Completed
Push — add/simple-payments-widget-pro... ( 6fa3f4 )
by
unknown
09:54
created

Jetpack::translate_current_user_to_role()   A

Complexity

Conditions 4
Paths 3

Size

Total Lines 9
Code Lines 5

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 4
eloc 5
nc 3
nop 0
dl 0
loc 9
rs 9.2
c 0
b 0
f 0
1
<?php
2
3
/*
4
Options:
5
jetpack_options (array)
6
	An array of options.
7
	@see Jetpack_Options::get_option_names()
8
9
jetpack_register (string)
10
	Temporary verification secrets.
11
12
jetpack_activated (int)
13
	1: the plugin was activated normally
14
	2: the plugin was activated on this site because of a network-wide activation
15
	3: the plugin was auto-installed
16
	4: the plugin was manually disconnected (but is still installed)
17
18
jetpack_active_modules (array)
19
	Array of active module slugs.
20
21
jetpack_do_activate (bool)
22
	Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
23
*/
24
25
require_once( JETPACK__PLUGIN_DIR . '_inc/lib/class.media.php' );
26
27
class Jetpack {
28
	public $xmlrpc_server = null;
29
30
	private $xmlrpc_verification = null;
31
	private $rest_authentication_status = null;
32
33
	public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
34
35
	/**
36
	 * @var array The handles of styles that are concatenated into jetpack.css
37
	 */
38
	public $concatenated_style_handles = array(
39
		'jetpack-carousel',
40
		'grunion.css',
41
		'the-neverending-homepage',
42
		'jetpack_likes',
43
		'jetpack_related-posts',
44
		'sharedaddy',
45
		'jetpack-slideshow',
46
		'presentations',
47
		'jetpack-subscriptions',
48
		'jetpack-responsive-videos-style',
49
		'jetpack-social-menu',
50
		'tiled-gallery',
51
		'jetpack_display_posts_widget',
52
		'gravatar-profile-widget',
53
		'goodreads-widget',
54
		'jetpack_social_media_icons_widget',
55
		'jetpack-top-posts-widget',
56
		'jetpack_image_widget',
57
		'jetpack-my-community-widget',
58
		'wordads',
59
		'eu-cookie-law-style',
60
		'flickr-widget-style',
61
		'jetpack-search-widget',
62
		'jetpack-simple-payments-widget-style',
63
	);
64
65
	/**
66
	 * Contains all assets that have had their URL rewritten to minified versions.
67
	 *
68
	 * @var array
69
	 */
70
	static $min_assets = array();
0 ignored issues
show
Coding Style introduced by
The visibility should be declared for property $min_assets.

The PSR-2 coding standard requires that all properties in a class have their visibility explicitly declared. If you declare a property using

class A {
    var $property;
}

the property is implicitly global.

To learn more about the PSR-2, please see the PHP-FIG site on the PSR-2.

Loading history...
71
72
	public $plugins_to_deactivate = array(
73
		'stats'               => array( 'stats/stats.php', 'WordPress.com Stats' ),
74
		'shortlinks'          => array( 'stats/stats.php', 'WordPress.com Stats' ),
75
		'sharedaddy'          => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
76
		'twitter-widget'      => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
77
		'after-the-deadline'  => array( 'after-the-deadline/after-the-deadline.php', 'After The Deadline' ),
78
		'contact-form'        => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
79
		'contact-form'        => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
80
		'custom-css'          => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
81
		'random-redirect'     => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
82
		'videopress'          => array( 'video/video.php', 'VideoPress' ),
83
		'widget-visibility'   => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
84
		'widget-visibility'   => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
85
		'sharedaddy'          => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
86
		'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
87
		'latex'               => array( 'wp-latex/wp-latex.php', 'WP LaTeX' )
88
	);
89
90
	static $capability_translations = array(
0 ignored issues
show
Coding Style introduced by
The visibility should be declared for property $capability_translations.

The PSR-2 coding standard requires that all properties in a class have their visibility explicitly declared. If you declare a property using

class A {
    var $property;
}

the property is implicitly global.

To learn more about the PSR-2, please see the PHP-FIG site on the PSR-2.

