Completed
Push — add/edit-post-calypso-redirect ( 7efed6...1eb5a1 )
by
unknown
10:43
created

class.jetpack.php (1 issue)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
/*
4
Options:
5
jetpack_options (array)
6
	An array of options.
7
	@see Jetpack_Options::get_option_names()
8
9
jetpack_register (string)
10
	Temporary verification secrets.
11
12
jetpack_activated (int)
13
	1: the plugin was activated normally
14
	2: the plugin was activated on this site because of a network-wide activation
15
	3: the plugin was auto-installed
16
	4: the plugin was manually disconnected (but is still installed)
17
18
jetpack_active_modules (array)
19
	Array of active module slugs.
20
21
jetpack_do_activate (bool)
22
	Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
23
*/
24
25
require_once( JETPACK__PLUGIN_DIR . '_inc/lib/class.media.php' );
26
27
class Jetpack {
28
	public $xmlrpc_server = null;
29
30
	private $xmlrpc_verification = null;
31
	private $rest_authentication_status = null;
32
33
	public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
34
35
	/**
36
	 * @var array The handles of styles that are concatenated into jetpack.css
37
	 */
38
	public $concatenated_style_handles = array(
39
		'jetpack-carousel',
40
		'grunion.css',
41
		'the-neverending-homepage',
42
		'jetpack_likes',
43
		'jetpack_related-posts',
44
		'sharedaddy',
45
		'jetpack-slideshow',
46
		'presentations',
47
		'jetpack-subscriptions',
48
		'jetpack-responsive-videos-style',
49
		'jetpack-social-menu',
50
		'tiled-gallery',
51
		'jetpack_display_posts_widget',
52
		'gravatar-profile-widget',
53
		'goodreads-widget',
54
		'jetpack_social_media_icons_widget',
55
		'jetpack-top-posts-widget',
56
		'jetpack_image_widget',
57
		'jetpack-my-community-widget',
58
		'wordads',
59
		'eu-cookie-law-style',
60
		'flickr-widget-style',
61
	);
62
63
	/**
64
	 * Contains all assets that have had their URL rewritten to minified versions.
65
	 *
66
	 * @var array
67
	 */
68
	static $min_assets = array();
69
70
	public $plugins_to_deactivate = array(
71
		'stats'               => array( 'stats/stats.php', 'WordPress.com Stats' ),
72
		'shortlinks'          => array( 'stats/stats.php', 'WordPress.com Stats' ),
73
		'sharedaddy'          => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
74
		'twitter-widget'      => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
75
		'after-the-deadline'  => array( 'after-the-deadline/after-the-deadline.php', 'After The Deadline' ),
76
		'contact-form'        => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
77
		'contact-form'        => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
78
		'custom-css'          => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
79
		'random-redirect'     => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
80
		'videopress'          => array( 'video/video.php', 'VideoPress' ),
81
		'widget-visibility'   => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
82
		'widget-visibility'   => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
83
		'sharedaddy'          => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
84
		'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
85
		'latex'               => array( 'wp-latex/wp-latex.php', 'WP LaTeX' )
86
	);
87
88
	static $capability_translations = array(
89
		'administrator' => 'manage_options',
90
		'editor'        => 'edit_others_posts',
91
		'author'        => 'publish_posts',
92
		'contributor'   => 'edit_posts',
93
		'subscriber'    => 'read',
94
	);
95
96
	/**
97
	 * Map of modules that have conflicts with plugins and should not be auto-activated
98
	 * if the plugins are active.  Used by filter_default_modules
99
	 *
100
	 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
101
	 * change `module-slug` and add this to your plugin:
102
	 *
103
	 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
104
	 * function my_jetpack_get_default_modules( $modules ) {
105
	 *     return array_diff( $modules, array( 'module-slug' ) );
106
	 * }
107
	 *
108
	 * @var array
109
	 */
110
	private $conflicting_plugins = array(
111
		'comments'          => array(
112
			'Intense Debate'                       => 'intensedebate/intensedebate.php',
113
			'Disqus'                               => 'disqus-comment-system/disqus.php',
114
			'Livefyre'                             => 'livefyre-comments/livefyre.php',
115
			'Comments Evolved for WordPress'       => 'gplus-comments/comments-evolved.php',
116
			'Google+ Comments'                     => 'google-plus-comments/google-plus-comments.php',
117
			'WP-SpamShield Anti-Spam'              => 'wp-spamshield/wp-spamshield.php',
118
		),
119
		'comment-likes' => array(
120
			'Epoch'                                => 'epoch/plugincore.php',
121
		),
122
		'contact-form'      => array(
123
			'Contact Form 7'                       => 'contact-form-7/wp-contact-form-7.php',
124
			'Gravity Forms'                        => 'gravityforms/gravityforms.php',
125
			'Contact Form Plugin'                  => 'contact-form-plugin/contact_form.php',
126
			'Easy Contact Forms'                   => 'easy-contact-forms/easy-contact-forms.php',
127
			'Fast Secure Contact Form'             => 'si-contact-form/si-contact-form.php',
128
			'Ninja Forms'                          => 'ninja-forms/ninja-forms.php',
129
		),
130
		'minileven'         => array(
131
			'WPtouch'                              => 'wptouch/wptouch.php',
132
		),
133
		'latex'             => array(
134
			'LaTeX for WordPress'                  => 'latex/latex.php',
135
			'Youngwhans Simple Latex'              => 'youngwhans-simple-latex/yw-latex.php',
136
			'Easy WP LaTeX'                        => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
137
			'MathJax-LaTeX'                        => 'mathjax-latex/mathjax-latex.php',
138
			'Enable Latex'                         => 'enable-latex/enable-latex.php',
139
			'WP QuickLaTeX'                        => 'wp-quicklatex/wp-quicklatex.php',
140
		),
141
		'protect'           => array(
142
			'Limit Login Attempts'                 => 'limit-login-attempts/limit-login-attempts.php',
143
			'Captcha'                              => 'captcha/captcha.php',
144
			'Brute Force Login Protection'         => 'brute-force-login-protection/brute-force-login-protection.php',
145
			'Login Security Solution'              => 'login-security-solution/login-security-solution.php',
146
			'WPSecureOps Brute Force Protect'      => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
147
			'BulletProof Security'                 => 'bulletproof-security/bulletproof-security.php',
148
			'SiteGuard WP Plugin'                  => 'siteguard/siteguard.php',
149
			'Security-protection'                  => 'security-protection/security-protection.php',
150
			'Login Security'                       => 'login-security/login-security.php',
151
			'Botnet Attack Blocker'                => 'botnet-attack-blocker/botnet-attack-blocker.php',
152
			'Wordfence Security'                   => 'wordfence/wordfence.php',
153
			'All In One WP Security & Firewall'    => 'all-in-one-wp-security-and-firewall/wp-security.php',
154
			'iThemes Security'                     => 'better-wp-security/better-wp-security.php',
155
		),
156
		'random-redirect'   => array(
157
			'Random Redirect 2'                    => 'random-redirect-2/random-redirect.php',
158
		),
159
		'related-posts'     => array(
160
			'YARPP'                                => 'yet-another-related-posts-plugin/yarpp.php',
161
			'WordPress Related Posts'              => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
162
			'nrelate Related Content'              => 'nrelate-related-content/nrelate-related.php',
163
			'Contextual Related Posts'             => 'contextual-related-posts/contextual-related-posts.php',
164
			'Related Posts for WordPress'          => 'microkids-related-posts/microkids-related-posts.php',
165
			'outbrain'                             => 'outbrain/outbrain.php',
166
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
167
			'Sexybookmarks'                        => 'sexybookmarks/shareaholic.php',
168
		),
169
		'sharedaddy'        => array(
170
			'AddThis'                              => 'addthis/addthis_social_widget.php',
171
			'Add To Any'                           => 'add-to-any/add-to-any.php',
172
			'ShareThis'                            => 'share-this/sharethis.php',
173
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
174
		),
175
		'seo-tools' => array(
176
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
177
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
178
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
179
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
180
		),
181
		'verification-tools' => array(
182
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
183
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
184
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
185
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
186
		),
187
		'widget-visibility' => array(
188
			'Widget Logic'                         => 'widget-logic/widget_logic.php',
189
			'Dynamic Widgets'                      => 'dynamic-widgets/dynamic-widgets.php',
190
		),
191
		'sitemaps' => array(
192
			'Google XML Sitemaps'                  => 'google-sitemap-generator/sitemap.php',
193
			'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
194
			'Google XML Sitemaps for qTranslate'   => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
195
			'XML Sitemap & Google News feeds'      => 'xml-sitemap-feed/xml-sitemap.php',
196
			'Google Sitemap by BestWebSoft'        => 'google-sitemap-plugin/google-sitemap-plugin.php',
197
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
198
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
199
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
200
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
201
			'Sitemap'                              => 'sitemap/sitemap.php',
202
			'Simple Wp Sitemap'                    => 'simple-wp-sitemap/simple-wp-sitemap.php',
203
			'Simple Sitemap'                       => 'simple-sitemap/simple-sitemap.php',
204
			'XML Sitemaps'                         => 'xml-sitemaps/xml-sitemaps.php',
205
			'MSM Sitemaps'                         => 'msm-sitemap/msm-sitemap.php',
206
		),
207
	);
208
209
	/**
210
	 * Plugins for which we turn off our Facebook OG Tags implementation.
211
	 *
212
	 * Note: All in One SEO Pack, All in one SEO Pack Pro, WordPress SEO by Yoast, and WordPress SEO Premium by Yoast automatically deactivate
213
	 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
214
	 *
215
	 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
216
	 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
217
	 */
218
	private $open_graph_conflicting_plugins = array(
219
		'2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
220
		                                                         // 2 Click Social Media Buttons
221
		'add-link-to-facebook/add-link-to-facebook.php',         // Add Link to Facebook
222
		'add-meta-tags/add-meta-tags.php',                       // Add Meta Tags
223
		'autodescription/autodescription.php',                   // The SEO Framework
224
		'easy-facebook-share-thumbnails/esft.php',               // Easy Facebook Share Thumbnail
225
		'heateor-open-graph-meta-tags/heateor-open-graph-meta-tags.php',
226
		                                                         // Open Graph Meta Tags by Heateor
227
		'facebook/facebook.php',                                 // Facebook (official plugin)
228
		'facebook-awd/AWD_facebook.php',                         // Facebook AWD All in one
229
		'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
230
		                                                         // Facebook Featured Image & OG Meta Tags
231
		'facebook-meta-tags/facebook-metatags.php',              // Facebook Meta Tags
232
		'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
233
		                                                         // Facebook Open Graph Meta Tags for WordPress
234
		'facebook-revised-open-graph-meta-tag/index.php',        // Facebook Revised Open Graph Meta Tag
235
		'facebook-thumb-fixer/_facebook-thumb-fixer.php',        // Facebook Thumb Fixer
236
		'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
237
		                                                         // Fedmich's Facebook Open Graph Meta
238
		'network-publisher/networkpub.php',                      // Network Publisher
239
		'nextgen-facebook/nextgen-facebook.php',                 // NextGEN Facebook OG
240
		'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
241
		                                                         // NextScripts SNAP
242
		'og-tags/og-tags.php',                                   // OG Tags
243
		'opengraph/opengraph.php',                               // Open Graph
244
		'open-graph-protocol-framework/open-graph-protocol-framework.php',
245
		                                                         // Open Graph Protocol Framework
246
		'seo-facebook-comments/seofacebook.php',                 // SEO Facebook Comments
247
		'seo-ultimate/seo-ultimate.php',                         // SEO Ultimate
248
		'sexybookmarks/sexy-bookmarks.php',                      // Shareaholic
249
		'shareaholic/sexy-bookmarks.php',                        // Shareaholic
250
		'sharepress/sharepress.php',                             // SharePress
251
		'simple-facebook-connect/sfc.php',                       // Simple Facebook Connect
252
		'social-discussions/social-discussions.php',             // Social Discussions
253
		'social-sharing-toolkit/social_sharing_toolkit.php',     // Social Sharing Toolkit
254
		'socialize/socialize.php',                               // Socialize
255
		'squirrly-seo/squirrly.php',                             // SEO by SQUIRRLY™
256
		'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
257
		                                                         // Tweet, Like, Google +1 and Share
258
		'wordbooker/wordbooker.php',                             // Wordbooker
259
		'wpsso/wpsso.php',                                       // WordPress Social Sharing Optimization
260
		'wp-caregiver/wp-caregiver.php',                         // WP Caregiver
261
		'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
262
		                                                         // WP Facebook Like Send & Open Graph Meta
263
		'wp-facebook-open-graph-protocol/wp-facebook-ogp.php',   // WP Facebook Open Graph protocol
264
		'wp-ogp/wp-ogp.php',                                     // WP-OGP
265
		'zoltonorg-social-plugin/zosp.php',                      // Zolton.org Social Plugin
266
		'wp-fb-share-like-button/wp_fb_share-like_widget.php'    // WP Facebook Like Button
267
	);
268
269
	/**
270
	 * Plugins for which we turn off our Twitter Cards Tags implementation.
271
	 */
272
	private $twitter_cards_conflicting_plugins = array(
273
	//	'twitter/twitter.php',                       // The official one handles this on its own.
274
	//	                                             // https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
275
		'eewee-twitter-card/index.php',              // Eewee Twitter Card
276
		'ig-twitter-cards/ig-twitter-cards.php',     // IG:Twitter Cards
277
		'jm-twitter-cards/jm-twitter-cards.php',     // JM Twitter Cards
278
		'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
279
		                                             // Pure Web Brilliant's Social Graph Twitter Cards Extension
280
		'twitter-cards/twitter-cards.php',           // Twitter Cards
281
		'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
282
		'wp-twitter-cards/twitter_cards.php',        // WP Twitter Cards
283
	);
284
285
	/**
286
	 * Message to display in admin_notice
287
	 * @var string
288
	 */
289
	public $message = '';
290
291
	/**
292
	 * Error to display in admin_notice
293
	 * @var string
294
	 */
295
	public $error = '';
296
297
	/**
298
	 * Modules that need more privacy description.
299
	 * @var string
300
	 */
301
	public $privacy_checks = '';
302
303
	/**
304
	 * Stats to record once the page loads
305
	 *
306
	 * @var array
307
	 */
308
	public $stats = array();
309
310
	/**
311
	 * Jetpack_Sync object
312
	 */
313
	public $sync;
314
315
	/**
316
	 * Verified data for JSON authorization request
317
	 */
318
	public $json_api_authorization_request = array();
319
320
	/**
321
	 * Holds the singleton instance of this class
322
	 * @since 2.3.3
323
	 * @var Jetpack
324
	 */
325
	static $instance = false;
326
327
	/**
328
	 * Singleton
329
	 * @static
330
	 */
331
	public static function init() {
332
		if ( ! self::$instance ) {
333
			self::$instance = new Jetpack;
334
335
			self::$instance->plugin_upgrade();
336
		}
337
338
		return self::$instance;
339
	}
340
341
	/**
342
	 * Must never be called statically
343
	 */
344
	function plugin_upgrade() {
345
		if ( Jetpack::is_active() ) {
346
			list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
347
			if ( JETPACK__VERSION != $version ) {
348
349
				// check which active modules actually exist and remove others from active_modules list
350
				$unfiltered_modules = Jetpack::get_active_modules();
351
				$modules = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
352
				if ( array_diff( $unfiltered_modules, $modules ) ) {
353
					Jetpack::update_active_modules( $modules );
354
				}
355
356
				add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
357
358
				// Upgrade to 4.3.0
359
				if ( Jetpack_Options::get_option( 'identity_crisis_whitelist' ) ) {
360
					Jetpack_Options::delete_option( 'identity_crisis_whitelist' );
361
				}
362
363
				// Make sure Markdown for posts gets turned back on
364
				if ( ! get_option( 'wpcom_publish_posts_with_markdown' ) ) {
365
					update_option( 'wpcom_publish_posts_with_markdown', true );
366
				}
367
368
				if ( did_action( 'wp_loaded' ) ) {
369
					self::upgrade_on_load();
370
				} else {
371
					add_action(
372
						'wp_loaded',
373
						array( __CLASS__, 'upgrade_on_load' )
374
					);
375
				}
376
			}
377
		}
378
	}
379
380
	/**
381
	 * Runs upgrade routines that need to have modules loaded.
382
	 */
383
	static function upgrade_on_load() {
384
385
		// Not attempting any upgrades if jetpack_modules_loaded did not fire.
386
		// This can happen in case Jetpack has been just upgraded and is
387
		// being initialized late during the page load. In this case we wait
388
		// until the next proper admin page load with Jetpack active.
389
		if ( ! did_action( 'jetpack_modules_loaded' ) ) {
390
			return;
391
		}
392
393
		Jetpack::maybe_set_version_option();
394
395
		if ( class_exists( 'Jetpack_Widget_Conditions' ) ) {
396
			Jetpack_Widget_Conditions::migrate_post_type_rules();
397
		}
398
399
		if (
400
			class_exists( 'Jetpack_Sitemap_Manager' )
401
			&& version_compare( JETPACK__VERSION, '5.3', '>=' )
402
		) {
403
			do_action( 'jetpack_sitemaps_purge_data' );
404
		}
405
	}
406
407
	static function activate_manage( ) {
408
		if ( did_action( 'init' ) || current_filter() == 'init' ) {
409
			self::activate_module( 'manage', false, false );
410
		} else if ( !  has_action( 'init' , array( __CLASS__, 'activate_manage' ) ) ) {
411
			add_action( 'init', array( __CLASS__, 'activate_manage' ) );
412
		}
413
	}
414
415
	static function update_active_modules( $modules ) {
416
		$current_modules = Jetpack_Options::get_option( 'active_modules', array() );
417
418
		$success = Jetpack_Options::update_option( 'active_modules', array_unique( $modules ) );
419
420
		if ( is_array( $modules ) && is_array( $current_modules ) ) {
421
			$new_active_modules = array_diff( $modules, $current_modules );
422
			foreach( $new_active_modules as $module ) {
423
				/**
424
				 * Fires when a specific module is activated.
425
				 *
426
				 * @since 1.9.0
427
				 *
428
				 * @param string $module Module slug.
429
				 * @param boolean $success whether the module was activated. @since 4.2
430
				 */
431
				do_action( 'jetpack_activate_module', $module, $success );
432
433
				/**
434
				 * Fires when a module is activated.
435
				 * The dynamic part of the filter, $module, is the module slug.
436
				 *
437
				 * @since 1.9.0
438
				 *
439
				 * @param string $module Module slug.
440
				 */
441
				do_action( "jetpack_activate_module_$module", $module );
442
			}
443
444
			$new_deactive_modules = array_diff( $current_modules, $modules );
445
			foreach( $new_deactive_modules as $module ) {
446
				/**
447
				 * Fired after a module has been deactivated.
448
				 *
449
				 * @since 4.2.0
450
				 *
451
				 * @param string $module Module slug.
452
				 * @param boolean $success whether the module was deactivated.
453
				 */
454
				do_action( 'jetpack_deactivate_module', $module, $success );
455
				/**
456
				 * Fires when a module is deactivated.
457
				 * The dynamic part of the filter, $module, is the module slug.
458
				 *
459
				 * @since 1.9.0
460
				 *
461
				 * @param string $module Module slug.
462
				 */
463
				do_action( "jetpack_deactivate_module_$module", $module );
464
			}
465
		}
466
467
		return $success;
468
	}
469
470
	static function delete_active_modules() {
471
		self::update_active_modules( array() );
472
	}
473
474
	/**
475
	 * Constructor.  Initializes WordPress hooks
476
	 */
477
	private function __construct() {
478
		/*
479
		 * Check for and alert any deprecated hooks
480
		 */
481
		add_action( 'init', array( $this, 'deprecated_hooks' ) );
482
483
		/*
484
		 * Enable enhanced handling of previewing sites in Calypso
485
		 */
486
		if ( Jetpack::is_active() ) {
487
			require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-iframe-embed.php';
488
			add_action( 'init', array( 'Jetpack_Iframe_Embed', 'init' ), 9, 0 );
489
		}
490
491
		/*
492
		 * Load things that should only be in Network Admin.
493
		 *
494
		 * For now blow away everything else until a more full
495
		 * understanding of what is needed at the network level is
496
		 * available
497
		 */
498
		if( is_multisite() ) {
499
			Jetpack_Network::init();
500
		}
501
502
		add_action( 'set_user_role', array( $this, 'maybe_clear_other_linked_admins_transient' ), 10, 3 );
503
504
		// Unlink user before deleting the user from .com
505
		add_action( 'deleted_user', array( $this, 'unlink_user' ), 10, 1 );
506
		add_action( 'remove_user_from_blog', array( $this, 'unlink_user' ), 10, 1 );
507
508
		if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) {
509
			@ini_set( 'display_errors', false ); // Display errors can cause the XML to be not well formed.
510
511
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-xmlrpc-server.php';
512
			$this->xmlrpc_server = new Jetpack_XMLRPC_Server();
513
514
			$this->require_jetpack_authentication();
515
516
			if ( Jetpack::is_active() ) {
517
				// Hack to preserve $HTTP_RAW_POST_DATA
518
				add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
519
520
				$signed = $this->verify_xml_rpc_signature();
521
				if ( $signed && ! is_wp_error( $signed ) ) {
522
					// The actual API methods.
523
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) );
524
				} else {
525
					// The jetpack.authorize method should be available for unauthenticated users on a site with an
526
					// active Jetpack connection, so that additional users can link their account.
527
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) );
528
				}
529
			} else {
530
				// The bootstrap API methods.
531
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) );
532
			}
533
534
			// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on.
535
			add_filter( 'pre_option_enable_xmlrpc', '__return_true' );
536
		} elseif (
537
			is_admin() &&
538
			isset( $_POST['action'] ) && (
539
				'jetpack_upload_file' == $_POST['action'] ||
540
				'jetpack_update_file' == $_POST['action']
541
			)
542
		) {
543
			$this->require_jetpack_authentication();
544
			$this->add_remote_request_handlers();
545
		} else {
546
			if ( Jetpack::is_active() ) {
547
				add_action( 'login_form_jetpack_json_api_authorization', array( &$this, 'login_form_json_api_authorization' ) );
548
				add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) );
549
			}
550
		}
551
552
		if ( Jetpack::is_active() ) {
553
			Jetpack_Heartbeat::init();
554
		}
555
556
		add_filter( 'determine_current_user', array( $this, 'wp_rest_authenticate' ) );
557
		add_filter( 'rest_authentication_errors', array( $this, 'wp_rest_authentication_errors' ) );
558
559
		add_action( 'jetpack_clean_nonces', array( 'Jetpack', 'clean_nonces' ) );
560
		if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) {
561
			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
562
		}
563
564
		add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ) );
565
566
		add_action( 'admin_init', array( $this, 'admin_init' ) );
567
		add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
568
569
		add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
570
571
		add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
572
		// Filter the dashboard meta box order to swap the new one in in place of the old one.
573
		add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
574
575
		// returns HTTPS support status
576
		add_action( 'wp_ajax_jetpack-recheck-ssl', array( $this, 'ajax_recheck_ssl' ) );
577
578
		// If any module option is updated before Jump Start is dismissed, hide Jump Start.
579
		add_action( 'update_option', array( $this, 'jumpstart_has_updated_module_option' ) );
580
581
		// JITM AJAX callback function
582
		add_action( 'wp_ajax_jitm_ajax',  array( $this, 'jetpack_jitm_ajax_callback' ) );
583
584
		// Universal ajax callback for all tracking events triggered via js
585
		add_action( 'wp_ajax_jetpack_tracks', array( $this, 'jetpack_admin_ajax_tracks_callback' ) );
586
587
		add_action( 'wp_ajax_jetpack_connection_banner', array( $this, 'jetpack_connection_banner_callback' ) );
588
589
		add_action( 'wp_loaded', array( $this, 'register_assets' ) );
590
		add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) );
591
		add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) );
592
		add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) );
593
594
		add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 );
595
596
		/**
597
		 * These actions run checks to load additional files.
598
		 * They check for external files or plugins, so they need to run as late as possible.
599
		 */
600
		add_action( 'wp_head', array( $this, 'check_open_graph' ),       1 );
601
		add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ),     999 );
602
		add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
603
604
		add_filter( 'plugins_url',      array( 'Jetpack', 'maybe_min_asset' ),     1, 3 );
605
		add_action( 'style_loader_src', array( 'Jetpack', 'set_suffix_on_min' ), 10, 2  );
606
		add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
607
608
		add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
609
610
		add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
611
		add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
612
613
		// A filter to control all just in time messages
614
		add_filter( 'jetpack_just_in_time_msgs', '__return_true', 9 );
615
616
		// If enabled, point edit post and page links to Calypso instead of WP-Admin.
617
		if ( get_option( 'jetpack_edit_links_calypso_redirect' ) ) {
618
			add_filter( 'get_edit_post_link', array( $this, 'point_edit_links_to_calypso' ), 1, 2 );
619
		}
620
621
		// Update the Jetpack plan from API on heartbeats
622
		add_action( 'jetpack_heartbeat', array( $this, 'refresh_active_plan_from_wpcom' ) );
623
624
		/**
625
		 * This is the hack to concatinate all css files into one.
626
		 * For description and reasoning see the implode_frontend_css method
627
		 *
628
		 * Super late priority so we catch all the registered styles
629
		 */
630
		if( !is_admin() ) {
631
			add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
632
			add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
633
		}
634
635
		/**
636
		 * These are sync actions that we need to keep track of for jitms
637
		 */
638
		add_filter( 'jetpack_sync_before_send_updated_option', array( $this, 'jetpack_track_last_sync_callback' ), 99 );
639
	}
640
641
	function point_edit_links_to_calypso( $default_url, $post_id ) {
642
		$post = get_post( $post_id );
643
644
		if ( empty( $post ) ) {
645
			return $default_url;
646
		}
647
648
		$post_type = $post->post_type;
649
650
		if ( in_array( $post_type, array( 'post', 'page' ) ) ) {
651
			$path_prefix = $post_type;
652
		} else if ( in_array( $post_type, apply_filters( 'rest_api_allowed_post_types', array( 'post', 'page', 'revision' ) ) ) ) {
653
			$path_prefix = sprintf( 'edit/%s', $post_type );
654
		}
655
656
		if ( ! isset( $path_prefix ) ) {
657
			return $default_url;
658
		}
659
660
		$site_slug  = Jetpack::build_raw_urls( get_home_url() );
661
662
		return esc_url_raw( sprintf( 'https://wordpress.com/%s/%s/%d', $path_prefix, $site_slug, $post_id ) );
663
	}
664
665
	function jetpack_track_last_sync_callback( $params ) {
666
		if ( is_array( $params ) && isset( $params[0] ) ) {
667
			$option = $params[0];
668
			if ( 'active_plugins' === $option ) {
669
				// use the cache if we can, but not terribly important if it gets evicted
670
				set_transient( 'jetpack_last_plugin_sync', time(), HOUR_IN_SECONDS );
671
			}
672
		}
673
674
		return $params;
675
	}
676
677
	function jetpack_connection_banner_callback() {
678
		check_ajax_referer( 'jp-connection-banner-nonce', 'nonce' );
679
680
		if ( isset( $_REQUEST['dismissBanner'] ) ) {
681
			Jetpack_Options::update_option( 'dismissed_connection_banner', 1 );
682
			wp_send_json_success();
683
		}
684
		
685
		wp_die();
686
	}
687
	
688
	function jetpack_admin_ajax_tracks_callback() {
689
		// Check for nonce
690
		if ( ! isset( $_REQUEST['tracksNonce'] ) || ! wp_verify_nonce( $_REQUEST['tracksNonce'], 'jp-tracks-ajax-nonce' ) ) {
691
			wp_die( 'Permissions check failed.' );
692
		}
693
694
		if ( ! isset( $_REQUEST['tracksEventName'] ) || ! isset( $_REQUEST['tracksEventType'] )  ) {
695
			wp_die( 'No valid event name or type.' );
696
		}
697
698
		$tracks_data = array();
699
		if ( 'click' === $_REQUEST['tracksEventType'] && isset( $_REQUEST['tracksEventProp'] ) ) {
700
			$tracks_data = array( 'clicked' => $_REQUEST['tracksEventProp'] );
701
		}
702
703
		JetpackTracking::record_user_event( $_REQUEST['tracksEventName'], $tracks_data );
704
		wp_send_json_success();
705
		wp_die();
706
	}
707
708
	/**
709
	 * The callback for the JITM ajax requests.
710
	 */
711
	function jetpack_jitm_ajax_callback() {
712
		// Check for nonce
713
		if ( ! isset( $_REQUEST['jitmNonce'] ) || ! wp_verify_nonce( $_REQUEST['jitmNonce'], 'jetpack-jitm-nonce' ) ) {
714
			wp_die( 'Module activation failed due to lack of appropriate permissions' );
715
		}
716
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'activate' == $_REQUEST['jitmActionToTake'] ) {
717
			$module_slug = $_REQUEST['jitmModule'];
718
			Jetpack::log( 'activate', $module_slug );
719
			Jetpack::activate_module( $module_slug, false, false );
720
			Jetpack::state( 'message', 'no_message' );
721
722
			//A Jetpack module is being activated through a JITM, track it
723
			$this->stat( 'jitm', $module_slug.'-activated-' . JETPACK__VERSION );
724
			$this->do_stats( 'server_side' );
725
726
			wp_send_json_success();
727
		}
728
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'dismiss' == $_REQUEST['jitmActionToTake'] ) {
729
			// get the hide_jitm options array
730
			$jetpack_hide_jitm = Jetpack_Options::get_option( 'hide_jitm' );
731
			$module_slug = $_REQUEST['jitmModule'];
732
733
			if( ! $jetpack_hide_jitm ) {
734
				$jetpack_hide_jitm = array(
735
					$module_slug => 'hide'
736
				);
737
			} else {
738
				$jetpack_hide_jitm[$module_slug] = 'hide';
739
			}
740
741
			Jetpack_Options::update_option( 'hide_jitm', $jetpack_hide_jitm );
742
743
			//jitm is being dismissed forever, track it
744
			$this->stat( 'jitm', $module_slug.'-dismissed-' . JETPACK__VERSION );
745
			$this->do_stats( 'server_side' );
746
747
			wp_send_json_success();
748
		}
749 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'launch' == $_REQUEST['jitmActionToTake'] ) {
750
			$module_slug = $_REQUEST['jitmModule'];
751
752
			// User went to WordPress.com, track this
753
			$this->stat( 'jitm', $module_slug.'-wordpress-tools-' . JETPACK__VERSION );
754
			$this->do_stats( 'server_side' );
755
756
			wp_send_json_success();
757
		}
758 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'viewed' == $_REQUEST['jitmActionToTake'] ) {
759
			$track = $_REQUEST['jitmModule'];
760
761
			// User is viewing JITM, track it.
