain, or have you updated it to <strong> %2$s </strong>?', 'jetpack' ), $errors[ $key ], (string) get_option( $key ) ); ?></p>
5817
							</div>
5818
						<div class="jp-btn-group">
5819
							<a href="#" class="regular site-moved"><?php printf( __( '%s is now my domain.', 'jetpack' ), $errors[ $key ] ); ?></a> <span class="idc-separator">|</span> <a href="#" class="site-not-moved" ><?php printf( __( '%s is still my domain.', 'jetpack' ), (string) get_option( $key ) ); ?></a>
5820
							<span class="spinner"></span>
5821
						</div>
5822
					<?php endif ; ?>
5823
				</div>
5824
5825
				<div class="jp-id-crisis-question" id="jp-id-crisis-question-2" style="display: none;">
5826
					<div class="banner-content">
5827
						<p><?php printf(
5828
							/* translators: %1$s, %2$s and %3$s are URLs */
5829
							__(
5830
								'Are <strong> %2$s </strong> and <strong> %1$s </strong> two completely separate websites? If so we should create a new connection, which will reset your followers and linked services. <a href="%3$s"><em>What does this mean?</em></a>',
5831
								'jetpack'
5832
							),
5833
							$errors[ $key ],
5834
							(string) get_option( $key ),
5835
							'https://jetpack.com/support/what-does-resetting-the-connection-mean/'
5836
						); ?></p>
5837
					</div>
5838
					<div class="jp-btn-group">
5839
						<a href="#" class="reset-connection"><?php _e( 'Reset the connection', 'jetpack' ); ?></a> <span class="idc-separator">|</span>
5840
						<a href="#" class="is-dev-env"><?php _e( 'This is a development environment', 'jetpack' ); ?></a> <span class="idc-separator">|</span>
5841
						<a href="https://jetpack.com/contact-support/" class="contact-support"><?php _e( 'Submit a support ticket', 'jetpack' ); ?></a>
5842
						<span class="spinner"></span>
5843
					</div>
5844
				</div>
5845
5846
				<div class="jp-id-crisis-success" id="jp-id-crisis-success" style="display: none;">
5847
					<h3 class="success-notice"><?php printf( __( 'Thanks for taking the time to sort things out. We&#039;ve updated our records accordingly!', 'jetpack' ) ); ?></h3>
5848
				</div>
5849
			</div>
5850
		</div>
5851
5852
		<?php
5853
	}
5854
5855
	/**
5856
	 * Maybe Use a .min.css stylesheet, maybe not.
5857
	 *
5858
	 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
5859
	 */
5860
	public static function maybe_min_asset( $url, $path, $plugin ) {
5861
		// Short out on things trying to find actual paths.
5862
		if ( ! $path || empty( $plugin ) ) {
5863
			return $url;
5864
		}
5865
5866
		// Strip out the abspath.
5867
		$base = dirname( plugin_basename( $plugin ) );
5868
5869
		// Short out on non-Jetpack assets.
5870
		if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
5871
			return $url;
5872
		}
5873
5874
		// File name parsing.
5875
		$file              = "{$base}/{$path}";
5876
		$full_path         = JETPACK__PLUGIN_DIR . substr( $file, 8 );
5877
		$file_name         = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
5878
		$file_name_parts_r = array_reverse( explode( '.', $file_name ) );
5879
		$extension         = array_shift( $file_name_parts_r );
5880
5881
		if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
5882
			// Already pointing at the minified version.
5883
			if ( 'min' === $file_name_parts_r[0] ) {
5884
				return $url;
5885
			}
5886
5887
			$min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
5888
			if ( file_exists( $min_full_path ) ) {
5889
				$url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
5890
			}
5891
		}
5892
5893
		return $url;
5894
	}
5895
5896
	/**
5897
	 * Maybe inlines a stylesheet.
5898
	 *
5899
	 * If you'd like to inline a stylesheet instead of printing a link to it,
5900
	 * wp_style_add_data( 'handle', 'jetpack-inline', true );
5901
	 *
5902
	 * Attached to `style_loader_tag` filter.
5903
	 *
5904
	 * @param string $tag The tag that would link to the external asset.
5905
	 * @param string $handle The registered handle of the script in question.