Loading history...
91
		'administrator' => 'manage_options',
92
		'editor'        => 'edit_others_posts',
93
		'author'        => 'publish_posts',
94
		'contributor'   => 'edit_posts',
95
		'subscriber'    => 'read',
96
	);
97
98
	/**
99
	 * Map of modules that have conflicts with plugins and should not be auto-activated
100
	 * if the plugins are active.  Used by filter_default_modules
101
	 *
102
	 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
103
	 * change `module-slug` and add this to your plugin:
104
	 *
105
	 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
106
	 * function my_jetpack_get_default_modules( $modules ) {
107
	 *     return array_diff( $modules, array( 'module-slug' ) );
108
	 * }
109
	 *
110
	 * @var array
111
	 */
112
	private $conflicting_plugins = array(
113
		'comments'          => array(
114
			'Intense Debate'                       => 'intensedebate/intensedebate.php',
115
			'Disqus'                               => 'disqus-comment-system/disqus.php',
116
			'Livefyre'                             => 'livefyre-comments/livefyre.php',
117
			'Comments Evolved for WordPress'       => 'gplus-comments/comments-evolved.php',
118
			'Google+ Comments'                     => 'google-plus-comments/google-plus-comments.php',
119
			'WP-SpamShield Anti-Spam'              => 'wp-spamshield/wp-spamshield.php',
120
		),
121
		'comment-likes' => array(
122
			'Epoch'                                => 'epoch/plugincore.php',
123
		),
124
		'contact-form'      => array(
125
			'Contact Form 7'                       => 'contact-form-7/wp-contact-form-7.php',
126
			'Gravity Forms'                        => 'gravityforms/gravityforms.php',
127
			'Contact Form Plugin'                  => 'contact-form-plugin/contact_form.php',
128
			'Easy Contact Forms'                   => 'easy-contact-forms/easy-contact-forms.php',
129
			'Fast Secure Contact Form'             => 'si-contact-form/si-contact-form.php',
130
			'Ninja Forms'                          => 'ninja-forms/ninja-forms.php',
131
		),
132
		'minileven'         => array(
133
			'WPtouch'                              => 'wptouch/wptouch.php',
134
		),
135
		'latex'             => array(
136
			'LaTeX for WordPress'                  => 'latex/latex.php',
137
			'Youngwhans Simple Latex'              => 'youngwhans-simple-latex/yw-latex.php',
138
			'Easy WP LaTeX'                        => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
139
			'MathJax-LaTeX'                        => 'mathjax-latex/mathjax-latex.php',
140
			'Enable Latex'                         => 'enable-latex/enable-latex.php',
141
			'WP QuickLaTeX'                        => 'wp-quicklatex/wp-quicklatex.php',
142
		),
143
		'protect'           => array(
144
			'Limit Login Attempts'                 => 'limit-login-attempts/limit-login-attempts.php',
145
			'Captcha'                              => 'captcha/captcha.php',
146
			'Brute Force Login Protection'         => 'brute-force-login-protection/brute-force-login-protection.php',
147
			'Login Security Solution'              => 'login-security-solution/login-security-solution.php',
148
			'WPSecureOps Brute Force Protect'      => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
149
			'BulletProof Security'                 => 'bulletproof-security/bulletproof-security.php',
150
			'SiteGuard WP Plugin'                  => 'siteguard/siteguard.php',
151
			'Security-protection'                  => 'security-protection/security-protection.php',
152
			'Login Security'                       => 'login-security/login-security.php',
153
			'Botnet Attack Blocker'                => 'botnet-attack-blocker/botnet-attack-blocker.php',
154
			'Wordfence Security'                   => 'wordfence/wordfence.php',
155
			'All In One WP Security & Firewall'    => 'all-in-one-wp-security-and-firewall/wp-security.php',
156
			'iThemes Security'                     => 'better-wp-security/better-wp-security.php',
157
		),
158
		'random-redirect'   => array(
159
			'Random Redirect 2'                    => 'random-redirect-2/random-redirect.php',
160
		),
161
		'related-posts'     => array(
162
			'YARPP'                                => 'yet-another-related-posts-plugin/yarpp.php',
163
			'WordPress Related Posts'              => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
164
			'nrelate Related Content'              => 'nrelate-related-content/nrelate-related.php',
165
			'Contextual Related Posts'             => 'contextual-related-posts/contextual-related-posts.php',
166
			'Related Posts for WordPress'          => 'microkids-related-posts/microkids-related-posts.php',
167
			'outbrain'                             => 'outbrain/outbrain.php',
168
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
169
			'Sexybookmarks'                        => 'sexybookmarks/shareaholic.php',
170
		),
171
		'sharedaddy'        => array(
172
			'AddThis'                              => 'addthis/addthis_social_widget.php',
173
			'Add To Any'                           => 'add-to-any/add-to-any.php',
174
			'ShareThis'                            => 'share-this/sharethis.php',
175
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
176
		),
177
		'seo-tools' => array(
178
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
179
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
180
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
181
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
182
		),
183
		'verification-tools' => array(
184
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
185
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
186
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
187
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
188
		),
189
		'widget-visibility' => array(
190
			'Widget Logic'                         => 'widget-logic/widget_logic.php',
191
			'Dynamic Widgets'                      => 'dynamic-widgets/dynamic-widgets.php',
192
		),
193
		'sitemaps' => array(
194
			'Google XML Sitemaps'                  => 'google-sitemap-generator/sitemap.php',
195
			'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
196
			'Google XML Sitemaps for qTranslate'   => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
197
			'XML Sitemap & Google News feeds'      => 'xml-sitemap-feed/xml-sitemap.php',
198
			'Google Sitemap by BestWebSoft'        => 'google-sitemap-plugin/google-sitemap-plugin.php',
199
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
200
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
201
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
202
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
203
			'Sitemap'                              => 'sitemap/sitemap.php',
204
			'Simple Wp Sitemap'                    => 'simple-wp-sitemap/simple-wp-sitemap.php',
205
			'Simple Sitemap'                       => 'simple-sitemap/simple-sitemap.php',
206
			'XML Sitemaps'                         => 'xml-sitemaps/xml-sitemaps.php',
207
			'MSM Sitemaps'                         => 'msm-sitemap/msm-sitemap.php',
208
		),
209
		'lazy-images' => array(
210
			'Lazy Load'              => 'lazy-load/lazy-load.php',
211
			'BJ Lazy Load'           => 'bj-lazy-load/bj-lazy-load.php',
212
			'Lazy Load by WP Rocket' => 'rocket-lazy-load/rocket-lazy-load.php',
213
		),
214
	);
215
216
	/**
217
	 * Plugins for which we turn off our Facebook OG Tags implementation.
218
	 *
219
	 * Note: All in One SEO Pack, All in one SEO Pack Pro, WordPress SEO by Yoast, and WordPress SEO Premium by Yoast automatically deactivate
220
	 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
221
	 *
222
	 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
223
	 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
224
	 */
225
	private $open_graph_conflicting_plugins = array(
226
		'2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
227
		                                                         // 2 Click Social Media Buttons
228
		'add-link-to-facebook/add-link-to-facebook.php',         // Add Link to Facebook
229
		'add-meta-tags/add-meta-tags.php',                       // Add Meta Tags
230
		'autodescription/autodescription.php',                   // The SEO Framework
231
		'easy-facebook-share-thumbnails/esft.php',               // Easy Facebook Share Thumbnail
232
		'heateor-open-graph-meta-tags/heateor-open-graph-meta-tags.php',
233
		                                                         // Open Graph Meta Tags by Heateor
234
		'facebook/facebook.php',                                 // Facebook (official plugin)
235
		'facebook-awd/AWD_facebook.php',                         // Facebook AWD All in one
236
		'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
237
		                                                         // Facebook Featured Image & OG Meta Tags
238
		'facebook-meta-tags/facebook-metatags.php',              // Facebook Meta Tags
239
		'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
240
		                                                         // Facebook Open Graph Meta Tags for WordPress
241
		'facebook-revised-open-graph-meta-tag/index.php',        // Facebook Revised Open Graph Meta Tag
242
		'facebook-thumb-fixer/_facebook-thumb-fixer.php',        // Facebook Thumb Fixer
243
		'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
244
		                                                         // Fedmich's Facebook Open Graph Meta
245
		'network-publisher/networkpub.php',                      // Network Publisher
246
		'nextgen-facebook/nextgen-facebook.php',                 // NextGEN Facebook OG
247
		'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
248
		                                                         // NextScripts SNAP
249
		'og-tags/og-tags.php',                                   // OG Tags
250
		'opengraph/opengraph.php',                               // Open Graph
251
		'open-graph-protocol-framework/open-graph-protocol-framework.php',
252
		                                                         // Open Graph Protocol Framework
253
		'seo-facebook-comments/seofacebook.php',                 // SEO Facebook Comments
254
		'seo-ultimate/seo-ultimate.php',                         // SEO Ultimate
255
		'sexybookmarks/sexy-bookmarks.php',                      // Shareaholic
256
		'shareaholic/sexy-bookmarks.php',                        // Shareaholic
257
		'sharepress/sharepress.php',                             // SharePress
258
		'simple-facebook-connect/sfc.php',                       // Simple Facebook Connect
259
		'social-discussions/social-discussions.php',             // Social Discussions
260
		'social-sharing-toolkit/social_sharing_toolkit.php',     // Social Sharing Toolkit
261
		'socialize/socialize.php',                               // Socialize
262
		'squirrly-seo/squirrly.php',                             // SEO by SQUIRRLY™
263
		'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
264
		                                                         // Tweet, Like, Google +1 and Share
265
		'wordbooker/wordbooker.php',                             // Wordbooker
266
		'wpsso/wpsso.php',                                       // WordPress Social Sharing Optimization
267
		'wp-caregiver/wp-caregiver.php',                         // WP Caregiver
268
		'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
269
		                                                         // WP Facebook Like Send & Open Graph Meta
270
		'wp-facebook-open-graph-protocol/wp-facebook-ogp.php',   // WP Facebook Open Graph protocol
271
		'wp-ogp/wp-ogp.php',                                     // WP-OGP
272
		'zoltonorg-social-plugin/zosp.php',                      // Zolton.org Social Plugin
273
		'wp-fb-share-like-button/wp_fb_share-like_widget.php',   // WP Facebook Like Button
274
		'open-graph-metabox/open-graph-metabox.php'              // Open Graph Metabox
275
	);
276
277
	/**
278
	 * Plugins for which we turn off our Twitter Cards Tags implementation.
279
	 */
280
	private $twitter_cards_conflicting_plugins = array(
281
	//	'twitter/twitter.php',                       // The official one handles this on its own.
282
	//	                                             // https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
283
		'eewee-twitter-card/index.php',              // Eewee Twitter Card
284
		'ig-twitter-cards/ig-twitter-cards.php',     // IG:Twitter Cards
285
		'jm-twitter-cards/jm-twitter-cards.php',     // JM Twitter Cards
286
		'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
287
		                                             // Pure Web Brilliant's Social Graph Twitter Cards Extension
288
		'twitter-cards/twitter-cards.php',           // Twitter Cards
289
		'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
290
		'wp-twitter-cards/twitter_cards.php',        // WP Twitter Cards
291
	);
292
293
	/**
294
	 * Message to display in admin_notice
295
	 * @var string
296
	 */
297
	public $message = '';
298
299
	/**
300
	 * Error to display in admin_notice
301
	 * @var string
302
	 */
303
	public $error = '';
304
305
	/**
306
	 * Modules that need more privacy description.
307
	 * @var string
308
	 */
309
	public $privacy_checks = '';
310
311
	/**
312
	 * Stats to record once the page loads
313
	 *
314
	 * @var array
315
	 */
316
	public $stats = array();
317
318
	/**
319
	 * Jetpack_Sync object
320
	 */
321
	public $sync;
322
323
	/**
324
	 * Verified data for JSON authorization request
325
	 */
326
	public $json_api_authorization_request = array();
327
328
	/**
329
	 * @var string Transient key used to prevent multiple simultaneous plugin upgrades
330
	 */
331
	public static $plugin_upgrade_lock_key = 'jetpack_upgrade_lock';
332
333
	/**
334
	 * Holds the singleton instance of this class
335
	 * @since 2.3.3
336
	 * @var Jetpack
337
	 */
338
	static $instance = false;
0 ignored issues
show
Coding Style introduced by
The visibility should be declared for property $instance.

The PSR-2 coding standard requires that all properties in a class have their visibility explicitly declared. If you declare a property using

class A {
    var $property;
}

the property is implicitly global.