762
			$this->stat( 'jitm', $track . '-viewed-' . JETPACK__VERSION );
763
			$this->do_stats( 'server_side' );
764
765
			wp_send_json_success();
766
		}
767
	}
768
769
	/**
770
	 * If there are any stats that need to be pushed, but haven't been, push them now.
771
	 */
772
	function __destruct() {
773
		if ( ! empty( $this->stats ) ) {
774
			$this->do_stats( 'server_side' );
775
		}
776
	}
777
778
	function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
779
		switch( $cap ) {
780
			case 'jetpack_connect' :
781
			case 'jetpack_reconnect' :
782
				if ( Jetpack::is_development_mode() ) {
783
					$caps = array( 'do_not_allow' );
784
					break;
785
				}
786
				/**
787
				 * Pass through. If it's not development mode, these should match disconnect.
788
				 * Let users disconnect if it's development mode, just in case things glitch.
789
				 */
790
			case 'jetpack_disconnect' :
791
				/**
792
				 * In multisite, can individual site admins manage their own connection?
793
				 *
794
				 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
795
				 */
796
				if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
797
					if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
798
						/**
799
						 * We need to update the option name -- it's terribly unclear which
800
						 * direction the override goes.
801
						 *
802
						 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
803
						 */
804
						$caps = array( 'do_not_allow' );
805
						break;
806
					}
807
				}
808
809
				$caps = array( 'manage_options' );
810
				break;
811
			case 'jetpack_manage_modules' :
812
			case 'jetpack_activate_modules' :
813
			case 'jetpack_deactivate_modules' :
814
				$caps = array( 'manage_options' );
815
				break;
816
			case 'jetpack_configure_modules' :
817
				$caps = array( 'manage_options' );
818
				break;
819
			case 'jetpack_network_admin_page':
820
			case 'jetpack_network_settings_page':
821
				$caps = array( 'manage_network_plugins' );
822
				break;
823
			case 'jetpack_network_sites_page':
824
				$caps = array( 'manage_sites' );
825
				break;
826
			case 'jetpack_admin_page' :
827
				if ( Jetpack::is_development_mode() ) {
828
					$caps = array( 'manage_options' );
829
					break;
830
				} else {
831
					$caps = array( 'read' );
832
				}
833
				break;
834
			case 'jetpack_connect_user' :
835
				if ( Jetpack::is_development_mode() ) {
836
					$caps = array( 'do_not_allow' );
837
					break;
838
				}
839
				$caps = array( 'read' );
840
				break;
841
		}
842
		return $caps;
843
	}
844
845
	function require_jetpack_authentication() {
846
		// Don't let anyone authenticate
847
		$_COOKIE = array();
848
		remove_all_filters( 'authenticate' );
849
		remove_all_actions( 'wp_login_failed' );
850
851
		if ( Jetpack::is_active() ) {
852
			// Allow Jetpack authentication
853
			add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 );
854
		}
855
	}
856
857
	/**
858
	 * Load language files
859
	 * @action plugins_loaded
860
	 */
861
	public static function plugin_textdomain() {
862
		// Note to self, the third argument must not be hardcoded, to account for relocated folders.
863
		load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
864
	}
865
866
	/**
867
	 * Register assets for use in various modules and the Jetpack admin page.
868
	 *
869
	 * @uses wp_script_is, wp_register_script, plugins_url
870
	 * @action wp_loaded
871
	 * @return null
872
	 */
873
	public function register_assets() {
874 View Code Duplication
		if ( ! wp_script_is( 'spin', 'registered' ) ) {
875
			wp_register_script( 'spin', plugins_url( '_inc/spin.js', JETPACK__PLUGIN_FILE ), false, '1.3' );
876
		}
877
878 View Code Duplication
		if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
879
			wp_register_script( 'jquery.spin', plugins_url( '_inc/jquery.spin.js', JETPACK__PLUGIN_FILE ) , array( 'jquery', 'spin' ), '1.3' );
880
		}
881
882 View Code Duplication
		if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
883
			wp_register_script( 'jetpack-gallery-settings', plugins_url( '_inc/gallery-settings.js', JETPACK__PLUGIN_FILE ), array( 'media-views' ), '20121225' );
884
		}
885
886 View Code Duplication
		if ( ! wp_script_is( 'jetpack-twitter-timeline', 'registered' ) ) {
887
			wp_register_script( 'jetpack-twitter-timeline', plugins_url( '_inc/twitter-timeline.js', JETPACK__PLUGIN_FILE ) , array( 'jquery' ), '4.0.0', true );
888
		}
889
890
		if ( ! wp_script_is( 'jetpack-facebook-embed', 'registered' ) ) {
891
			wp_register_script( 'jetpack-facebook-embed', plugins_url( '_inc/facebook-embed.js', __FILE__ ), array( 'jquery' ), null, true );
892
893
			/** This filter is documented in modules/sharedaddy/sharing-sources.php */
894
			$fb_app_id = apply_filters( 'jetpack_sharing_facebook_app_id', '249643311490' );
895
			if ( ! is_numeric( $fb_app_id ) ) {
896
				$fb_app_id = '';
897
			}
898
			wp_localize_script(
899
				'jetpack-facebook-embed',
900
				'jpfbembed',
901
				array(
902
					'appid' => $fb_app_id,
903
					'locale' => $this->get_locale(),
904
				)
905
			);
906
		}
907
908
		/**
909
		 * As jetpack_register_genericons is by default fired off a hook,
910
		 * the hook may have already fired by this point.
911
		 * So, let's just trigger it manually.
912
		 */
913
		require_once( JETPACK__PLUGIN_DIR . '_inc/genericons.php' );
914
		jetpack_register_genericons();
915
916
		/**
917
		 * Register the social logos
918
		 */
919
		require_once( JETPACK__PLUGIN_DIR . '_inc/social-logos.php' );
920
		jetpack_register_social_logos();
921
922 View Code Duplication
		if ( ! wp_style_is( 'jetpack-icons', 'registered' ) )
923
			wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
924
	}
925
926
	/**
927
	 * Guess locale from language code.
928
	 *
929
	 * @param string $lang Language code.
930
	 * @return string|bool
931
	 */
932
	function guess_locale_from_lang( $lang ) {
933
		if ( 'en' === $lang || 'en_US' === $lang || ! $lang ) {
934
			return 'en_US';
935
		}
936
937 View Code Duplication
		if ( ! class_exists( 'GP_Locales' ) ) {
938
			if ( ! defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) || ! file_exists( JETPACK__GLOTPRESS_LOCALES_PATH ) ) {
939
				return false;
940
			}
941
942
			require JETPACK__GLOTPRESS_LOCALES_PATH;
943
		}
944
945
		if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
946
			// WP.com: get_locale() returns 'it'
947
			$locale = GP_Locales::by_slug( $lang );
948
		} else {
949
			// Jetpack: get_locale() returns 'it_IT';
950
			$locale = GP_Locales::by_field( 'facebook_locale', $lang );
951
		}
952
953
		if ( ! $locale ) {
954
			return false;
955
		}
956
957
		if ( empty( $locale->facebook_locale ) ) {
958
			if ( empty( $locale->wp_locale ) ) {
959
				return false;
960
			} else {
961
				// Facebook SDK is smart enough to fall back to en_US if a
962
				// locale isn't supported. Since supported Facebook locales
963
				// can fall out of sync, we'll attempt to use the known
964
				// wp_locale value and rely on said fallback.
965
				return $locale->wp_locale;
966
			}
967
		}
968
969
		return $locale->facebook_locale;
970
	}
971
972
	/**
973
	 * Get the locale.
974
	 *
975
	 * @return string|bool
976
	 */
977
	function get_locale() {
978
		$locale = $this->guess_locale_from_lang( get_locale() );
979
980
		if ( ! $locale ) {
981
			$locale = 'en_US';
982
		}
983
984
		return $locale;
985
	}
986
987
	/**
988
	 * Device Pixels support
989
	 * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers.
990
	 */
991
	function devicepx() {
992
		if ( Jetpack::is_active() ) {
993
			wp_enqueue_script( 'devicepx', 'https://s0.wp.com/wp-content/js/devicepx-jetpack.js', array(), gmdate( 'oW' ), true );
994
		}
995
	}
996
997
	/**
998
	 * Return the network_site_url so that .com knows what network this site is a part of.
999
	 * @param  bool $option
1000
	 * @return string
1001
	 */
1002
	public function jetpack_main_network_site_option( $option ) {
1003
		return network_site_url();
1004
	}
1005
	/**
1006
	 * Network Name.
1007
	 */
1008
	static function network_name( $option = null ) {
1009
		global $current_site;
1010
		return $current_site->site_name;
1011
	}
1012
	/**
1013
	 * Does the network allow new user and site registrations.
1014
	 * @return string
1015
	 */
1016
	static function network_allow_new_registrations( $option = null ) {
1017
		return ( in_array( get_site_option( 'registration' ), array('none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration') : 'none' );
1018
	}
1019
	/**
1020
	 * Does the network allow admins to add new users.
1021
	 * @return boolian
1022
	 */
1023
	static function network_add_new_users( $option = null ) {
1024
		return (bool) get_site_option( 'add_new_users' );
1025
	}
1026
	/**
1027
	 * File upload psace left per site in MB.
1028
	 *  -1 means NO LIMIT.
1029
	 * @return number
1030
	 */
1031
	static function network_site_upload_space( $option = null ) {
1032
		// value in MB
1033
		return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
1034
	}
1035
1036
	/**
1037
	 * Network allowed file types.
1038
	 * @return string
1039
	 */
1040
	static function network_upload_file_types( $option = null ) {
1041
		return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
1042
	}
1043
1044
	/**
1045
	 * Maximum file upload size set by the network.
1046
	 * @return number
1047
	 */
1048
	static function network_max_upload_file_size( $option = null ) {
1049
		// value in KB
1050
		return get_site_option( 'fileupload_maxk', 300 );
1051
	}
1052
1053
	/**
1054
	 * Lets us know if a site allows admins to manage the network.
1055
	 * @return array
1056
	 */
1057
	static function network_enable_administration_menus( $option = null ) {
1058
		return get_site_option( 'menu_items' );
1059
	}
1060
1061
	/**
1062
	 * If a user has been promoted to or demoted from admin, we need to clear the
1063
	 * jetpack_other_linked_admins transient.
1064
	 *
1065
	 * @since 4.3.2
1066
	 * @since 4.4.0  $old_roles is null by default and if it's not passed, the transient is cleared.
1067
	 *
1068
	 * @param int    $user_id   The user ID whose role changed.
1069
	 * @param string $role      The new role.
1070
	 * @param array  $old_roles An array of the user's previous roles.
1071
	 */
1072
	function maybe_clear_other_linked_admins_transient( $user_id, $role, $old_roles = null ) {
1073
		if ( 'administrator' == $role
1074
			|| ( is_array( $old_roles ) && in_array( 'administrator', $old_roles ) )
1075
			|| is_null( $old_roles )
1076
		) {
1077
			delete_transient( 'jetpack_other_linked_admins' );
1078
		}
1079
	}
1080
1081
	/**
1082
	 * Checks to see if there are any other users available to become primary
1083
	 * Users must both:
1084
	 * - Be linked to wpcom
1085
	 * - Be an admin
1086
	 *
1087
	 * @return mixed False if no other users are linked, Int if there are.
1088
	 */
1089
	static function get_other_linked_admins() {
1090
		$other_linked_users = get_transient( 'jetpack_other_linked_admins' );
1091
1092
		if ( false === $other_linked_users ) {
1093
			$admins = get_users( array( 'role' => 'administrator' ) );
1094
			if ( count( $admins ) > 1 ) {
1095
				$available = array();
1096
				foreach ( $admins as $admin ) {
1097
					if ( Jetpack::is_user_connected( $admin->ID ) ) {
1098
						$available[] = $admin->ID;
1099
					}
1100
				}
1101
1102
				$count_connected_admins = count( $available );
1103
				if ( count( $available ) > 1 ) {
1104
					$other_linked_users = $count_connected_admins;
1105
				} else {
1106
					$other_linked_users = 0;
1107
				}
1108
			} else {
1109
				$other_linked_users = 0;
1110
			}
1111
1112
			set_transient( 'jetpack_other_linked_admins', $other_linked_users, HOUR_IN_SECONDS );
1113
		}
1114
1115
		return ( 0 === $other_linked_users ) ? false : $other_linked_users;
1116
	}
1117
1118
	/**
1119
	 * Return whether we are dealing with a multi network setup or not.
1120
	 * The reason we are type casting this is because we want to avoid the situation where
1121
	 * the result is false since when is_main_network_option return false it cases
1122
	 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
1123
	 * database which could be set to anything as opposed to what this function returns.
1124
	 * @param  bool  $option
1125
	 *
1126
	 * @return boolean
1127
	 */
1128
	public function is_main_network_option( $option ) {
1129
		// return '1' or ''
1130
		return (string) (bool) Jetpack::is_multi_network();
1131
	}
1132
1133
	/**
1134
	 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
1135
	 *
1136
	 * @param  string  $option
1137
	 * @return boolean
1138
	 */
1139
	public function is_multisite( $option ) {
1140
		return (string) (bool) is_multisite();
1141
	}
1142
1143
	/**
1144
	 * Implemented since there is no core is multi network function
1145
	 * Right now there is no way to tell if we which network is the dominant network on the system
1146
	 *
1147
	 * @since  3.3
1148
	 * @return boolean
1149
	 */
1150
	public static function is_multi_network() {
1151
		global  $wpdb;
1152
1153
		// if we don't have a multi site setup no need to do any more
1154
		if ( ! is_multisite() ) {
1155
			return false;
1156
		}
1157
1158
		$num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
1159
		if ( $num_sites > 1 ) {
1160
			return true;
1161
		} else {
1162
			return false;
1163
		}
1164
	}
1165
1166
	/**
1167
	 * Trigger an update to the main_network_site when we update the siteurl of a site.
1168
	 * @return null
1169
	 */
1170
	function update_jetpack_main_network_site_option() {
1171
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1172
	}
1173
	/**
1174
	 * Triggered after a user updates the network settings via Network Settings Admin Page
1175
	 *
1176
	 */
1177
	function update_jetpack_network_settings() {
1178
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1179
		// Only sync this info for the main network site.
1180
	}
1181
1182
	/**
1183
	 * Get back if the current site is single user site.
1184
	 *
1185
	 * @return bool
1186
	 */
1187
	public static function is_single_user_site() {
1188
		global $wpdb;
1189
1190 View Code Duplication
		if ( false === ( $some_users = get_transient( 'jetpack_is_single_user' ) ) ) {
1191
			$some_users = $wpdb->get_var( "SELECT COUNT(*) FROM (SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities' LIMIT 2) AS someusers" );
1192
			set_transient( 'jetpack_is_single_user', (int) $some_users, 12 * HOUR_IN_SECONDS );
1193
		}
1194
		return 1 === (int) $some_users;
1195
	}
1196
1197
	/**
1198
	 * Returns true if the site has file write access false otherwise.
1199
	 * @return string ( '1' | '0' )
1200
	 **/
1201
	public static function file_system_write_access() {
1202
		if ( ! function_exists( 'get_filesystem_method' ) ) {
1203
			require_once( ABSPATH . 'wp-admin/includes/file.php' );
1204
		}
1205
1206
		require_once( ABSPATH . 'wp-admin/includes/template.php' );
1207
1208
		$filesystem_method = get_filesystem_method();
1209
		if ( $filesystem_method === 'direct' ) {
1210
			return 1;
1211
		}
1212
1213
		ob_start();
1214
		$filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1215
		ob_end_clean();
1216
		if ( $filesystem_credentials_are_stored ) {
1217
			return 1;
1218
		}
1219
		return 0;
1220
	}
1221
1222
	/**
1223
	 * Finds out if a site is using a version control system.
1224
	 * @return string ( '1' | '0' )
1225
	 **/
1226
	public static function is_version_controlled() {
1227
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Jetpack_Sync_Functions::is_version_controlled' );
1228
		return (string) (int) Jetpack_Sync_Functions::is_version_controlled();
1229
	}
1230
1231
	/**
1232
	 * Determines whether the current theme supports featured images or not.
1233
	 * @return string ( '1' | '0' )
1234
	 */
1235
	public static function featured_images_enabled() {
1236
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1237
		return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1238
	}
1239
1240
	/**
1241
	 * Wrapper for core's get_avatar_url().  This one is deprecated.
1242
	 *
1243
	 * @deprecated 4.7 use get_avatar_url instead.
1244
	 * @param int|string|object $id_or_email A user ID,  email address, or comment object
1245
	 * @param int $size Size of the avatar image
1246
	 * @param string $default URL to a default image to use if no avatar is available
1247
	 * @param bool $force_display Whether to force it to return an avatar even if show_avatars is disabled
1248
	 *
1249
	 * @return array
1250
	 */
1251
	public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
1252
		_deprecated_function( __METHOD__, 'jetpack-4.7', 'get_avatar_url' );
1253
		return get_avatar_url( $id_or_email, array(
1254
			'size' => $size,
1255
			'default' => $default,
1256
			'force_default' => $force_display,
1257
		) );
1258
	}
1259
1260
	/**
1261
	 * jetpack_updates is saved in the following schema:
1262
	 *
1263
	 * array (
1264
	 *      'plugins'                       => (int) Number of plugin updates available.
1265
	 *      'themes'                        => (int) Number of theme updates available.
1266
	 *      'wordpress'                     => (int) Number of WordPress core updates available.
1267
	 *      'translations'                  => (int) Number of translation updates available.
1268
	 *      'total'                         => (int) Total of all available updates.
1269
	 *      'wp_update_version'             => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1270
	 * )
1271
	 * @return array
1272
	 */
1273
	public static function get_updates() {
1274
		$update_data = wp_get_update_data();
1275
1276
		// Stores the individual update counts as well as the total count.
1277
		if ( isset( $update_data['counts'] ) ) {
1278
			$updates = $update_data['counts'];
1279
		}
1280
1281
		// If we need to update WordPress core, let's find the latest version number.
1282 View Code Duplication
		if ( ! empty( $updates['wordpress'] ) ) {
1283
			$cur = get_preferred_from_update_core();
1284
			if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1285
				$updates['wp_update_version'] = $cur->current;
1286
			}
1287
		}
1288
		return isset( $updates ) ? $updates : array();
1289
	}
1290
1291
	public static function get_update_details() {
1292
		$update_details = array(
1293
			'update_core' => get_site_transient( 'update_core' ),
1294
			'update_plugins' => get_site_transient( 'update_plugins' ),
1295
			'update_themes' => get_site_transient( 'update_themes' ),
1296
		);
1297
		return $update_details;
1298
	}
1299
1300
	public static function refresh_update_data() {
1301
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1302
1303
	}
1304
1305
	public static function refresh_theme_data() {
1306
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1307
	}
1308
1309
	/**
1310
	 * Is Jetpack active?
1311
	 */
1312
	public static function is_active() {
1313
		return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1314
	}
1315
1316
	/**
1317
	 * Make an API call to WordPress.com for plan status
1318
	 *
1319
	 * @uses Jetpack_Options::get_option()
1320
	 * @uses Jetpack_Client::wpcom_json_api_request_as_blog()
1321
	 * @uses update_option()
1322
	 *
1323
	 * @access public
1324
	 * @static
1325
	 *
1326
	 * @return bool True if plan is updated, false if no update
1327
	 */
1328
	public static function refresh_active_plan_from_wpcom() {
1329
		// Make the API request
1330
		$request = sprintf( '/sites/%d', Jetpack_Options::get_option( 'id' ) );
1331
		$response = Jetpack_Client::wpcom_json_api_request_as_blog( $request, '1.1' );
1332
1333
		// Bail if there was an error or malformed response
1334
		if ( is_wp_error( $response ) || ! is_array( $response ) || ! isset( $response['body'] ) ) {
1335
			return false;
1336
		}
1337
1338
		// Decode the results
1339
		$results = json_decode( $response['body'], true );
1340
1341
		// Bail if there were no results or plan details returned
1342
		if ( ! is_array( $results ) || ! isset( $results['plan'] ) ) {
1343
			return false;
1344
		}
1345
1346
		// Store the option and return true if updated
1347
		return update_option( 'jetpack_active_plan', $results['plan'] );
1348
	}
1349
1350
	/**
1351
	 * Get the plan that this Jetpack site is currently using
1352
	 *
1353
	 * @uses get_option()
1354
	 *
1355
	 * @access public
1356
	 * @static
1357
	 *
1358
	 * @return array Active Jetpack plan details
1359
	 */
1360
	public static function get_active_plan() {
1361
		$plan = get_option( 'jetpack_active_plan', array() );
1362
1363
		// Set the default options
1364
		if ( empty( $plan ) || ( isset( $plan['product_slug'] ) && 'jetpack_free' === $plan['product_slug'] ) ) {
1365
			$plan = wp_parse_args( $plan, array(
1366
				'product_slug' => 'jetpack_free',
1367
				'supports'     => array(),
1368
				'class'        => 'free',
1369
			) );
1370
		}
1371
1372
		// Define what paid modules are supported by personal plans
1373
		$personal_plans = array(
1374
			'jetpack_personal',
1375
			'jetpack_personal_monthly',
1376
			'personal-bundle',
1377
		);
1378
1379
		if ( in_array( $plan['product_slug'], $personal_plans ) ) {
1380
			$plan['supports'] = array(
1381
				'akismet',
1382
			);
1383
			$plan['class'] = 'personal';
1384
		}
1385
1386
		// Define what paid modules are supported by premium plans
1387
		$premium_plans = array(
1388
			'jetpack_premium',
1389
			'jetpack_premium_monthly',
1390
			'value_bundle',
1391
		);
1392
1393 View Code Duplication
		if ( in_array( $plan['product_slug'], $premium_plans ) ) {
1394
			$plan['supports'] = array(
1395
				'videopress',
1396
				'akismet',
1397
				'vaultpress',
1398
				'wordads',
1399
			);
1400
			$plan['class'] = 'premium';
1401
		}
1402
1403
		// Define what paid modules are supported by professional plans
1404
		$business_plans = array(
1405
			'jetpack_business',
1406
			'jetpack_business_monthly',
1407
			'business-bundle',
1408
		);
1409
1410 View Code Duplication
		if ( in_array( $plan['product_slug'], $business_plans ) ) {
1411
			$plan['supports'] = array(
1412
				'videopress',
1413
				'akismet',
1414
				'vaultpress',
1415
				'seo-tools',
1416
				'google-analytics',
1417
				'wordads',
1418
			);
1419
			$plan['class'] = 'business';
1420
		}
1421
1422
		// Make sure we have an array here in the event database data is stale
1423
		if ( ! isset( $plan['supports'] ) ) {
1424
			$plan['supports'] = array();
1425
		}
1426
1427
		return $plan;
1428
	}
1429
1430
	/**
1431
	 * Determine whether the active plan supports a particular feature
1432
	 *
1433
	 * @uses Jetpack::get_active_plan()
1434
	 *
1435
	 * @access public
1436
	 * @static
1437
	 *
1438
	 * @return bool True if plan supports feature, false if not
1439
	 */
1440
	public static function active_plan_supports( $feature ) {
1441
		$plan = Jetpack::get_active_plan();
1442
1443
		if ( in_array( $feature, $plan['supports'] ) ) {
1444
			return true;
1445
		}
1446
1447
		return false;
1448
	}
1449
1450
	/**
1451
	 * Is Jetpack in development (offline) mode?
1452
	 */
1453
	public static function is_development_mode() {
1454
		$development_mode = false;
1455
1456
		if ( defined( 'JETPACK_DEV_DEBUG' ) ) {
1457
			$development_mode = JETPACK_DEV_DEBUG;
1458
		} elseif ( $site_url = site_url() ) {
1459
			$development_mode = false === strpos( $site_url, '.' );
1460
		}
1461
1462
		/**
1463
		 * Filters Jetpack's development mode.
1464
		 *
1465
		 * @see https://jetpack.com/support/development-mode/
1466
		 *
1467
		 * @since 2.2.1
1468
		 *
1469
		 * @param bool $development_mode Is Jetpack's development mode active.
1470
		 */
1471
		return apply_filters( 'jetpack_development_mode', $development_mode );
1472
	}
1473
1474
	/**
1475
	* Get Jetpack development mode notice text and notice class.
1476
	*
1477
	* Mirrors the checks made in Jetpack::is_development_mode
1478
	*
1479
	*/
1480
	public static function show_development_mode_notice() {
1481
		if ( Jetpack::is_development_mode() ) {
1482
			if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1483
				$notice = sprintf(
1484
					/* translators: %s is a URL */
1485
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the JETPACK_DEV_DEBUG constant being defined in wp-config.php or elsewhere.', 'jetpack' ),
1486
					'https://jetpack.com/support/development-mode/'
1487
				);
1488
			} elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1489
				$notice = sprintf(
1490
					/* translators: %s is a URL */
1491
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via site URL lacking a dot (e.g. http://localhost).', 'jetpack' ),
1492
					'https://jetpack.com/support/development-mode/'
1493
				);
1494
			} else {
1495
				$notice = sprintf(
1496
					/* translators: %s is a URL */
1497
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the jetpack_development_mode filter.', 'jetpack' ),
1498
					'https://jetpack.com/support/development-mode/'
1499
				);
1500
			}
1501
1502
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1503
		}
1504
1505
		// Throw up a notice if using a development version and as for feedback.
1506
		if ( Jetpack::is_development_version() ) {
1507
			/* translators: %s is a URL */
1508
			$notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.com/contact-support/beta-group/' );
1509
1510
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1511
		}
1512
		// Throw up a notice if using staging mode
1513
		if ( Jetpack::is_staging_site() ) {
1514
			/* translators: %s is a URL */
1515
			$notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', 'jetpack' ), 'https://jetpack.com/support/staging-sites/' );
1516
1517
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1518
		}
1519
	}
1520
1521
	/**
1522
	 * Whether Jetpack's version maps to a public release, or a development version.
1523
	 */
1524
	public static function is_development_version() {
1525
		/**
1526
		 * Allows filtering whether this is a development version of Jetpack.
1527
		 *
1528
		 * This filter is especially useful for tests.
1529
		 *
1530
		 * @since 4.3.0
1531
		 *
1532
		 * @param bool $development_version Is this a develoment version of Jetpack?
1533
		 */
1534
		return (bool) apply_filters(
1535
			'jetpack_development_version',
1536
			! preg_match( '/^\d+(\.\d+)+$/', Jetpack_Constants::get_constant( 'JETPACK__VERSION' ) )
1537
		);
1538
	}
1539
1540
	/**
1541
	 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1542
	 */
1543
	public static function is_user_connected( $user_id = false ) {
1544
		$user_id = false === $user_id ? get_current_user_id() : absint( $user_id );
1545
		if ( ! $user_id ) {
1546
			return false;
1547
		}
1548
1549
		return (bool) Jetpack_Data::get_access_token( $user_id );
1550
	}
1551
1552
	/**
1553
	 * Get the wpcom user data of the current|specified connected user.
1554
	 */
1555
	public static function get_connected_user_data( $user_id = null ) {
1556
		if ( ! $user_id ) {
1557
			$user_id = get_current_user_id();
1558
		}
1559
1560
		$transient_key = "jetpack_connected_user_data_$user_id";
1561
1562
		if ( $cached_user_data = get_transient( $transient_key ) ) {
1563
			return $cached_user_data;
1564
		}
1565
1566
		Jetpack::load_xml_rpc_client();
1567
		$xml = new Jetpack_IXR_Client( array(
1568
			'user_id' => $user_id,
1569
		) );
1570
		$xml->query( 'wpcom.getUser' );
1571
		if ( ! $xml->isError() ) {
1572
			$user_data = $xml->getResponse();
1573
			set_transient( $transient_key, $xml->getResponse(), DAY_IN_SECONDS );
1574
			return $user_data;
1575
		}
1576
1577
		return false;
1578
	}
1579
1580
	/**
1581
	 * Get the wpcom email of the current|specified connected user.
1582
	 */
1583 View Code Duplication
	public static function get_connected_user_email( $user_id = null ) {
1584
		if ( ! $user_id ) {
1585
			$user_id = get_current_user_id();
1586
		}
1587
		Jetpack::load_xml_rpc_client();
1588
		$xml = new Jetpack_IXR_Client( array(
1589
			'user_id' => $user_id,
1590
		) );
1591
		$xml->query( 'wpcom.getUserEmail' );
1592
		if ( ! $xml->isError() ) {
1593
			return $xml->getResponse();
1594
		}
1595
		return false;
1596
	}
1597
1598
	/**
1599
	 * Get the wpcom email of the master user.
1600
	 */
1601
	public static function get_master_user_email() {
1602
		$master_user_id = Jetpack_Options::get_option( 'master_user' );
1603
		if ( $master_user_id ) {
1604
			return self::get_connected_user_email( $master_user_id );
1605
		}
1606
		return '';
1607
	}
1608
1609
	function current_user_is_connection_owner() {
1610
		$user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1611
		return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && get_current_user_id() === $user_token->external_user_id;
1612
	}
1613
1614
	/**
1615
	 * Add any extra oEmbed providers that we know about and use on wpcom for feature parity.
1616
	 */
1617
	function extra_oembed_providers() {
1618
		// Cloudup: https://dev.cloudup.com/#oembed
1619
		wp_oembed_add_provider( 'https://cloudup.com/*' , 'https://cloudup.com/oembed' );
1620
		wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' );
1621
		wp_oembed_add_provider( '#https?://(www\.)?gfycat\.com/.*#i', 'https://api.gfycat.com/v1/oembed', true );
1622
		wp_oembed_add_provider( '#https?://[^.]+\.(wistia\.com|wi\.st)/(medias|embed)/.*#', 'https://fast.wistia.com/oembed', true );
1623
		wp_oembed_add_provider( '#https?://sketchfab\.com/.*#i', 'https://sketchfab.com/oembed', true );
1624
		wp_oembed_add_provider( '#https?://(www\.)?icloud\.com/keynote/.*#i', 'https://iwmb.icloud.com/iwmb/oembed', true );
1625
	}
1626
1627
	/**
1628
	 * Synchronize connected user role changes
1629
	 */
1630
	function user_role_change( $user_id ) {
1631
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Jetpack_Sync_Users::user_role_change()' );
1632
		Jetpack_Sync_Users::user_role_change( $user_id );
1633
	}
1634
1635
	/**
1636
	 * Loads the currently active modules.