5906
	 *
5907
	 * @return string
5908
	 */
5909
	public static function maybe_inline_style( $tag, $handle ) {
5910
		global $wp_styles;
5911
		$item = $wp_styles->registered[ $handle ];
5912
5913
		if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
5914
			return $tag;
5915
		}
5916
5917
		if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
5918
			$href = $matches[1];
5919
			// Strip off query string
5920
			if ( $pos = strpos( $href, '?' ) ) {
5921
				$href = substr( $href, 0, $pos );
5922
			}
5923
			// Strip off fragment
5924
			if ( $pos = strpos( $href, '#' ) ) {
5925
				$href = substr( $href, 0, $pos );
5926
			}
5927
		} else {
5928
			return $tag;
5929
		}
5930
5931
		$plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
5932
		if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
5933
			return $tag;
5934
		}
5935
5936
		// If this stylesheet has a RTL version, and the RTL version replaces normal...
5937
		if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
5938
			// And this isn't the pass that actually deals with the RTL version...
5939
			if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
5940
				// Short out, as the RTL version will deal with it in a moment.
5941
				return $tag;
5942
			}
5943
		}
5944
5945
		$file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
5946
		$css  = Jetpack::absolutize_css_urls( file_get_contents( $file ), $href );
5947
		if ( $css ) {
5948
			$tag = "<!-- Inline {$item->handle} -->\r\n";
5949
			if ( empty( $item->extra['after'] ) ) {
5950
				wp_add_inline_style( $handle, $css );
5951
			} else {
5952
				array_unshift( $item->extra['after'], $css );
5953
				wp_style_add_data( $handle, 'after', $item->extra['after'] );
5954
			}
5955
		}
5956
5957
		return $tag;
5958
	}
5959
5960
	/**
5961
	 * Loads a view file from the views
5962
	 *
5963
	 * Data passed in with the $data parameter will be available in the
5964
	 * template file as $data['value']
5965
	 *
5966
	 * @param string $template - Template file to load
5967
	 * @param array $data - Any data to pass along to the template
5968
	 * @return boolean - If template file was found
5969
	 **/
5970
	public function load_view( $template, $data = array() ) {
5971
		$views_dir = JETPACK__PLUGIN_DIR . 'views/';
5972
5973
		if( file_exists( $views_dir . $template ) ) {
5974
			require_once( $views_dir . $template );
5975
			return true;
5976
		}
5977
5978
		error_log( "Jetpack: Unable to find view file $views_dir$template" );
5979
		return false;
5980
	}
5981
5982
	/**
5983
	 * Throws warnings for deprecated hooks to be removed from Jetpack
5984
	 */
5985
	public function deprecated_hooks() {
5986
		global $wp_filter;
5987
5988
		/*
5989
		 * Format:
5990
		 * deprecated_filter_name => replacement_name
5991
		 *
5992
		 * If there is no replacement us null for replacement_name
5993
		 */
5994
		$deprecated_list = array(
5995
			'jetpack_bail_on_shortcode'                => 'jetpack_shortcodes_to_include',
5996
			'wpl_sharing_2014_1'                       => null,
5997
			'jetpack-tools-to-include'                 => 'jetpack_tools_to_include',
5998
			'jetpack_identity_crisis_options_to_check' => null,
5999
			'update_option_jetpack_single_user_site'   => null,
6000
		);
6001
6002
		// This is a silly loop depth. Better way?
6003
		foreach( $deprecated_list AS $hook => $hook_alt ) {
6004
			if( isset( $wp_filter[ $hook ] ) && is_array( $wp_filter[ $hook ] ) ) {
6005
				foreach( $wp_filter[$hook] AS $func => $values ) {
6006
					foreach( $values AS $hooked ) {
6007
						_deprecated_function( $hook . ' used for ' . $hooked['function'], null, $hook_alt );
6008
					}
6009
				}
6010
			}
6011
		}
6012
	}
6013
6014
	/**
6015
	 * Converts any url in a stylesheet, to the correct absolute url.