To learn more about the PSR-2, please see the PHP-FIG site on the PSR-2.

Loading history...
339
340
	/**
341
	 * Singleton
342
	 * @static
343
	 */
344
	public static function init() {
345
		if ( ! self::$instance ) {
346
			self::$instance = new Jetpack;
347
348
			self::$instance->plugin_upgrade();
349
		}
350
351
		return self::$instance;
352
	}
353
354
	/**
355
	 * Must never be called statically
356
	 */
357
	function plugin_upgrade() {
358
		if ( Jetpack::is_active() ) {
359
			list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
360
			if ( JETPACK__VERSION != $version ) {
361
				// Prevent multiple upgrades at once - only a single process should trigger
362
				// an upgrade to avoid stampedes
363
				if ( false !== get_transient( self::$plugin_upgrade_lock_key ) ) {
364
					return;
365
				}
366
367
				// Set a short lock to prevent multiple instances of the upgrade
368
				set_transient( self::$plugin_upgrade_lock_key, 1, 10 );
369
370
				// check which active modules actually exist and remove others from active_modules list
371
				$unfiltered_modules = Jetpack::get_active_modules();
372
				$modules = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
373
				if ( array_diff( $unfiltered_modules, $modules ) ) {
374
					Jetpack::update_active_modules( $modules );
375
				}
376
377
				add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
378
379
				// Upgrade to 4.3.0
380
				if ( Jetpack_Options::get_option( 'identity_crisis_whitelist' ) ) {
381
					Jetpack_Options::delete_option( 'identity_crisis_whitelist' );
382
				}
383
384
				// Make sure Markdown for posts gets turned back on
385
				if ( ! get_option( 'wpcom_publish_posts_with_markdown' ) ) {
386
					update_option( 'wpcom_publish_posts_with_markdown', true );
387
				}
388
389
				if ( did_action( 'wp_loaded' ) ) {
390
					self::upgrade_on_load();
391
				} else {
392
					add_action(
393
						'wp_loaded',
394
						array( __CLASS__, 'upgrade_on_load' )
395
					);
396
				}
397
			}
398
		}
399
	}
400
401
	/**
402
	 * Runs upgrade routines that need to have modules loaded.
403
	 */
404
	static function upgrade_on_load() {
405
406
		// Not attempting any upgrades if jetpack_modules_loaded did not fire.
407
		// This can happen in case Jetpack has been just upgraded and is
408
		// being initialized late during the page load. In this case we wait
409
		// until the next proper admin page load with Jetpack active.
410
		if ( ! did_action( 'jetpack_modules_loaded' ) ) {
411
			delete_transient( self::$plugin_upgrade_lock_key );
412
413
			return;
414
		}
415
416
		Jetpack::maybe_set_version_option();
417
418
		if ( class_exists( 'Jetpack_Widget_Conditions' ) ) {
419
			Jetpack_Widget_Conditions::migrate_post_type_rules();
420
		}
421
422
		if (
423
			class_exists( 'Jetpack_Sitemap_Manager' )
424
			&& version_compare( JETPACK__VERSION, '5.3', '>=' )
425
		) {
426
			do_action( 'jetpack_sitemaps_purge_data' );
427
		}
428
429
		delete_transient( self::$plugin_upgrade_lock_key );
430
	}
431
432
	static function activate_manage( ) {
433
		if ( did_action( 'init' ) || current_filter() == 'init' ) {
434
			self::activate_module( 'manage', false, false );
435
		} else if ( !  has_action( 'init' , array( __CLASS__, 'activate_manage' ) ) ) {
436
			add_action( 'init', array( __CLASS__, 'activate_manage' ) );
437
		}
438
	}
439
440
	static function update_active_modules( $modules ) {
441
		$current_modules = Jetpack_Options::get_option( 'active_modules', array() );
442
443
		$success = Jetpack_Options::update_option( 'active_modules', array_unique( $modules ) );
444
445
		if ( is_array( $modules ) && is_array( $current_modules ) ) {
446
			$new_active_modules = array_diff( $modules, $current_modules );
447
			foreach( $new_active_modules as $module ) {
448
				/**
449
				 * Fires when a specific module is activated.
450
				 *
451
				 * @since 1.9.0
452
				 *
453
				 * @param string $module Module slug.
454
				 * @param boolean $success whether the module was activated. @since 4.2
455
				 */
456
				do_action( 'jetpack_activate_module', $module, $success );
457
458
				/**
459
				 * Fires when a module is activated.
460
				 * The dynamic part of the filter, $module, is the module slug.
461
				 *
462
				 * @since 1.9.0
463
				 *
464
				 * @param string $module Module slug.
465
				 */
466
				do_action( "jetpack_activate_module_$module", $module );
467
			}
468
469
			$new_deactive_modules = array_diff( $current_modules, $modules );
470
			foreach( $new_deactive_modules as $module ) {
471
				/**
472
				 * Fired after a module has been deactivated.
473
				 *
474
				 * @since 4.2.0
475
				 *
476
				 * @param string $module Module slug.
477
				 * @param boolean $success whether the module was deactivated.
478
				 */
479
				do_action( 'jetpack_deactivate_module', $module, $success );
480
				/**
481
				 * Fires when a module is deactivated.
482
				 * The dynamic part of the filter, $module, is the module slug.
483
				 *
484
				 * @since 1.9.0
485
				 *
486
				 * @param string $module Module slug.
487
				 */
488
				do_action( "jetpack_deactivate_module_$module", $module );
489
			}
490
		}
491
492
		return $success;
493
	}
494
495
	static function delete_active_modules() {
496
		self::update_active_modules( array() );
497
	}
498
499
	/**
500
	 * Constructor.  Initializes WordPress hooks
501
	 */
502
	private function __construct() {
503
		/*
504
		 * Check for and alert any deprecated hooks
505
		 */
506
		add_action( 'init', array( $this, 'deprecated_hooks' ) );
507
508
		/*
509
		 * Enable enhanced handling of previewing sites in Calypso
510
		 */
511
		if ( Jetpack::is_active() ) {
512
			require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-iframe-embed.php';
513
			add_action( 'init', array( 'Jetpack_Iframe_Embed', 'init' ), 9, 0 );
514
		}
515
516
		/*
517
		 * Load things that should only be in Network Admin.
518
		 *
519
		 * For now blow away everything else until a more full
520
		 * understanding of what is needed at the network level is
521
		 * available
522
		 */
523
		if( is_multisite() ) {
524
			Jetpack_Network::init();
525
		}
526
527
		add_action( 'set_user_role', array( $this, 'maybe_clear_other_linked_admins_transient' ), 10, 3 );
528
529
		// Unlink user before deleting the user from .com
530
		add_action( 'deleted_user', array( $this, 'unlink_user' ), 10, 1 );
531
		add_action( 'remove_user_from_blog', array( $this, 'unlink_user' ), 10, 1 );
532
533
		if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) {
534
			@ini_set( 'display_errors', false ); // Display errors can cause the XML to be not well formed.
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
535
536
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-xmlrpc-server.php';
537
			$this->xmlrpc_server = new Jetpack_XMLRPC_Server();
538
539
			$this->require_jetpack_authentication();
540
541
			if ( Jetpack::is_active() ) {
542
				// Hack to preserve $HTTP_RAW_POST_DATA
543
				add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
544
545
				$signed = $this->verify_xml_rpc_signature();
546 View Code Duplication
				if ( $signed && ! is_wp_error( $signed ) ) {
547
					// The actual API methods.
548
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) );
549
				} else {
550
					// The jetpack.authorize method should be available for unauthenticated users on a site with an
551
					// active Jetpack connection, so that additional users can link their account.
552
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) );
553
				}
554 View Code Duplication
			} else {
555
				// The bootstrap API methods.
556
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) );
557
				$signed = $this->verify_xml_rpc_signature();
558
				if ( $signed && ! is_wp_error( $signed ) ) {
559
					// the jetpack Provision method is available for blog-token-signed requests
560
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'provision_xmlrpc_methods' ) );
561
				}
562
			}
563
564
			// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on.
565
			add_filter( 'pre_option_enable_xmlrpc', '__return_true' );
566
		} elseif (
567
			is_admin() &&
568
			isset( $_POST['action'] ) && (
569
				'jetpack_upload_file' == $_POST['action'] ||
570
				'jetpack_update_file' == $_POST['action']
571
			)
572
		) {
573
			$this->require_jetpack_authentication();
574
			$this->add_remote_request_handlers();
575
		} else {
576
			if ( Jetpack::is_active() ) {
577
				add_action( 'login_form_jetpack_json_api_authorization', array( &$this, 'login_form_json_api_authorization' ) );
578
				add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) );
579
			}
580
		}
581
582
		if ( Jetpack::is_active() ) {
583
			Jetpack_Heartbeat::init();
584
			if ( Jetpack::is_module_active( 'stats' ) && Jetpack::is_module_active( 'search' ) ) {
585
				require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-search-performance-logger.php';
586
				Jetpack_Search_Performance_Logger::init();
587
			}
588
		}
589
590
		add_filter( 'determine_current_user', array( $this, 'wp_rest_authenticate' ) );
591
		add_filter( 'rest_authentication_errors', array( $this, 'wp_rest_authentication_errors' ) );
592
593
		add_action( 'jetpack_clean_nonces', array( 'Jetpack', 'clean_nonces' ) );
594
		if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) {
595
			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
596
		}
597
598
		add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ) );
599
600
		add_action( 'admin_init', array( $this, 'admin_init' ) );
601
		add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
602
603
		add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
604
605
		add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
606
		// Filter the dashboard meta box order to swap the new one in in place of the old one.
607
		add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
608
609
		// returns HTTPS support status
610
		add_action( 'wp_ajax_jetpack-recheck-ssl', array( $this, 'ajax_recheck_ssl' ) );
611
612
		// If any module option is updated before Jump Start is dismissed, hide Jump Start.
613
		add_action( 'update_option', array( $this, 'jumpstart_has_updated_module_option' ) );
614
615
		// JITM AJAX callback function
616
		add_action( 'wp_ajax_jitm_ajax',  array( $this, 'jetpack_jitm_ajax_callback' ) );
617
618
		// Universal ajax callback for all tracking events triggered via js
619
		add_action( 'wp_ajax_jetpack_tracks', array( $this, 'jetpack_admin_ajax_tracks_callback' ) );
620
621
		add_action( 'wp_ajax_jetpack_connection_banner', array( $this, 'jetpack_connection_banner_callback' ) );
622
623
		add_action( 'wp_loaded', array( $this, 'register_assets' ) );
624
		add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) );
625
		add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) );
626
		add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) );
627
628
		// gutenberg locale
629
		add_action( 'enqueue_block_editor_assets', array( $this, 'enqueue_gutenberg_locale' ) );
630
631
		add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 );
632
633
		/**
634
		 * These actions run checks to load additional files.
635
		 * They check for external files or plugins, so they need to run as late as possible.
636
		 */
637
		add_action( 'wp_head', array( $this, 'check_open_graph' ),       1 );
638
		add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ),     999 );
639
		add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
640
641
		add_filter( 'plugins_url',      array( 'Jetpack', 'maybe_min_asset' ),     1, 3 );
642
		add_action( 'style_loader_src', array( 'Jetpack', 'set_suffix_on_min' ), 10, 2  );
643
		add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
644
645
		add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
646
647
		add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
648
		add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
649
650
		// A filter to control all just in time messages
651
		add_filter( 'jetpack_just_in_time_msgs', '__return_true', 9 );
652
		add_filter( 'jetpack_just_in_time_msg_cache', '__return_true', 9);
653
654
		// If enabled, point edit post, page, and comment links to Calypso instead of WP-Admin.
655
		// We should make sure to only do this for front end links.
656
		if ( Jetpack::get_option( 'edit_links_calypso_redirect' ) && ! is_admin() ) {
657
			add_filter( 'get_edit_post_link', array( $this, 'point_edit_post_links_to_calypso' ), 1, 2 );
658
			add_filter( 'get_edit_comment_link', array( $this, 'point_edit_comment_links_to_calypso' ), 1 );
659
660
			//we'll override wp_notify_postauthor and wp_notify_moderator pluggable functions
661
			//so they point moderation links on emails to Calypso
662
			jetpack_require_lib( 'functions.wp-notify' );
663
		}
664
665
		// Update the Jetpack plan from API on heartbeats
666
		add_action( 'jetpack_heartbeat', array( $this, 'refresh_active_plan_from_wpcom' ) );
667
668
		/**
669
		 * This is the hack to concatenate all css files into one.
670
		 * For description and reasoning see the implode_frontend_css method
671
		 *
672
		 * Super late priority so we catch all the registered styles
673
		 */
674
		if( !is_admin() ) {
675
			add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
676
			add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
677
		}
678
679
		/**
680
		 * These are sync actions that we need to keep track of for jitms
681
		 */
682
		add_filter( 'jetpack_sync_before_send_updated_option', array( $this, 'jetpack_track_last_sync_callback' ), 99 );
683
684
		// Actually push the stats on shutdown.
685
		if ( ! has_action( 'shutdown', array( $this, 'push_stats' ) ) ) {
686
			add_action( 'shutdown', array( $this, 'push_stats' ) );
687
		}
688
	}
689
690
	function point_edit_post_links_to_calypso( $default_url, $post_id ) {
691
		$post = get_post( $post_id );
692
693
		if ( empty( $post ) ) {
694
			return $default_url;
695
		}
696
697
		$post_type = $post->post_type;
698
699
		// Mapping the allowed CPTs on WordPress.com to corresponding paths in Calypso.
700
		// https://en.support.wordpress.com/custom-post-types/
701
		$allowed_post_types = array(
702
			'post' => 'post',
703
			'page' => 'page',
704
			'jetpack-portfolio' => 'edit/jetpack-portfolio',
705
			'jetpack-testimonial' => 'edit/jetpack-testimonial',
706
		);
707
708
		if ( ! in_array( $post_type, array_keys( $allowed_post_types ) ) ) {
709
			return $default_url;
710
		}
711
712
		$path_prefix = $allowed_post_types[ $post_type ];
713
714
		$site_slug  = Jetpack::build_raw_urls( get_home_url() );
0 ignored issues
show
Coding Style introduced by
Equals sign not aligned correctly; expected 1 space but found 2 spaces