1637
	 */
1638
	public static function load_modules() {
1639
		if ( ! self::is_active() && !self::is_development_mode() ) {
1640
			if ( ! is_multisite() || ! get_site_option( 'jetpack_protect_active' ) ) {
1641
				return;
1642
			}
1643
		}
1644
1645
		$version = Jetpack_Options::get_option( 'version' );
1646 View Code Duplication
		if ( ! $version ) {
1647
			$version = $old_version = JETPACK__VERSION . ':' . time();
1648
			/** This action is documented in class.jetpack.php */
1649
			do_action( 'updating_jetpack_version', $version, false );
1650
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1651
		}
1652
		list( $version ) = explode( ':', $version );
1653
1654
		$modules = array_filter( Jetpack::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1655
1656
		$modules_data = array();
1657
1658
		// Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1659
		if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1660
			$updated_modules = array();
1661
			foreach ( $modules as $module ) {
1662
				$modules_data[ $module ] = Jetpack::get_module( $module );
1663
				if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1664
					continue;
1665
				}
1666
1667
				if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1668
					continue;
1669
				}
1670
1671
				$updated_modules[] = $module;
1672
			}
1673
1674
			$modules = array_diff( $modules, $updated_modules );
1675
		}
1676
1677
		$is_development_mode = Jetpack::is_development_mode();
1678
1679
		foreach ( $modules as $index => $module ) {
1680
			// If we're in dev mode, disable modules requiring a connection
1681
			if ( $is_development_mode ) {
1682
				// Prime the pump if we need to
1683
				if ( empty( $modules_data[ $module ] ) ) {
1684
					$modules_data[ $module ] = Jetpack::get_module( $module );
1685
				}
1686
				// If the module requires a connection, but we're in local mode, don't include it.
1687
				if ( $modules_data[ $module ]['requires_connection'] ) {
1688
					continue;
1689
				}
1690
			}
1691
1692
			if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1693
				continue;
1694
			}
1695
1696
			if ( ! include_once( Jetpack::get_module_path( $module ) ) ) {
1697
				unset( $modules[ $index ] );
1698
				self::update_active_modules( array_values( $modules ) );
1699
				continue;
1700
			}
1701
1702
			/**
1703
			 * Fires when a specific module is loaded.
1704
			 * The dynamic part of the hook, $module, is the module slug.
1705
			 *
1706
			 * @since 1.1.0
1707
			 */
1708
			do_action( 'jetpack_module_loaded_' . $module );
1709
		}
1710
1711
		/**
1712
		 * Fires when all the modules are loaded.
1713
		 *
1714
		 * @since 1.1.0
1715
		 */
1716
		do_action( 'jetpack_modules_loaded' );
1717
1718
		// Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1719
		if ( Jetpack::is_active() || Jetpack::is_development_mode() )
1720
			require_once( JETPACK__PLUGIN_DIR . 'modules/module-extras.php' );
1721
	}
1722
1723
	/**
1724
	 * Check if Jetpack's REST API compat file should be included
1725
	 * @action plugins_loaded
1726
	 * @return null
1727
	 */
1728
	public function check_rest_api_compat() {
1729
		/**
1730
		 * Filters the list of REST API compat files to be included.
1731
		 *
1732
		 * @since 2.2.5
1733
		 *
1734
		 * @param array $args Array of REST API compat files to include.
1735
		 */
1736
		$_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1737
1738
		if ( function_exists( 'bbpress' ) )
1739
			$_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php';
1740
1741
		foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include )
1742
			require_once $_jetpack_rest_api_compat_include;
1743
	}
1744
1745
	/**
1746
	 * Gets all plugins currently active in values, regardless of whether they're
1747
	 * traditionally activated or network activated.
1748
	 *
1749
	 * @todo Store the result in core's object cache maybe?
1750
	 */
1751
	public static function get_active_plugins() {
1752
		$active_plugins = (array) get_option( 'active_plugins', array() );
1753
1754
		if ( is_multisite() ) {
1755
			// Due to legacy code, active_sitewide_plugins stores them in the keys,
1756
			// whereas active_plugins stores them in the values.
1757
			$network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
1758
			if ( $network_plugins ) {
1759
				$active_plugins = array_merge( $active_plugins, $network_plugins );
1760
			}
1761
		}
1762
1763
		sort( $active_plugins );
1764
1765
		return array_unique( $active_plugins );
1766
	}
1767
1768
	/**
1769
	 * Gets and parses additional plugin data to send with the heartbeat data
1770
	 *
1771
	 * @since 3.8.1
1772
	 *
1773
	 * @return array Array of plugin data
1774
	 */
1775
	public static function get_parsed_plugin_data() {
1776
		if ( ! function_exists( 'get_plugins' ) ) {
1777
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1778
		}
1779
		/** This filter is documented in wp-admin/includes/class-wp-plugins-list-table.php */
1780
		$all_plugins    = apply_filters( 'all_plugins', get_plugins() );
1781
		$active_plugins = Jetpack::get_active_plugins();
1782
1783
		$plugins = array();
1784
		foreach ( $all_plugins as $path => $plugin_data ) {
1785
			$plugins[ $path ] = array(
1786
					'is_active' => in_array( $path, $active_plugins ),
1787
					'file'      => $path,
1788
					'name'      => $plugin_data['Name'],
1789
					'version'   => $plugin_data['Version'],
1790
					'author'    => $plugin_data['Author'],
1791
			);
1792
		}
1793
1794
		return $plugins;
1795
	}
1796
1797
	/**
1798
	 * Gets and parses theme data to send with the heartbeat data
1799
	 *
1800
	 * @since 3.8.1
1801
	 *
1802
	 * @return array Array of theme data
1803
	 */
1804
	public static function get_parsed_theme_data() {
1805
		$all_themes = wp_get_themes( array( 'allowed' => true ) );
1806
		$header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
1807
1808
		$themes = array();
1809
		foreach ( $all_themes as $slug => $theme_data ) {
1810
			$theme_headers = array();
1811
			foreach ( $header_keys as $header_key ) {
1812
				$theme_headers[ $header_key ] = $theme_data->get( $header_key );
1813
			}
1814
1815
			$themes[ $slug ] = array(
1816
					'is_active_theme' => $slug == wp_get_theme()->get_template(),
1817
					'slug' => $slug,
1818
					'theme_root' => $theme_data->get_theme_root_uri(),
1819
					'parent' => $theme_data->parent(),
1820
					'headers' => $theme_headers
1821
			);
1822
		}
1823
1824
		return $themes;
1825
	}
1826
1827
	/**
1828
	 * Checks whether a specific plugin is active.
1829
	 *
1830
	 * We don't want to store these in a static variable, in case
1831
	 * there are switch_to_blog() calls involved.
1832
	 */
1833
	public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
1834
		return in_array( $plugin, self::get_active_plugins() );
1835
	}
1836
1837
	/**
1838
	 * Check if Jetpack's Open Graph tags should be used.
1839
	 * If certain plugins are active, Jetpack's og tags are suppressed.
1840
	 *
1841
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1842
	 * @action plugins_loaded
1843
	 * @return null
1844
	 */
1845
	public function check_open_graph() {
1846
		if ( in_array( 'publicize', Jetpack::get_active_modules() ) || in_array( 'sharedaddy', Jetpack::get_active_modules() ) ) {
1847
			add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
1848
		}
1849
1850
		$active_plugins = self::get_active_plugins();
1851
1852
		if ( ! empty( $active_plugins ) ) {
1853
			foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
1854
				if ( in_array( $plugin, $active_plugins ) ) {
1855
					add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
1856
					break;
1857
				}
1858
			}
1859
		}
1860
1861
		/**
1862
		 * Allow the addition of Open Graph Meta Tags to all pages.
1863
		 *
1864
		 * @since 2.0.3
1865
		 *
1866
		 * @param bool false Should Open Graph Meta tags be added. Default to false.
1867
		 */
1868
		if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
1869
			require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
1870
		}
1871
	}
1872
1873
	/**
1874
	 * Check if Jetpack's Twitter tags should be used.
1875
	 * If certain plugins are active, Jetpack's twitter tags are suppressed.
1876
	 *
1877
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1878
	 * @action plugins_loaded
1879
	 * @return null
1880
	 */
1881
	public function check_twitter_tags() {
1882
1883
		$active_plugins = self::get_active_plugins();
1884
1885
		if ( ! empty( $active_plugins ) ) {
1886
			foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
1887
				if ( in_array( $plugin, $active_plugins ) ) {
1888
					add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
1889
					break;
1890
				}
1891
			}
1892
		}
1893
1894
		/**
1895
		 * Allow Twitter Card Meta tags to be disabled.
1896
		 *
1897
		 * @since 2.6.0
1898
		 *
1899
		 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
1900
		 */
1901
		if ( ! apply_filters( 'jetpack_disable_twitter_cards', false ) ) {
1902
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
1903
		}
1904
	}
1905
1906
	/**
1907
	 * Allows plugins to submit security reports.
1908
 	 *
1909
	 * @param string  $type         Report type (login_form, backup, file_scanning, spam)
1910
	 * @param string  $plugin_file  Plugin __FILE__, so that we can pull plugin data
1911
	 * @param array   $args         See definitions above
1912
	 */
1913
	public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
1914
		_deprecated_function( __FUNCTION__, 'jetpack-4.2', null );
1915
	}
1916
1917
/* Jetpack Options API */
1918
1919
	public static function get_option_names( $type = 'compact' ) {
1920
		return Jetpack_Options::get_option_names( $type );
1921
	}
1922
1923
	/**
1924
	 * Returns the requested option.  Looks in jetpack_options or jetpack_$name as appropriate.
1925
 	 *
1926
	 * @param string $name    Option name
1927
	 * @param mixed  $default (optional)
1928
	 */
1929
	public static function get_option( $name, $default = false ) {
1930
		return Jetpack_Options::get_option( $name, $default );
1931
	}
1932
1933
	/**
1934
	 * Updates the single given option.  Updates jetpack_options or jetpack_$name as appropriate.
1935
 	 *
1936
	 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
1937
	 * @param string $name  Option name
1938
	 * @param mixed  $value Option value
1939
	 */
1940
	public static function update_option( $name, $value ) {
1941
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
1942
		return Jetpack_Options::update_option( $name, $value );
1943
	}
1944
1945
	/**
1946
	 * Updates the multiple given options.  Updates jetpack_options and/or jetpack_$name as appropriate.
1947
 	 *
1948
	 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
1949
	 * @param array $array array( option name => option value, ... )
1950
	 */
1951
	public static function update_options( $array ) {
1952
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
1953
		return Jetpack_Options::update_options( $array );
1954
	}
1955
1956
	/**
1957
	 * Deletes the given option.  May be passed multiple option names as an array.
1958
	 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
1959
	 *
1960
	 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
1961
	 * @param string|array $names
1962
	 */
1963
	public static function delete_option( $names ) {
1964
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
1965
		return Jetpack_Options::delete_option( $names );
1966
	}
1967
1968
	/**
1969
	 * Enters a user token into the user_tokens option
1970
	 *
1971
	 * @param int $user_id
1972
	 * @param string $token
1973
	 * return bool
1974
	 */
1975
	public static function update_user_token( $user_id, $token, $is_master_user ) {
1976
		// not designed for concurrent updates
1977
		$user_tokens = Jetpack_Options::get_option( 'user_tokens' );
1978
		if ( ! is_array( $user_tokens ) )
1979
			$user_tokens = array();
1980
		$user_tokens[$user_id] = $token;
1981
		if ( $is_master_user ) {
1982
			$master_user = $user_id;
1983
			$options     = compact( 'user_tokens', 'master_user' );
1984
		} else {
1985
			$options = compact( 'user_tokens' );
1986
		}
1987
		return Jetpack_Options::update_options( $options );
1988
	}
1989
1990
	/**
1991
	 * Returns an array of all PHP files in the specified absolute path.
1992
	 * Equivalent to glob( "$absolute_path/*.php" ).
1993
	 *
1994
	 * @param string $absolute_path The absolute path of the directory to search.
1995
	 * @return array Array of absolute paths to the PHP files.
1996
	 */
1997
	public static function glob_php( $absolute_path ) {
1998
		if ( function_exists( 'glob' ) ) {
1999
			return glob( "$absolute_path/*.php" );
2000
		}
2001
2002
		$absolute_path = untrailingslashit( $absolute_path );
2003
		$files = array();
2004
		if ( ! $dir = @opendir( $absolute_path ) ) {
2005
			return $files;
2006
		}
2007
2008
		while ( false !== $file = readdir( $dir ) ) {
2009
			if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
2010
				continue;
2011
			}
2012
2013
			$file = "$absolute_path/$file";
2014
2015
			if ( ! is_file( $file ) ) {
2016
				continue;
2017
			}
2018
2019
			$files[] = $file;
2020
		}
2021
2022
		closedir( $dir );
2023
2024
		return $files;
2025
	}
2026
2027
	public static function activate_new_modules( $redirect = false ) {
2028
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
2029
			return;
2030
		}
2031
2032
		$jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
2033 View Code Duplication
		if ( ! $jetpack_old_version ) {
2034
			$jetpack_old_version = $version = $old_version = '1.1:' . time();
2035
			/** This action is documented in class.jetpack.php */
2036
			do_action( 'updating_jetpack_version', $version, false );
2037
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2038
		}
2039
2040
		list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
2041
2042
		if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
2043
			return;
2044
		}
2045
2046
		$active_modules     = Jetpack::get_active_modules();
2047
		$reactivate_modules = array();
2048
		foreach ( $active_modules as $active_module ) {
2049
			$module = Jetpack::get_module( $active_module );
2050
			if ( ! isset( $module['changed'] ) ) {
2051
				continue;
2052
			}
2053
2054
			if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
2055
				continue;
2056
			}
2057
2058
			$reactivate_modules[] = $active_module;
2059
			Jetpack::deactivate_module( $active_module );
2060
		}
2061
2062
		$new_version = JETPACK__VERSION . ':' . time();
2063
		/** This action is documented in class.jetpack.php */
2064
		do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
2065
		Jetpack_Options::update_options(
2066
			array(
2067
				'version'     => $new_version,
2068
				'old_version' => $jetpack_old_version,
2069
			)
2070
		);
2071
2072
		Jetpack::state( 'message', 'modules_activated' );
2073
		Jetpack::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules );
2074
2075
		if ( $redirect ) {
2076
			$page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
2077
			if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
2078
				$page = $_GET['page'];
2079
			}
2080
2081
			wp_safe_redirect( Jetpack::admin_url( 'page=' . $page ) );
2082
			exit;
2083
		}
2084
	}
2085
2086
	/**
2087
	 * List available Jetpack modules. Simply lists .php files in /modules/.
2088
	 * Make sure to tuck away module "library" files in a sub-directory.
2089
	 */
2090
	public static function get_available_modules( $min_version = false, $max_version = false ) {
2091
		static $modules = null;
2092
2093
		if ( ! isset( $modules ) ) {
2094
			$available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
2095
			// Use the cache if we're on the front-end and it's available...
2096
			if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
2097
				$modules = $available_modules_option[ JETPACK__VERSION ];
2098
			} else {
2099
				$files = Jetpack::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
2100
2101
				$modules = array();
2102
2103
				foreach ( $files as $file ) {
2104
					if ( ! $headers = Jetpack::get_module( $file ) ) {
2105
						continue;
2106
					}
2107
2108
					$modules[ Jetpack::get_module_slug( $file ) ] = $headers['introduced'];
2109
				}
2110
2111
				Jetpack_Options::update_option( 'available_modules', array(
2112
					JETPACK__VERSION => $modules,
2113
				) );
2114
			}
2115
		}
2116
2117
		/**
2118
		 * Filters the array of modules available to be activated.
2119
		 *
2120
		 * @since 2.4.0
2121
		 *
2122
		 * @param array $modules Array of available modules.
2123
		 * @param string $min_version Minimum version number required to use modules.
2124
		 * @param string $max_version Maximum version number required to use modules.
2125
		 */
2126
		$mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2127
2128
		if ( ! $min_version && ! $max_version ) {
2129
			return array_keys( $mods );
2130
		}
2131
2132
		$r = array();
2133
		foreach ( $mods as $slug => $introduced ) {
2134
			if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2135
				continue;
2136
			}
2137
2138
			if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2139
				continue;
2140
			}
2141
2142
			$r[] = $slug;
2143
		}
2144
2145
		return $r;
2146
	}
2147
2148
	/**
2149
	 * Default modules loaded on activation.
2150
	 */
2151
	public static function get_default_modules( $min_version = false, $max_version = false ) {
2152
		$return = array();
2153
2154
		foreach ( Jetpack::get_available_modules( $min_version, $max_version ) as $module ) {
2155
			$module_data = Jetpack::get_module( $module );
2156
2157
			switch ( strtolower( $module_data['auto_activate'] ) ) {
2158
				case 'yes' :
2159
					$return[] = $module;
2160
					break;
2161
				case 'public' :
2162
					if ( Jetpack_Options::get_option( 'public' ) ) {
2163
						$return[] = $module;
2164
					}
2165
					break;
2166
				case 'no' :
2167
				default :
2168
					break;
2169
			}
2170
		}
2171
		/**
2172
		 * Filters the array of default modules.
2173
		 *
2174
		 * @since 2.5.0
2175
		 *
2176
		 * @param array $return Array of default modules.
2177
		 * @param string $min_version Minimum version number required to use modules.
2178
		 * @param string $max_version Maximum version number required to use modules.
2179
		 */
2180
		return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2181
	}
2182
2183
	/**
2184
	 * Checks activated modules during auto-activation to determine
2185
	 * if any of those modules are being deprecated.  If so, close
2186
	 * them out, and add any replacement modules.
2187
	 *
2188
	 * Runs at priority 99 by default.
2189
	 *
2190
	 * This is run late, so that it can still activate a module if
2191
	 * the new module is a replacement for another that the user
2192
	 * currently has active, even if something at the normal priority
2193
	 * would kibosh everything.
2194
	 *
2195
	 * @since 2.6
2196
	 * @uses jetpack_get_default_modules filter
2197
	 * @param array $modules
2198
	 * @return array
2199
	 */
2200
	function handle_deprecated_modules( $modules ) {
2201
		$deprecated_modules = array(
2202
			'debug'            => null,  // Closed out and moved to ./class.jetpack-debugger.php
2203
			'wpcc'             => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2204
			'gplus-authorship' => null,  // Closed out in 3.2 -- Google dropped support.
2205
		);
2206
2207
		// Don't activate SSO if they never completed activating WPCC.
2208
		if ( Jetpack::is_module_active( 'wpcc' ) ) {
2209
			$wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2210
			if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2211
				$deprecated_modules['wpcc'] = null;
2212
			}
2213
		}
2214
2215
		foreach ( $deprecated_modules as $module => $replacement ) {
2216
			if ( Jetpack::is_module_active( $module ) ) {
2217
				self::deactivate_module( $module );
2218
				if ( $replacement ) {
2219
					$modules[] = $replacement;
2220
				}
2221
			}
2222
		}
2223
2224
		return array_unique( $modules );
2225
	}
2226
2227
	/**
2228
	 * Checks activated plugins during auto-activation to determine
2229
	 * if any of those plugins are in the list with a corresponding module
2230
	 * that is not compatible with the plugin. The module will not be allowed
2231
	 * to auto-activate.
2232
	 *
2233
	 * @since 2.6
2234
	 * @uses jetpack_get_default_modules filter
2235
	 * @param array $modules
2236
	 * @return array
2237
	 */
2238
	function filter_default_modules( $modules ) {
2239
2240
		$active_plugins = self::get_active_plugins();
2241
2242
		if ( ! empty( $active_plugins ) ) {
2243
2244
			// For each module we'd like to auto-activate...
2245
			foreach ( $modules as $key => $module ) {
2246
				// If there are potential conflicts for it...
2247
				if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2248
					// For each potential conflict...
2249
					foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2250
						// If that conflicting plugin is active...
2251
						if ( in_array( $plugin, $active_plugins ) ) {
2252
							// Remove that item from being auto-activated.
2253
							unset( $modules[ $key ] );
2254
						}
2255
					}
2256
				}
2257
			}
2258
		}
2259
2260
		return $modules;
2261
	}
2262
2263
	/**
2264
	 * Extract a module's slug from its full path.
2265
	 */
2266
	public static function get_module_slug( $file ) {
2267
		return str_replace( '.php', '', basename( $file ) );
2268
	}
2269
2270
	/**
2271
	 * Generate a module's path from its slug.
2272
	 */
2273
	public static function get_module_path( $slug ) {
2274
		return JETPACK__PLUGIN_DIR . "modules/$slug.php";
2275
	}
2276
2277
	/**
2278
	 * Load module data from module file. Headers differ from WordPress
2279
	 * plugin headers to avoid them being identified as standalone
2280
	 * plugins on the WordPress plugins page.
2281
	 */
2282
	public static function get_module( $module ) {
2283
		$headers = array(
2284
			'name'                      => 'Module Name',
2285
			'description'               => 'Module Description',
2286
			'jumpstart_desc'            => 'Jumpstart Description',
2287
			'sort'                      => 'Sort Order',
2288
			'recommendation_order'      => 'Recommendation Order',
2289
			'introduced'                => 'First Introduced',
2290
			'changed'                   => 'Major Changes In',
2291
			'deactivate'                => 'Deactivate',
2292
			'free'                      => 'Free',
2293
			'requires_connection'       => 'Requires Connection',
2294
			'auto_activate'             => 'Auto Activate',
2295
			'module_tags'               => 'Module Tags',
2296
			'feature'                   => 'Feature',
2297
			'additional_search_queries' => 'Additional Search Queries',
2298
		);
2299
2300
		$file = Jetpack::get_module_path( Jetpack::get_module_slug( $module ) );
2301
2302
		$mod = Jetpack::get_file_data( $file, $headers );
2303
		if ( empty( $mod['name'] ) ) {
2304
			return false;
2305
		}
2306
2307
		$mod['sort']                    = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2308
		$mod['recommendation_order']    = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2309
		$mod['deactivate']              = empty( $mod['deactivate'] );
2310
		$mod['free']                    = empty( $mod['free'] );
2311
		$mod['requires_connection']     = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2312
2313
		if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2314
			$mod['auto_activate'] = 'No';
2315
		} else {
2316
			$mod['auto_activate'] = (string) $mod['auto_activate'];
2317
		}
2318
2319
		if ( $mod['module_tags'] ) {
2320
			$mod['module_tags'] = explode( ',', $mod['module_tags'] );
2321
			$mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2322
			$mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2323
		} else {
2324
			$mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2325
		}
2326
2327
		if ( $mod['feature'] ) {
2328
			$mod['feature'] = explode( ',', $mod['feature'] );
2329
			$mod['feature'] = array_map( 'trim', $mod['feature'] );
2330
		} else {
2331
			$mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2332
		}
2333
2334
		/**
2335
		 * Filters the feature array on a module.
2336
		 *
2337
		 * This filter allows you to control where each module is filtered: Recommended,
2338
		 * Jumpstart, and the default "Other" listing.
2339
		 *
2340
		 * @since 3.5.0
2341
		 *
2342
		 * @param array   $mod['feature'] The areas to feature this module:
2343
		 *     'Jumpstart' adds to the "Jumpstart" option to activate many modules at once.
2344
		 *     'Recommended' shows on the main Jetpack admin screen.
2345
		 *     'Other' should be the default if no other value is in the array.
2346
		 * @param string  $module The slug of the module, e.g. sharedaddy.
2347
		 * @param array   $mod All the currently assembled module data.
2348
		 */
2349
		$mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2350
2351
		/**
2352
		 * Filter the returned data about a module.
2353
		 *
2354
		 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2355
		 * so please be careful.
2356
		 *
2357
		 * @since 3.6.0
2358
		 *
2359
		 * @param array   $mod    The details of the requested module.
2360
		 * @param string  $module The slug of the module, e.g. sharedaddy
2361
		 * @param string  $file   The path to the module source file.
2362
		 */
2363
		return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2364
	}
2365
2366
	/**
2367
	 * Like core's get_file_data implementation, but caches the result.
2368
	 */
2369
	public static function get_file_data( $file, $headers ) {
2370
		//Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2371
		$file_name = basename( $file );
2372
		$file_data_option = Jetpack_Options::get_option( 'file_data', array() );
2373
		$key              = md5( $file_name . serialize( $headers ) );
2374
		$refresh_cache    = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2375
2376
		// If we don't need to refresh the cache, and already have the value, short-circuit!
2377
		if ( ! $refresh_cache && isset( $file_data_option[ JETPACK__VERSION ][ $key ] ) ) {
2378
			return $file_data_option[ JETPACK__VERSION ][ $key ];
2379
		}
2380
2381
		$data = get_file_data( $file, $headers );
2382
2383
		// Strip out any old Jetpack versions that are cluttering the option.
2384
		//
2385
		// We maintain the data for the current version of Jetpack plus the previous version
2386
		// to prevent repeated DB hits on large sites hosted with multiple web servers
2387
		// on a single database (since all web servers might not be updated simultaneously)
2388
2389
		$file_data_option[ JETPACK__VERSION ][ $key ] = $data;
2390
2391
		if ( count( $file_data_option ) > 2 ) {
2392
			$count = 0;
2393
			krsort( $file_data_option );
2394
			foreach ( $file_data_option as $version => $values ) {
2395
				$count++;
2396
				if ( $count > 2 && JETPACK__VERSION != $version ) {
2397
					unset( $file_data_option[ $version ] );
2398
				}
2399
			}
2400
		}
2401
2402
		Jetpack_Options::update_option( 'file_data', $file_data_option );
2403
2404
		return $data;
2405
	}
2406
2407
2408
	/**
2409
	 * Return translated module tag.
2410
	 *
2411
	 * @param string $tag Tag as it appears in each module heading.
2412
	 *
2413
	 * @return mixed
2414
	 */
2415
	public static function translate_module_tag( $tag ) {
2416
		return jetpack_get_module_i18n_tag( $tag );
2417
	}
2418
2419
	/**
2420
	 * Return module name translation. Uses matching string created in modules/module-headings.php.
2421
	 *
2422
	 * @since 3.9.2
2423
	 *
2424
	 * @param array $modules
2425
	 *
2426
	 * @return string|void
2427
	 */
2428
	public static function get_translated_modules( $modules ) {
2429
		foreach ( $modules as $index => $module ) {
2430
			$i18n_module = jetpack_get_module_i18n( $module['module'] );
2431
			if ( isset( $module['name'] ) ) {
2432
				$modules[ $index ]['name'] = $i18n_module['name'];
2433
			}
2434
			if ( isset( $module['description'] ) ) {
2435
				$modules[ $index ]['description'] = $i18n_module['description'];
2436
				$modules[ $index ]['short_description'] = $i18n_module['description'];
2437
			}
2438
		}
2439
		return $modules;
2440
	}
2441
2442
	/**
2443
	 * Get a list of activated modules as an array of module slugs.
2444
	 */
2445
	public static function get_active_modules() {
2446
		$active = Jetpack_Options::get_option( 'active_modules' );
2447
2448
		if ( ! is_array( $active ) ) {
2449
			$active = array();
2450
		}
2451
2452
		if ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) {
2453
			$active[] = 'vaultpress';
2454
		} else {
2455
			$active = array_diff( $active, array( 'vaultpress' ) );
2456
		}
2457
2458
		//If protect is active on the main site of a multisite, it should be active on all sites.
2459
		if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2460
			$active[] = 'protect';
2461
		}
2462
2463
		return array_unique( $active );
2464
	}
2465
2466
	/**
2467
	 * Check whether or not a Jetpack module is active.
2468
	 *
2469
	 * @param string $module The slug of a Jetpack module.
2470
	 * @return bool
2471
	 *
2472
	 * @static
2473
	 */
2474
	public static function is_module_active( $module ) {
2475
		return in_array( $module, self::get_active_modules() );
2476
	}
2477
2478
	public static function is_module( $module ) {
2479
		return ! empty( $module ) && ! validate_file( $module, Jetpack::get_available_modules() );
2480
	}
2481
2482
	/**
2483
	 * Catches PHP errors.  Must be used in conjunction with output buffering.
2484
	 *
2485
	 * @param bool $catch True to start catching, False to stop.
2486
	 *
2487
	 * @static
2488
	 */
2489
	public static function catch_errors( $catch ) {
2490
		static $display_errors, $error_reporting;
2491
2492
		if ( $catch ) {
2493
			$display_errors  = @ini_set( 'display_errors', 1 );
2494
			$error_reporting = @error_reporting( E_ALL );
2495
			add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2496
		} else {
2497
			@ini_set( 'display_errors', $display_errors );
2498
			@error_reporting( $error_reporting );
2499
			remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2500
		}
2501
	}
2502
2503
	/**
2504
	 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2505
	 */
2506
	public static function catch_errors_on_shutdown() {
2507
		Jetpack::state( 'php_errors', self::alias_directories( ob_get_clean() ) );
2508
	}
2509
2510
	/**
2511
	 * Rewrite any string to make paths easier to read.
2512
	 *
2513
	 * Rewrites ABSPATH (eg `/home/jetpack/wordpress/`) to ABSPATH, and if WP_CONTENT_DIR
2514
	 * is located outside of ABSPATH, rewrites that to WP_CONTENT_DIR.
2515
	 *
2516
	 * @param $string
2517
	 * @return mixed
2518
	 */
2519
	public static function alias_directories( $string ) {
2520
		// ABSPATH has a trailing slash.
2521
		$string = str_replace( ABSPATH, 'ABSPATH/', $string );
2522
		// WP_CONTENT_DIR does not have a trailing slash.
2523
		$string = str_replace( WP_CONTENT_DIR, 'WP_CONTENT_DIR', $string );
2524
2525
		return $string;
2526
	}
2527
2528
	public static function activate_default_modules(
2529
		$min_version = false,
2530
		$max_version = false,
2531
		$other_modules = array(),
2532
		$redirect = true,
2533
		$send_state_messages = true
2534
	) {
2535
		$jetpack = Jetpack::init();
2536
2537
		$modules = Jetpack::get_default_modules( $min_version, $max_version );
2538
		$modules = array_merge( $other_modules, $modules );
2539
2540
		// Look for standalone plugins and disable if active.