6016
	 *
6017
	 * Considerations:
6018
	 *  - Normal, relative URLs     `feh.png`
6019
	 *  - Data URLs                 `data:image/gif;base64,eh129ehiuehjdhsa==`
6020
	 *  - Schema-agnostic URLs      `//domain.com/feh.png`
6021
	 *  - Absolute URLs             `http://domain.com/feh.png`
6022
	 *  - Domain root relative URLs `/feh.png`
6023
	 *
6024
	 * @param $css string: The raw CSS -- should be read in directly from the file.
6025
	 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
6026
	 *
6027
	 * @return mixed|string
6028
	 */
6029
	public static function absolutize_css_urls( $css, $css_file_url ) {
6030
		$pattern = '#url\((?P<path>[^)]*)\)#i';
6031
		$css_dir = dirname( $css_file_url );
6032
		$p       = parse_url( $css_dir );
6033
		$domain  = sprintf(
6034
					'%1$s//%2$s%3$s%4$s',
6035
					isset( $p['scheme'] )           ? "{$p['scheme']}:" : '',
6036
					isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
6037
					$p['host'],
6038
					isset( $p['port'] )             ? ":{$p['port']}" : ''
6039
				);
6040
6041
		if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
6042
			$find = $replace = array();
6043
			foreach ( $matches as $match ) {
6044
				$url = trim( $match['path'], "'\" \t" );
6045
6046
				// If this is a data url, we don't want to mess with it.
6047
				if ( 'data:' === substr( $url, 0, 5 ) ) {
6048
					continue;
6049
				}
6050
6051
				// If this is an absolute or protocol-agnostic url,
6052
				// we don't want to mess with it.
6053
				if ( preg_match( '#^(https?:)?//#i', $url ) ) {
6054
					continue;
6055
				}
6056
6057
				switch ( substr( $url, 0, 1 ) ) {
6058
					case '/':
6059
						$absolute = $domain . $url;
6060
						break;
6061
					default:
6062
						$absolute = $css_dir . '/' . $url;
6063
				}
6064
6065
				$find[]    = $match[0];
6066
				$replace[] = sprintf( 'url("%s")', $absolute );
6067
			}
6068
			$css = str_replace( $find, $replace, $css );
6069
		}
6070
6071
		return $css;
6072
	}
6073
6074
	/**
6075
	 * This method checks to see if SSL is required by the site in
6076
	 * order to visit it in some way other than only setting the
6077
	 * https value in the home or siteurl values.
6078
	 *
6079
	 * @since 3.2
6080
	 * @return boolean
6081
	 **/
6082
	private function is_ssl_required_to_visit_site() {
6083
		global $wp_version;
6084
		$ssl = is_ssl();
6085
6086
		if ( force_ssl_admin() ) {
6087
			$ssl = true;
6088
		}
6089
		return $ssl;
6090
	}
6091
6092
	/**
6093
	 * This methods removes all of the registered css files on the frontend
6094
	 * from Jetpack in favor of using a single file. In effect "imploding"
6095
	 * all the files into one file.
6096
	 *
6097
	 * Pros:
6098
	 * - Uses only ONE css asset connection instead of 15
6099
	 * - Saves a minimum of 56k
6100
	 * - Reduces server load
6101
	 * - Reduces time to first painted byte
6102
	 *
6103
	 * Cons:
6104
	 * - Loads css for ALL modules. However all selectors are prefixed so it
6105
	 *		should not cause any issues with themes.
6106
	 * - Plugins/themes dequeuing styles no longer do anything. See
6107
	 *		jetpack_implode_frontend_css filter for a workaround
6108
	 *
6109
	 * For some situations developers may wish to disable css imploding and
6110
	 * instead operate in legacy mode where each file loads seperately and
6111
	 * can be edited individually or dequeued. This can be accomplished with
6112
	 * the following line:
6113
	 *
6114
	 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
6115
	 *
6116
	 * @since 3.2
6117
	 **/
6118
	public function implode_frontend_css( $travis_test = false ) {
6119
		$do_implode = true;
6120
		if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
6121
			$do_implode = false;
6122
		}
6123
6124
		/**
6125
		 * Allow CSS to be concatenated into a single jetpack.css file.
6126
		 *
6127
		 * @since 3.2.0
6128
		 *
6129
		 * @param bool $do_implode Should CSS be concatenated? Default to true.