This check looks for improperly formatted assignments.

Every assignment must have exactly one space before and one space after the equals operator.

To illustrate:

$a = "a";
$ab = "ab";
$abc = "abc";

will have no issues, while

$a   = "a";
$ab  = "ab";
$abc = "abc";

will report issues in lines 1 and 2.

Loading history...
715
716
		return esc_url( sprintf( 'https://wordpress.com/%s/%s/%d', $path_prefix, $site_slug, $post_id ) );
717
	}
718
719
	function point_edit_comment_links_to_calypso( $url ) {
720
		// Take the `query` key value from the URL, and parse its parts to the $query_args. `amp;c` matches the comment ID.
721
		wp_parse_str( wp_parse_url( $url, PHP_URL_QUERY ), $query_args );
0 ignored issues
show
Bug introduced by
The variable $query_args does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
722
		return esc_url( sprintf( 'https://wordpress.com/comment/%s/%d',
723
			Jetpack::build_raw_urls( get_home_url() ),
724
			$query_args['amp;c']
725
		) );
726
	}
727
728
	function jetpack_track_last_sync_callback( $params ) {
729
		/**
730
		 * Filter to turn off jitm caching
731
		 *
732
		 * @since 5.4.0
733
		 *
734
		 * @param bool false Whether to cache just in time messages
735
		 */
736
		if ( ! apply_filters( 'jetpack_just_in_time_msg_cache', false ) ) {
737
			return $params;
738
		}
739
740
		if ( is_array( $params ) && isset( $params[0] ) ) {
741
			$option = $params[0];
742
			if ( 'active_plugins' === $option ) {
743
				// use the cache if we can, but not terribly important if it gets evicted
744
				set_transient( 'jetpack_last_plugin_sync', time(), HOUR_IN_SECONDS );
745
			}
746
		}
747
748
		return $params;
749
	}
750
751
	function jetpack_connection_banner_callback() {
752
		check_ajax_referer( 'jp-connection-banner-nonce', 'nonce' );
753
754
		if ( isset( $_REQUEST['dismissBanner'] ) ) {
755
			Jetpack_Options::update_option( 'dismissed_connection_banner', 1 );
756
			wp_send_json_success();
757
		}
758
759
		wp_die();
760
	}
761
762
	function jetpack_admin_ajax_tracks_callback() {
763
		// Check for nonce
764
		if ( ! isset( $_REQUEST['tracksNonce'] ) || ! wp_verify_nonce( $_REQUEST['tracksNonce'], 'jp-tracks-ajax-nonce' ) ) {
765
			wp_die( 'Permissions check failed.' );
766
		}
767
768
		if ( ! isset( $_REQUEST['tracksEventName'] ) || ! isset( $_REQUEST['tracksEventType'] )  ) {
769
			wp_die( 'No valid event name or type.' );
770
		}
771
772
		$tracks_data = array();
773
		if ( 'click' === $_REQUEST['tracksEventType'] && isset( $_REQUEST['tracksEventProp'] ) ) {
774
			if ( is_array( $_REQUEST['tracksEventProp'] ) ) {
775
				$tracks_data = $_REQUEST['tracksEventProp'];
776
			} else {
777
				$tracks_data = array( 'clicked' => $_REQUEST['tracksEventProp'] );
778
			}
779
		}
780
781
		JetpackTracking::record_user_event( $_REQUEST['tracksEventName'], $tracks_data );
782
		wp_send_json_success();
783
		wp_die();
784
	}
785
786
	/**
787
	 * The callback for the JITM ajax requests.
788
	 */
789
	function jetpack_jitm_ajax_callback() {
790
		// Check for nonce
791
		if ( ! isset( $_REQUEST['jitmNonce'] ) || ! wp_verify_nonce( $_REQUEST['jitmNonce'], 'jetpack-jitm-nonce' ) ) {
792
			wp_die( 'Module activation failed due to lack of appropriate permissions' );
793
		}
794
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'activate' == $_REQUEST['jitmActionToTake'] ) {
795
			$module_slug = $_REQUEST['jitmModule'];
796
			Jetpack::log( 'activate', $module_slug );
797
			Jetpack::activate_module( $module_slug, false, false );
798
			Jetpack::state( 'message', 'no_message' );
799
800
			//A Jetpack module is being activated through a JITM, track it
801
			$this->stat( 'jitm', $module_slug.'-activated-' . JETPACK__VERSION );
802
			$this->do_stats( 'server_side' );
803
804
			wp_send_json_success();
805
		}
806
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'dismiss' == $_REQUEST['jitmActionToTake'] ) {
807
			// get the hide_jitm options array
808
			$jetpack_hide_jitm = Jetpack_Options::get_option( 'hide_jitm' );
809
			$module_slug = $_REQUEST['jitmModule'];
810
811
			if( ! $jetpack_hide_jitm ) {
812
				$jetpack_hide_jitm = array(
813
					$module_slug => 'hide'
814
				);
815
			} else {
816
				$jetpack_hide_jitm[$module_slug] = 'hide';
817
			}
818
819
			Jetpack_Options::update_option( 'hide_jitm', $jetpack_hide_jitm );
820
821
			//jitm is being dismissed forever, track it
822
			$this->stat( 'jitm', $module_slug.'-dismissed-' . JETPACK__VERSION );
823
			$this->do_stats( 'server_side' );
824
825
			wp_send_json_success();
826
		}
827 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'launch' == $_REQUEST['jitmActionToTake'] ) {
828
			$module_slug = $_REQUEST['jitmModule'];
829
830
			// User went to WordPress.com, track this
831
			$this->stat( 'jitm', $module_slug.'-wordpress-tools-' . JETPACK__VERSION );
832
			$this->do_stats( 'server_side' );
833
834
			wp_send_json_success();
835
		}
836 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'viewed' == $_REQUEST['jitmActionToTake'] ) {
837
			$track = $_REQUEST['jitmModule'];
838
839
			// User is viewing JITM, track it.
840
			$this->stat( 'jitm', $track . '-viewed-' . JETPACK__VERSION );
841
			$this->do_stats( 'server_side' );
842
843
			wp_send_json_success();
844
		}
845
	}
846
847
	/**
848
	 * If there are any stats that need to be pushed, but haven't been, push them now.
849
	 */
850
	function push_stats() {
851
		if ( ! empty( $this->stats ) ) {
852
			$this->do_stats( 'server_side' );
853
		}
854
	}
855
856
	function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
857
		switch( $cap ) {
858
			case 'jetpack_connect' :
859
			case 'jetpack_reconnect' :
0 ignored issues
show
Coding Style introduced by
There must be a comment when fall-through is intentional in a non-empty case body
Loading history...
860
				if ( Jetpack::is_development_mode() ) {
861
					$caps = array( 'do_not_allow' );
862
					break;
863
				}
864
				/**
865
				 * Pass through. If it's not development mode, these should match disconnect.
866
				 * Let users disconnect if it's development mode, just in case things glitch.
867
				 */
868
			case 'jetpack_disconnect' :
869
				/**
870
				 * In multisite, can individual site admins manage their own connection?
871
				 *
872
				 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
873
				 */
874
				if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
875
					if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
876
						/**
877
						 * We need to update the option name -- it's terribly unclear which
878
						 * direction the override goes.
879
						 *
880
						 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
0 ignored issues
show
Coding Style introduced by
Comment refers to a TODO task

This check looks TODO comments that have been left in the code.

``TODO``s show that something is left unfinished and should be attended to.