2541
2542
		$to_deactivate = array();
2543
		foreach ( $modules as $module ) {
2544
			if ( isset( $jetpack->plugins_to_deactivate[$module] ) ) {
2545
				$to_deactivate[$module] = $jetpack->plugins_to_deactivate[$module];
2546
			}
2547
		}
2548
2549
		$deactivated = array();
2550
		foreach ( $to_deactivate as $module => $deactivate_me ) {
2551
			list( $probable_file, $probable_title ) = $deactivate_me;
2552
			if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2553
				$deactivated[] = $module;
2554
			}
2555
		}
2556
2557
		if ( $deactivated && $redirect ) {
2558
			Jetpack::state( 'deactivated_plugins', join( ',', $deactivated ) );
2559
2560
			$url = add_query_arg(
2561
				array(
2562
					'action'   => 'activate_default_modules',
2563
					'_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2564
				),
2565
				add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), Jetpack::admin_url( 'page=jetpack' ) )
2566
			);
2567
			wp_safe_redirect( $url );
2568
			exit;
2569
		}
2570
2571
		/**
2572
		 * Fires before default modules are activated.
2573
		 *
2574
		 * @since 1.9.0
2575
		 *
2576
		 * @param string $min_version Minimum version number required to use modules.
2577
		 * @param string $max_version Maximum version number required to use modules.
2578
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2579
		 */
2580
		do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2581
2582
		// Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2583
		Jetpack::restate();
2584
		Jetpack::catch_errors( true );
2585
2586
		$active = Jetpack::get_active_modules();
2587
2588
		foreach ( $modules as $module ) {
2589
			if ( did_action( "jetpack_module_loaded_$module" ) ) {
2590
				$active[] = $module;
2591
				self::update_active_modules( $active );
2592
				continue;
2593
			}
2594
2595
			if ( $send_state_messages && in_array( $module, $active ) ) {
2596
				$module_info = Jetpack::get_module( $module );
2597 View Code Duplication
				if ( ! $module_info['deactivate'] ) {
2598
					$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2599
					if ( $active_state = Jetpack::state( $state ) ) {
2600
						$active_state = explode( ',', $active_state );
2601
					} else {
2602
						$active_state = array();
2603
					}
2604
					$active_state[] = $module;
2605
					Jetpack::state( $state, implode( ',', $active_state ) );
2606
				}
2607
				continue;
2608
			}
2609
2610
			$file = Jetpack::get_module_path( $module );
2611
			if ( ! file_exists( $file ) ) {
2612
				continue;
2613
			}
2614
2615
			// we'll override this later if the plugin can be included without fatal error
2616
			if ( $redirect ) {
2617
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2618
			}
2619
2620
			if ( $send_state_messages ) {
2621
				Jetpack::state( 'error', 'module_activation_failed' );
2622
				Jetpack::state( 'module', $module );
2623
			}
2624
2625
			ob_start();
2626
			require $file;
2627
2628
			$active[] = $module;
2629
2630 View Code Duplication
			if ( $send_state_messages ) {
2631
2632
				$state    = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2633
				if ( $active_state = Jetpack::state( $state ) ) {
2634
					$active_state = explode( ',', $active_state );
2635
				} else {
2636
					$active_state = array();
2637
				}
2638
				$active_state[] = $module;
2639
				Jetpack::state( $state, implode( ',', $active_state ) );
2640
			}
2641
2642
			Jetpack::update_active_modules( $active );
2643
2644
			ob_end_clean();
2645
		}
2646
2647
		if ( $send_state_messages ) {
2648
			Jetpack::state( 'error', false );
2649
			Jetpack::state( 'module', false );
2650
		}
2651
2652
		Jetpack::catch_errors( false );
2653
		/**
2654
		 * Fires when default modules are activated.
2655
		 *
2656
		 * @since 1.9.0
2657
		 *
2658
		 * @param string $min_version Minimum version number required to use modules.
2659
		 * @param string $max_version Maximum version number required to use modules.
2660
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2661
		 */
2662
		do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
2663
	}
2664
2665
	public static function activate_module( $module, $exit = true, $redirect = true ) {
2666
		/**
2667
		 * Fires before a module is activated.
2668
		 *
2669
		 * @since 2.6.0
2670
		 *
2671
		 * @param string $module Module slug.
2672
		 * @param bool $exit Should we exit after the module has been activated. Default to true.
2673
		 * @param bool $redirect Should the user be redirected after module activation? Default to true.
2674
		 */
2675
		do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
2676
2677
		$jetpack = Jetpack::init();
2678
2679
		if ( ! strlen( $module ) )
2680
			return false;
2681
2682
		if ( ! Jetpack::is_module( $module ) )
2683
			return false;
2684
2685
		// If it's already active, then don't do it again
2686
		$active = Jetpack::get_active_modules();
2687
		foreach ( $active as $act ) {
2688
			if ( $act == $module )
2689
				return true;
2690
		}
2691
2692
		$module_data = Jetpack::get_module( $module );
2693
2694
		if ( ! Jetpack::is_active() ) {
2695
			if ( !Jetpack::is_development_mode() )
2696
				return false;
2697
2698
			// If we're not connected but in development mode, make sure the module doesn't require a connection
2699
			if ( Jetpack::is_development_mode() && $module_data['requires_connection'] )
2700
				return false;
2701
		}
2702
2703
		// Check and see if the old plugin is active
2704
		if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2705
			// Deactivate the old plugin
2706
			if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
2707
				// If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
2708
				// We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
2709
				Jetpack::state( 'deactivated_plugins', $module );
2710
				wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
2711
				exit;
2712
			}
2713
		}
2714
2715
		// Protect won't work with mis-configured IPs
2716
		if ( 'protect' === $module ) {
2717
			include_once JETPACK__PLUGIN_DIR . 'modules/protect/shared-functions.php';
2718
			if ( ! jetpack_protect_get_ip() ) {
2719
				Jetpack::state( 'message', 'protect_misconfigured_ip' );
2720
				return false;
2721
			}
2722
		}
2723
2724
		// Check the file for fatal errors, a la wp-admin/plugins.php::activate
2725
		Jetpack::state( 'module', $module );
2726
		Jetpack::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
2727
2728
		Jetpack::catch_errors( true );
2729
		ob_start();
2730
		require Jetpack::get_module_path( $module );
2731
		/** This action is documented in class.jetpack.php */
2732
		do_action( 'jetpack_activate_module', $module );
2733
		$active[] = $module;
2734
		Jetpack::update_active_modules( $active );
2735
2736
		Jetpack::state( 'error', false ); // the override
2737
		ob_end_clean();
2738
		Jetpack::catch_errors( false );
2739
2740
		// A flag for Jump Start so it's not shown again. Only set if it hasn't been yet.
2741 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2742
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2743
2744
			//Jump start is being dismissed send data to MC Stats
2745
			$jetpack->stat( 'jumpstart', 'manual,'.$module );
2746
2747
			$jetpack->do_stats( 'server_side' );
2748
		}
2749
2750
		if ( $redirect ) {
2751
			wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2752
		}
2753
		if ( $exit ) {
2754
			exit;
2755
		}
2756
		return true;
2757
	}
2758
2759
	function activate_module_actions( $module ) {
2760
		_deprecated_function( __METHOD__, 'jeptack-4.2' );
2761
	}
2762
2763
	public static function deactivate_module( $module ) {
2764
		/**
2765
		 * Fires when a module is deactivated.
2766
		 *
2767
		 * @since 1.9.0
2768
		 *
2769
		 * @param string $module Module slug.
2770
		 */
2771
		do_action( 'jetpack_pre_deactivate_module', $module );
2772
2773
		$jetpack = Jetpack::init();
2774
2775
		$active = Jetpack::get_active_modules();
2776
		$new    = array_filter( array_diff( $active, (array) $module ) );
2777
2778
		// A flag for Jump Start so it's not shown again.
2779 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2780
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2781
2782
			//Jump start is being dismissed send data to MC Stats
2783
			$jetpack->stat( 'jumpstart', 'manual,deactivated-'.$module );
2784
2785
			$jetpack->do_stats( 'server_side' );
2786
		}
2787
2788
		return self::update_active_modules( $new );
2789
	}
2790
2791
	public static function enable_module_configurable( $module ) {
2792
		$module = Jetpack::get_module_slug( $module );
2793
		add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
2794
	}
2795
2796
	public static function module_configuration_url( $module ) {
2797
		$module = Jetpack::get_module_slug( $module );
2798
		return Jetpack::admin_url( array( 'page' => 'jetpack', 'configure' => $module ) );
2799
	}
2800
2801
	public static function module_configuration_load( $module, $method ) {
2802
		$module = Jetpack::get_module_slug( $module );
2803
		add_action( 'jetpack_module_configuration_load_' . $module, $method );
2804
	}
2805
2806
	public static function module_configuration_head( $module, $method ) {
2807
		$module = Jetpack::get_module_slug( $module );
2808
		add_action( 'jetpack_module_configuration_head_' . $module, $method );
2809
	}
2810
2811
	public static function module_configuration_screen( $module, $method ) {
2812
		$module = Jetpack::get_module_slug( $module );
2813
		add_action( 'jetpack_module_configuration_screen_' . $module, $method );
2814
	}
2815
2816
	public static function module_configuration_activation_screen( $module, $method ) {
2817
		$module = Jetpack::get_module_slug( $module );
2818
		add_action( 'display_activate_module_setting_' . $module, $method );
2819
	}
2820
2821
/* Installation */
2822
2823
	public static function bail_on_activation( $message, $deactivate = true ) {
2824
?>
2825
<!doctype html>
2826
<html>
2827
<head>
2828
<meta charset="<?php bloginfo( 'charset' ); ?>">
2829
<style>
2830
* {
2831
	text-align: center;
2832
	margin: 0;
2833
	padding: 0;
2834
	font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
2835
}
2836
p {
2837
	margin-top: 1em;
2838
	font-size: 18px;
2839
}
2840
</style>
2841
<body>
2842
<p><?php echo esc_html( $message ); ?></p>
2843
</body>
2844
</html>
2845
<?php
2846
		if ( $deactivate ) {
2847
			$plugins = get_option( 'active_plugins' );
2848
			$jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
2849
			$update  = false;
2850
			foreach ( $plugins as $i => $plugin ) {
2851
				if ( $plugin === $jetpack ) {
2852
					$plugins[$i] = false;
2853
					$update = true;
2854
				}
2855
			}
2856
2857
			if ( $update ) {
2858
				update_option( 'active_plugins', array_filter( $plugins ) );
2859
			}
2860
		}
2861
		exit;
2862
	}
2863
2864
	/**
2865
	 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
2866
	 * @static
2867
	 */
2868
	public static function plugin_activation( $network_wide ) {
2869
		Jetpack_Options::update_option( 'activated', 1 );
2870
2871
		if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
2872
			Jetpack::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
2873
		}
2874
2875
		if ( $network_wide )
2876
			Jetpack::state( 'network_nag', true );
2877
2878
		// For firing one-off events (notices) immediately after activation
2879
		set_transient( 'activated_jetpack', true, .1 * MINUTE_IN_SECONDS );
2880
2881
		Jetpack::plugin_initialize();
2882
	}
2883
	/**
2884
	 * Runs before bumping version numbers up to a new version
2885
	 * @param  string $version    Version:timestamp
2886
	 * @param  string $old_version Old Version:timestamp or false if not set yet.
2887
	 * @return null              [description]
2888
	 */
2889
	public static function do_version_bump( $version, $old_version ) {
2890
2891
		if ( ! $old_version ) { // For new sites
2892
			// Setting up jetpack manage
2893
			Jetpack::activate_manage();
2894
		}
2895
	}
2896
2897
	/**
2898
	 * Sets the internal version number and activation state.
2899
	 * @static
2900
	 */
2901
	public static function plugin_initialize() {
2902
		if ( ! Jetpack_Options::get_option( 'activated' ) ) {
2903
			Jetpack_Options::update_option( 'activated', 2 );
2904
		}
2905
2906 View Code Duplication
		if ( ! Jetpack_Options::get_option( 'version' ) ) {
2907
			$version = $old_version = JETPACK__VERSION . ':' . time();
2908
			/** This action is documented in class.jetpack.php */
2909
			do_action( 'updating_jetpack_version', $version, false );
2910
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2911
		}
2912
2913
		Jetpack::load_modules();
2914
2915
		Jetpack_Options::delete_option( 'do_activate' );
2916
		Jetpack_Options::delete_option( 'dismissed_connection_banner' );
2917
	}
2918
2919
	/**
2920
	 * Removes all connection options
2921
	 * @static
2922
	 */
2923
	public static function plugin_deactivation( ) {
2924
		require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
2925
		if( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
2926
			Jetpack_Network::init()->deactivate();
2927
		} else {
2928
			Jetpack::disconnect( false );
2929
			//Jetpack_Heartbeat::init()->deactivate();
2930
		}
2931
	}
2932
2933
	/**
2934
	 * Disconnects from the Jetpack servers.
2935
	 * Forgets all connection details and tells the Jetpack servers to do the same.
2936
	 * @static
2937
	 */
2938
	public static function disconnect( $update_activated_state = true ) {
2939
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
2940
		Jetpack::clean_nonces( true );
2941
2942
		// If the site is in an IDC because sync is not allowed,
2943
		// let's make sure to not disconnect the production site.
2944
		if ( ! self::validate_sync_error_idc_option() ) {
2945
			JetpackTracking::record_user_event( 'disconnect_site', array() );
2946
			Jetpack::load_xml_rpc_client();
2947
			$xml = new Jetpack_IXR_Client();
2948
			$xml->query( 'jetpack.deregister' );
2949
		}
2950
2951
		Jetpack_Options::delete_option(
2952
			array(
2953
				'blog_token',
2954
				'user_token',
2955
				'user_tokens',
2956
				'master_user',
2957
				'time_diff',
2958
				'fallback_no_verify_ssl_certs',
2959
			)
2960
		);
2961
2962
		Jetpack_IDC::clear_all_idc_options();
2963
		Jetpack_Options::delete_raw_option( 'jetpack_secrets' );
2964
2965
		if ( $update_activated_state ) {
2966
			Jetpack_Options::update_option( 'activated', 4 );
2967
		}
2968
2969
		if ( $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' ) ) {
2970
			// Check then record unique disconnection if site has never been disconnected previously
2971
			if ( - 1 == $jetpack_unique_connection['disconnected'] ) {
2972
				$jetpack_unique_connection['disconnected'] = 1;
2973
			} else {
2974
				if ( 0 == $jetpack_unique_connection['disconnected'] ) {
2975
					//track unique disconnect
2976
					$jetpack = Jetpack::init();
2977
2978
					$jetpack->stat( 'connections', 'unique-disconnect' );
2979
					$jetpack->do_stats( 'server_side' );
2980
				}
2981
				// increment number of times disconnected
2982
				$jetpack_unique_connection['disconnected'] += 1;
2983
			}
2984
2985
			Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
2986
		}
2987
2988
		// Delete cached connected user data
2989
		$transient_key = "jetpack_connected_user_data_" . get_current_user_id();
2990
		delete_transient( $transient_key );
2991
2992
		// Delete all the sync related data. Since it could be taking up space.
2993
		require_once JETPACK__PLUGIN_DIR . 'sync/class.jetpack-sync-sender.php';
2994
		Jetpack_Sync_Sender::get_instance()->uninstall();
2995
2996
		// Disable the Heartbeat cron
2997
		Jetpack_Heartbeat::init()->deactivate();
2998
	}
2999
3000
	/**
3001
	 * Unlinks the current user from the linked WordPress.com user
3002
	 */
3003
	public static function unlink_user( $user_id = null ) {
3004
		if ( ! $tokens = Jetpack_Options::get_option( 'user_tokens' ) )
3005
			return false;
3006
3007
		$user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id );
3008
3009
		if ( Jetpack_Options::get_option( 'master_user' ) == $user_id )
3010
			return false;
3011
3012
		if ( ! isset( $tokens[ $user_id ] ) )
3013
			return false;
3014
3015
		Jetpack::load_xml_rpc_client();
3016
		$xml = new Jetpack_IXR_Client( compact( 'user_id' ) );
3017
		$xml->query( 'jetpack.unlink_user', $user_id );
3018
3019
		unset( $tokens[ $user_id ] );
3020
3021
		Jetpack_Options::update_option( 'user_tokens', $tokens );
3022
3023
		/**
3024
		 * Fires after the current user has been unlinked from WordPress.com.
3025
		 *
3026
		 * @since 4.1.0
3027
		 *
3028
		 * @param int $user_id The current user's ID.
3029
		 */
3030
		do_action( 'jetpack_unlinked_user', $user_id );
3031
3032
		return true;
3033
	}
3034
3035
	/**
3036
	 * Attempts Jetpack registration.  If it fail, a state flag is set: @see ::admin_page_load()
3037
	 */
3038
	public static function try_registration() {
3039
		// Let's get some testing in beta versions and such.
3040
		if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
3041
			// Before attempting to connect, let's make sure that the domains are viable.
3042
			$domains_to_check = array_unique( array(
3043
				'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),
3044
				'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),
3045
			) );
3046
			foreach ( $domains_to_check as $domain ) {
3047
				$result = Jetpack_Data::is_usable_domain( $domain );
3048
				if ( is_wp_error( $result ) ) {
3049
					return $result;
3050
				}
3051
			}
3052
		}
3053
3054
		$result = Jetpack::register();
3055
3056
		// If there was an error with registration and the site was not registered, record this so we can show a message.
3057
		if ( ! $result || is_wp_error( $result ) ) {
3058
			return $result;
3059
		} else {
3060
			return true;
3061
		}
3062
	}
3063
3064
	/**
3065
	 * Tracking an internal event log. Try not to put too much chaff in here.
3066
	 *
3067
	 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
3068
	 */
3069
	public static function log( $code, $data = null ) {
3070
		// only grab the latest 200 entries
3071
		$log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
3072
3073
		// Append our event to the log
3074
		$log_entry = array(
3075
			'time'    => time(),
3076
			'user_id' => get_current_user_id(),
3077
			'blog_id' => Jetpack_Options::get_option( 'id' ),
3078
			'code'    => $code,
3079
		);
3080
		// Don't bother storing it unless we've got some.
3081
		if ( ! is_null( $data ) ) {
3082
			$log_entry['data'] = $data;
3083
		}
3084
		$log[] = $log_entry;
3085
3086
		// Try add_option first, to make sure it's not autoloaded.
3087
		// @todo: Add an add_option method to Jetpack_Options
3088
		if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
3089
			Jetpack_Options::update_option( 'log', $log );
3090
		}
3091
3092
		/**
3093
		 * Fires when Jetpack logs an internal event.
3094
		 *
3095
		 * @since 3.0.0
3096
		 *
3097
		 * @param array $log_entry {
3098
		 *	Array of details about the log entry.
3099
		 *
3100
		 *	@param string time Time of the event.
3101
		 *	@param int user_id ID of the user who trigerred the event.
3102
		 *	@param int blog_id Jetpack Blog ID.
3103
		 *	@param string code Unique name for the event.
3104
		 *	@param string data Data about the event.
3105
		 * }
3106
		 */
3107
		do_action( 'jetpack_log_entry', $log_entry );
3108
	}
3109
3110
	/**
3111
	 * Get the internal event log.
3112
	 *
3113
	 * @param $event (string) - only return the specific log events
3114
	 * @param $num   (int)    - get specific number of latest results, limited to 200
3115
	 *
3116
	 * @return array of log events || WP_Error for invalid params
3117
	 */
3118
	public static function get_log( $event = false, $num = false ) {
3119
		if ( $event && ! is_string( $event ) ) {
3120
			return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
3121
		}
3122
3123
		if ( $num && ! is_numeric( $num ) ) {
3124
			return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
3125
		}
3126
3127
		$entire_log = Jetpack_Options::get_option( 'log', array() );
3128
3129
		// If nothing set - act as it did before, otherwise let's start customizing the output
3130
		if ( ! $num && ! $event ) {
3131
			return $entire_log;
3132
		} else {
3133
			$entire_log = array_reverse( $entire_log );
3134
		}
3135
3136
		$custom_log_output = array();
3137
3138
		if ( $event ) {
3139
			foreach ( $entire_log as $log_event ) {
3140
				if ( $event == $log_event[ 'code' ] ) {
3141
					$custom_log_output[] = $log_event;
3142
				}
3143
			}
3144
		} else {
3145
			$custom_log_output = $entire_log;
3146
		}
3147
3148
		if ( $num ) {
3149
			$custom_log_output = array_slice( $custom_log_output, 0, $num );
3150
		}
3151
3152
		return $custom_log_output;
3153
	}
3154
3155
	/**
3156
	 * Log modification of important settings.
3157
	 */
3158
	public static function log_settings_change( $option, $old_value, $value ) {
3159
		switch( $option ) {
3160
			case 'jetpack_sync_non_public_post_stati':
3161
				self::log( $option, $value );
3162
				break;
3163
		}
3164
	}
3165
3166
	/**
3167
	 * Return stat data for WPCOM sync
3168
	 */
3169
	public static function get_stat_data( $encode = true, $extended = true ) {
3170
		$data = Jetpack_Heartbeat::generate_stats_array();
3171
3172
		if ( $extended ) {
3173
			$additional_data = self::get_additional_stat_data();
3174
			$data = array_merge( $data, $additional_data );
3175
		}
3176
3177
		if ( $encode ) {
3178
			return json_encode( $data );
3179
		}
3180
3181
		return $data;
3182
	}
3183
3184
	/**
3185
	 * Get additional stat data to sync to WPCOM
3186
	 */
3187
	public static function get_additional_stat_data( $prefix = '' ) {
3188
		$return["{$prefix}themes"]         = Jetpack::get_parsed_theme_data();
3189
		$return["{$prefix}plugins-extra"]  = Jetpack::get_parsed_plugin_data();
3190
		$return["{$prefix}users"]          = (int) Jetpack::get_site_user_count();
3191
		$return["{$prefix}site-count"]     = 0;
3192
3193
		if ( function_exists( 'get_blog_count' ) ) {
3194
			$return["{$prefix}site-count"] = get_blog_count();
3195
		}
3196
		return $return;
3197
	}
3198
3199
	private static function get_site_user_count() {
3200
		global $wpdb;
3201
3202
		if ( function_exists( 'wp_is_large_network' ) ) {
3203
			if ( wp_is_large_network( 'users' ) ) {
3204
				return -1; // Not a real value but should tell us that we are dealing with a large network.
3205
			}
3206
		}
3207 View Code Duplication
		if ( false === ( $user_count = get_transient( 'jetpack_site_user_count' ) ) ) {
3208
			// It wasn't there, so regenerate the data and save the transient
3209
			$user_count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities'" );
3210
			set_transient( 'jetpack_site_user_count', $user_count, DAY_IN_SECONDS );
3211
		}
3212
		return $user_count;
3213
	}
3214
3215
	/* Admin Pages */
3216
3217
	function admin_init() {
3218
		// If the plugin is not connected, display a connect message.
3219
		if (
3220
			// the plugin was auto-activated and needs its candy
3221
			Jetpack_Options::get_option_and_ensure_autoload( 'do_activate', '0' )
3222
		||
3223
			// the plugin is active, but was never activated.  Probably came from a site-wide network activation
3224
			! Jetpack_Options::get_option( 'activated' )
3225
		) {
3226
			Jetpack::plugin_initialize();
3227
		}
3228
3229
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
3230
			Jetpack_Connection_Banner::init();
3231
		} elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3232
			// Upgrade: 1.1 -> 1.1.1
3233
			// Check and see if host can verify the Jetpack servers' SSL certificate
3234
			$args = array();
3235
			Jetpack_Client::_wp_remote_request(
3236
				Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'test' ) ),
3237
				$args,
3238
				true
3239
			);
3240
		} else if ( $this->can_display_jetpack_manage_notice() && ! Jetpack_Options::get_option( 'dismissed_manage_banner' ) ) {
3241
			// Show the notice on the Dashboard only for now
3242
			add_action( 'load-index.php', array( $this, 'prepare_manage_jetpack_notice' ) );
3243
		}
3244
3245
		if ( current_user_can( 'manage_options' ) && 'AUTO' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3246
			add_action( 'jetpack_notices', array( $this, 'alert_auto_ssl_fail' ) );
3247
		}
3248
3249
		add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3250
		add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3251
		add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3252
3253
		if ( Jetpack::is_active() || Jetpack::is_development_mode() ) {
3254
			// Artificially throw errors in certain whitelisted cases during plugin activation
3255
			add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3256
		}
3257
3258
		// Jetpack Manage Activation Screen from .com
3259
		Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
3260
3261
		// Add custom column in wp-admin/users.php to show whether user is linked.
3262
		add_filter( 'manage_users_columns',       array( $this, 'jetpack_icon_user_connected' ) );
3263
		add_action( 'manage_users_custom_column', array( $this, 'jetpack_show_user_connected_icon' ), 10, 3 );
3264
		add_action( 'admin_print_styles',         array( $this, 'jetpack_user_col_style' ) );
3265
	}
3266
3267
	function admin_body_class( $admin_body_class = '' ) {
3268
		$classes = explode( ' ', trim( $admin_body_class ) );
3269
3270
		$classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3271
3272
		$admin_body_class = implode( ' ', array_unique( $classes ) );
3273
		return " $admin_body_class ";
3274
	}
3275
3276
	static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3277
		return $admin_body_class . ' jetpack-pagestyles ';
3278
	}
3279
3280
	/**
3281
	 * Call this function if you want the Big Jetpack Manage Notice to show up.
3282
	 *
3283
	 * @return null
3284
	 */
3285
	function prepare_manage_jetpack_notice() {
3286
3287
		add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) );
3288
		add_action( 'admin_notices', array( $this, 'admin_jetpack_manage_notice' ) );
3289
	}
3290
3291
	function manage_activate_screen() {
3292
		include ( JETPACK__PLUGIN_DIR . 'modules/manage/activate-admin.php' );
3293
	}
3294
	/**
3295
	 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3296
	 * This function artificially throws errors for such cases (whitelisted).
3297
	 *
3298
	 * @param string $plugin The activated plugin.
3299
	 */
3300
	function throw_error_on_activate_plugin( $plugin ) {
3301
		$active_modules = Jetpack::get_active_modules();
3302
3303
		// The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3304
		if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3305
			$throw = false;
3306
3307
			// Try and make sure it really was the stats plugin
3308
			if ( ! class_exists( 'ReflectionFunction' ) ) {
3309
				if ( 'stats.php' == basename( $plugin ) ) {
3310
					$throw = true;
3311
				}
3312
			} else {
3313
				$reflection = new ReflectionFunction( 'stats_get_api_key' );
3314
				if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3315
					$throw = true;
3316
				}
3317
			}
3318
3319
			if ( $throw ) {
3320
				trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3321
			}
3322
		}
3323
	}
3324
3325
	function intercept_plugin_error_scrape_init() {
3326
		add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3327
	}
3328
3329
	function intercept_plugin_error_scrape( $action, $result ) {
3330
		if ( ! $result ) {
3331
			return;
3332
		}
3333
3334
		foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3335
			if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3336
				Jetpack::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3337
			}
3338
		}
3339
	}
3340
3341
	function add_remote_request_handlers() {
3342
		add_action( 'wp_ajax_nopriv_jetpack_upload_file', array( $this, 'remote_request_handlers' ) );
3343
		add_action( 'wp_ajax_nopriv_jetpack_update_file', array( $this, 'remote_request_handlers' ) );
3344
	}
3345
3346
	function remote_request_handlers() {
3347
		$action = current_filter();
3348
3349
		switch ( current_filter() ) {
3350
		case 'wp_ajax_nopriv_jetpack_upload_file' :
3351
			$response = $this->upload_handler();
3352
			break;
3353
3354
		case 'wp_ajax_nopriv_jetpack_update_file' :
3355
			$response = $this->upload_handler( true );
3356
			break;
3357
		default :
3358
			$response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
3359
			break;
3360
		}
3361
3362
		if ( ! $response ) {
3363
			$response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
3364
		}
3365
3366
		if ( is_wp_error( $response ) ) {
3367
			$status_code       = $response->get_error_data();
3368
			$error             = $response->get_error_code();
3369
			$error_description = $response->get_error_message();
3370
3371
			if ( ! is_int( $status_code ) ) {
3372
				$status_code = 400;
3373
			}
3374
3375
			status_header( $status_code );
3376
			die( json_encode( (object) compact( 'error', 'error_description' ) ) );
3377
		}
3378
3379
		status_header( 200 );
3380
		if ( true === $response ) {
3381
			exit;
3382
		}
3383
3384
		die( json_encode( (object) $response ) );
3385
	}
3386
3387
	/**
3388
	 * Uploads a file gotten from the global $_FILES.
3389
	 * If `$update_media_item` is true and `post_id` is defined
3390
	 * the attachment file of the media item (gotten through of the post_id)
3391
	 * will be updated instead of add a new one.