6130
		 */
6131
		$do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
6132
6133
		// Do not use the imploded file when default behaviour was altered through the filter
6134
		if ( ! $do_implode ) {
6135
			return;
6136
		}
6137
6138
		// We do not want to use the imploded file in dev mode, or if not connected
6139
		if ( Jetpack::is_development_mode() || ! self::is_active() ) {
6140
			if ( ! $travis_test ) {
6141
				return;
6142
			}
6143
		}
6144
6145
		// Do not use the imploded file if sharing css was dequeued via the sharing settings screen
6146
		if ( get_option( 'sharedaddy_disable_resources' ) ) {
6147
			return;
6148
		}
6149
6150
		/*
6151
		 * Now we assume Jetpack is connected and able to serve the single
6152
		 * file.
6153
		 *
6154
		 * In the future there will be a check here to serve the file locally
6155
		 * or potentially from the Jetpack CDN
6156
		 *
6157
		 * For now:
6158
		 * - Enqueue a single imploded css file
6159
		 * - Zero out the style_loader_tag for the bundled ones
6160
		 * - Be happy, drink scotch
6161
		 */
6162
6163
		add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
6164
6165
		$version = Jetpack::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
6166
6167
		wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
6168
		wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
6169
	}
6170
6171
	function concat_remove_style_loader_tag( $tag, $handle ) {
6172
		if ( in_array( $handle, $this->concatenated_style_handles ) ) {
6173
			$tag = '';
6174
			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
6175
				$tag = "<!-- `" . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
6176
			}
6177
		}
6178
6179
		return $tag;
6180
	}
6181
6182
	/*
6183
	 * Check the heartbeat data
6184
	 *
6185
	 * Organizes the heartbeat data by severity.  For example, if the site
6186
	 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
6187
	 *
6188
	 * Data will be added to "caution" array, if it either:
6189
	 *  - Out of date Jetpack version
6190
	 *  - Out of date WP version
6191
	 *  - Out of date PHP version
6192
	 *
6193
	 * $return array $filtered_data
6194
	 */
6195
	public static function jetpack_check_heartbeat_data() {
6196
		$raw_data = Jetpack_Heartbeat::generate_stats_array();
6197
6198
		$good    = array();
6199
		$caution = array();
6200
		$bad     = array();
6201
6202
		foreach ( $raw_data as $stat => $value ) {
6203
6204
			// Check jetpack version
6205
			if ( 'version' == $stat ) {
6206
				if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
6207
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__VERSION;
6208
					continue;
6209
				}
6210
			}
6211
6212
			// Check WP version
6213
			if ( 'wp-version' == $stat ) {
6214
				if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
6215
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_WP_VERSION;
6216
					continue;
6217
				}
6218
			}
6219
6220
			// Check PHP version
6221
			if ( 'php-version' == $stat ) {
6222
				if ( version_compare( PHP_VERSION, '5.2.4', '<' ) ) {
6223
					$caution[ $stat ] = $value . " - min supported is 5.2.4";
6224
					continue;
6225
				}
6226
			}
6227
6228
			// Check ID crisis
6229
			if ( 'identitycrisis' == $stat ) {
6230
				if ( 'yes' == $value ) {
6231
					$bad[ $stat ] = $value;
6232
					continue;
6233
				}
6234
			}
6235
6236
			// The rest are good :)
6237
			$good[ $stat ] = $value;
6238
		}
6239
6240
		$filtered_data = array(
6241
			'good'    => $good,
6242
			'caution' => $caution,
6243
			'bad'     => $bad
6244
		);
6245
6246
		return $filtered_data;
6247
	}
6248
6249
6250
	/*
6251
	 * This method is used to organize all options that can be reset
6252
	 * without disconnecting Jetpack.
6253
	 *
6254
	 * It is used in class.jetpack-cli.php to reset options
6255
	 *
6256
	 * @return array of options to delete.