Loading history...
881
						 */
882
						$caps = array( 'do_not_allow' );
883
						break;
884
					}
885
				}
886
887
				$caps = array( 'manage_options' );
888
				break;
889
			case 'jetpack_manage_modules' :
890
			case 'jetpack_activate_modules' :
891
			case 'jetpack_deactivate_modules' :
892
				$caps = array( 'manage_options' );
893
				break;
894
			case 'jetpack_configure_modules' :
895
				$caps = array( 'manage_options' );
896
				break;
897
			case 'jetpack_network_admin_page':
898
			case 'jetpack_network_settings_page':
899
				$caps = array( 'manage_network_plugins' );
900
				break;
901
			case 'jetpack_network_sites_page':
902
				$caps = array( 'manage_sites' );
903
				break;
904
			case 'jetpack_admin_page' :
905
				if ( Jetpack::is_development_mode() ) {
906
					$caps = array( 'manage_options' );
907
					break;
908
				} else {
909
					$caps = array( 'read' );
910
				}
911
				break;
912
			case 'jetpack_connect_user' :
913
				if ( Jetpack::is_development_mode() ) {
914
					$caps = array( 'do_not_allow' );
915
					break;
916
				}
917
				$caps = array( 'read' );
918
				break;
919
		}
920
		return $caps;
921
	}
922
923
	function require_jetpack_authentication() {
924
		// Don't let anyone authenticate
925
		$_COOKIE = array();
926
		remove_all_filters( 'authenticate' );
927
		remove_all_actions( 'wp_login_failed' );
928
929
		if ( Jetpack::is_active() ) {
930
			// Allow Jetpack authentication
931
			add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 );
932
		}
933
	}
934
935
	/**
936
	 * Load language files
937
	 * @action plugins_loaded
938
	 */
939
	public static function plugin_textdomain() {
940
		// Note to self, the third argument must not be hardcoded, to account for relocated folders.
941
		load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
942
	}
943
944
	/**
945
	 * Register assets for use in various modules and the Jetpack admin page.
946
	 *
947
	 * @uses wp_script_is, wp_register_script, plugins_url
948
	 * @action wp_loaded
949
	 * @return null
950
	 */
951
	public function register_assets() {
952
		if ( ! wp_script_is( 'spin', 'registered' ) ) {
953
			wp_register_script(
954
				'spin',
955
				self::get_file_url_for_environment( '_inc/build/spin.min.js', '_inc/spin.js' ),
956
				false,
957
				'1.3'
958
			);
959
		}
960
961
		if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
962
			wp_register_script(
963
				'jquery.spin',
964
				self::get_file_url_for_environment( '_inc/build/jquery.spin.min.js', '_inc/jquery.spin.js' ),
965
				array( 'jquery', 'spin' ),
966
				'1.3'
967
			);
968
		}
969
970 View Code Duplication
		if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
971
			wp_register_script(
972
				'jetpack-gallery-settings',
973
				self::get_file_url_for_environment( '_inc/build/gallery-settings.min.js', '_inc/gallery-settings.js' ),
974
				array( 'media-views' ),
975
				'20121225'
976
			);
977
		}
978
979
		if ( ! wp_script_is( 'jetpack-twitter-timeline', 'registered' ) ) {
980
			wp_register_script(
981
				'jetpack-twitter-timeline',
982
				self::get_file_url_for_environment( '_inc/build/twitter-timeline.min.js', '_inc/twitter-timeline.js' ),
983
				array( 'jquery' ),
984
				'4.0.0',
985
				true
986
			);
987
		}
988
989
		if ( ! wp_script_is( 'jetpack-facebook-embed', 'registered' ) ) {
990
			wp_register_script(
991
				'jetpack-facebook-embed',
992
				self::get_file_url_for_environment( '_inc/build/facebook-embed.min.js', '_inc/facebook-embed.js' ),
993
				array( 'jquery' ),
994
				null,
995
				true
996
			);
997
998
			/** This filter is documented in modules/sharedaddy/sharing-sources.php */
999
			$fb_app_id = apply_filters( 'jetpack_sharing_facebook_app_id', '249643311490' );
1000
			if ( ! is_numeric( $fb_app_id ) ) {
1001
				$fb_app_id = '';
1002
			}
1003
			wp_localize_script(
1004
				'jetpack-facebook-embed',
1005
				'jpfbembed',
1006
				array(
1007
					'appid' => $fb_app_id,
1008
					'locale' => $this->get_locale(),
1009
				)
1010
			);
1011
		}
1012
1013
		/**
1014
		 * As jetpack_register_genericons is by default fired off a hook,
1015
		 * the hook may have already fired by this point.
1016
		 * So, let's just trigger it manually.
1017
		 */
1018
		require_once( JETPACK__PLUGIN_DIR . '_inc/genericons.php' );
1019
		jetpack_register_genericons();
1020
1021
		/**
1022
		 * Register the social logos
1023
		 */
1024
		require_once( JETPACK__PLUGIN_DIR . '_inc/social-logos.php' );
1025
		jetpack_register_social_logos();
1026
1027 View Code Duplication
		if ( ! wp_style_is( 'jetpack-icons', 'registered' ) )
1028
			wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
1029
	}
1030
1031
	/**
1032
	 * Guess locale from language code.
1033
	 *
1034
	 * @param string $lang Language code.
1035
	 * @return string|bool
1036
	 */
1037 View Code Duplication
	function guess_locale_from_lang( $lang ) {
1038
		if ( 'en' === $lang || 'en_US' === $lang || ! $lang ) {
1039
			return 'en_US';
1040
		}
1041
1042
		if ( ! class_exists( 'GP_Locales' ) ) {
1043
			if ( ! defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) || ! file_exists( JETPACK__GLOTPRESS_LOCALES_PATH ) ) {
1044
				return false;
1045
			}
1046
1047
			require JETPACK__GLOTPRESS_LOCALES_PATH;
1048
		}
1049
1050
		if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
1051
			// WP.com: get_locale() returns 'it'
1052
			$locale = GP_Locales::by_slug( $lang );
1053
		} else {
1054
			// Jetpack: get_locale() returns 'it_IT';
1055
			$locale = GP_Locales::by_field( 'facebook_locale', $lang );
1056
		}
1057
1058
		if ( ! $locale ) {
1059
			return false;
1060
		}
1061
1062
		if ( empty( $locale->facebook_locale ) ) {
1063
			if ( empty( $locale->wp_locale ) ) {
1064
				return false;
1065
			} else {
1066
				// Facebook SDK is smart enough to fall back to en_US if a
1067
				// locale isn't supported. Since supported Facebook locales
1068
				// can fall out of sync, we'll attempt to use the known
1069
				// wp_locale value and rely on said fallback.
1070
				return $locale->wp_locale;
1071
			}
1072
		}
1073
1074
		return $locale->facebook_locale;
1075
	}
1076
1077
	/**
1078
	 * Get the locale.
1079
	 *
1080
	 * @return string|bool
1081
	 */
1082
	function get_locale() {
1083
		$locale = $this->guess_locale_from_lang( get_locale() );
1084
1085
		if ( ! $locale ) {
1086
			$locale = 'en_US';
1087
		}
1088
1089
		return $locale;
1090
	}
1091
1092
	/**
1093
	 * Device Pixels support
1094
	 * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers.
1095
	 */
1096
	function devicepx() {
1097
		if ( Jetpack::is_active() && ! Jetpack_AMP_Support::is_amp_request() ) {
1098
			wp_enqueue_script( 'devicepx', 'https://s0.wp.com/wp-content/js/devicepx-jetpack.js', array(), gmdate( 'oW' ), true );
1099
		}
1100
	}
1101
1102
	/**
1103
	 * Return the network_site_url so that .com knows what network this site is a part of.
1104
	 * @param  bool $option
1105
	 * @return string
1106
	 */
1107
	public function jetpack_main_network_site_option( $option ) {
1108
		return network_site_url();
1109
	}
1110
	/**
1111
	 * Network Name.
1112
	 */
1113
	static function network_name( $option = null ) {
1114
		global $current_site;
1115
		return $current_site->site_name;
1116
	}
1117
	/**
1118
	 * Does the network allow new user and site registrations.
1119
	 * @return string
1120
	 */
1121
	static function network_allow_new_registrations( $option = null ) {
1122
		return ( in_array( get_site_option( 'registration' ), array('none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration') : 'none' );