3392
	 *
3393
	 * @param  boolean $update_media_item - update media attachment
3394
	 * @return array - An array describing the uploadind files process
3395
	 */
3396
	function upload_handler( $update_media_item = false ) {
3397
		if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3398
			return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
3399
		}
3400
3401
		$user = wp_authenticate( '', '' );
3402
		if ( ! $user || is_wp_error( $user ) ) {
3403
			return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
3404
		}
3405
3406
		wp_set_current_user( $user->ID );
3407
3408
		if ( ! current_user_can( 'upload_files' ) ) {
3409
			return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
3410
		}
3411
3412
		if ( empty( $_FILES ) ) {
3413
			return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
3414
		}
3415
3416
		foreach ( array_keys( $_FILES ) as $files_key ) {
3417
			if ( ! isset( $_POST["_jetpack_file_hmac_{$files_key}"] ) ) {
3418
				return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
3419
			}
3420
		}
3421
3422
		$media_keys = array_keys( $_FILES['media'] );
3423
3424
		$token = Jetpack_Data::get_access_token( get_current_user_id() );
3425
		if ( ! $token || is_wp_error( $token ) ) {
3426
			return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
3427
		}
3428
3429
		$uploaded_files = array();
3430
		$global_post    = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3431
		unset( $GLOBALS['post'] );
3432
		foreach ( $_FILES['media']['name'] as $index => $name ) {
3433
			$file = array();
3434
			foreach ( $media_keys as $media_key ) {
3435
				$file[$media_key] = $_FILES['media'][$media_key][$index];
3436
			}
3437
3438
			list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][$index] );
3439
3440
			$hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3441
			if ( $hmac_provided !== $hmac_file ) {
3442
				$uploaded_files[$index] = (object) array( 'error' => 'invalid_hmac', 'error_description' => 'The corresponding HMAC for this file does not match' );
3443
				continue;
3444
			}
3445
3446
			$_FILES['.jetpack.upload.'] = $file;
3447
			$post_id = isset( $_POST['post_id'][$index] ) ? absint( $_POST['post_id'][$index] ) : 0;
3448
			if ( ! current_user_can( 'edit_post', $post_id ) ) {
3449
				$post_id = 0;
3450
			}
3451
3452
			if ( $update_media_item ) {
3453
				if ( ! isset( $post_id ) || $post_id === 0 ) {
3454
					return new Jetpack_Error( 'invalid_input', 'Media ID must be defined.', 400 );
3455
				}
3456
3457
				$media_array = $_FILES['media'];
3458
3459
				$file_array['name'] = $media_array['name'][0];
3460
				$file_array['type'] = $media_array['type'][0];
3461
				$file_array['tmp_name'] = $media_array['tmp_name'][0];
3462
				$file_array['error'] = $media_array['error'][0];
3463
				$file_array['size'] = $media_array['size'][0];
3464
3465
				$edited_media_item = Jetpack_Media::edit_media_file( $post_id, $file_array );
3466
3467
				if ( is_wp_error( $edited_media_item ) ) {
3468
					return $edited_media_item;
3469
				}
3470
3471
				$response = (object) array(
3472
					'id'   => (string) $post_id,
3473
					'file' => (string) $edited_media_item->post_title,
3474
					'url'  => (string) wp_get_attachment_url( $post_id ),
3475
					'type' => (string) $edited_media_item->post_mime_type,
3476
					'meta' => (array) wp_get_attachment_metadata( $post_id ),
3477
				);
3478
3479
				return (array) array( $response );
3480
			}
3481
3482
			$attachment_id = media_handle_upload(
3483
				'.jetpack.upload.',
3484
				$post_id,
3485
				array(),
3486
				array(
3487
					'action' => 'jetpack_upload_file',
3488
				)
3489
			);
3490
3491
			if ( ! $attachment_id ) {
3492
				$uploaded_files[$index] = (object) array( 'error' => 'unknown', 'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site' );
3493
			} elseif ( is_wp_error( $attachment_id ) ) {
3494
				$uploaded_files[$index] = (object) array( 'error' => 'attachment_' . $attachment_id->get_error_code(), 'error_description' => $attachment_id->get_error_message() );
3495
			} else {
3496
				$attachment = get_post( $attachment_id );
3497
				$uploaded_files[$index] = (object) array(
3498
					'id'   => (string) $attachment_id,
3499
					'file' => $attachment->post_title,
3500
					'url'  => wp_get_attachment_url( $attachment_id ),
3501
					'type' => $attachment->post_mime_type,
3502
					'meta' => wp_get_attachment_metadata( $attachment_id ),
3503
				);
3504
				// Zip files uploads are not supported unless they are done for installation purposed
3505
				// lets delete them in case something goes wrong in this whole process
3506
				if ( 'application/zip' === $attachment->post_mime_type ) {
3507
					// Schedule a cleanup for 2 hours from now in case of failed install.
3508
					wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $attachment_id ) );
3509
				}
3510
			}
3511
		}
3512
		if ( ! is_null( $global_post ) ) {
3513
			$GLOBALS['post'] = $global_post;
3514
		}
3515
3516
		return $uploaded_files;
3517
	}
3518
3519
	/**
3520
	 * Add help to the Jetpack page
3521
	 *
3522
	 * @since Jetpack (1.2.3)
3523
	 * @return false if not the Jetpack page
3524
	 */
3525
	function admin_help() {
3526
		$current_screen = get_current_screen();
3527
3528
		// Overview
3529
		$current_screen->add_help_tab(
3530
			array(
3531
				'id'		=> 'home',
3532
				'title'		=> __( 'Home', 'jetpack' ),
3533
				'content'	=>
3534
					'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3535
					'<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3536
					'<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3537
			)
3538
		);
3539
3540
		// Screen Content
3541
		if ( current_user_can( 'manage_options' ) ) {
3542
			$current_screen->add_help_tab(
3543
				array(
3544
					'id'		=> 'settings',
3545
					'title'		=> __( 'Settings', 'jetpack' ),
3546
					'content'	=>
3547
						'<p><strong>' . __( 'Jetpack by WordPress.com',                                              'jetpack' ) . '</strong></p>' .
3548
						'<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3549
						'<ol>' .
3550
							'<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.',														'jetpack' ) . '</li>' .
3551
							'<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.',	'jetpack' ) . '</li>' .
3552
						'</ol>' .
3553
						'<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>'
3554
				)
3555
			);
3556
		}
3557
3558
		// Help Sidebar
3559
		$current_screen->set_help_sidebar(
3560
			'<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3561
			'<p><a href="https://jetpack.com/faq/" target="_blank">'     . __( 'Jetpack FAQ',     'jetpack' ) . '</a></p>' .
3562
			'<p><a href="https://jetpack.com/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3563
			'<p><a href="' . Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) .'">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3564
		);
3565
	}
3566
3567
	function admin_menu_css() {
3568
		wp_enqueue_style( 'jetpack-icons' );
3569
	}
3570
3571
	function admin_menu_order() {
3572
		return true;
3573
	}
3574
3575 View Code Duplication
	function jetpack_menu_order( $menu_order ) {
3576
		$jp_menu_order = array();
3577
3578
		foreach ( $menu_order as $index => $item ) {
3579
			if ( $item != 'jetpack' ) {
3580
				$jp_menu_order[] = $item;
3581
			}
3582
3583
			if ( $index == 0 ) {
3584
				$jp_menu_order[] = 'jetpack';
3585
			}
3586
		}
3587
3588
		return $jp_menu_order;
3589
	}
3590
3591
	function admin_head() {
3592 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) )
3593
			/** This action is documented in class.jetpack-admin-page.php */
3594
			do_action( 'jetpack_module_configuration_head_' . $_GET['configure'] );
3595
	}
3596
3597
	function admin_banner_styles() {
3598
		$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3599
3600 View Code Duplication
		if ( ! wp_style_is( 'jetpack-dops-style' ) ) {
3601
			wp_register_style(
3602
				'jetpack-dops-style',
3603
				plugins_url( '_inc/build/admin.dops-style.css', JETPACK__PLUGIN_FILE ),
3604
				array(),
3605
				JETPACK__VERSION
3606
			);
3607
		}
3608
3609
		wp_enqueue_style(
3610
			'jetpack',
3611
			plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ),
3612
			array( 'jetpack-dops-style' ),
3613
			 JETPACK__VERSION . '-20121016'
3614
		);
3615
		wp_style_add_data( 'jetpack', 'rtl', 'replace' );
3616
		wp_style_add_data( 'jetpack', 'suffix', $min );
3617
	}
3618
3619
	function plugin_action_links( $actions ) {
3620
3621
		$jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack' ), __( 'Jetpack', 'jetpack' ) ) );
3622
3623
		if( current_user_can( 'jetpack_manage_modules' ) && ( Jetpack::is_active() || Jetpack::is_development_mode() ) ) {
3624
			return array_merge(
3625
				$jetpack_home,
3626
				array( 'settings' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack#/settings' ), __( 'Settings', 'jetpack' ) ) ),
3627
				array( 'support' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack-debugger '), __( 'Support', 'jetpack' ) ) ),
3628
				$actions
3629
				);
3630
			}
3631
3632
		return array_merge( $jetpack_home, $actions );
3633
	}
3634
3635
	/**
3636
	 * This is the first banner
3637
	 * It should be visible only to user that can update the option
3638
	 * Are not connected
3639
	 *
3640
	 * @return null
3641
	 */
3642
	function admin_jetpack_manage_notice() {
3643
		$screen = get_current_screen();
3644
3645
		// Don't show the connect notice on the jetpack settings page.
3646
		if ( ! in_array( $screen->base, array( 'dashboard' ) ) || $screen->is_network || $screen->action ) {
3647
			return;
3648
		}
3649
3650
		$opt_out_url = $this->opt_out_jetpack_manage_url();
3651
		$opt_in_url  = $this->opt_in_jetpack_manage_url();
3652
		/**
3653
		 * I think it would be great to have different wordsing depending on where you are
3654
		 * for example if we show the notice on dashboard and a different one if we show it on Plugins screen
3655
		 * etc..
3656
		 */
3657
3658
		?>
3659
		<div id="message" class="updated jp-banner">
3660
				<a href="<?php echo esc_url( $opt_out_url ); ?>" class="notice-dismiss" title="<?php esc_attr_e( 'Dismiss this notice', 'jetpack' ); ?>"></a>
3661
				<div class="jp-banner__description-container">
3662
					<h2 class="jp-banner__header"><?php esc_html_e( 'Jetpack Centralized Site Management', 'jetpack' ); ?></h2>
3663
					<p class="jp-banner__description"><?php printf( __( 'Manage multiple Jetpack enabled sites from one single dashboard at wordpress.com. Allows all existing, connected Administrators to modify your site.', 'jetpack' ), 'https://jetpack.com/support/site-management' ); ?></p>
3664
					<p class="jp-banner__button-container">
3665
						<a href="<?php echo esc_url( $opt_in_url ); ?>" class="button button-primary" id="wpcom-connect"><?php _e( 'Activate Jetpack Manage', 'jetpack' ); ?></a>
3666
						<a href="https://jetpack.com/support/site-management" class="button" target="_blank" title="<?php esc_attr_e( 'Learn more about Jetpack Manage on Jetpack.com', 'jetpack' ); ?>"><?php _e( 'Learn more', 'jetpack' ); ?></a>
3667
					</p>
3668
				</div>
3669
		</div>
3670
		<?php
3671
	}
3672
3673
	/**
3674
	 * Returns the url that the user clicks to remove the notice for the big banner
3675
	 * @return string
3676
	 */
3677
	function opt_out_jetpack_manage_url() {
3678
		$referer = '&_wp_http_referer=' . add_query_arg( '_wp_http_referer', null );
3679
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-out' . $referer ), 'jetpack_manage_banner_opt_out' );
3680
	}
3681
	/**
3682
	 * Returns the url that the user clicks to opt in to Jetpack Manage
3683
	 * @return string
3684
	 */
3685
	function opt_in_jetpack_manage_url() {
3686
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-in' ), 'jetpack_manage_banner_opt_in' );
3687
	}
3688
3689
	function opt_in_jetpack_manage_notice() {
3690
		?>
3691
		<div class="wrap">
3692
			<div id="message" class="jetpack-message is-opt-in">
3693
				<?php echo sprintf( __( '<p><a href="%1$s" title="Opt in to WordPress.com Site Management" >Activate Site Management</a> to manage multiple sites from our centralized dashboard at wordpress.com/sites. <a href="%2$s" target="_blank">Learn more</a>.</p><a href="%1$s" class="jp-button">Activate Now</a>', 'jetpack' ), $this->opt_in_jetpack_manage_url(), 'https://jetpack.com/support/site-management' ); ?>
3694
			</div>
3695
		</div>
3696
		<?php
3697
3698
	}
3699
	/**
3700
	 * Determines whether to show the notice of not true = display notice
3701
	 * @return bool
3702
	 */
3703
	function can_display_jetpack_manage_notice() {
3704
		// never display the notice to users that can't do anything about it anyways
3705
		if( ! current_user_can( 'jetpack_manage_modules' ) )
3706
			return false;
3707
3708
		// don't display if we are in development more
3709
		if( Jetpack::is_development_mode() ) {
3710
			return false;
3711
		}
3712
		// don't display if the site is private
3713
		if(  ! Jetpack_Options::get_option( 'public' ) )
3714
			return false;
3715
3716
		/**
3717
		 * Should the Jetpack Remote Site Management notice be displayed.
3718
		 *
3719
		 * @since 3.3.0
3720
		 *
3721
		 * @param bool ! self::is_module_active( 'manage' ) Is the Manage module inactive.
3722
		 */
3723
		return apply_filters( 'can_display_jetpack_manage_notice', ! self::is_module_active( 'manage' ) );
3724
	}
3725
3726
	/*
3727
	 * Registration flow:
3728
	 * 1 - ::admin_page_load() action=register
3729
	 * 2 - ::try_registration()
3730
	 * 3 - ::register()
3731
	 *     - Creates jetpack_register option containing two secrets and a timestamp
3732
	 *     - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
3733
	 *       siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
3734
	 *     - That request to jetpack.wordpress.com does not immediately respond.  It first makes a request BACK to this site's
3735
	 *       xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
3736
	 *     - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
3737
	 *     - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
3738
	 *       jetpack_id, jetpack_secret, jetpack_public
3739
	 *     - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
3740
	 * 4 - redirect to https://wordpress.com/start/jetpack-connect
3741
	 * 5 - user logs in with WP.com account
3742
	 * 6 - remote request to this site's xmlrpc.php with action remoteAuthorize, Jetpack_XMLRPC_Server->remote_authorize
3743
	 *		- Jetpack_Client_Server::authorize()
3744
	 *		- Jetpack_Client_Server::get_token()
3745
	 *		- GET https://jetpack.wordpress.com/jetpack.token/1/ with
3746
	 *        client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
3747
	 *			- which responds with access_token, token_type, scope
3748
	 *		- Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id
3749
	 *		- Jetpack::activate_default_modules()
3750
	 *     		- Deactivates deprecated plugins
3751
	 *     		- Activates all default modules
3752
	 *		- Responds with either error, or 'connected' for new connection, or 'linked' for additional linked users
3753
	 * 7 - For a new connection, user selects a Jetpack plan on wordpress.com
3754
	 * 8 - User is redirected back to wp-admin/index.php?page=jetpack with state:message=authorized
3755
	 *     Done!
3756
	 */
3757
3758
	/**
3759
	 * Handles the page load events for the Jetpack admin page
3760
	 */
3761
	function admin_page_load() {
3762
		$error = false;
3763
3764
		// Make sure we have the right body class to hook stylings for subpages off of.
3765
		add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ) );
3766
3767
		if ( ! empty( $_GET['jetpack_restate'] ) ) {
3768
			// Should only be used in intermediate redirects to preserve state across redirects
3769
			Jetpack::restate();
3770
		}
3771
3772
		if ( isset( $_GET['connect_url_redirect'] ) ) {
3773
			// User clicked in the iframe to link their accounts
3774
			if ( ! Jetpack::is_user_connected() ) {
3775
				$connect_url = $this->build_connect_url( true, false, 'iframe' );
3776
				if ( isset( $_GET['notes_iframe'] ) )
3777
					$connect_url .= '&notes_iframe';
3778
				wp_redirect( $connect_url );
3779
				exit;
3780
			} else {
3781
				if ( ! isset( $_GET['calypso_env'] ) ) {
3782
					Jetpack::state( 'message', 'already_authorized' );
3783
					wp_safe_redirect( Jetpack::admin_url() );
3784
				} else {
3785
					$connect_url = $this->build_connect_url( true, false, 'iframe' );
3786
					$connect_url .= '&already_authorized=true';
3787
					wp_redirect( $connect_url );
3788
				}
3789
			}
3790
		}
3791
3792
3793
		if ( isset( $_GET['action'] ) ) {
3794
			switch ( $_GET['action'] ) {
3795
			case 'authorize':
3796
				if ( Jetpack::is_active() && Jetpack::is_user_connected() ) {
3797
					Jetpack::state( 'message', 'already_authorized' );
3798
					wp_safe_redirect( Jetpack::admin_url() );
3799
					exit;
3800
				}
3801
				Jetpack::log( 'authorize' );
3802
				$client_server = new Jetpack_Client_Server;
3803
				$client_server->client_authorize();
3804
				exit;
3805
			case 'register' :
3806
				if ( ! current_user_can( 'jetpack_connect' ) ) {
3807
					$error = 'cheatin';
3808
					break;
3809
				}
3810
				check_admin_referer( 'jetpack-register' );
3811
				Jetpack::log( 'register' );
3812
				Jetpack::maybe_set_version_option();
3813
				$registered = Jetpack::try_registration();
3814
				if ( is_wp_error( $registered ) ) {
3815
					$error = $registered->get_error_code();
3816
					Jetpack::state( 'error', $error );
3817
					Jetpack::state( 'error', $registered->get_error_message() );
3818
					break;
3819
				}
3820
3821
				$from = isset( $_GET['from'] ) ? $_GET['from'] : false;
3822
				$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : false;
3823
3824
				wp_redirect( $this->build_connect_url( true, $redirect, $from ) );
3825
				exit;
3826
			case 'activate' :
3827
				if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
3828
					$error = 'cheatin';
3829
					break;
3830
				}
3831
3832
				$module = stripslashes( $_GET['module'] );
3833
				check_admin_referer( "jetpack_activate-$module" );
3834
				Jetpack::log( 'activate', $module );
3835
				Jetpack::activate_module( $module );
3836
				// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
3837
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3838
				exit;
3839
			case 'activate_default_modules' :
3840
				check_admin_referer( 'activate_default_modules' );
3841
				Jetpack::log( 'activate_default_modules' );
3842
				Jetpack::restate();
3843
				$min_version   = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
3844
				$max_version   = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
3845
				$other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
3846
				Jetpack::activate_default_modules( $min_version, $max_version, $other_modules );
3847
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3848
				exit;
3849
			case 'disconnect' :
3850
				if ( ! current_user_can( 'jetpack_disconnect' ) ) {
3851
					$error = 'cheatin';
3852
					break;
3853
				}
3854
3855
				check_admin_referer( 'jetpack-disconnect' );
3856
				Jetpack::log( 'disconnect' );
3857
				Jetpack::disconnect();
3858
				wp_safe_redirect( Jetpack::admin_url( 'disconnected=true' ) );
3859
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3860
			case 'reconnect' :
3861
				if ( ! current_user_can( 'jetpack_reconnect' ) ) {
3862
					$error = 'cheatin';
3863
					break;
3864
				}
3865
3866
				check_admin_referer( 'jetpack-reconnect' );
3867
				Jetpack::log( 'reconnect' );
3868
				$this->disconnect();
3869
				wp_redirect( $this->build_connect_url( true, false, 'reconnect' ) );
3870
				exit;
3871 View Code Duplication
			case 'deactivate' :
3872
				if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
3873
					$error = 'cheatin';
3874
					break;
3875
				}
3876
3877
				$modules = stripslashes( $_GET['module'] );
3878
				check_admin_referer( "jetpack_deactivate-$modules" );
3879
				foreach ( explode( ',', $modules ) as $module ) {
3880
					Jetpack::log( 'deactivate', $module );
3881
					Jetpack::deactivate_module( $module );
3882
					Jetpack::state( 'message', 'module_deactivated' );
3883
				}
3884
				Jetpack::state( 'module', $modules );
3885
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3886
				exit;
3887
			case 'unlink' :
3888
				$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
3889
				check_admin_referer( 'jetpack-unlink' );
3890
				Jetpack::log( 'unlink' );
3891
				$this->unlink_user();
3892
				Jetpack::state( 'message', 'unlinked' );
3893
				if ( 'sub-unlink' == $redirect ) {
3894
					wp_safe_redirect( admin_url() );
3895
				} else {
3896
					wp_safe_redirect( Jetpack::admin_url( array( 'page' => $redirect ) ) );
3897
				}
3898
				exit;
3899
			default:
3900
				/**
3901
				 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
3902
				 *
3903
				 * @since 2.6.0
3904
				 *
3905
				 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
3906
				 */
3907
				do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
3908
			}
3909
		}
3910
3911
		if ( ! $error = $error ? $error : Jetpack::state( 'error' ) ) {
3912
			self::activate_new_modules( true );
3913
		}
3914
3915
		$message_code = Jetpack::state( 'message' );
3916
		if ( Jetpack::state( 'optin-manage' ) ) {
3917
			$activated_manage = $message_code;
3918
			$message_code = 'jetpack-manage';
3919
		}
3920
3921
		switch ( $message_code ) {
3922
		case 'jetpack-manage':
3923
			$this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>';
3924
			if ( $activated_manage ) {
3925
				$this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack'  ) . '</strong>';
3926
			}
3927
			break;
3928
3929
		}
3930
3931
		$deactivated_plugins = Jetpack::state( 'deactivated_plugins' );
3932
3933
		if ( ! empty( $deactivated_plugins ) ) {
3934
			$deactivated_plugins = explode( ',', $deactivated_plugins );
3935
			$deactivated_titles  = array();
3936
			foreach ( $deactivated_plugins as $deactivated_plugin ) {
3937
				if ( ! isset( $this->plugins_to_deactivate[$deactivated_plugin] ) ) {
3938
					continue;
3939
				}
3940
3941
				$deactivated_titles[] = '<strong>' . str_replace( ' ', '&nbsp;', $this->plugins_to_deactivate[$deactivated_plugin][1] ) . '</strong>';
3942
			}
3943
3944
			if ( $deactivated_titles ) {
3945
				if ( $this->message ) {
3946
					$this->message .= "<br /><br />\n";
3947
				}
3948
3949
				$this->message .= wp_sprintf(
3950
					_n(
3951
						'Jetpack contains the most recent version of the old %l plugin.',
3952
						'Jetpack contains the most recent versions of the old %l plugins.',
3953
						count( $deactivated_titles ),
3954
						'jetpack'
3955
					),
3956
					$deactivated_titles
3957
				);
3958
3959
				$this->message .= "<br />\n";
3960
3961
				$this->message .= _n(
3962
					'The old version has been deactivated and can be removed from your site.',
3963
					'The old versions have been deactivated and can be removed from your site.',
3964
					count( $deactivated_titles ),
3965
					'jetpack'
3966
				);
3967
			}
3968
		}
3969
3970
		$this->privacy_checks = Jetpack::state( 'privacy_checks' );
3971
3972
		if ( $this->message || $this->error || $this->privacy_checks || $this->can_display_jetpack_manage_notice() ) {
3973
			add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
3974
		}
3975
3976 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) ) {
3977
			/**
3978
			 * Fires when a module configuration page is loaded.
3979
			 * The dynamic part of the hook is the configure parameter from the URL.
3980
			 *
3981
			 * @since 1.1.0
3982
			 */
3983
			do_action( 'jetpack_module_configuration_load_' . $_GET['configure'] );
3984
		}
3985
3986
		add_filter( 'jetpack_short_module_description', 'wptexturize' );
3987
	}
3988
3989
	function admin_notices() {
3990
3991
		if ( $this->error ) {
3992
?>
3993
<div id="message" class="jetpack-message jetpack-err">
3994
	<div class="squeezer">
3995
		<h2><?php echo wp_kses( $this->error, array( 'a' => array( 'href' => array() ), 'small' => true, 'code' => true, 'strong' => true, 'br' => true, 'b' => true ) ); ?></h2>
3996
<?php	if ( $desc = Jetpack::state( 'error_description' ) ) : ?>
3997
		<p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
3998
<?php	endif; ?>
3999
	</div>
4000
</div>
4001
<?php
4002
		}
4003
4004
		if ( $this->message ) {
4005
?>
4006
<div id="message" class="jetpack-message">
4007
	<div class="squeezer">
4008
		<h2><?php echo wp_kses( $this->message, array( 'strong' => array(), 'a' => array( 'href' => true ), 'br' => true ) ); ?></h2>
4009
	</div>
4010
</div>
4011
<?php
4012
		}
4013
4014
		if ( $this->privacy_checks ) :
4015
			$module_names = $module_slugs = array();
4016
4017
			$privacy_checks = explode( ',', $this->privacy_checks );
4018
			$privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
4019
			foreach ( $privacy_checks as $module_slug ) {
4020
				$module = Jetpack::get_module( $module_slug );
4021
				if ( ! $module ) {
4022
					continue;
4023
				}
4024
4025
				$module_slugs[] = $module_slug;
4026
				$module_names[] = "<strong>{$module['name']}</strong>";
4027
			}
4028
4029
			$module_slugs = join( ',', $module_slugs );
4030
?>
4031
<div id="message" class="jetpack-message jetpack-err">
4032
	<div class="squeezer">
4033
		<h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
4034
		<p><?php
4035
			echo wp_kses(
4036
				wptexturize(
4037
					wp_sprintf(
4038
						_nx(
4039
							"Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
4040
							"Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
4041
							count( $privacy_checks ),
4042
							'%l = list of Jetpack module/feature names',
4043
							'jetpack'
4044
						),
4045
						$module_names
4046
					)
4047
				),
4048
				array( 'strong' => true )
4049
			);
4050
4051
			echo "\n<br />\n";
4052
4053
			echo wp_kses(
4054
				sprintf(
4055
					_nx(
4056
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
4057
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
4058
						count( $privacy_checks ),
4059
						'%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
4060
						'jetpack'
4061
					),
4062
					wp_nonce_url(
4063
						Jetpack::admin_url(
4064
							array(
4065
								'page'   => 'jetpack',
4066
								'action' => 'deactivate',
4067
								'module' => urlencode( $module_slugs ),
4068
							)
4069
						),
4070
						"jetpack_deactivate-$module_slugs"
4071
					),
4072
					esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
4073
				),
4074
				array( 'a' => array( 'href' => true, 'title' => true ) )
4075
			);
4076
		?></p>
4077
	</div>
4078
</div>
4079
<?php endif;
4080
	// only display the notice if the other stuff is not there
4081
	if( $this->can_display_jetpack_manage_notice() && !  $this->error && ! $this->message && ! $this->privacy_checks ) {
4082
		if( isset( $_GET['page'] ) && 'jetpack' != $_GET['page'] )
4083
			$this->opt_in_jetpack_manage_notice();
4084
		}
4085
	}
4086
4087
	/**
4088
	 * Record a stat for later output.  This will only currently output in the admin_footer.
4089
	 */
4090
	function stat( $group, $detail ) {
4091
		if ( ! isset( $this->stats[ $group ] ) )
4092
			$this->stats[ $group ] = array();
4093
		$this->stats[ $group ][] = $detail;
4094
	}
4095
4096
	/**
4097
	 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
4098
	 */
4099
	function do_stats( $method = '' ) {
4100
		if ( is_array( $this->stats ) && count( $this->stats ) ) {
4101
			foreach ( $this->stats as $group => $stats ) {
4102
				if ( is_array( $stats ) && count( $stats ) ) {
4103
					$args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
4104
					if ( 'server_side' === $method ) {
4105
						self::do_server_side_stat( $args );
4106
					} else {
4107
						echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
4108
					}
4109
				}
4110
				unset( $this->stats[ $group ] );
4111
			}
4112
		}
4113
	}
4114
4115
	/**
4116
	 * Runs stats code for a one-off, server-side.
4117
	 *
4118
	 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
4119
	 *
4120
	 * @return bool If it worked.
4121
	 */
4122
	static function do_server_side_stat( $args ) {
4123
		$response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
4124
		if ( is_wp_error( $response ) )
4125
			return false;
4126
4127
		if ( 200 !== wp_remote_retrieve_response_code( $response ) )
4128
			return false;
4129
4130
		return true;
4131
	}
4132
4133
	/**
4134
	 * Builds the stats url.
4135
	 *
4136
	 * @param $args array|string The arguments to append to the URL.
4137
	 *
4138
	 * @return string The URL to be pinged.
4139
	 */
4140
	static function build_stats_url( $args ) {
4141
		$defaults = array(
4142
			'v'    => 'wpcom2',
4143
			'rand' => md5( mt_rand( 0, 999 ) . time() ),
4144
		);
4145
		$args     = wp_parse_args( $args, $defaults );
4146
		/**
4147
		 * Filter the URL used as the Stats tracking pixel.
4148
		 *
4149
		 * @since 2.3.2
4150
		 *
4151
		 * @param string $url Base URL used as the Stats tracking pixel.
4152
		 */
4153
		$base_url = apply_filters(
4154
			'jetpack_stats_base_url',
4155
			'https://pixel.wp.com/g.gif'
4156
		);
4157
		$url      = add_query_arg( $args, $base_url );
4158
		return $url;
4159
	}
4160
4161
	static function translate_current_user_to_role() {
4162
		foreach ( self::$capability_translations as $role => $cap ) {
4163
			if ( current_user_can( $role ) || current_user_can( $cap ) ) {
4164
				return $role;
4165
			}
4166
		}
4167
4168
		return false;
4169
	}
4170
4171
	static function translate_user_to_role( $user ) {
4172
		foreach ( self::$capability_translations as $role => $cap ) {
4173
			if ( user_can( $user, $role ) || user_can( $user, $cap ) ) {
4174
				return $role;
4175
			}
4176
		}
4177
4178
		return false;
4179
    }
4180
4181
	static function translate_role_to_cap( $role ) {
4182
		if ( ! isset( self::$capability_translations[$role] ) ) {
4183
			return false;
4184
		}
4185
4186
		return self::$capability_translations[$role];
4187
	}
4188
4189
	static function sign_role( $role, $user_id = null ) {
4190
		if ( empty( $user_id ) ) {
4191
			$user_id = (int) get_current_user_id();
4192
		}
4193
4194
		if ( ! $user_id  ) {
4195
			return false;
4196
		}
4197
4198
		$token = Jetpack_Data::get_access_token();
4199
		if ( ! $token || is_wp_error( $token ) ) {
4200
			return false;
4201
		}
4202
4203
		return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret );
4204
	}
4205
4206
4207
	/**
4208
	 * Builds a URL to the Jetpack connection auth page
4209
	 *
4210
	 * @since 3.9.5
4211
	 *
4212
	 * @param bool $raw If true, URL will not be escaped.
4213
	 * @param bool|string $redirect If true, will redirect back to Jetpack wp-admin landing page after connection.
4214
	 *                              If string, will be a custom redirect.
4215
	 * @param bool|string $from If not false, adds 'from=$from' param to the connect URL.
4216
	 * @param bool $register If true, will generate a register URL regardless of the existing token, since 4.9.0
4217
	 *
4218
	 * @return string Connect URL
4219
	 */
4220
	function build_connect_url( $raw = false, $redirect = false, $from = false, $register = false ) {
4221
		$site_id = Jetpack_Options::get_option( 'id' );
4222
		$token = Jetpack_Options::get_option( 'blog_token' );
4223
4224
		if ( $register || ! $token || ! $site_id ) {
4225
			$url = Jetpack::nonce_url_no_esc( Jetpack::admin_url( 'action=register' ), 'jetpack-register' );
4226
4227
			if ( ! empty( $redirect ) ) {
4228
				$url = add_query_arg(
4229
					'redirect',
4230
					urlencode( wp_validate_redirect( esc_url_raw( $redirect ) ) ),
4231
					$url
4232
				);
4233
			}
4234
4235
			if( is_network_admin() ) {
4236
				$url = add_query_arg( 'is_multisite', network_admin_url( 'admin.php?page=jetpack-settings' ), $url );
4237
			}
4238
		} else {
4239
4240
			// Checking existing token
4241
			$response = Jetpack_Client::wpcom_json_api_request_as_blog(
4242
				sprintf( '/sites/%d', $site_id ) .'?force=wpcom',
4243
				'1.1'
4244
			);
4245
4246
			if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
4247
				// Generating a register URL instead to refresh the existing token
4248
				return $this->build_connect_url( $raw, $redirect, $from, true );
4249
			}
4250
4251
			if ( defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) && include_once JETPACK__GLOTPRESS_LOCALES_PATH ) {
4252
				$gp_locale = GP_Locales::by_field( 'wp_locale', get_locale() );
4253
			}
4254
4255
			$role = self::translate_current_user_to_role();
4256
			$signed_role = self::sign_role( $role );
4257
4258
			$user = wp_get_current_user();
4259
4260
			$jetpack_admin_page = esc_url_raw( admin_url( 'admin.php?page=jetpack' ) );
4261
			$redirect = $redirect
4262
				? wp_validate_redirect( esc_url_raw( $redirect ), $jetpack_admin_page )
4263
				: $jetpack_admin_page;
4264
4265
			if( isset( $_REQUEST['is_multisite'] ) ) {
4266
				$redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4267
			}
4268
4269
			$secrets = Jetpack::generate_secrets( 'authorize', false, 2 * HOUR_IN_SECONDS );
4270
4271
			$site_icon = ( function_exists( 'has_site_icon') && has_site_icon() )
4272
				? get_site_icon_url()
4273
				: false;
4274
4275
			/**
4276
			 * Filter the type of authorization.