6257
	 */
6258
	public static function get_jetpack_options_for_reset() {
6259
		$jetpack_options            = Jetpack_Options::get_option_names();
6260
		$jetpack_options_non_compat = Jetpack_Options::get_option_names( 'non_compact' );
6261
		$jetpack_options_private    = Jetpack_Options::get_option_names( 'private' );
6262
6263
		$all_jp_options = array_merge( $jetpack_options, $jetpack_options_non_compat, $jetpack_options_private );
6264
6265
		// A manual build of the wp options
6266
		$wp_options = array(
6267
			'sharing-options',
6268
			'disabled_likes',
6269
			'disabled_reblogs',
6270
			'jetpack_comments_likes_enabled',
6271
			'wp_mobile_excerpt',
6272
			'wp_mobile_featured_images',
6273
			'wp_mobile_app_promos',
6274
			'stats_options',
6275
			'stats_dashboard_widget',
6276
			'safecss_preview_rev',
6277
			'safecss_rev',
6278
			'safecss_revision_migrated',
6279
			'nova_menu_order',
6280
			'jetpack_portfolio',
6281
			'jetpack_portfolio_posts_per_page',
6282
			'jetpack_testimonial',
6283
			'jetpack_testimonial_posts_per_page',
6284
			'wp_mobile_custom_css',
6285
			'sharedaddy_disable_resources',
6286
			'sharing-options',
6287
			'sharing-services',
6288
			'site_icon_temp_data',
6289
			'featured-content',
6290
			'site_logo',
6291
			'jetpack_dismissed_notices',
6292
		);
6293
6294
		// Flag some Jetpack options as unsafe
6295
		$unsafe_options = array(
6296
			'id',                           // (int)    The Client ID/WP.com Blog ID of this site.
6297
			'master_user',                  // (int)    The local User ID of the user who connected this site to jetpack.wordpress.com.
6298
			'version',                      // (string) Used during upgrade procedure to auto-activate new modules. version:time
6299
			'jumpstart',                    // (string) A flag for whether or not to show the Jump Start.  Accepts: new_connection, jumpstart_activated, jetpack_action_taken, jumpstart_dismissed.
6300
6301
			// non_compact
6302
			'activated',
6303
6304
			// private
6305
			'register',
6306
			'blog_token',                  // (string) The Client Secret/Blog Token of this site.
6307
			'user_token',                  // (string) The User Token of this site. (deprecated)
6308
			'user_tokens'
6309
		);
6310
6311
		// Remove the unsafe Jetpack options
6312
		foreach ( $unsafe_options as $unsafe_option ) {
6313
			if ( false !== ( $key = array_search( $unsafe_option, $all_jp_options ) ) ) {
6314
				unset( $all_jp_options[ $key ] );
6315
			}
6316
		}
6317
6318
		$options = array(
6319
			'jp_options' => $all_jp_options,
6320
			'wp_options' => $wp_options
6321
		);
6322
6323
		return $options;
6324
	}
6325
6326
	/**
6327
	 * Check if an option of a Jetpack module has been updated.
6328
	 *
6329
	 * If any module option has been updated before Jump Start has been dismissed,
6330
	 * update the 'jumpstart' option so we can hide Jump Start.
6331
	 *
6332
	 * @param string $option_name
6333
	 *
6334
	 * @return bool
6335
	 */
6336
	public static function jumpstart_has_updated_module_option( $option_name = '' ) {
6337
		// Bail if Jump Start has already been dismissed
6338
		if ( 'new_connection' !== Jetpack_Options::get_option( 'jumpstart' ) ) {
6339
			return false;
6340
		}
6341
6342
		$jetpack = Jetpack::init();
6343
6344
		// Manual build of module options
6345
		$option_names = self::get_jetpack_options_for_reset();
6346
6347
		if ( in_array( $option_name, $option_names['wp_options'] ) ) {
6348
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
6349
6350
			//Jump start is being dismissed send data to MC Stats
6351
			$jetpack->stat( 'jumpstart', 'manual,'.$option_name );
6352
6353
			$jetpack->do_stats( 'server_side' );
6354
		}
6355
6356
	}
6357
6358
	/*
6359
	 * Strip http:// or https:// from a url, replaces forward slash with ::,
6360
	 * so we can bring them directly to their site in calypso.
6361
	 *
6362
	 * @param string | url
6363
	 * @return string | url without the guff
6364
	 */
6365
	public static function build_raw_urls( $url ) {
6366
		$strip_http = '/.*?:\/\//i';
6367
		$url = preg_replace( $strip_http, '', $url  );
6368
		$url = str_replace( '/', '::', $url );
6369
		return $url;
6370
	}
6371
6372
	/**
6373
	 * Stores and prints out domains to prefetch for page speed optimization.