1123
	}
1124
	/**
1125
	 * Does the network allow admins to add new users.
1126
	 * @return boolian
1127
	 */
1128
	static function network_add_new_users( $option = null ) {
1129
		return (bool) get_site_option( 'add_new_users' );
1130
	}
1131
	/**
1132
	 * File upload psace left per site in MB.
1133
	 *  -1 means NO LIMIT.
1134
	 * @return number
1135
	 */
1136
	static function network_site_upload_space( $option = null ) {
1137
		// value in MB
1138
		return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
1139
	}
1140
1141
	/**
1142
	 * Network allowed file types.
1143
	 * @return string
1144
	 */
1145
	static function network_upload_file_types( $option = null ) {
1146
		return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
1147
	}
1148
1149
	/**
1150
	 * Maximum file upload size set by the network.
1151
	 * @return number
1152
	 */
1153
	static function network_max_upload_file_size( $option = null ) {
1154
		// value in KB
1155
		return get_site_option( 'fileupload_maxk', 300 );
1156
	}
1157
1158
	/**
1159
	 * Lets us know if a site allows admins to manage the network.
1160
	 * @return array
1161
	 */
1162
	static function network_enable_administration_menus( $option = null ) {
1163
		return get_site_option( 'menu_items' );
1164
	}
1165
1166
	/**
1167
	 * If a user has been promoted to or demoted from admin, we need to clear the
1168
	 * jetpack_other_linked_admins transient.
1169
	 *
1170
	 * @since 4.3.2
1171
	 * @since 4.4.0  $old_roles is null by default and if it's not passed, the transient is cleared.
1172
	 *
1173
	 * @param int    $user_id   The user ID whose role changed.
1174
	 * @param string $role      The new role.
1175
	 * @param array  $old_roles An array of the user's previous roles.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $old_roles not be array|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
1176
	 */
1177
	function maybe_clear_other_linked_admins_transient( $user_id, $role, $old_roles = null ) {
1178
		if ( 'administrator' == $role
1179
			|| ( is_array( $old_roles ) && in_array( 'administrator', $old_roles ) )
1180
			|| is_null( $old_roles )
1181
		) {
1182
			delete_transient( 'jetpack_other_linked_admins' );
1183
		}
1184
	}
1185
1186
	/**
1187
	 * Checks to see if there are any other users available to become primary
1188
	 * Users must both:
1189
	 * - Be linked to wpcom
1190
	 * - Be an admin
1191
	 *
1192
	 * @return mixed False if no other users are linked, Int if there are.
1193
	 */
1194
	static function get_other_linked_admins() {
1195
		$other_linked_users = get_transient( 'jetpack_other_linked_admins' );
1196
1197
		if ( false === $other_linked_users ) {
1198
			$admins = get_users( array( 'role' => 'administrator' ) );
1199
			if ( count( $admins ) > 1 ) {
1200
				$available = array();
1201
				foreach ( $admins as $admin ) {
1202
					if ( Jetpack::is_user_connected( $admin->ID ) ) {
1203
						$available[] = $admin->ID;
1204
					}
1205
				}
1206
1207
				$count_connected_admins = count( $available );
1208
				if ( count( $available ) > 1 ) {
1209
					$other_linked_users = $count_connected_admins;
1210
				} else {
1211
					$other_linked_users = 0;
1212
				}
1213
			} else {
1214
				$other_linked_users = 0;
1215
			}
1216
1217
			set_transient( 'jetpack_other_linked_admins', $other_linked_users, HOUR_IN_SECONDS );
1218
		}
1219
1220
		return ( 0 === $other_linked_users ) ? false : $other_linked_users;
1221
	}
1222
1223
	/**
1224
	 * Return whether we are dealing with a multi network setup or not.
1225
	 * The reason we are type casting this is because we want to avoid the situation where
1226
	 * the result is false since when is_main_network_option return false it cases
1227
	 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
1228
	 * database which could be set to anything as opposed to what this function returns.
1229
	 * @param  bool  $option
1230
	 *
1231
	 * @return boolean
1232
	 */
1233
	public function is_main_network_option( $option ) {
1234
		// return '1' or ''
1235
		return (string) (bool) Jetpack::is_multi_network();
1236
	}
1237
1238
	/**
1239
	 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
1240
	 *
1241
	 * @param  string  $option
1242
	 * @return boolean
1243
	 */
1244
	public function is_multisite( $option ) {
1245
		return (string) (bool) is_multisite();
1246
	}
1247
1248
	/**
1249
	 * Implemented since there is no core is multi network function
1250
	 * Right now there is no way to tell if we which network is the dominant network on the system
1251
	 *
1252
	 * @since  3.3
1253
	 * @return boolean
1254
	 */
1255
	public static function is_multi_network() {
1256
		global  $wpdb;
1257
1258
		// if we don't have a multi site setup no need to do any more
1259
		if ( ! is_multisite() ) {
1260
			return false;
1261
		}
1262
1263
		$num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
1264
		if ( $num_sites > 1 ) {
1265
			return true;
1266
		} else {
1267
			return false;
1268
		}
1269
	}
1270
1271
	/**
1272
	 * Trigger an update to the main_network_site when we update the siteurl of a site.
1273
	 * @return null
1274
	 */
1275
	function update_jetpack_main_network_site_option() {
1276
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1277
	}
1278
	/**
1279
	 * Triggered after a user updates the network settings via Network Settings Admin Page
1280
	 *
1281
	 */
1282
	function update_jetpack_network_settings() {
1283
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1284
		// Only sync this info for the main network site.
1285
	}
1286
1287
	/**
1288
	 * Get back if the current site is single user site.
1289
	 *
1290
	 * @return bool
1291
	 */
1292
	public static function is_single_user_site() {
1293
		global $wpdb;
1294
1295 View Code Duplication
		if ( false === ( $some_users = get_transient( 'jetpack_is_single_user' ) ) ) {
1296
			$some_users = $wpdb->get_var( "SELECT COUNT(*) FROM (SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities' LIMIT 2) AS someusers" );
1297
			set_transient( 'jetpack_is_single_user', (int) $some_users, 12 * HOUR_IN_SECONDS );
1298
		}
1299
		return 1 === (int) $some_users;
1300
	}
1301
1302
	/**
1303
	 * Returns true if the site has file write access false otherwise.
1304
	 * @return string ( '1' | '0' )
1305
	 **/
1306
	public static function file_system_write_access() {
1307
		if ( ! function_exists( 'get_filesystem_method' ) ) {
1308
			require_once( ABSPATH . 'wp-admin/includes/file.php' );
1309
		}
1310
1311
		require_once( ABSPATH . 'wp-admin/includes/template.php' );
1312
1313
		$filesystem_method = get_filesystem_method();
1314
		if ( $filesystem_method === 'direct' ) {
1315
			return 1;
1316
		}
1317
1318
		ob_start();
1319
		$filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1320
		ob_end_clean();
1321
		if ( $filesystem_credentials_are_stored ) {
1322
			return 1;
1323
		}
1324
		return 0;
1325
	}
1326
1327
	/**
1328
	 * Finds out if a site is using a version control system.
1329
	 * @return string ( '1' | '0' )
1330
	 **/
1331
	public static function is_version_controlled() {
1332
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Jetpack_Sync_Functions::is_version_controlled' );
1333
		return (string) (int) Jetpack_Sync_Functions::is_version_controlled();
1334
	}
1335
1336
	/**
1337
	 * Determines whether the current theme supports featured images or not.
1338
	 * @return string ( '1' | '0' )
1339
	 */
1340
	public static function featured_images_enabled() {
1341
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1342
		return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1343