4277
			 * 'calypso' completes authorization on wordpress.com/jetpack/connect
4278
			 * while 'jetpack' ( or any other value ) completes the authorization at jetpack.wordpress.com.
4279
			 *
4280
			 * @since 4.3.3
4281
			 *
4282
			 * @param string $auth_type Defaults to 'calypso', can also be 'jetpack'.
4283
			 */
4284
			$auth_type = apply_filters( 'jetpack_auth_type', 'calypso' );
4285
4286
			$args = urlencode_deep(
4287
				array(
4288
					'response_type' => 'code',
4289
					'client_id'     => Jetpack_Options::get_option( 'id' ),
4290
					'redirect_uri'  => add_query_arg(
4291
						array(
4292
							'action'   => 'authorize',
4293
							'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
4294
							'redirect' => urlencode( $redirect ),
4295
						),
4296
						esc_url( admin_url( 'admin.php?page=jetpack' ) )
4297
					),
4298
					'state'         => $user->ID,
4299
					'scope'         => $signed_role,
4300
					'user_email'    => $user->user_email,
4301
					'user_login'    => $user->user_login,
4302
					'is_active'     => Jetpack::is_active(),
4303
					'jp_version'    => JETPACK__VERSION,
4304
					'auth_type'     => $auth_type,
4305
					'secret'        => $secrets['secret_1'],
4306
					'locale'        => ( isset( $gp_locale ) && isset( $gp_locale->slug ) ) ? $gp_locale->slug : '',
4307
					'blogname'      => get_option( 'blogname' ),
4308
					'site_url'      => site_url(),
4309
					'home_url'      => home_url(),
4310
					'site_icon'     => $site_icon,
4311
				)
4312
			);
4313
4314
			$url = add_query_arg( $args, Jetpack::api_url( 'authorize' ) );
4315
		}
4316
4317
		if ( $from ) {
4318
			$url = add_query_arg( 'from', $from, $url );
4319
		}
4320
4321
4322
		if ( isset( $_GET['calypso_env'] ) ) {
4323
			$url = add_query_arg( 'calypso_env', sanitize_key( $_GET['calypso_env'] ), $url );
4324
		}
4325
4326
		return $raw ? $url : esc_url( $url );
4327
	}
4328
4329
	function build_reconnect_url( $raw = false ) {
4330
		$url = wp_nonce_url( Jetpack::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4331
		return $raw ? $url : esc_url( $url );
4332
	}
4333
4334
	public static function admin_url( $args = null ) {
4335
		$args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4336
		$url = add_query_arg( $args, admin_url( 'admin.php' ) );
4337
		return $url;
4338
	}
4339
4340
	public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4341
		$actionurl = str_replace( '&amp;', '&', $actionurl );
4342
		return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4343
	}
4344
4345
	function dismiss_jetpack_notice() {
4346
4347
		if ( ! isset( $_GET['jetpack-notice'] ) ) {
4348
			return;
4349
		}
4350
4351
		switch( $_GET['jetpack-notice'] ) {
4352
			case 'dismiss':
4353
				if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4354
4355
					require_once ABSPATH . 'wp-admin/includes/plugin.php';
4356
					deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4357
					wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4358
				}
4359
				break;
4360 View Code Duplication
			case 'jetpack-manage-opt-out':
4361
4362
				if ( check_admin_referer( 'jetpack_manage_banner_opt_out' ) ) {
4363
					// Don't show the banner again
4364
4365
					Jetpack_Options::update_option( 'dismissed_manage_banner', true );
4366
					// redirect back to the page that had the notice
4367
					if ( wp_get_referer() ) {
4368
						wp_safe_redirect( wp_get_referer() );
4369
					} else {
4370
						// Take me to Jetpack
4371
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4372
					}
4373
				}
4374
				break;
4375 View Code Duplication
			case 'jetpack-protect-multisite-opt-out':
4376
4377
				if ( check_admin_referer( 'jetpack_protect_multisite_banner_opt_out' ) ) {
4378
					// Don't show the banner again
4379
4380
					update_site_option( 'jetpack_dismissed_protect_multisite_banner', true );
4381
					// redirect back to the page that had the notice
4382
					if ( wp_get_referer() ) {
4383
						wp_safe_redirect( wp_get_referer() );
4384
					} else {
4385
						// Take me to Jetpack
4386
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4387
					}
4388
				}
4389
				break;
4390
			case 'jetpack-manage-opt-in':
4391
				if ( check_admin_referer( 'jetpack_manage_banner_opt_in' ) ) {
4392
					// This makes sure that we are redirect to jetpack home so that we can see the Success Message.
4393
4394
					$redirection_url = Jetpack::admin_url();
4395
					remove_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4396
4397
					// Don't redirect form the Jetpack Setting Page
4398
					$referer_parsed = parse_url ( wp_get_referer() );
4399
					// check that we do have a wp_get_referer and the query paramater is set orderwise go to the Jetpack Home
4400
					if ( isset( $referer_parsed['query'] ) && false !== strpos( $referer_parsed['query'], 'page=jetpack_modules' ) ) {
4401
						// Take the user to Jetpack home except when on the setting page
4402
						$redirection_url = wp_get_referer();
4403
						add_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4404
					}
4405
					// Also update the JSON API FULL MANAGEMENT Option
4406
					Jetpack::activate_module( 'manage', false, false );
4407
4408
					// Special Message when option in.
4409
					Jetpack::state( 'optin-manage', 'true' );
4410
					// Activate the Module if not activated already
4411
4412
					// Redirect properly
4413
					wp_safe_redirect( $redirection_url );
4414
4415
				}
4416
				break;
4417
		}
4418
	}
4419
4420
	public static function admin_screen_configure_module( $module_id ) {
4421
4422
		// User that doesn't have 'jetpack_configure_modules' will never end up here since Jetpack Landing Page woun't let them.
4423
		if ( ! in_array( $module_id, Jetpack::get_active_modules() ) && current_user_can( 'manage_options' ) ) {
4424
			if ( has_action( 'display_activate_module_setting_' . $module_id ) ) {
4425
				/**
4426
				 * Fires to diplay a custom module activation screen.
4427
				 *
4428
				 * To add a module actionation screen use Jetpack::module_configuration_activation_screen method.
4429
				 * Example: Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
4430
				 *
4431
				 * @module manage
4432
				 *
4433
				 * @since 3.8.0
4434
				 *
4435
				 * @param int $module_id Module ID.
4436
				 */
4437
				do_action( 'display_activate_module_setting_' . $module_id );
4438
			} else {
4439
				self::display_activate_module_link( $module_id );
4440
			}
4441
4442
			return false;
4443
		} ?>
4444
4445
		<div id="jp-settings-screen" style="position: relative">
4446
			<h3>
4447
			<?php
4448
				$module = Jetpack::get_module( $module_id );
4449
				echo '<a href="' . Jetpack::admin_url( 'page=jetpack_modules' ) . '">' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</a> &rarr; ';
4450
				printf( __( 'Configure %s', 'jetpack' ), $module['name'] );
4451
			?>
4452
			</h3>
4453
			<?php
4454
				/**
4455
				 * Fires within the displayed message when a feature configuation is updated.
4456
				 *
4457
				 * @since 3.4.0
4458
				 *
4459
				 * @param int $module_id Module ID.
4460
				 */
4461
				do_action( 'jetpack_notices_update_settings', $module_id );
4462
				/**
4463
				 * Fires when a feature configuation screen is loaded.
4464
				 * The dynamic part of the hook, $module_id, is the module ID.
4465
				 *
4466
				 * @since 1.1.0
4467
				 */
4468
				do_action( 'jetpack_module_configuration_screen_' . $module_id );
4469
			?>
4470
		</div><?php
4471
	}
4472
4473
	/**
4474
	 * Display link to activate the module to see the settings screen.
4475
	 * @param  string $module_id
4476
	 * @return null
4477
	 */
4478
	public static function display_activate_module_link( $module_id ) {
4479
4480
		$info =  Jetpack::get_module( $module_id );
4481
		$extra = '';
4482
		$activate_url = wp_nonce_url(
4483
				Jetpack::admin_url(
4484
					array(
4485
						'page'   => 'jetpack',
4486
						'action' => 'activate',
4487
						'module' => $module_id,
4488
					)
4489
				),
4490
				"jetpack_activate-$module_id"
4491
			);
4492
4493
		?>
4494
4495
		<div class="wrap configure-module">
4496
			<div id="jp-settings-screen">
4497
				<?php
4498
				if ( $module_id == 'json-api' ) {
4499
4500
					$info['name'] = esc_html__( 'Activate Site Management and JSON API', 'jetpack' );
4501
4502
					$activate_url = Jetpack::init()->opt_in_jetpack_manage_url();
4503
4504
					$info['description'] = sprintf( __( 'Manage your multiple Jetpack sites from our centralized dashboard at wordpress.com/sites. <a href="%s" target="_blank">Learn more</a>.', 'jetpack' ), 'https://jetpack.com/support/site-management' );
4505
4506
					// $extra = __( 'To use Site Management, you need to first activate JSON API to allow remote management of your site. ', 'jetpack' );
4507
				} ?>
4508
4509
				<h3><?php echo esc_html( $info['name'] ); ?></h3>
4510
				<div class="narrow">
4511
					<p><?php echo  $info['description']; ?></p>
4512
					<?php if( $extra ) { ?>
4513
					<p><?php echo esc_html( $extra ); ?></p>
4514
					<?php } ?>
4515
					<p>
4516
						<?php
4517
						if( wp_get_referer() ) {
4518
							printf( __( '<a class="button-primary" href="%s">Activate Now</a> or <a href="%s" >return to previous page</a>.', 'jetpack' ) , $activate_url, wp_get_referer() );
4519
						} else {
4520
							printf( __( '<a class="button-primary" href="%s">Activate Now</a>', 'jetpack' ) , $activate_url  );
4521
						} ?>
4522
					</p>
4523
				</div>
4524
4525
			</div>
4526
		</div>
4527
4528
		<?php
4529
	}
4530
4531
	public static function sort_modules( $a, $b ) {
4532
		if ( $a['sort'] == $b['sort'] )
4533
			return 0;
4534
4535
		return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4536
	}
4537
4538
	function ajax_recheck_ssl() {
4539
		check_ajax_referer( 'recheck-ssl', 'ajax-nonce' );
4540
		$result = Jetpack::permit_ssl( true );
4541
		wp_send_json( array(
4542
			'enabled' => $result,
4543
			'message' => get_transient( 'jetpack_https_test_message' )
4544
		) );
4545
	}
4546
4547
/* Client API */
4548
4549
	/**
4550
	 * Returns the requested Jetpack API URL
4551
	 *
4552
	 * @return string
4553
	 */
4554
	public static function api_url( $relative_url ) {
4555
		return trailingslashit( JETPACK__API_BASE . $relative_url  ) . JETPACK__API_VERSION . '/';
4556
	}
4557
4558
	/**
4559
	 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
4560
	 */
4561
	public static function fix_url_for_bad_hosts( $url ) {
4562
		if ( 0 !== strpos( $url, 'https://' ) ) {
4563
			return $url;
4564
		}
4565
4566
		switch ( JETPACK_CLIENT__HTTPS ) {
4567
			case 'ALWAYS' :
4568
				return $url;
4569
			case 'NEVER' :
4570
				return set_url_scheme( $url, 'http' );
4571
			// default : case 'AUTO' :
4572
		}
4573
4574
		// we now return the unmodified SSL URL by default, as a security precaution
4575
		return $url;
4576
	}
4577
4578
	/**
4579
	 * Checks to see if the URL is using SSL to connect with Jetpack
4580
	 *
4581
	 * @since 2.3.3
4582
	 * @return boolean
4583
	 */
4584
	public static function permit_ssl( $force_recheck = false ) {
4585
		// Do some fancy tests to see if ssl is being supported
4586
		if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
4587
			$message = '';
4588
			if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
4589
				$ssl = 0;
4590
			} else {
4591
				switch ( JETPACK_CLIENT__HTTPS ) {
4592
					case 'NEVER':
4593
						$ssl = 0;
4594
						$message = __( 'JETPACK_CLIENT__HTTPS is set to NEVER', 'jetpack' );
4595
						break;
4596
					case 'ALWAYS':
4597
					case 'AUTO':
4598
					default:
4599
						$ssl = 1;
4600
						break;
4601
				}
4602
4603
				// If it's not 'NEVER', test to see
4604
				if ( $ssl ) {
4605
					if ( ! wp_http_supports( array( 'ssl' => true ) ) ) {
4606
						$ssl = 0;
4607
						$message = __( 'WordPress reports no SSL support', 'jetpack' );
4608
					} else {
4609
						$response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
4610
						if ( is_wp_error( $response ) ) {
4611
							$ssl = 0;
4612
							$message = __( 'WordPress reports no SSL support', 'jetpack' );
4613
						} elseif ( 'OK' !== wp_remote_retrieve_body( $response ) ) {
4614
							$ssl = 0;
4615
							$message = __( 'Response was not OK: ', 'jetpack' ) . wp_remote_retrieve_body( $response );
4616
						}
4617
					}
4618
				}
4619
			}
4620
			set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
4621
			set_transient( 'jetpack_https_test_message', $message, DAY_IN_SECONDS );
4622
		}
4623
4624
		return (bool) $ssl;
4625
	}
4626
4627
	/*
4628
	 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'AUTO' but SSL isn't working.
4629
	 */
4630
	public function alert_auto_ssl_fail() {
4631
		if ( ! current_user_can( 'manage_options' ) )
4632
			return;
4633
4634
		$ajax_nonce = wp_create_nonce( 'recheck-ssl' );
4635
		?>
4636
4637
		<div id="jetpack-ssl-warning" class="error jp-identity-crisis">
4638
			<div class="jp-banner__content">
4639
				<h2><?php _e( 'Outbound HTTPS not working', 'jetpack' ); ?></h2>
4640
				<p><?php _e( 'Your site could not connect to WordPress.com via HTTPS. This could be due to any number of reasons, including faulty SSL certificates, misconfigured or missing SSL libraries, or network issues.', 'jetpack' ); ?></p>
4641
				<p>
4642
					<?php _e( 'Jetpack will re-test for HTTPS support once a day, but you can click here to try again immediately: ', 'jetpack' ); ?>
4643
					<a href="#" id="jetpack-recheck-ssl-button"><?php _e( 'Try again', 'jetpack' ); ?></a>
4644
					<span id="jetpack-recheck-ssl-output"><?php echo get_transient( 'jetpack_https_test_message' ); ?></span>
4645
				</p>
4646
				<p>
4647
					<?php printf( __( 'For more help, try our <a href="%1$s">connection debugger</a> or <a href="%2$s" target="_blank">troubleshooting tips</a>.', 'jetpack' ),
4648
							esc_url( Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) ),
4649
							esc_url( 'https://jetpack.com/support/getting-started-with-jetpack/troubleshooting-tips/' ) ); ?>
4650
				</p>
4651
			</div>
4652
		</div>
4653
		<style>
4654
			#jetpack-recheck-ssl-output { margin-left: 5px; color: red; }
4655
		</style>
4656
		<script type="text/javascript">
4657
			jQuery( document ).ready( function( $ ) {
4658
				$( '#jetpack-recheck-ssl-button' ).click( function( e ) {
4659
					var $this = $( this );
4660
					$this.html( <?php echo json_encode( __( 'Checking', 'jetpack' ) ); ?> );
4661
					$( '#jetpack-recheck-ssl-output' ).html( '' );
4662
					e.preventDefault();
4663
					var data = { action: 'jetpack-recheck-ssl', 'ajax-nonce': '<?php echo $ajax_nonce; ?>' };
4664
					$.post( ajaxurl, data )
4665
					  .done( function( response ) {
4666
					  	if ( response.enabled ) {
4667
					  		$( '#jetpack-ssl-warning' ).hide();
4668
					  	} else {
4669
					  		this.html( <?php echo json_encode( __( 'Try again', 'jetpack' ) ); ?> );
4670
					  		$( '#jetpack-recheck-ssl-output' ).html( 'SSL Failed: ' + response.message );
4671
					  	}
4672
					  }.bind( $this ) );
4673
				} );
4674
			} );
4675
		</script>
4676
4677
		<?php
4678
	}
4679
4680
	/**
4681
	 * Returns the Jetpack XML-RPC API
4682
	 *
4683
	 * @return string
4684
	 */
4685
	public static function xmlrpc_api_url() {
4686
		$base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE );
4687
		return untrailingslashit( $base ) . '/xmlrpc.php';
4688
	}
4689
4690
	/**
4691
	 * Creates two secret tokens and the end of life timestamp for them.
4692
	 *
4693
	 * Note these tokens are unique per call, NOT static per site for connecting.
4694
	 *
4695
	 * @since 2.6
4696
	 * @return array
4697
	 */
4698
	public static function generate_secrets( $action, $user_id = false, $exp = 600 ) {
4699
		if ( ! $user_id ) {
4700
			$user_id = get_current_user_id();
4701
		}
4702
4703
		$secret_name  = 'jetpack_' . $action . '_' . $user_id;
4704
		$secrets      = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
4705
4706
		if (
4707
			isset( $secrets[ $secret_name ] ) &&
4708
			$secrets[ $secret_name ]['exp'] > time()
4709
		) {
4710
			return $secrets[ $secret_name ];
4711
		}
4712
4713
		$secret_value = array(
4714
			'secret_1'  => wp_generate_password( 32, false ),
4715
			'secret_2'  => wp_generate_password( 32, false ),
4716
			'exp'       => time() + $exp,
4717
		);
4718
4719
		$secrets[ $secret_name ] = $secret_value;
4720
4721
		Jetpack_Options::update_raw_option( 'jetpack_secrets', $secrets );
4722
		return $secrets[ $secret_name ];
4723
	}
4724
4725
	public static function get_secrets( $action, $user_id ) {
4726
		$secret_name = 'jetpack_' . $action . '_' . $user_id;
4727
		$secrets = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
4728
4729
		if ( ! isset( $secrets[ $secret_name ] ) ) {
4730
			return new WP_Error( 'verify_secrets_missing', 'Verification secrets not found' );
4731
		}
4732
4733
		if ( $secrets[ $secret_name ]['exp'] < time() ) {
4734
			self::delete_secrets( $action, $user_id );
4735
			return new WP_Error( 'verify_secrets_expired', 'Verification took too long' );
4736
		}
4737
4738
		return $secrets[ $secret_name ];
4739
	}
4740
4741
	public static function delete_secrets( $action, $user_id ) {
4742
		$secret_name = 'jetpack_' . $action . '_' . $user_id;
4743
		$secrets = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
4744
		if ( isset( $secrets[ $secret_name ] ) ) {
4745
			unset( $secrets[ $secret_name ] );
4746
			Jetpack_Options::update_raw_option( 'jetpack_secrets', $secrets );
4747
		}
4748
	}
4749
4750
	/**
4751
	 * Builds the timeout limit for queries talking with the wpcom servers.
4752
	 *
4753
	 * Based on local php max_execution_time in php.ini
4754
	 *
4755
	 * @since 2.6
4756
	 * @return int
4757
	 **/
4758
	public function get_remote_query_timeout_limit() {
4759
	    $timeout = (int) ini_get( 'max_execution_time' );
4760
	    if ( ! $timeout ) // Ensure exec time set in php.ini
4761
				$timeout = 30;
4762
	    return intval( $timeout / 2 );
4763
	}
4764
4765
4766
	/**
4767
	 * Takes the response from the Jetpack register new site endpoint and
4768
	 * verifies it worked properly.
4769
	 *
4770
	 * @since 2.6
4771
	 * @return string|Jetpack_Error A JSON object on success or Jetpack_Error on failures
4772
	 **/
4773
	public function validate_remote_register_response( $response ) {
4774
	  if ( is_wp_error( $response ) ) {
4775
			return new Jetpack_Error( 'register_http_request_failed', $response->get_error_message() );
4776
		}
4777
4778
		$code   = wp_remote_retrieve_response_code( $response );
4779
		$entity = wp_remote_retrieve_body( $response );
4780
		if ( $entity )
4781
			$registration_response = json_decode( $entity );
4782
		else
4783
			$registration_response = false;
4784
4785
		$code_type = intval( $code / 100 );
4786
		if ( 5 == $code_type ) {
4787
			return new Jetpack_Error( 'wpcom_5??', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4788
		} elseif ( 408 == $code ) {
4789
			return new Jetpack_Error( 'wpcom_408', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4790
		} elseif ( ! empty( $registration_response->error ) ) {
4791
			if ( 'xml_rpc-32700' == $registration_response->error && ! function_exists( 'xml_parser_create' ) ) {
4792
				$error_description = __( "PHP's XML extension is not available. Jetpack requires the XML extension to communicate with WordPress.com. Please contact your hosting provider to enable PHP's XML extension.", 'jetpack' );
4793
			} else {
4794
				$error_description = isset( $registration_response->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $registration_response->error_description ) : '';
4795
			}
4796
4797
			return new Jetpack_Error( (string) $registration_response->error, $error_description, $code );
4798
		} elseif ( 200 != $code ) {
4799
			return new Jetpack_Error( 'wpcom_bad_response', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4800
		}
4801
4802
		// Jetpack ID error block
4803
		if ( empty( $registration_response->jetpack_id ) ) {
4804
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ), $entity );
4805
		} elseif ( ! is_scalar( $registration_response->jetpack_id ) ) {
4806
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4807
		} elseif ( preg_match( '/[^0-9]/', $registration_response->jetpack_id ) ) {
4808
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4809
		}
4810
4811
	    return $registration_response;
4812
	}
4813
	/**
4814
	 * @return bool|WP_Error
4815
	 */
4816
	public static function register() {
4817
		add_action( 'pre_update_jetpack_option_register', array( 'Jetpack_Options', 'delete_option' ) );
4818
		$secrets = Jetpack::generate_secrets( 'register' );
4819
4820 View Code Duplication
		if (
4821
			empty( $secrets['secret_1'] ) ||
4822
			empty( $secrets['secret_2'] ) ||
4823
			empty( $secrets['exp'] )
4824
		) {
4825
			return new Jetpack_Error( 'missing_secrets' );
4826
		}
4827
4828
		$timeout = Jetpack::init()->get_remote_query_timeout_limit();
4829
4830
		$gmt_offset = get_option( 'gmt_offset' );
4831
		if ( ! $gmt_offset ) {
4832
			$gmt_offset = 0;
4833
		}
4834
4835
		$stats_options = get_option( 'stats_options' );
4836
		$stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null;
4837
4838
		$args = array(
4839
			'method'  => 'POST',
4840
			'body'    => array(
4841
				'siteurl'         => site_url(),
4842
				'home'            => home_url(),
4843
				'gmt_offset'      => $gmt_offset,
4844
				'timezone_string' => (string) get_option( 'timezone_string' ),
4845
				'site_name'       => (string) get_option( 'blogname' ),
4846
				'secret_1'        => $secrets['secret_1'],
4847
				'secret_2'        => $secrets['secret_2'],
4848
				'site_lang'       => get_locale(),
4849
				'timeout'         => $timeout,
4850
				'stats_id'        => $stats_id,
4851
				'state'           => get_current_user_id(),
4852
			),
4853
			'headers' => array(
4854
				'Accept' => 'application/json',
4855
			),
4856
			'timeout' => $timeout,
4857
		);
4858
		$response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'register' ) ), $args, true );
4859
4860
		// Make sure the response is valid and does not contain any Jetpack errors
4861
		$registration_details = Jetpack::init()->validate_remote_register_response( $response );
4862
		if ( is_wp_error( $registration_details ) ) {
4863
			return $registration_details;
4864
		} elseif ( ! $registration_details ) {
4865
			return new Jetpack_Error( 'unknown_error', __( 'Unknown error registering your Jetpack site', 'jetpack' ), wp_remote_retrieve_response_code( $response ) );
4866
		}
4867
4868 View Code Duplication
		if ( empty( $registration_details->jetpack_secret ) || ! is_string( $registration_details->jetpack_secret ) ) {
4869
			return new Jetpack_Error( 'jetpack_secret', '', wp_remote_retrieve_response_code( $response ) );
4870
		}
4871
4872
		if ( isset( $registration_details->jetpack_public ) ) {
4873
			$jetpack_public = (int) $registration_details->jetpack_public;
4874
		} else {
4875
			$jetpack_public = false;
4876
		}
4877
4878
		Jetpack_Options::update_options(
4879
			array(
4880
				'id'         => (int)    $registration_details->jetpack_id,
4881
				'blog_token' => (string) $registration_details->jetpack_secret,
4882
				'public'     => $jetpack_public,
4883
			)
4884
		);
4885
4886
		/**
4887
		 * Fires when a site is registered on WordPress.com.
4888
		 *
4889
		 * @since 3.7.0
4890
		 *
4891
		 * @param int $json->jetpack_id Jetpack Blog ID.
4892
		 * @param string $json->jetpack_secret Jetpack Blog Token.
4893
		 * @param int|bool $jetpack_public Is the site public.
4894
		 */
4895
		do_action( 'jetpack_site_registered', $registration_details->jetpack_id, $registration_details->jetpack_secret, $jetpack_public );
4896
4897
		// Initialize Jump Start for the first and only time.
4898
		if ( ! Jetpack_Options::get_option( 'jumpstart' ) ) {
4899
			Jetpack_Options::update_option( 'jumpstart', 'new_connection' );
4900
4901
			$jetpack = Jetpack::init();
4902
4903
			$jetpack->stat( 'jumpstart', 'unique-views' );
4904
			$jetpack->do_stats( 'server_side' );
4905
		};
4906
4907
		return true;
4908
	}
4909
4910
	/**
4911
	 * If the db version is showing something other that what we've got now, bump it to current.
4912
	 *
4913
	 * @return bool: True if the option was incorrect and updated, false if nothing happened.
4914
	 */
4915
	public static function maybe_set_version_option() {
4916
		list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
4917
		if ( JETPACK__VERSION != $version ) {
4918
			Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
4919
4920
			if ( version_compare( JETPACK__VERSION, $version, '>' ) ) {
4921
				/** This action is documented in class.jetpack.php */
4922
				do_action( 'updating_jetpack_version', JETPACK__VERSION, $version );
4923
			}
4924
4925
			return true;
4926
		}
4927
		return false;
4928
	}
4929
4930
/* Client Server API */
4931
4932
	/**
4933
	 * Loads the Jetpack XML-RPC client
4934
	 */
4935
	public static function load_xml_rpc_client() {
4936
		require_once ABSPATH . WPINC . '/class-IXR.php';
4937
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-ixr-client.php';
4938
	}
4939
4940
	/**
4941
	 * Resets the saved authentication state in between testing requests.
4942
	 */
4943
	public function reset_saved_auth_state() {
4944
		$this->xmlrpc_verification = null;
4945
		$this->rest_authentication_status = null;
4946
	}
4947
4948
	function verify_xml_rpc_signature() {
4949
		if ( $this->xmlrpc_verification ) {
4950
			return $this->xmlrpc_verification;
4951
		}
4952
4953
		// It's not for us
4954
		if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) {
4955
			return false;
4956
		}
4957
4958
		@list( $token_key, $version, $user_id ) = explode( ':', $_GET['token'] );
4959
		if (
4960
			empty( $token_key )
4961
		||
4962
			empty( $version ) || strval( JETPACK__API_VERSION ) !== $version
4963
		) {
4964
			return false;
4965
		}
4966
4967
		if ( '0' === $user_id ) {
4968
			$token_type = 'blog';
4969
			$user_id = 0;
4970
		} else {
4971
			$token_type = 'user';
4972
			if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) {
4973
				return false;
4974
			}
4975
			$user_id = (int) $user_id;
4976
4977
			$user = new WP_User( $user_id );
4978
			if ( ! $user || ! $user->exists() ) {
4979
				return false;
4980
			}
4981
		}
4982
4983
		$token = Jetpack_Data::get_access_token( $user_id );
4984
		if ( ! $token ) {
4985
			return false;
4986
		}
4987
4988
		$token_check = "$token_key.";
4989
		if ( ! hash_equals( substr( $token->secret, 0, strlen( $token_check ) ), $token_check ) ) {
4990
			return false;
4991
		}
4992
4993
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
4994
4995
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
4996
		if ( isset( $_POST['_jetpack_is_multipart'] ) ) {
4997
			$post_data   = $_POST;
4998
			$file_hashes = array();
4999
			foreach ( $post_data as $post_data_key => $post_data_value ) {
5000
				if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) {
5001
					continue;
5002
				}
5003
				$post_data_key = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) );
5004
				$file_hashes[$post_data_key] = $post_data_value;
5005
			}
5006
5007
			foreach ( $file_hashes as $post_data_key => $post_data_value ) {
5008
				unset( $post_data["_jetpack_file_hmac_{$post_data_key}"] );
5009
				$post_data[$post_data_key] = $post_data_value;
5010
			}
5011
5012
			ksort( $post_data );
5013
5014
			$body = http_build_query( stripslashes_deep( $post_data ) );
5015
		} elseif ( is_null( $this->HTTP_RAW_POST_DATA ) ) {
5016
			$body = file_get_contents( 'php://input' );
5017
		} else {
5018
			$body = null;
5019
		}
5020
5021
		$signature = $jetpack_signature->sign_current_request(
5022
			array( 'body' => is_null( $body ) ? $this->HTTP_RAW_POST_DATA : $body, )
5023
		);
5024
5025
		if ( ! $signature ) {
5026
			return false;
5027
		} else if ( is_wp_error( $signature ) ) {
5028
			return $signature;
5029
		} else if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
5030
			return false;
5031
		}
5032
5033
		$timestamp = (int) $_GET['timestamp'];
5034
		$nonce     = stripslashes( (string) $_GET['nonce'] );
5035
5036
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5037
			return false;
5038
		}
5039
5040
		$this->xmlrpc_verification = array(
5041
			'type'    => $token_type,
5042
			'user_id' => $token->external_user_id,
5043
		);
5044
5045
		return $this->xmlrpc_verification;
5046
	}
5047
5048
	/**
5049
	 * Authenticates XML-RPC and other requests from the Jetpack Server
5050
	 */
5051
	function authenticate_jetpack( $user, $username, $password ) {
5052
		if ( is_a( $user, 'WP_User' ) ) {
5053
			return $user;
5054
		}
5055
5056
		$token_details = $this->verify_xml_rpc_signature();
5057
5058
		if ( ! $token_details || is_wp_error( $token_details ) ) {
5059
			return $user;
5060
		}
5061
5062
		if ( 'user' !== $token_details['type'] ) {
5063
			return $user;
5064
		}
5065
5066
		if ( ! $token_details['user_id'] ) {
5067
			return $user;
5068
		}
5069
5070
		nocache_headers();
5071
5072
		return new WP_User( $token_details['user_id'] );
5073
	}
5074
5075
	// Authenticates requests from Jetpack server to WP REST API endpoints.
