|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
class Jetpack_Data { |
|
4
|
|
|
/** |
|
5
|
|
|
* Gets locally stored token |
|
6
|
|
|
* |
|
7
|
|
|
* @return object|false |
|
8
|
|
|
*/ |
|
9
|
|
|
public static function get_access_token( $user_id = false ) { |
|
10
|
|
|
if ( $user_id ) { |
|
11
|
|
|
if ( !$tokens = Jetpack_Options::get_option( 'user_tokens' ) ) { |
|
12
|
|
|
return false; |
|
13
|
|
|
} |
|
14
|
|
|
if ( $user_id === JETPACK_MASTER_USER ) { |
|
15
|
|
|
if ( !$user_id = Jetpack_Options::get_option( 'master_user' ) ) { |
|
16
|
|
|
return false; |
|
17
|
|
|
} |
|
18
|
|
|
} |
|
19
|
|
|
if ( !isset( $tokens[$user_id] ) || !$token = $tokens[$user_id] ) { |
|
20
|
|
|
return false; |
|
21
|
|
|
} |
|
22
|
|
|
$token_chunks = explode( '.', $token ); |
|
23
|
|
|
if ( empty( $token_chunks[1] ) || empty( $token_chunks[2] ) ) { |
|
24
|
|
|
return false; |
|
25
|
|
|
} |
|
26
|
|
|
if ( $user_id != $token_chunks[2] ) { |
|
27
|
|
|
return false; |
|
28
|
|
|
} |
|
29
|
|
|
$token = "{$token_chunks[0]}.{$token_chunks[1]}"; |
|
30
|
|
|
} else { |
|
31
|
|
|
$token = Jetpack_Options::get_option( 'blog_token' ); |
|
32
|
|
|
if ( empty( $token ) ) { |
|
33
|
|
|
return false; |
|
34
|
|
|
} |
|
35
|
|
|
} |
|
36
|
|
|
|
|
37
|
|
|
return (object) array( |
|
38
|
|
|
'secret' => $token, |
|
39
|
|
|
'external_user_id' => (int) $user_id, |
|
40
|
|
|
); |
|
41
|
|
|
} |
|
42
|
|
|
|
|
43
|
|
|
/** |
|
44
|
|
|
* This function mirrors Jetpack_Data::is_usable_domain() in the WPCOM codebase. |
|
45
|
|
|
* |
|
46
|
|
|
* @param $domain |
|
47
|
|
|
* @param array $extra |
|
48
|
|
|
* |
|
49
|
|
|
* @return bool|WP_Error |
|
50
|
|
|
*/ |
|
51
|
|
|
public static function is_usable_domain( $domain, $extra = array() ) { |
|
|
|
|
|
|
52
|
|
|
|
|
53
|
|
|
// If it's empty, just fail out. |
|
54
|
|
|
if ( ! $domain ) { |
|
55
|
|
|
return new WP_Error( 'fail_domain_empty', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is empty.', 'jetpack' ), $domain ) ); |
|
56
|
|
|
} |
|
57
|
|
|
|
|
58
|
|
|
/** |
|
59
|
|
|
* Skips the usuable domain check when connecting a site. |
|
60
|
|
|
* |
|
61
|
|
|
* Allows site administrators with domains that fail gethostname-based checks to pass the request to WP.com |
|
62
|
|
|
* |
|
63
|
|
|
* @since 4.1.0 |
|
64
|
|
|
* |
|
65
|
|
|
* @param bool If the check should be skipped. Default false. |
|
66
|
|
|
*/ |
|
67
|
|
|
if ( apply_filters( 'jetpack_skip_usuable_domain_check', false ) ) { |
|
68
|
|
|
return true; |
|
69
|
|
|
} |
|
70
|
|
|
|
|
71
|
|
|
// None of the explicit localhosts. |
|
72
|
|
|
$forbidden_domains = array( |
|
73
|
|
|
'wordpress.com', |
|
74
|
|
|
'localhost', |
|
75
|
|
|
'localhost.localdomain', |
|
76
|
|
|
'127.0.0.1', |
|
77
|
|
|
'local.wordpress.dev', // VVV |
|
78
|
|
|
'local.wordpress-trunk.dev', // VVV |
|
79
|
|
|
'src.wordpress-develop.dev', // VVV |
|
80
|
|
|
'build.wordpress-develop.dev', // VVV |
|
81
|
|
|
); |
|
82
|
|
|
if ( in_array( $domain, $forbidden_domains ) ) { |
|
83
|
|
|