	}
1344
1345
	/**
1346
	 * Wrapper for core's get_avatar_url().  This one is deprecated.
1347
	 *
1348
	 * @deprecated 4.7 use get_avatar_url instead.
1349
	 * @param int|string|object $id_or_email A user ID,  email address, or comment object
1350
	 * @param int $size Size of the avatar image
1351
	 * @param string $default URL to a default image to use if no avatar is available
1352
	 * @param bool $force_display Whether to force it to return an avatar even if show_avatars is disabled
1353
	 *
1354
	 * @return array
1355
	 */
1356
	public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
1357
		_deprecated_function( __METHOD__, 'jetpack-4.7', 'get_avatar_url' );
1358
		return get_avatar_url( $id_or_email, array(
1359
			'size' => $size,
1360
			'default' => $default,
1361
			'force_default' => $force_display,
1362
		) );
1363
	}
1364
1365
	/**
1366
	 * jetpack_updates is saved in the following schema:
1367
	 *
1368
	 * array (
1369
	 *      'plugins'                       => (int) Number of plugin updates available.
1370
	 *      'themes'                        => (int) Number of theme updates available.
1371
	 *      'wordpress'                     => (int) Number of WordPress core updates available.
1372
	 *      'translations'                  => (int) Number of translation updates available.
1373
	 *      'total'                         => (int) Total of all available updates.
1374
	 *      'wp_update_version'             => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1375
	 * )
1376
	 * @return array
1377
	 */
1378
	public static function get_updates() {
1379
		$update_data = wp_get_update_data();
1380
1381
		// Stores the individual update counts as well as the total count.
1382
		if ( isset( $update_data['counts'] ) ) {
1383
			$updates = $update_data['counts'];
1384
		}
1385
1386
		// If we need to update WordPress core, let's find the latest version number.
1387 View Code Duplication
		if ( ! empty( $updates['wordpress'] ) ) {
1388
			$cur = get_preferred_from_update_core();
1389
			if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1390
				$updates['wp_update_version'] = $cur->current;
1391
			}
1392
		}
1393
		return isset( $updates ) ? $updates : array();
1394
	}
1395
1396
	public static function get_update_details() {
1397
		$update_details = array(
1398
			'update_core' => get_site_transient( 'update_core' ),
1399
			'update_plugins' => get_site_transient( 'update_plugins' ),
1400
			'update_themes' => get_site_transient( 'update_themes' ),
1401
		);
1402
		return $update_details;
1403
	}
1404
1405
	public static function refresh_update_data() {
1406
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1407
1408
	}
1409
1410
	public static function refresh_theme_data() {
1411
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1412
	}
1413
1414
	/**
1415
	 * Is Jetpack active?
1416
	 */
1417
	public static function is_active() {
1418
		return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1419
	}
1420
1421
	/**
1422
	 * Make an API call to WordPress.com for plan status
1423
	 *
1424
	 * @uses Jetpack_Options::get_option()
1425
	 * @uses Jetpack_Client::wpcom_json_api_request_as_blog()
1426
	 * @uses update_option()
1427
	 *
1428
	 * @access public
1429
	 * @static
1430
	 *
1431
	 * @return bool True if plan is updated, false if no update
1432
	 */
1433
	public static function refresh_active_plan_from_wpcom() {
1434
		// Make the API request
1435
		$request = sprintf( '/sites/%d', Jetpack_Options::get_option( 'id' ) );
1436
		$response = Jetpack_Client::wpcom_json_api_request_as_blog( $request, '1.1' );
1437
1438
		// Bail if there was an error or malformed response
1439
		if ( is_wp_error( $response ) || ! is_array( $response ) || ! isset( $response['body'] ) ) {
1440
			return false;
1441
		}
1442
1443
		// Decode the results
1444
		$results = json_decode( $response['body'], true );
1445
1446
		// Bail if there were no results or plan details returned
1447
		if ( ! is_array( $results ) || ! isset( $results['plan'] ) ) {
1448
			return false;
1449
		}
1450
1451
		// Store the option and return true if updated
1452
		return update_option( 'jetpack_active_plan', $results['plan'] );
1453
	}
1454
1455
	/**
1456
	 * Get the plan that this Jetpack site is currently using
1457
	 *
1458
	 * @uses get_option()
1459
	 *
1460
	 * @access public
1461
	 * @static
1462
	 *
1463
	 * @return array Active Jetpack plan details
1464
	 */
1465
	public static function get_active_plan() {
1466
		global $active_plan_cache;
1467
1468
		// this can be expensive to compute so we cache for the duration of a request
1469
		if ( is_array( $active_plan_cache ) && ! empty( $active_plan_cache ) ) {
1470
			return $active_plan_cache;
1471
		}
1472
1473
		$plan = get_option( 'jetpack_active_plan', array() );
1474
1475
		// Set the default options
1476
		$plan = wp_parse_args( $plan, array(
1477
			'product_slug' => 'jetpack_free',
1478
			'class'        => 'free',
1479
			'features'     => array(
1480
				'active' => array()
1481
			),
1482
		) );
1483
1484
		$supports = array();
1485
1486
		// Define what paid modules are supported by personal plans
1487
		$personal_plans = array(
1488
			'jetpack_personal',
1489
			'jetpack_personal_monthly',
1490
			'personal-bundle',
1491
		);
1492
1493
		if ( in_array( $plan['product_slug'], $personal_plans ) ) {
1494
			// special support value, not a module but a separate plugin
1495
			$supports[] = 'akismet';
1496
			$plan['class'] = 'personal';
1497
		}
1498
1499
		// Define what paid modules are supported by premium plans
1500
		$premium_plans = array(
1501
			'jetpack_premium',
1502
			'jetpack_premium_monthly',
1503
			'value_bundle',
1504
		);
1505
1506 View Code Duplication
		if ( in_array( $plan['product_slug'], $premium_plans ) ) {
1507
			$supports[] = 'akismet';
1508
			$supports[] = 'vaultpress';
1509
			$plan['class'] = 'premium';
1510
		}
1511
1512
		// Define what paid modules are supported by professional plans
1513
		$business_plans = array(
1514
			'jetpack_business',
1515
			'jetpack_business_monthly',
1516
			'business-bundle',
1517
			'vip',
1518
		);
1519
1520 View Code Duplication
		if ( in_array( $plan['product_slug'], $business_plans ) ) {
1521
			$supports[] = 'akismet';
1522
			$supports[] = 'vaultpress';
1523
			$plan['class'] = 'business';
1524
		}
1525
1526
		// get available features
1527
		foreach ( self::get_available_modules() as $module_slug ) {
1528
			$module = self::get_module( $module_slug );
1529
			if ( ! isset( $module ) || ! is_array( $module ) ) {
1530
				continue;
1531
			}
1532
			if ( in_array( 'free', $module['plan_classes'] ) || in_array( $plan['class'], $module['plan_classes'] ) ) {
1533
				$supports[] = $module_slug;
1534
			}
1535
		}
1536
1537
		$plan['supports'] = $supports;
1538
1539
		$active_plan_cache = $plan;
1540
1541
		return $plan;
1542
	}
1543
1544
	/**
1545
	 * Determine whether the active plan supports a particular feature
1546
	 *
1547
	 * @uses Jetpack::get_active_plan()
1548
	 *
1549
	 * @access public
1550
	 * @static
1551
	 *
1552
	 * @return bool True if plan supports feature, false if not
1553
	 */
1554
	public static function active_plan_supports( $feature ) {
1555
		$plan = Jetpack::get_active_plan();
1556
1557
		// Manually mapping WordPress.com features to Jetpack module slugs
1558
		foreach ( $plan['features']['active'] as $wpcom_feature ) {
1559
			switch ( $wpcom_feature ) {
1560
				case 'wordads-jetpack';
0 ignored issues
show
Coding Style introduced by
case statements should be defined using a colon.