5076
	// Uses the existing XMLRPC request signing implementation.
5077
	function wp_rest_authenticate( $user ) {
5078
		if ( ! empty( $user ) ) {
5079
			// Another authentication method is in effect.
5080
			return $user;
5081
		}
5082
5083
		if ( ! isset( $_GET['_for'] ) || $_GET['_for'] !== 'jetpack' ) {
5084
			// Nothing to do for this authentication method.
5085
			return null;
5086
		}
5087
5088
		if ( ! isset( $_GET['token'] ) && ! isset( $_GET['signature'] ) ) {
5089
			// Nothing to do for this authentication method.
5090
			return null;
5091
		}
5092
5093
		// Ensure that we always have the request body available.  At this
5094
		// point, the WP REST API code to determine the request body has not
5095
		// run yet.  That code may try to read from 'php://input' later, but
5096
		// this can only be done once per request in PHP versions prior to 5.6.
5097
		// So we will go ahead and perform this read now if needed, and save
5098
		// the request body where both the Jetpack signature verification code
5099
		// and the WP REST API code can see it.
5100
		if ( ! isset( $GLOBALS['HTTP_RAW_POST_DATA'] ) ) {
5101
			$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents( 'php://input' );
5102
		}
5103
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5104
5105
		// Only support specific request parameters that have been tested and
5106
		// are known to work with signature verification.  A different method
5107
		// can be passed to the WP REST API via the '?_method=' parameter if
5108
		// needed.
5109
		if ( $_SERVER['REQUEST_METHOD'] !== 'GET' && $_SERVER['REQUEST_METHOD'] !== 'POST' ) {
5110
			$this->rest_authentication_status = new WP_Error(
5111
				'rest_invalid_request',
5112
				__( 'This request method is not supported.', 'jetpack' ),
5113
				array( 'status' => 400 )
5114
			);
5115
			return null;
5116
		}
5117
		if ( $_SERVER['REQUEST_METHOD'] !== 'POST' && ! empty( $this->HTTP_RAW_POST_DATA ) ) {
5118
			$this->rest_authentication_status = new WP_Error(
5119
				'rest_invalid_request',
5120
				__( 'This request method does not support body parameters.', 'jetpack' ),
5121
				array( 'status' => 400 )
5122
			);
5123
			return null;
5124
		}
5125
5126
		if ( ! empty( $_SERVER['CONTENT_TYPE'] ) ) {
5127
			$content_type = $_SERVER['CONTENT_TYPE'];
5128
		} elseif ( ! empty( $_SERVER['HTTP_CONTENT_TYPE'] ) ) {
5129
			$content_type = $_SERVER['HTTP_CONTENT_TYPE'];
5130
		}
5131
5132
		if (
5133
			isset( $content_type ) &&
5134
			$content_type !== 'application/x-www-form-urlencoded' &&
5135
			$content_type !== 'application/json'
5136
		) {
5137
			$this->rest_authentication_status = new WP_Error(
5138
				'rest_invalid_request',
5139
				__( 'This Content-Type is not supported.', 'jetpack' ),
5140
				array( 'status' => 400 )
5141
			);
5142
			return null;
5143
		}
5144
5145
		$verified = $this->verify_xml_rpc_signature();
5146
5147
		if ( is_wp_error( $verified ) ) {
5148
			$this->rest_authentication_status = $verified;
5149
			return null;
5150
		}
5151
5152
		if (
5153
			$verified &&
5154
			isset( $verified['type'] ) &&
5155
			'user' === $verified['type'] &&
5156
			! empty( $verified['user_id'] )
5157
		) {
5158
			// Authentication successful.
5159
			$this->rest_authentication_status = true;
5160
			return $verified['user_id'];
5161
		}
5162
5163
		// Something else went wrong.  Probably a signature error.
5164
		$this->rest_authentication_status = new WP_Error(
5165
			'rest_invalid_signature',
5166
			__( 'The request is not signed correctly.', 'jetpack' ),
5167
			array( 'status' => 400 )
5168
		);
5169
		return null;
5170
	}
5171
5172
	/**
5173
	 * Report authentication status to the WP REST API.
5174
	 *
5175
	 * @param  WP_Error|mixed $result Error from another authentication handler, null if we should handle it, or another value if not
5176
	 * @return WP_Error|boolean|null {@see WP_JSON_Server::check_authentication}
5177
	 */
5178
	public function wp_rest_authentication_errors( $value ) {
5179
		if ( $value !== null ) {
5180
			return $value;
5181
		}
5182
		return $this->rest_authentication_status;
5183
	}
5184
5185
	function add_nonce( $timestamp, $nonce ) {
5186
		global $wpdb;
5187
		static $nonces_used_this_request = array();
5188
5189
		if ( isset( $nonces_used_this_request["$timestamp:$nonce"] ) ) {
5190
			return $nonces_used_this_request["$timestamp:$nonce"];
5191
		}
5192
5193
		// This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce
5194
		$timestamp = (int) $timestamp;
5195
		$nonce     = esc_sql( $nonce );
5196
5197
		// Raw query so we can avoid races: add_option will also update
5198
		$show_errors = $wpdb->show_errors( false );
5199
5200
		$old_nonce = $wpdb->get_row(
5201
			$wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" )
5202
		);
5203
5204
		if ( is_null( $old_nonce ) ) {
5205
			$return = $wpdb->query(
5206
				$wpdb->prepare(
5207
					"INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",
5208
					"jetpack_nonce_{$timestamp}_{$nonce}",
5209
					time(),
5210
					'no'
5211
				)
5212
			);
5213
		} else {
5214
			$return = false;
5215
		}
5216
5217
		$wpdb->show_errors( $show_errors );
5218
5219
		$nonces_used_this_request["$timestamp:$nonce"] = $return;
5220
5221
		return $return;
5222
	}
5223
5224
	/**
5225
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
5226
	 * Capture it here so we can verify the signature later.
5227
	 */
5228
	function xmlrpc_methods( $methods ) {
5229
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5230
		return $methods;
5231
	}
5232
5233
	function public_xmlrpc_methods( $methods ) {
5234
		if ( array_key_exists( 'wp.getOptions', $methods ) ) {
5235
			$methods['wp.getOptions'] = array( $this, 'jetpack_getOptions' );
5236
		}
5237
		return $methods;
5238
	}
5239
5240
	function jetpack_getOptions( $args ) {
5241
		global $wp_xmlrpc_server;
5242
5243
		$wp_xmlrpc_server->escape( $args );
5244
5245
		$username	= $args[1];
5246
		$password	= $args[2];
5247
5248
		if ( !$user = $wp_xmlrpc_server->login($username, $password) ) {
5249
			return $wp_xmlrpc_server->error;
5250
		}
5251
5252
		$options = array();
5253
		$user_data = $this->get_connected_user_data();
5254
		if ( is_array( $user_data ) ) {
5255
			$options['jetpack_user_id'] = array(
5256
				'desc'          => __( 'The WP.com user ID of the connected user', 'jetpack' ),
5257
				'readonly'      => true,
5258
				'value'         => $user_data['ID'],
5259
			);
5260
			$options['jetpack_user_login'] = array(
5261
				'desc'          => __( 'The WP.com username of the connected user', 'jetpack' ),
5262
				'readonly'      => true,
5263
				'value'         => $user_data['login'],
5264
			);
5265
			$options['jetpack_user_email'] = array(
5266
				'desc'          => __( 'The WP.com user email of the connected user', 'jetpack' ),
5267
				'readonly'      => true,
5268
				'value'         => $user_data['email'],
5269
			);
5270
			$options['jetpack_user_site_count'] = array(
5271
				'desc'          => __( 'The number of sites of the connected WP.com user', 'jetpack' ),
5272
				'readonly'      => true,
5273
				'value'         => $user_data['site_count'],
5274
			);
5275
		}
5276
		$wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options );
5277
		$args = stripslashes_deep( $args );
5278
		return $wp_xmlrpc_server->wp_getOptions( $args );
5279
	}
5280
5281
	function xmlrpc_options( $options ) {
5282
		$jetpack_client_id = false;
5283
		if ( self::is_active() ) {
5284
			$jetpack_client_id = Jetpack_Options::get_option( 'id' );
5285
		}
5286
		$options['jetpack_version'] = array(
5287
				'desc'          => __( 'Jetpack Plugin Version', 'jetpack' ),
5288
				'readonly'      => true,
5289
				'value'         => JETPACK__VERSION,
5290
		);
5291
5292
		$options['jetpack_client_id'] = array(
5293
				'desc'          => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),
5294
				'readonly'      => true,
5295
				'value'         => $jetpack_client_id,
5296
		);
5297
		return $options;
5298
	}
5299
5300
	public static function clean_nonces( $all = false ) {
5301
		global $wpdb;
5302
5303
		$sql = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s";
5304
		$sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' );
5305
5306
		if ( true !== $all ) {
5307
			$sql .= ' AND CAST( `option_value` AS UNSIGNED ) < %d';
5308
			$sql_args[] = time() - 3600;
5309
		}
5310
5311
		$sql .= ' ORDER BY `option_id` LIMIT 100';
5312
5313
		$sql = $wpdb->prepare( $sql, $sql_args );
5314
5315
		for ( $i = 0; $i < 1000; $i++ ) {
5316
			if ( ! $wpdb->query( $sql ) ) {
5317
				break;
5318
			}
5319
		}
5320
	}
5321
5322
	/**
5323
	 * State is passed via cookies from one request to the next, but never to subsequent requests.
5324
	 * SET: state( $key, $value );
5325
	 * GET: $value = state( $key );
5326
	 *
5327
	 * @param string $key
5328
	 * @param string $value
5329
	 * @param bool $restate private
5330
	 */
5331
	public static function state( $key = null, $value = null, $restate = false ) {
5332
		static $state = array();
5333
		static $path, $domain;
5334
		if ( ! isset( $path ) ) {
5335
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
5336
			$admin_url = Jetpack::admin_url();
5337
			$bits      = parse_url( $admin_url );
5338
5339
			if ( is_array( $bits ) ) {
5340
				$path   = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
5341
				$domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
5342
			} else {
5343
				$path = $domain = null;
5344
			}
5345
		}
5346
5347
		// Extract state from cookies and delete cookies
5348
		if ( isset( $_COOKIE[ 'jetpackState' ] ) && is_array( $_COOKIE[ 'jetpackState' ] ) ) {
5349
			$yum = $_COOKIE[ 'jetpackState' ];
5350
			unset( $_COOKIE[ 'jetpackState' ] );
5351
			foreach ( $yum as $k => $v ) {
5352
				if ( strlen( $v ) )
5353
					$state[ $k ] = $v;
5354
				setcookie( "jetpackState[$k]", false, 0, $path, $domain );
5355
			}
5356
		}
5357
5358
		if ( $restate ) {
5359
			foreach ( $state as $k => $v ) {
5360
				setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
5361
			}
5362
			return;
5363
		}
5364
5365
		// Get a state variable
5366
		if ( isset( $key ) && ! isset( $value ) ) {
5367
			if ( array_key_exists( $key, $state ) )
5368
				return $state[ $key ];
5369
			return null;
5370
		}
5371
5372
		// Set a state variable
5373
		if ( isset ( $key ) && isset( $value ) ) {
5374
			if( is_array( $value ) && isset( $value[0] ) ) {
5375
				$value = $value[0];
5376
			}
5377
			$state[ $key ] = $value;
5378
			setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5379
		}
5380
	}
5381
5382
	public static function restate() {
5383
		Jetpack::state( null, null, true );
5384
	}
5385
5386
	public static function check_privacy( $file ) {
5387
		static $is_site_publicly_accessible = null;
5388
5389
		if ( is_null( $is_site_publicly_accessible ) ) {
5390
			$is_site_publicly_accessible = false;
5391
5392
			Jetpack::load_xml_rpc_client();
5393
			$rpc = new Jetpack_IXR_Client();
5394
5395
			$success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5396
			if ( $success ) {
5397
				$response = $rpc->getResponse();
5398
				if ( $response ) {
5399
					$is_site_publicly_accessible = true;
5400
				}
5401
			}
5402
5403
			Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5404
		}
5405
5406
		if ( $is_site_publicly_accessible ) {
5407
			return;
5408
		}
5409
5410
		$module_slug = self::get_module_slug( $file );
5411
5412
		$privacy_checks = Jetpack::state( 'privacy_checks' );
5413
		if ( ! $privacy_checks ) {
5414
			$privacy_checks = $module_slug;
5415
		} else {
5416
			$privacy_checks .= ",$module_slug";
5417
		}
5418
5419
		Jetpack::state( 'privacy_checks', $privacy_checks );
5420
	}
5421
5422
	/**
5423
	 * Helper method for multicall XMLRPC.
5424
	 */
5425
	public static function xmlrpc_async_call() {
5426
		global $blog_id;
5427
		static $clients = array();
5428
5429
		$client_blog_id = is_multisite() ? $blog_id : 0;
5430
5431
		if ( ! isset( $clients[$client_blog_id] ) ) {
5432
			Jetpack::load_xml_rpc_client();
5433
			$clients[$client_blog_id] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER, ) );
5434
			if ( function_exists( 'ignore_user_abort' ) ) {
5435
				ignore_user_abort( true );
5436
			}
5437
			add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5438
		}
5439
5440
		$args = func_get_args();
5441
5442
		if ( ! empty( $args[0] ) ) {
5443
			call_user_func_array( array( $clients[$client_blog_id], 'addCall' ), $args );
5444
		} elseif ( is_multisite() ) {
5445
			foreach ( $clients as $client_blog_id => $client ) {
5446
				if ( ! $client_blog_id || empty( $client->calls ) ) {
5447
					continue;
5448
				}
5449
5450
				$switch_success = switch_to_blog( $client_blog_id, true );
5451
				if ( ! $switch_success ) {
5452
					continue;
5453
				}
5454
5455
				flush();
5456
				$client->query();
5457
5458
				restore_current_blog();
5459
			}
5460
		} else {
5461
			if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5462
				flush();
5463
				$clients[0]->query();
5464
			}
5465
		}
5466
	}
5467
5468
	public static function staticize_subdomain( $url ) {
5469
5470
		// Extract hostname from URL
5471
		$host = parse_url( $url, PHP_URL_HOST );
5472
5473
		// Explode hostname on '.'
5474
		$exploded_host = explode( '.', $host );
5475
5476
		// Retrieve the name and TLD
5477
		if ( count( $exploded_host ) > 1 ) {
5478
			$name = $exploded_host[ count( $exploded_host ) - 2 ];
5479
			$tld = $exploded_host[ count( $exploded_host ) - 1 ];
5480
			// Rebuild domain excluding subdomains
5481
			$domain = $name . '.' . $tld;
5482
		} else {
5483
			$domain = $host;
5484
		}
5485
		// Array of Automattic domains
5486
		$domain_whitelist = array( 'wordpress.com', 'wp.com' );
5487
5488
		// Return $url if not an Automattic domain
5489
		if ( ! in_array( $domain, $domain_whitelist ) ) {
5490
			return $url;
5491
		}
5492
5493
		if ( is_ssl() ) {
5494
			return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5495
		}
5496
5497
		srand( crc32( basename( $url ) ) );
5498
		$static_counter = rand( 0, 2 );
5499
		srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5500
5501
		return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5502
	}
5503
5504
/* JSON API Authorization */
5505
5506
	/**
5507
	 * Handles the login action for Authorizing the JSON API
5508
	 */
5509
	function login_form_json_api_authorization() {
5510
		$this->verify_json_api_authorization_request();
5511
5512
		add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5513
5514
		add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5515
		add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5516
		add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5517
	}
5518
5519
	// Make sure the login form is POSTed to the signed URL so we can reverify the request
5520
	function post_login_form_to_signed_url( $url, $path, $scheme ) {
5521
		if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5522
			return $url;
5523
		}
5524
5525
		$parsed_url = parse_url( $url );
5526
		$url = strtok( $url, '?' );
5527
		$url = "$url?{$_SERVER['QUERY_STRING']}";
5528
		if ( ! empty( $parsed_url['query'] ) )
5529
			$url .= "&{$parsed_url['query']}";
5530
5531
		return $url;
5532
	}
5533
5534
	// Make sure the POSTed request is handled by the same action
5535
	function preserve_action_in_login_form_for_json_api_authorization() {
5536
		echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
5537
		echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
5538
	}
5539
5540
	// If someone logs in to approve API access, store the Access Code in usermeta
5541
	function store_json_api_authorization_token( $user_login, $user ) {
5542
		add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
5543
		add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
5544
		$token = wp_generate_password( 32, false );
5545
		update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
5546
	}
5547
5548
	// Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
5549
	function allow_wpcom_public_api_domain( $domains ) {
5550
		$domains[] = 'public-api.wordpress.com';
5551
		return $domains;
5552
	}
5553
5554
	// Add the Access Code details to the public-api.wordpress.com redirect
5555
	function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
5556
		return add_query_arg(
5557
			urlencode_deep(
5558
				array(
5559
					'jetpack-code'    => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
5560
					'jetpack-user-id' => (int) $user->ID,
5561
					'jetpack-state'   => $this->json_api_authorization_request['state'],
5562
				)
5563
			),
5564
			$redirect_to
5565
		);
5566
	}
5567
5568
5569
	/**
5570
	 * Verifies the request by checking the signature
5571
	 *
5572
	 * @since 4.6.0 Method was updated to use `$_REQUEST` instead of `$_GET` and `$_POST`. Method also updated to allow
5573
	 * passing in an `$environment` argument that overrides `$_REQUEST`. This was useful for integrating with SSO.
5574
	 *
5575
	 * @param null|array $environment
5576
	 */
5577
	function verify_json_api_authorization_request( $environment = null ) {
5578
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5579
5580
		$environment = is_null( $environment )
5581
			? $_REQUEST
5582
			: $environment;
5583
5584
		list( $envToken, $envVersion, $envUserId ) = explode( ':', $environment['token'] );
5585
		$token = Jetpack_Data::get_access_token( $envUserId );
5586
		if ( ! $token || empty( $token->secret ) ) {
5587
			wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.' , 'jetpack' ) );
5588
		}
5589
5590
		$die_error = __( 'Someone may be trying to trick you into giving them access to your site.  Or it could be you just encountered a bug :).  Either way, please close this window.', 'jetpack' );
5591
5592
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5593
5594
		if ( isset( $environment['jetpack_json_api_original_query'] ) ) {
5595
			$signature = $jetpack_signature->sign_request(
5596
				$environment['token'],
5597
				$environment['timestamp'],
5598
				$environment['nonce'],
5599
				'',
5600
				'GET',
5601
				$environment['jetpack_json_api_original_query'],
5602
				null,
5603
				true
5604
			);
5605
		} else {
5606
			$signature = $jetpack_signature->sign_current_request( array( 'body' => null, 'method' => 'GET' ) );
5607
		}
5608
5609
		if ( ! $signature ) {
5610
			wp_die( $die_error );
5611
		} else if ( is_wp_error( $signature ) ) {
5612
			wp_die( $die_error );
5613
		} else if ( ! hash_equals( $signature, $environment['signature'] ) ) {
5614
			if ( is_ssl() ) {
5615
				// If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
5616
				$signature = $jetpack_signature->sign_current_request( array( 'scheme' => 'http', 'body' => null, 'method' => 'GET' ) );
5617
				if ( ! $signature || is_wp_error( $signature ) || ! hash_equals( $signature, $environment['signature'] ) ) {
5618
					wp_die( $die_error );
5619
				}
5620
			} else {
5621
				wp_die( $die_error );
5622
			}
5623
		}
5624
5625
		$timestamp = (int) $environment['timestamp'];
5626
		$nonce     = stripslashes( (string) $environment['nonce'] );
5627
5628
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5629
			// De-nonce the nonce, at least for 5 minutes.
5630
			// We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
5631
			$old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
5632
			if ( $old_nonce_time < time() - 300 ) {
5633
				wp_die( __( 'The authorization process expired.  Please go back and try again.' , 'jetpack' ) );
5634
			}
5635
		}
5636
5637
		$data = json_decode( base64_decode( stripslashes( $environment['data'] ) ) );
5638
		$data_filters = array(
5639
			'state'        => 'opaque',
5640
			'client_id'    => 'int',
5641
			'client_title' => 'string',
5642
			'client_image' => 'url',
5643
		);
5644
5645
		foreach ( $data_filters as $key => $sanitation ) {
5646
			if ( ! isset( $data->$key ) ) {
5647
				wp_die( $die_error );
5648
			}
5649
5650
			switch ( $sanitation ) {
5651
			case 'int' :
5652
				$this->json_api_authorization_request[$key] = (int) $data->$key;
5653
				break;
5654
			case 'opaque' :
5655
				$this->json_api_authorization_request[$key] = (string) $data->$key;
5656
				break;
5657
			case 'string' :
5658
				$this->json_api_authorization_request[$key] = wp_kses( (string) $data->$key, array() );
5659
				break;
5660
			case 'url' :
5661
				$this->json_api_authorization_request[$key] = esc_url_raw( (string) $data->$key );
5662
				break;
5663
			}
5664
		}
5665
5666
		if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
5667
			wp_die( $die_error );
5668
		}
5669
	}
5670
5671
	function login_message_json_api_authorization( $message ) {
5672
		return '<p class="message">' . sprintf(
5673
			esc_html__( '%s wants to access your site&#8217;s data.  Log in to authorize that access.' , 'jetpack' ),
5674
			'<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
5675
		) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
5676
	}
5677
5678
	/**
5679
	 * Get $content_width, but with a <s>twist</s> filter.
5680
	 */
5681
	public static function get_content_width() {
5682
		$content_width = isset( $GLOBALS['content_width'] ) ? $GLOBALS['content_width'] : false;
5683
		/**
5684
		 * Filter the Content Width value.
5685
		 *
5686
		 * @since 2.2.3
5687
		 *
5688
		 * @param string $content_width Content Width value.
5689
		 */
5690
		return apply_filters( 'jetpack_content_width', $content_width );
5691
	}
5692
5693
	/**
5694
	 * Pings the WordPress.com Mirror Site for the specified options.
5695
	 *
5696
	 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
5697
	 *
5698
	 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
5699
	 */
5700
	public function get_cloud_site_options( $option_names ) {
5701
		$option_names = array_filter( (array) $option_names, 'is_string' );
5702
5703
		Jetpack::load_xml_rpc_client();
5704
		$xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER, ) );
5705
		$xml->query( 'jetpack.fetchSiteOptions', $option_names );
5706
		if ( $xml->isError() ) {
5707
			return array(
5708
				'error_code' => $xml->getErrorCode(),
5709
				'error_msg'  => $xml->getErrorMessage(),
5710
			);
5711
		}
5712
		$cloud_site_options = $xml->getResponse();
5713
5714
		return $cloud_site_options;
5715
	}
5716
5717
	/**
5718
	 * Checks if the site is currently in an identity crisis.
5719
	 *
5720
	 * @return array|bool Array of options that are in a crisis, or false if everything is OK.
5721
	 */
5722
	public static function check_identity_crisis() {
5723
		if ( ! Jetpack::is_active() || Jetpack::is_development_mode() || ! self::validate_sync_error_idc_option() ) {
5724
			return false;
5725
		}
5726
5727
		return Jetpack_Options::get_option( 'sync_error_idc' );
5728
	}
5729
5730
	/**
5731
	 * Checks whether the home and siteurl specifically are whitelisted
5732
	 * Written so that we don't have re-check $key and $value params every time
5733
	 * we want to check if this site is whitelisted, for example in footer.php
5734
	 *
5735
	 * @since  3.8.0
5736
	 * @return bool True = already whitelisted False = not whitelisted
5737
	 */
5738
	public static function is_staging_site() {
5739
		$is_staging = false;
5740
5741
		$known_staging = array(
5742
			'urls' => array(
5743
				'#\.staging\.wpengine\.com$#i', // WP Engine
5744
				'#\.staging\.kinsta\.com$#i',   // Kinsta.com
5745
				),
5746
			'constants' => array(
5747
				'IS_WPE_SNAPSHOT',      // WP Engine
5748
				'KINSTA_DEV_ENV',       // Kinsta.com
5749
				'WPSTAGECOACH_STAGING', // WP Stagecoach
5750
				'JETPACK_STAGING_MODE', // Generic
5751
				)
5752
			);
5753
		/**
5754
		 * Filters the flags of known staging sites.
5755
		 *
5756
		 * @since 3.9.0
5757
		 *
5758
		 * @param array $known_staging {
5759
		 *     An array of arrays that each are used to check if the current site is staging.
5760
		 *     @type array $urls      URLs of staging sites in regex to check against site_url.
5761
		 *     @type array $constants PHP constants of known staging/developement environments.
5762
		 *  }
5763
		 */
5764
		$known_staging = apply_filters( 'jetpack_known_staging', $known_staging );
5765
5766
		if ( isset( $known_staging['urls'] ) ) {
5767
			foreach ( $known_staging['urls'] as $url ){
5768
				if ( preg_match( $url, site_url() ) ) {
5769
					$is_staging = true;
5770
					break;
5771
				}
5772
			}
5773
		}
5774
5775
		if ( isset( $known_staging['constants'] ) ) {
5776
			foreach ( $known_staging['constants'] as $constant ) {
5777
				if ( defined( $constant ) && constant( $constant ) ) {
5778
					$is_staging = true;
5779
				}
5780
			}
5781
		}
5782
5783
		// Last, let's check if sync is erroring due to an IDC. If so, set the site to staging mode.
5784
		if ( ! $is_staging && self::validate_sync_error_idc_option() ) {
5785
			$is_staging = true;
5786
		}
5787
5788
		/**
5789
		 * Filters is_staging_site check.
5790
		 *
5791
		 * @since 3.9.0
5792
		 *
5793
		 * @param bool $is_staging If the current site is a staging site.
5794
		 */
5795
		return apply_filters( 'jetpack_is_staging_site', $is_staging );
5796
	}
5797
5798
	/**
5799
	 * Checks whether the sync_error_idc option is valid or not, and if not, will do cleanup.
5800
	 *
5801
	 * @return bool
5802
	 */
5803
	public static function validate_sync_error_idc_option() {
5804
		$is_valid = false;
5805
5806
		$idc_allowed = get_transient( 'jetpack_idc_allowed' );
5807
		if ( false === $idc_allowed ) {
5808
			$response = wp_remote_get( 'https://jetpack.com/is-idc-allowed/' );
5809
			if ( 200 === (int) wp_remote_retrieve_response_code( $response ) ) {
5810
				$json = json_decode( wp_remote_retrieve_body( $response ) );
5811
				$idc_allowed = isset( $json, $json->result ) && $json->result ? '1' : '0';
5812
				$transient_duration = HOUR_IN_SECONDS;
5813
			} else {
5814
				// If the request failed for some reason, then assume IDC is allowed and set shorter transient.
5815
				$idc_allowed = '1';
5816
				$transient_duration = 5 * MINUTE_IN_SECONDS;
5817
			}
5818
5819
			set_transient( 'jetpack_idc_allowed', $idc_allowed, $transient_duration );
5820
		}
5821
5822
		// Is the site opted in and does the stored sync_error_idc option match what we now generate?
5823
		$sync_error = Jetpack_Options::get_option( 'sync_error_idc' );
5824
		$local_options = self::get_sync_error_idc_option();
5825
		if ( $idc_allowed && $sync_error && self::sync_idc_optin() ) {
5826
			if ( $sync_error['home'] === $local_options['home'] && $sync_error['siteurl'] === $local_options['siteurl'] ) {
5827
				$is_valid = true;
5828
			}
5829
		}
5830
5831
		/**
5832
		 * Filters whether the sync_error_idc option is valid.
5833
		 *
5834
		 * @since 4.4.0
5835
		 *
5836
		 * @param bool $is_valid If the sync_error_idc is valid or not.
5837
		 */
5838
		$is_valid = (bool) apply_filters( 'jetpack_sync_error_idc_validation', $is_valid );
5839
5840
		if ( ! $idc_allowed || ( ! $is_valid && $sync_error ) ) {
5841
			// Since the option exists, and did not validate, delete it
5842
			Jetpack_Options::delete_option( 'sync_error_idc' );
5843
		}
5844
5845
		return $is_valid;
5846
	}
5847
5848
	/**
5849
	 * Normalizes a url by doing three things:
5850
	 *  - Strips protocol
5851
	 *  - Strips www
5852
	 *  - Adds a trailing slash
5853
	 *
5854
	 * @since 4.4.0
5855
	 * @param string $url
5856
	 * @return WP_Error|string
5857
	 */
5858
	public static function normalize_url_protocol_agnostic( $url ) {
5859
		$parsed_url = wp_parse_url( trailingslashit( esc_url_raw( $url ) ) );
5860
		if ( ! $parsed_url || empty( $parsed_url['host'] ) || empty( $parsed_url['path'] ) ) {
5861
			return new WP_Error( 'cannot_parse_url', sprintf( esc_html__( 'Cannot parse URL %s', 'jetpack' ), $url ) );
5862
		}
5863
5864
		// Strip www and protocols
5865
		$url = preg_replace( '/^www\./i', '', $parsed_url['host'] . $parsed_url['path'] );
5866
		return $url;
5867
	}
5868
5869
	/**
5870
	 * Gets the value that is to be saved in the jetpack_sync_error_idc option.