6374
	 *
6375
	 * @param mixed $new_urls
6376
	 */
6377
	public static function dns_prefetch( $new_urls = null ) {
6378
		static $prefetch_urls = array();
6379
		if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6380
			echo "\r\n";
6381
			foreach ( $prefetch_urls as $this_prefetch_url ) {
6382
				printf( "<link rel='dns-prefetch' href='%s'>\r\n", esc_attr( $this_prefetch_url ) );
6383
			}
6384
		} elseif ( ! empty( $new_urls ) ) {
6385
			if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6386
				add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6387
			}
6388
			foreach ( (array) $new_urls as $this_new_url ) {
6389
				$prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6390
			}
6391
			$prefetch_urls = array_unique( $prefetch_urls );
6392
		}
6393
	}
6394
6395
	public function wp_dashboard_setup() {
6396
		if ( self::is_active() ) {
6397
			add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6398
			$widget_title = __( 'Site Stats', 'jetpack' );
6399
		} elseif ( ! self::is_development_mode() && current_user_can( 'jetpack_connect' ) ) {
6400
			add_action( 'jetpack_dashboard_widget', array( $this, 'dashboard_widget_connect_to_wpcom' ) );
6401
			$widget_title = __( 'Please Connect Jetpack', 'jetpack' );
6402
		}
6403
6404
		if ( has_action( 'jetpack_dashboard_widget' ) ) {
6405
			wp_add_dashboard_widget(
6406
				'jetpack_summary_widget',
6407
				$widget_title,
6408
				array( __CLASS__, 'dashboard_widget' )
6409
			);
6410
			wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6411
6412
			// If we're inactive and not in development mode, sort our box to the top.
6413
			if ( ! self::is_active() && ! self::is_development_mode() ) {
6414
				global $wp_meta_boxes;
6415
6416
				$dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6417
				$ours      = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6418
6419
				$wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6420
			}
6421
		}
6422
	}
6423
6424
	/**
6425
	 * @param mixed $result Value for the user's option
6426
	 * @return mixed
6427
	 */
6428
	function get_user_option_meta_box_order_dashboard( $sorted ) {
6429
		if ( ! is_array( $sorted ) ) {
6430
			return $sorted;
6431
		}
6432
6433
		foreach ( $sorted as $box_context => $ids ) {
6434
			if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6435
				// If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6436
				continue;
6437
			}
6438
6439
			$ids_array = explode( ',', $ids );
6440
			$key = array_search( 'dashboard_stats', $ids_array );
6441
6442
			if ( false !== $key ) {
6443
				// If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6444
				$ids_array[ $key ] = 'jetpack_summary_widget';
6445
				$sorted[ $box_context ] = implode( ',', $ids_array );
6446
				// We've found it, stop searching, and just return.
6447
				break;
6448
			}
6449
		}
6450
6451
		return $sorted;
6452
	}
6453
6454
	public static function dashboard_widget() {
6455
		/**
6456
		 * Fires when the dashboard is loaded.