return new WP_Error( 'fail_domain_forbidden', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is in the forbidden array.', 'jetpack' ), $domain ) ); |
|
84
|
|
|
} |
|
85
|
|
|
|
|
86
|
|
|
// No .dev or .local domains |
|
87
|
|
View Code Duplication |
if ( preg_match( '#\.(dev|local)$#i', $domain ) ) { |
|
88
|
|
|
return new WP_Error( 'fail_domain_tld', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it uses an invalid top level domain.', 'jetpack' ), $domain ) ); |
|
89
|
|
|
} |
|
90
|
|
|
|
|
91
|
|
|
// No WPCOM subdomains |
|
92
|
|
View Code Duplication |
if ( preg_match( '#\.wordpress\.com$#i', $domain ) ) { |
|
93
|
|
|
return new WP_Error( 'fail_subdomain_wpcom', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is a subdomain of WordPress.com.', 'jetpack' ), $domain ) ); |
|
94
|
|
|
} |
|
95
|
|
|
|
|
96
|
|
|
// If PHP was compiled without support for the Filter module (very edge case) |
|
97
|
|
|
if ( ! function_exists( 'filter_var' ) ) { |
|
98
|
|
|
// Just pass back true for now, and let wpcom sort it out. |
|
99
|
|
|
return true; |
|
100
|
|
|
} |
|
101
|
|
|
|
|
102
|
|
|
// Check the IP to make sure it's pingable. |
|
103
|
|
|
$ip = gethostbyname( $domain ); |
|
104
|
|
|
|
|
105
|
|
|
// Doing this again as I was getting some false positives when gethostbyname() flaked out and returned the domain. |
|
106
|
|
|
$ip = filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ? $ip : gethostbyname( $ip ); |
|
107
|
|
|
|
|
108
|
|
|
if ( ! filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_IPV4 ) && ! self::php_bug_66229_check( $ip ) ) { |
|
109
|
|
|
return new WP_Error( 'fail_domain_bad_ip_range', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as its IP `%2$s` is either invalid, or in a reserved or private range.', 'jetpack' ), $domain, $ip ) ); |
|
110
|
|
|
} |
|
111
|
|
|
|
|
112
|
|
|
return true; |
|
113
|
|
|
} |
|
114
|
|
|
|
|
115
|
|
|
/** |
|
116
|
|
|
* Returns true if the IP address passed in should not be in a reserved range, even if PHP says that it is. |
|
117
|
|
|
* See: https://bugs.php.net/bug.php?id=66229 and https://github.com/php/php-src/commit/d1314893fd1325ca6aa0831101896e31135a2658 |
|
118
|
|
|
* |
|
119
|
|
|
* This function mirrors Jetpack_Data::php_bug_66229_check() in the WPCOM codebase. |
|
120
|
|
|
*/ |
|
121
|
|
|
public static function php_bug_66229_check( $ip ) { |
|
122
|
|
|
if ( ! filter_var( $ip, FILTER_VALIDATE_IP ) ) { |
|
123
|
|
|
return false; |
|
124
|
|
|
} |
|
125
|
|
|
|
|
126
|
|
|
$ip_arr = array_map( 'intval', explode( '.', $ip ) ); |
|
127
|
|
|
|
|
128
|
|
|
if ( 128 == $ip_arr[0] && 0 == $ip_arr[1] ) { |
|
129
|
|
|
return true; |
|
130
|
|
|
} |
|
131
|
|
|
|
|
132
|
|
|
if ( 191 == $ip_arr[0] && 255 == $ip_arr[1] ) { |
|
133
|
|
|
return true; |
|
134
|
|
|
} |
|
135
|
|
|
|
|
136
|
|
|
return false; |
|
137
|
|
|
} |
|
138
|
|
|
} |
|
139
|
|
|
|
Automattic /
jetpack
This check looks from parameters that have been defined for a function or method, but which are not used in the method body.