5871
	 *
5872
	 * @since 4.4.0
5873
	 *
5874
	 * @param array $response
5875
	 * @return array Array of the local urls, wpcom urls, and error code
5876
	 */
5877
	public static function get_sync_error_idc_option( $response = array() ) {
5878
		require_once JETPACK__PLUGIN_DIR . 'sync/class.jetpack-sync-functions.php';
5879
		$local_options = array(
5880
			'home'    => Jetpack_Sync_Functions::home_url(),
5881
			'siteurl' => Jetpack_Sync_Functions::site_url(),
5882
		);
5883
5884
		$options = array_merge( $local_options, $response );
5885
5886
		$returned_values = array();
5887
		foreach( $options as $key => $option ) {
5888
			if ( 'error_code' === $key ) {
5889
				$returned_values[ $key ] = $option;
5890
				continue;
5891
			}
5892
5893
			if ( is_wp_error( $normalized_url = self::normalize_url_protocol_agnostic( $option ) ) ) {
5894
				continue;
5895
			}
5896
5897
			$returned_values[ $key ] = $normalized_url;
5898
		}
5899
5900
		return $returned_values;
5901
	}
5902
5903
	/**
5904
	 * Returns the value of the jetpack_sync_idc_optin filter, or constant.
5905
	 * If set to true, the site will be put into staging mode.
5906
	 *
5907
	 * @since 4.3.2
5908
	 * @return bool
5909
	 */
5910
	public static function sync_idc_optin() {
5911
		if ( Jetpack_Constants::is_defined( 'JETPACK_SYNC_IDC_OPTIN' ) ) {
5912
			$default = Jetpack_Constants::get_constant( 'JETPACK_SYNC_IDC_OPTIN' );
5913
		} else {
5914
			$default = ! Jetpack_Constants::is_defined( 'SUNRISE' ) && ! is_multisite();
5915
		}
5916
5917
		/**
5918
		 * Allows sites to optin to IDC mitigation which blocks the site from syncing to WordPress.com when the home
5919
		 * URL or site URL do not match what WordPress.com expects. The default value is either false, or the value of
5920
		 * JETPACK_SYNC_IDC_OPTIN constant if set.
5921
		 *
5922
		 * @since 4.3.2
5923
		 *
5924
		 * @param bool $default Whether the site is opted in to IDC mitigation.
5925
		 */
5926
		return (bool) apply_filters( 'jetpack_sync_idc_optin', $default );
5927
	}
5928
5929
	/**
5930
	 * Maybe Use a .min.css stylesheet, maybe not.
5931
	 *
5932
	 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
5933
	 */
5934
	public static function maybe_min_asset( $url, $path, $plugin ) {
5935
		// Short out on things trying to find actual paths.
5936
		if ( ! $path || empty( $plugin ) ) {
5937
			return $url;
5938
		}
5939
5940
		$path = ltrim( $path, '/' );
5941
5942
		// Strip out the abspath.
5943
		$base = dirname( plugin_basename( $plugin ) );
5944
5945
		// Short out on non-Jetpack assets.
5946
		if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
5947
			return $url;
5948
		}
5949
5950
		// File name parsing.
5951
		$file              = "{$base}/{$path}";
5952
		$full_path         = JETPACK__PLUGIN_DIR . substr( $file, 8 );
5953
		$file_name         = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
5954
		$file_name_parts_r = array_reverse( explode( '.', $file_name ) );
5955
		$extension         = array_shift( $file_name_parts_r );
5956
5957
		if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
5958
			// Already pointing at the minified version.
5959
			if ( 'min' === $file_name_parts_r[0] ) {
5960
				return $url;
5961
			}
5962
5963
			$min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
5964
			if ( file_exists( $min_full_path ) ) {
5965
				$url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
5966
				// If it's a CSS file, stash it so we can set the .min suffix for rtl-ing.
5967
				if ( 'css' === $extension ) {
5968
					$key = str_replace( JETPACK__PLUGIN_DIR, 'jetpack/', $min_full_path );
5969
					self::$min_assets[ $key ] = $path;
5970
				}
5971
			}
5972
		}
5973
5974
		return $url;
5975
	}
5976
5977
	/**
5978
	 * If the asset is minified, let's flag .min as the suffix.
5979
	 *
5980
	 * Attached to `style_loader_src` filter.
5981
	 *
5982
	 * @param string $tag The tag that would link to the external asset.
5983
	 * @param string $handle The registered handle of the script in question.
5984
	 * @param string $href The url of the asset in question.
5985
	 */
5986
	public static function set_suffix_on_min( $src, $handle ) {
5987
		if ( false === strpos( $src, '.min.css' ) ) {
5988
			return $src;
5989
		}
5990
5991
		if ( ! empty( self::$min_assets ) ) {
5992
			foreach ( self::$min_assets as $file => $path ) {
5993
				if ( false !== strpos( $src, $file ) ) {
5994
					wp_style_add_data( $handle, 'suffix', '.min' );
5995
					return $src;
5996
				}
5997
			}
5998
		}
5999
6000
		return $src;
6001
	}
6002
6003
	/**
6004
	 * Maybe inlines a stylesheet.
6005
	 *
6006
	 * If you'd like to inline a stylesheet instead of printing a link to it,
6007
	 * wp_style_add_data( 'handle', 'jetpack-inline', true );
6008
	 *
6009
	 * Attached to `style_loader_tag` filter.
6010
	 *
6011
	 * @param string $tag The tag that would link to the external asset.
6012
	 * @param string $handle The registered handle of the script in question.
6013
	 *
6014
	 * @return string
6015
	 */
6016
	public static function maybe_inline_style( $tag, $handle ) {
6017
		global $wp_styles;
6018
		$item = $wp_styles->registered[ $handle ];
6019
6020
		if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
6021
			return $tag;
6022
		}
6023
6024
		if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
6025
			$href = $matches[1];
6026
			// Strip off query string
6027
			if ( $pos = strpos( $href, '?' ) ) {
6028
				$href = substr( $href, 0, $pos );
6029
			}
6030
			// Strip off fragment
6031
			if ( $pos = strpos( $href, '#' ) ) {
6032
				$href = substr( $href, 0, $pos );
6033
			}
6034
		} else {
6035
			return $tag;
6036
		}
6037
6038
		$plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
6039
		if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
6040
			return $tag;
6041
		}
6042
6043
		// If this stylesheet has a RTL version, and the RTL version replaces normal...
6044
		if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
6045
			// And this isn't the pass that actually deals with the RTL version...
6046
			if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
6047
				// Short out, as the RTL version will deal with it in a moment.
6048
				return $tag;
6049
			}
6050
		}
6051
6052
		$file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
6053
		$css  = Jetpack::absolutize_css_urls( file_get_contents( $file ), $href );
6054
		if ( $css ) {
6055
			$tag = "<!-- Inline {$item->handle} -->\r\n";
6056
			if ( empty( $item->extra['after'] ) ) {
6057
				wp_add_inline_style( $handle, $css );
6058
			} else {
6059
				array_unshift( $item->extra['after'], $css );
6060
				wp_style_add_data( $handle, 'after', $item->extra['after'] );
6061
			}
6062
		}
6063
6064
		return $tag;
6065
	}
6066
6067
	/**
6068
	 * Loads a view file from the views
6069
	 *
6070
	 * Data passed in with the $data parameter will be available in the
6071
	 * template file as $data['value']
6072
	 *
6073
	 * @param string $template - Template file to load
6074
	 * @param array $data - Any data to pass along to the template
6075
	 * @return boolean - If template file was found
6076
	 **/
6077
	public function load_view( $template, $data = array() ) {
6078
		$views_dir = JETPACK__PLUGIN_DIR . 'views/';
6079
6080
		if( file_exists( $views_dir . $template ) ) {
6081
			require_once( $views_dir . $template );
6082
			return true;
6083
		}
6084
6085
		error_log( "Jetpack: Unable to find view file $views_dir$template" );
6086
		return false;
6087
	}
6088
6089
	/**
6090
	 * Throws warnings for deprecated hooks to be removed from Jetpack
6091
	 */
6092
	public function deprecated_hooks() {
6093
		global $wp_filter;
6094
6095
		/*
6096
		 * Format:
6097
		 * deprecated_filter_name => replacement_name
6098
		 *
6099
		 * If there is no replacement, use null for replacement_name
6100
		 */
6101
		$deprecated_list = array(
6102
			'jetpack_bail_on_shortcode'                              => 'jetpack_shortcodes_to_include',
6103
			'wpl_sharing_2014_1'                                     => null,
6104
			'jetpack-tools-to-include'                               => 'jetpack_tools_to_include',
6105
			'jetpack_identity_crisis_options_to_check'               => null,
6106
			'update_option_jetpack_single_user_site'                 => null,
6107
			'audio_player_default_colors'                            => null,
6108
			'add_option_jetpack_featured_images_enabled'             => null,
6109
			'add_option_jetpack_update_details'                      => null,
6110
			'add_option_jetpack_updates'                             => null,
6111
			'add_option_jetpack_network_name'                        => null,
6112
			'add_option_jetpack_network_allow_new_registrations'     => null,
6113
			'add_option_jetpack_network_add_new_users'               => null,
6114
			'add_option_jetpack_network_site_upload_space'           => null,
6115
			'add_option_jetpack_network_upload_file_types'           => null,
6116
			'add_option_jetpack_network_enable_administration_menus' => null,
6117
			'add_option_jetpack_is_multi_site'                       => null,
6118
			'add_option_jetpack_is_main_network'                     => null,
6119
			'add_option_jetpack_main_network_site'                   => null,
6120
			'jetpack_sync_all_registered_options'                    => null,
6121
			'jetpack_has_identity_crisis'                            => 'jetpack_sync_error_idc_validation',
6122
			'jetpack_is_post_mailable'                               => null,
6123
			'jetpack_seo_site_host'                                  => null,
6124
		);
6125
6126
		// This is a silly loop depth. Better way?
6127
		foreach( $deprecated_list AS $hook => $hook_alt ) {
6128
			if ( has_action( $hook ) ) {
6129
				foreach( $wp_filter[ $hook ] AS $func => $values ) {
6130
					foreach( $values AS $hooked ) {
6131
						if ( is_callable( $hooked['function'] ) ) {
6132
							$function_name = 'an anonymous function';
6133
						} else {
6134
							$function_name = $hooked['function'];
6135
						}
6136
						_deprecated_function( $hook . ' used for ' . $function_name, null, $hook_alt );
6137
					}
6138
				}
6139
			}
6140
		}
6141
	}
6142
6143
	/**
6144
	 * Converts any url in a stylesheet, to the correct absolute url.
6145
	 *
6146
	 * Considerations:
6147
	 *  - Normal, relative URLs     `feh.png`
6148
	 *  - Data URLs                 `data:image/gif;base64,eh129ehiuehjdhsa==`
6149
	 *  - Schema-agnostic URLs      `//domain.com/feh.png`
6150
	 *  - Absolute URLs             `http://domain.com/feh.png`
6151
	 *  - Domain root relative URLs `/feh.png`
6152
	 *
6153
	 * @param $css string: The raw CSS -- should be read in directly from the file.
6154
	 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
6155
	 *
6156
	 * @return mixed|string
6157
	 */
6158
	public static function absolutize_css_urls( $css, $css_file_url ) {
6159
		$pattern = '#url\((?P<path>[^)]*)\)#i';
6160
		$css_dir = dirname( $css_file_url );
6161
		$p       = parse_url( $css_dir );
6162
		$domain  = sprintf(
6163
					'%1$s//%2$s%3$s%4$s',
6164
					isset( $p['scheme'] )           ? "{$p['scheme']}:" : '',
6165
					isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
6166
					$p['host'],
6167
					isset( $p['port'] )             ? ":{$p['port']}" : ''
6168
				);
6169
6170
		if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
6171
			$find = $replace = array();
6172
			foreach ( $matches as $match ) {
6173
				$url = trim( $match['path'], "'\" \t" );
6174
6175
				// If this is a data url, we don't want to mess with it.
6176
				if ( 'data:' === substr( $url, 0, 5 ) ) {
6177
					continue;
6178
				}
6179
6180
				// If this is an absolute or protocol-agnostic url,
6181
				// we don't want to mess with it.
6182
				if ( preg_match( '#^(https?:)?//#i', $url ) ) {
6183
					continue;
6184
				}
6185
6186
				switch ( substr( $url, 0, 1 ) ) {
6187
					case '/':
6188
						$absolute = $domain . $url;
6189
						break;
6190
					default:
6191
						$absolute = $css_dir . '/' . $url;
6192
				}
6193
6194
				$find[]    = $match[0];
6195
				$replace[] = sprintf( 'url("%s")', $absolute );
6196
			}
6197
			$css = str_replace( $find, $replace, $css );
6198
		}
6199
6200
		return $css;
6201
	}
6202
6203
	/**
6204
	 * This methods removes all of the registered css files on the front end
6205
	 * from Jetpack in favor of using a single file. In effect "imploding"
6206
	 * all the files into one file.
6207
	 *
6208
	 * Pros:
6209
	 * - Uses only ONE css asset connection instead of 15
6210
	 * - Saves a minimum of 56k
6211
	 * - Reduces server load
6212
	 * - Reduces time to first painted byte
6213
	 *
6214
	 * Cons:
6215
	 * - Loads css for ALL modules. However all selectors are prefixed so it
6216
	 *		should not cause any issues with themes.
6217
	 * - Plugins/themes dequeuing styles no longer do anything. See
6218
	 *		jetpack_implode_frontend_css filter for a workaround
6219
	 *
6220
	 * For some situations developers may wish to disable css imploding and
6221
	 * instead operate in legacy mode where each file loads seperately and
6222
	 * can be edited individually or dequeued. This can be accomplished with
6223
	 * the following line:
6224
	 *
6225
	 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
6226
	 *
6227
	 * @since 3.2
6228
	 **/
6229
	public function implode_frontend_css( $travis_test = false ) {
6230
		$do_implode = true;
6231
		if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
6232
			$do_implode = false;
6233
		}
6234
6235
		/**
6236
		 * Allow CSS to be concatenated into a single jetpack.css file.
6237
		 *
6238
		 * @since 3.2.0
6239
		 *
6240
		 * @param bool $do_implode Should CSS be concatenated? Default to true.
6241
		 */
6242
		$do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
6243
6244
		// Do not use the imploded file when default behaviour was altered through the filter
6245
		if ( ! $do_implode ) {
6246
			return;
6247
		}
6248
6249
		// We do not want to use the imploded file in dev mode, or if not connected
6250
		if ( Jetpack::is_development_mode() || ! self::is_active() ) {
6251
			if ( ! $travis_test ) {
6252
				return;
6253
			}
6254
		}
6255
6256
		// Do not use the imploded file if sharing css was dequeued via the sharing settings screen
6257
		if ( get_option( 'sharedaddy_disable_resources' ) ) {
6258
			return;
6259
		}
6260
6261
		/*
6262
		 * Now we assume Jetpack is connected and able to serve the single
6263
		 * file.
6264
		 *
6265
		 * In the future there will be a check here to serve the file locally
6266
		 * or potentially from the Jetpack CDN
6267
		 *
6268
		 * For now:
6269
		 * - Enqueue a single imploded css file
6270
		 * - Zero out the style_loader_tag for the bundled ones
6271
		 * - Be happy, drink scotch
6272
		 */
6273
6274
		add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
6275
6276
		$version = Jetpack::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
6277
6278
		wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
6279
		wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
6280
	}
6281
6282
	function concat_remove_style_loader_tag( $tag, $handle ) {
6283
		if ( in_array( $handle, $this->concatenated_style_handles ) ) {
6284
			$tag = '';
6285
			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
6286
				$tag = "<!-- `" . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
6287
			}
6288
		}
6289
6290
		return $tag;
6291
	}
6292
6293
	/*
6294
	 * Check the heartbeat data
6295
	 *
6296
	 * Organizes the heartbeat data by severity.  For example, if the site
6297
	 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
6298
	 *
6299
	 * Data will be added to "caution" array, if it either:
6300
	 *  - Out of date Jetpack version
6301
	 *  - Out of date WP version
6302
	 *  - Out of date PHP version
6303
	 *
6304
	 * $return array $filtered_data
6305
	 */
6306
	public static function jetpack_check_heartbeat_data() {
6307
		$raw_data = Jetpack_Heartbeat::generate_stats_array();
6308
6309
		$good    = array();
6310
		$caution = array();
6311
		$bad     = array();
6312
6313
		foreach ( $raw_data as $stat => $value ) {
6314
6315
			// Check jetpack version
6316
			if ( 'version' == $stat ) {
6317
				if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
6318
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__VERSION;
6319
					continue;
6320
				}
6321
			}
6322
6323
			// Check WP version
6324
			if ( 'wp-version' == $stat ) {
6325
				if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
6326
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_WP_VERSION;
6327
					continue;
6328
				}
6329
			}
6330
6331
			// Check PHP version
6332
			if ( 'php-version' == $stat ) {
6333
				if ( version_compare( PHP_VERSION, '5.2.4', '<' ) ) {
6334
					$caution[ $stat ] = $value . " - min supported is 5.2.4";
6335
					continue;
6336
				}
6337
			}
6338
6339
			// Check ID crisis
6340
			if ( 'identitycrisis' == $stat ) {
6341
				if ( 'yes' == $value ) {
6342
					$bad[ $stat ] = $value;
6343
					continue;
6344
				}
6345
			}
6346
6347
			// The rest are good :)
6348
			$good[ $stat ] = $value;
6349
		}
6350
6351
		$filtered_data = array(
6352
			'good'    => $good,
6353
			'caution' => $caution,
6354
			'bad'     => $bad
6355
		);
6356
6357
		return $filtered_data;
6358
	}
6359
6360
6361
	/*
6362
	 * This method is used to organize all options that can be reset
6363
	 * without disconnecting Jetpack.
6364
	 *
6365
	 * It is used in class.jetpack-cli.php to reset options
6366
	 *
6367
	 * @return array of options to delete.
6368
	 */
6369
	public static function get_jetpack_options_for_reset() {
6370
		$jetpack_options            = Jetpack_Options::get_option_names();
6371
		$jetpack_options_non_compat = Jetpack_Options::get_option_names( 'non_compact' );
6372
		$jetpack_options_private    = Jetpack_Options::get_option_names( 'private' );
6373
6374
		$all_jp_options = array_merge( $jetpack_options, $jetpack_options_non_compat, $jetpack_options_private );
6375
6376
		// A manual build of the wp options
6377
		$wp_options = array(
6378
			'sharing-options',
6379
			'disabled_likes',
6380
			'disabled_reblogs',
6381
			'jetpack_comments_likes_enabled',
6382
			'wp_mobile_excerpt',
6383
			'wp_mobile_featured_images',
6384
			'wp_mobile_app_promos',
6385
			'stats_options',
6386
			'stats_dashboard_widget',
6387
			'safecss_preview_rev',
6388
			'safecss_rev',
6389
			'safecss_revision_migrated',
6390
			'nova_menu_order',
6391
			'jetpack_portfolio',
6392
			'jetpack_portfolio_posts_per_page',
6393
			'jetpack_testimonial',
6394
			'jetpack_testimonial_posts_per_page',
6395
			'wp_mobile_custom_css',
6396
			'sharedaddy_disable_resources',
6397
			'sharing-options',
6398
			'sharing-services',
6399
			'site_icon_temp_data',
6400
			'featured-content',
6401
			'site_logo',
6402
			'jetpack_dismissed_notices',
6403
		);
6404
6405
		// Flag some Jetpack options as unsafe
6406
		$unsafe_options = array(
6407
			'id',                           // (int)    The Client ID/WP.com Blog ID of this site.
6408
			'master_user',                  // (int)    The local User ID of the user who connected this site to jetpack.wordpress.com.
6409
			'version',                      // (string) Used during upgrade procedure to auto-activate new modules. version:time
6410
			'jumpstart',                    // (string) A flag for whether or not to show the Jump Start.  Accepts: new_connection, jumpstart_activated, jetpack_action_taken, jumpstart_dismissed.
6411
6412
			// non_compact
6413
			'activated',
6414
6415
			// private
6416
			'register',
6417
			'blog_token',                  // (string) The Client Secret/Blog Token of this site.
6418
			'user_token',                  // (string) The User Token of this site. (deprecated)
6419
			'user_tokens'
6420
		);
6421
6422
		// Remove the unsafe Jetpack options
6423
		foreach ( $unsafe_options as $unsafe_option ) {
6424
			if ( false !== ( $key = array_search( $unsafe_option, $all_jp_options ) ) ) {
6425
				unset( $all_jp_options[ $key ] );
6426
			}
6427
		}
6428
6429
		$options = array(
6430
			'jp_options' => $all_jp_options,
6431
			'wp_options' => $wp_options
6432
		);
6433
6434
		return $options;
6435
	}
6436
6437
	/**
6438
	 * Check if an option of a Jetpack module has been updated.
6439
	 *
6440
	 * If any module option has been updated before Jump Start has been dismissed,
6441
	 * update the 'jumpstart' option so we can hide Jump Start.
6442
	 *
6443
	 * @param string $option_name
6444
	 *
6445
	 * @return bool
6446
	 */
6447
	public static function jumpstart_has_updated_module_option( $option_name = '' ) {
6448
		// Bail if Jump Start has already been dismissed
6449
		if ( 'new_connection' !== Jetpack_Options::get_option( 'jumpstart' ) ) {
6450
			return false;
6451
		}
6452
6453
		$jetpack = Jetpack::init();
6454
6455
		// Manual build of module options
6456
		$option_names = self::get_jetpack_options_for_reset();
6457
6458
		if ( in_array( $option_name, $option_names['wp_options'] ) ) {
6459
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
6460
6461
			//Jump start is being dismissed send data to MC Stats
6462
			$jetpack->stat( 'jumpstart', 'manual,'.$option_name );
6463
6464
			$jetpack->do_stats( 'server_side' );
6465
		}
6466
6467
	}
6468
6469
	/*
6470
	 * Strip http:// or https:// from a url, replaces forward slash with ::,
6471
	 * so we can bring them directly to their site in calypso.
6472
	 *
6473
	 * @param string | url
6474
	 * @return string | url without the guff
6475
	 */
6476
	public static function build_raw_urls( $url ) {
6477
		$strip_http = '/.*?:\/\//i';
6478
		$url = preg_replace( $strip_http, '', $url  );
6479
		$url = str_replace( '/', '::', $url );
6480
		return $url;
6481
	}
6482
6483
	/**
6484
	 * Stores and prints out domains to prefetch for page speed optimization.
6485
	 *
6486
	 * @param mixed $new_urls
6487
	 */
6488
	public static function dns_prefetch( $new_urls = null ) {
6489
		static $prefetch_urls = array();
6490
		if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6491
			echo "\r\n";
6492
			foreach ( $prefetch_urls as $this_prefetch_url ) {
6493
				printf( "<link rel='dns-prefetch' href='%s'/>\r\n", esc_attr( $this_prefetch_url ) );
6494
			}
6495
		} elseif ( ! empty( $new_urls ) ) {
6496
			if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6497
				add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6498
			}
6499
			foreach ( (array) $new_urls as $this_new_url ) {
6500
				$prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6501
			}
6502
			$prefetch_urls = array_unique( $prefetch_urls );
6503
		}
6504
	}
6505
6506
	public function wp_dashboard_setup() {
6507
		if ( self::is_active() ) {
6508
			add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6509
			$widget_title = __( 'Site Stats', 'jetpack' );
6510
		}
6511
6512
		if ( has_action( 'jetpack_dashboard_widget' ) ) {
6513
			wp_add_dashboard_widget(
6514
				'jetpack_summary_widget',
6515
				$widget_title,
6516
				array( __CLASS__, 'dashboard_widget' )
6517
			);
6518
			wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6519
6520
			// If we're inactive and not in development mode, sort our box to the top.
6521
			if ( ! self::is_active() && ! self::is_development_mode() ) {
6522
				global $wp_meta_boxes;
6523
6524
				$dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6525
				$ours      = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6526
6527
				$wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6528
			}
6529
		}
6530
	}
6531
6532
	/**
6533
	 * @param mixed $result Value for the user's option
6534
	 * @return mixed
6535
	 */
6536
	function get_user_option_meta_box_order_dashboard( $sorted ) {
6537
		if ( ! is_array( $sorted ) ) {
6538
			return $sorted;
6539
		}
6540
6541
		foreach ( $sorted as $box_context => $ids ) {
6542
			if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6543
				// If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6544
				continue;
6545
			}
6546
6547
			$ids_array = explode( ',', $ids );
6548
			$key = array_search( 'dashboard_stats', $ids_array );
6549
6550
			if ( false !== $key ) {
6551
				// If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6552
				$ids_array[ $key ] = 'jetpack_summary_widget';
6553
				$sorted[ $box_context ] = implode( ',', $ids_array );
6554
				// We've found it, stop searching, and just return.
6555
				break;
6556
			}
6557
		}
6558
6559
		return $sorted;
6560
	}
6561
6562
	public static function dashboard_widget() {
6563
		/**
6564
		 * Fires when the dashboard is loaded.
6565
		 *
6566
		 * @since 3.4.0
6567
		 */
6568
		do_action( 'jetpack_dashboard_widget' );
6569
	}
6570
6571
	public static function dashboard_widget_footer() {
6572
		?>
6573
		<footer>
6574
6575
		<div class="protect">
6576
			<?php if ( Jetpack::is_module_active( 'protect' ) ) : ?>
6577
				<h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3>
6578
				<p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6579
			<?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?>
6580
				<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( array( 'action' => 'activate', 'module' => 'protect' ) ), 'jetpack_activate-protect' ) ); ?>" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
6581
					<?php esc_html_e( 'Activate Protect', 'jetpack' ); ?>
6582
				</a>
6583
			<?php else : ?>
6584
				<?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?>
6585
			<?php endif; ?>
6586
		</div>
6587
6588
		<div class="akismet">
6589
			<?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
6590
				<h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3>
6591
				<p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6592
			<?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
6593
				<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => 'akismet/akismet.php' ), admin_url( 'plugins.php' ) ), 'activate-plugin_akismet/akismet.php' ) ); ?>" class="button button-jetpack">
6594
					<?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?>
6595
				</a>
6596
			<?php else : ?>
6597
				<p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
6598
			<?php endif; ?>
6599
		</div>
6600
6601
		</footer>
6602
		<?php
6603
	}
6604
6605
	/**
6606
	 * Return string containing the Jetpack logo.
6607
	 *
6608
	 * @since 3.9.0
6609
	 *
6610
	 * @return string
6611
	 */
6612
	public static function get_jp_emblem() {
6613
		return '<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0" y="0" width="20" height="20" viewBox="0 0 172.9 172.9" enable-background="new 0 0 172.9 172.9" xml:space="preserve"><path d="M86.4 0C38.7 0 0 38.7 0 86.4c0 47.7 38.7 86.4 86.4 86.4s86.4-38.7 86.4-86.4C172.9 38.7 134.2 0 86.4 0zM83.1 106.6l-27.1-6.9C49 98 45.7 90.1 49.3 84l33.8-58.5V106.6zM124.9 88.9l-33.8 58.5V66.3l27.1 6.9C125.1 74.9 128.4 82.8 124.9 88.9z" /></svg>';
6614
	}
6615
6616
	/*
6617
	 * Adds a "blank" column in the user admin table to display indication of user connection.
6618
	 */
6619
	function jetpack_icon_user_connected( $columns ) {
6620
		$columns['user_jetpack'] = '';
6621
		return $columns;
6622
	}
6623
6624
	/*
6625
	 * Show Jetpack icon if the user is linked.
6626
	 */
6627
	function jetpack_show_user_connected_icon( $val, $col, $user_id ) {
6628
		if ( 'user_jetpack' == $col && Jetpack::is_user_connected( $user_id ) ) {
6629
			$emblem_html = sprintf(
6630
				'<a title="%1$s" class="jp-emblem-user-admin">%2$s</a>',
6631
				esc_attr__( 'This user is linked and ready to fly with Jetpack.', 'jetpack' ),
6632
				Jetpack::get_jp_emblem()
6633
			);
6634
			return $emblem_html;
6635
		}
6636
6637
		return $val;
6638
	}
6639
6640
	/*
6641
	 * Style the Jetpack user column
6642
	 */
6643
	function jetpack_user_col_style() {
6644
		global $current_screen;
6645
		if ( ! empty( $current_screen->base ) && 'users' == $current_screen->base ) { ?>
6646
			<style>
6647
				.fixed .column-user_jetpack {
6648
					width: 21px;
6649
				}
6650
				.jp-emblem-user-admin svg {
6651
					width: 20px;
6652
					height: 20px;
6653
				}
6654
				.jp-emblem-user-admin path {
6655
					fill: #8cc258;
6656
				}
6657
			</style>
6658
		<?php }
6659
	}
6660
6661
	/**
6662
	 * Checks if Akismet is active and working.
6663
	 *
6664
	 * @since  5.1.0
6665
	 * @return bool True = Akismet available. False = Aksimet not available.
6666
	 */
6667
	public static function is_akismet_active() {
6668
		if ( method_exists( 'Akismet' , 'http_post' ) || function_exists( 'akismet_http_post' ) ) {
6669
			return true;
6670
		}
6671
		return false;
6672
	}
6673
6674
	/**
6675
	 * Checks if one or more function names is in debug_backtrace
6676
	 *
6677
	 * @param $names Mixed string name of function or array of string names of functions
6678
	 *
6679
	 * @return bool
6680
	 */
6681
	public static function is_function_in_backtrace( $names ) {
6682
		$backtrace = debug_backtrace( false );
6683
		if ( ! is_array( $names ) ) {
6684
			$names = array( $names );
6685
		}
6686
		$names_as_keys = array_flip( $names );
6687
6688
		//Do check in constant O(1) time for PHP5.5+
6689
		if ( function_exists( 'array_column' ) ) {
6690
			$backtrace_functions = array_column( $backtrace, 'function' );
6691
			$backtrace_functions_as_keys = array_flip( $backtrace_functions );
6692
			$intersection = array_intersect_key( $backtrace_functions_as_keys, $names_as_keys );
6693
			return ! empty ( $intersection );
6694
		}
6695
6696
		//Do check in linear O(n) time for < PHP5.5 ( using isset at least prevents O(n^2) )
6697
		foreach ( $backtrace as $call ) {
6698
			if ( isset( $names_as_keys[ $call['function'] ] ) ) {
6699
				return true;
6700
			}
6701
		}
6702
		return false;
6703
	}
6704
}
6705