6457
		 *
6458
		 * @since 3.4.0
6459
		 */
6460
		do_action( 'jetpack_dashboard_widget' );
6461
	}
6462
6463
	public static function dashboard_widget_footer() {
6464
		?>
6465
		<footer>
6466
6467
		<div class="protect">
6468
			<?php if ( Jetpack::is_module_active( 'protect' ) ) : ?>
6469
				<h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3>
6470
				<p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6471
			<?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?>
6472
				<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( array( 'action' => 'activate', 'module' => 'protect' ) ), 'jetpack_activate-protect' ) ); ?>" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
6473
					<?php esc_html_e( 'Activate Protect', 'jetpack' ); ?>
6474
				</a>
6475
			<?php else : ?>
6476
				<?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?>
6477
			<?php endif; ?>
6478
		</div>
6479
6480
		<div class="akismet">
6481
			<?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
6482
				<h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3>
6483
				<p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6484
			<?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
6485
				<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => 'akismet/akismet.php' ), admin_url( 'plugins.php' ) ), 'activate-plugin_akismet/akismet.php' ) ); ?>" class="button button-jetpack">
6486
					<?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?>
6487
				</a>
6488
			<?php else : ?>
6489
				<p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
6490
			<?php endif; ?>
6491
		</div>
6492
6493
		</footer>
6494
		<?php
6495
	}
6496
6497
	public function dashboard_widget_connect_to_wpcom() {
6498
		if ( Jetpack::is_active() || Jetpack::is_development_mode() || ! current_user_can( 'jetpack_connect' ) ) {
6499
			return;
6500
		}
6501
		?>
6502
		<div class="wpcom-connect">
6503
			<div class="jp-emblem">
6504
			<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0" y="0" viewBox="0 0 172.9 172.9" enable-background="new 0 0 172.9 172.9" xml:space="preserve">
6505
				<path d="M86.4 0C38.7 0 0 38.7 0 86.4c0 47.7 38.7 86.4 86.4 86.4s86.4-38.7 86.4-86.4C172.9 38.7 134.2 0 86.4 0zM83.1 106.6l-27.1-6.9C49 98 45.7 90.1 49.3 84l33.8-58.5V106.6zM124.9 88.9l-33.8 58.5V66.3l27.1 6.9C125.1 74.9 128.4 82.8 124.9 88.9z"/>
6506
			</svg>
6507
			</div>
6508
			<h3><?php esc_html_e( 'Please Connect Jetpack', 'jetpack' ); ?></h3>
6509
			<p><?php echo wp_kses( __( 'Connecting Jetpack will show you <strong>stats</strong> about your traffic, <strong>protect</strong> you from brute force attacks, <strong>speed up</strong> your images and photos, and enable other <strong>traffic and security</strong> features.', 'jetpack' ), 'jetpack' ) ?></p>
6510
6511
			<div class="actions">
6512
				<a href="<?php echo $this->build_connect_url( false, false, 'widget-btn' ); ?>" class="button button-primary">
6513
					<?php esc_html_e( 'Connect Jetpack', 'jetpack' ); ?>
6514
				</a>
6515
			</div>
6516
		</div>
6517
		<?php
6518
	}
6519
6520
	/*
6521
	 * A graceful transition to using Core's site icon.
6522
	 *
6523
	 * All of the hard work has already been done with the image
6524
	 * in all_done_page(). All that needs to be done now is update
6525
	 * the option and display proper messaging.
6526
	 *
6527
	 * @todo remove when WP 4.3 is minimum
6528
	 *
6529
	 * @since 3.6.1
6530
	 *
6531
	 * @return bool false = Core's icon not available || true = Core's icon is available
6532
	 */
6533
	public static function jetpack_site_icon_available_in_core() {
6534
		global $wp_version;
6535
		$core_icon_available = function_exists( 'has_site_icon' ) && version_compare( $wp_version, '4.3-beta' ) >= 0;
6536
6537
		if ( ! $core_icon_available ) {
6538
			return false;
6539
		}
6540
6541
		// No need for Jetpack's site icon anymore if core's is already set
6542
		if ( has_site_icon() ) {
6543
			if ( Jetpack::is_module_active( 'site-icon' ) ) {
6544
				Jetpack::log( 'deactivate', 'site-icon' );
6545
				Jetpack::deactivate_module( 'site-icon' );
6546
			}
6547
			return true;
6548
		}
6549
6550
		// Transfer Jetpack's site icon to use core.
6551
		$site_icon_id = Jetpack::get_option( 'site_icon_id' );
6552
		if ( $site_icon_id ) {
6553
			// Update core's site icon
6554
			update_option( 'site_icon', $site_icon_id );
6555
6556
			// Delete Jetpack's icon option. We still want the blavatar and attached data though.
6557
			delete_option( 'site_icon_id' );
6558
		}
6559
6560
		// No need for Jetpack's site icon anymore
6561
		if ( Jetpack::is_module_active( 'site-icon' ) ) {
6562
			Jetpack::log( 'deactivate', 'site-icon' );
6563
			Jetpack::deactivate_module( 'site-icon' );
6564
		}
6565
6566
		return true;
6567
	}
6568
6569
}
6570