As per the PSR-2 coding standard, case statements should not be wrapped in curly braces. There is no need for braces, since each case is terminated by the next break.

There is also the option to use a semicolon instead of a colon, this is discouraged because many programmers do not even know it works and the colon is universal between programming languages.

switch ($expr) {
    case "A": { //wrong
        doSomething();
        break;
    }
    case "B"; //wrong
        doSomething();
        break;
    case "C": //right
        doSomething();
        break;
}

To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.

Loading history...
1561
1562
				// WordAds are supported for this site
1563
				if ( 'wordads' === $feature ) {
1564
					return true;
1565
				}
1566
				break;
1567
			}
1568
		}
1569
1570
		if (
1571
			in_array( $feature, $plan['supports'] )
1572
			|| in_array( $feature, $plan['features']['active'] )
1573
		) {
1574
			return true;
1575
		}
1576
1577
		return false;
1578
	}
1579
1580
	/**
1581
	 * Is Jetpack in development (offline) mode?
1582
	 */
1583
	public static function is_development_mode() {
1584
		$development_mode = false;
1585
1586
		if ( defined( 'JETPACK_DEV_DEBUG' ) ) {
1587
			$development_mode = JETPACK_DEV_DEBUG;
1588
		} elseif ( $site_url = site_url() ) {
1589
			$development_mode = false === strpos( $site_url, '.' );
1590
		}
1591
1592
		/**
1593
		 * Filters Jetpack's development mode.
1594
		 *
1595
		 * @see https://jetpack.com/support/development-mode/
1596
		 *
1597
		 * @since 2.2.1
1598
		 *
1599
		 * @param bool $development_mode Is Jetpack's development mode active.
1600
		 */
1601
		$development_mode = ( bool ) apply_filters( 'jetpack_development_mode', $development_mode );
1602
		return $development_mode;
1603
	}
1604
1605
	/**
1606
	 * Whether the site is currently onboarding or not.
1607
	 * A site is considered as being onboarded if it currently has an onboarding token.
1608
	 *
1609
	 * @since 5.8
1610
	 *
1611
	 * @access public
1612
	 * @static
1613
	 *
1614
	 * @return bool True if the site is currently onboarding, false otherwise
1615
	 */
1616
	public static function is_onboarding() {
1617
		return Jetpack_Options::get_option( 'onboarding' ) !== false;
1618
	}
1619
1620
	/**
1621
	* Get Jetpack development mode notice text and notice class.
1622
	*
1623
	* Mirrors the checks made in Jetpack::is_development_mode
1624
	*
1625
	*/
1626
	public static function show_development_mode_notice() {
1627
		if ( Jetpack::is_development_mode() ) {
1628
			if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1629
				$notice = sprintf(
1630
					/* translators: %s is a URL */
1631
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the JETPACK_DEV_DEBUG constant being defined in wp-config.php or elsewhere.', 'jetpack' ),
1632
					'https://jetpack.com/support/development-mode/'
1633
				);
1634
			} elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1635
				$notice = sprintf(
1636
					/* translators: %s is a URL */
1637
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via site URL lacking a dot (e.g. http://localhost).', 'jetpack' ),
1638
					'https://jetpack.com/support/development-mode/'
1639
				);
1640
			} else {
1641
				$notice = sprintf(
1642
					/* translators: %s is a URL */
1643
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the jetpack_development_mode filter.', 'jetpack' ),
1644
					'https://jetpack.com/support/development-mode/'
1645
				);
1646
			}
1647
1648
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1649
		}
1650
1651
		// Throw up a notice if using a development version and as for feedback.
1652
		if ( Jetpack::is_development_version() ) {
1653
			/* translators: %s is a URL */
1654
			$notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.com/contact-support/beta-group/' );
1655
1656
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1657
		}
1658
		// Throw up a notice if using staging mode
1659
		if ( Jetpack::is_staging_site() ) {
1660
			/* translators: %s is a URL */
1661
			$notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', 'jetpack' ), 'https://jetpack.com/support/staging-sites/' );
1662
1663
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1664
		}
1665
	}
1666
1667
	/**
1668
	 * Whether Jetpack's version maps to a public release, or a development version.
1669
	 */
1670
	public static function is_development_version() {
1671
		/**
1672
		 * Allows filtering whether this is a development version of Jetpack.
1673
		 *
1674
		 * This filter is especially useful for tests.
1675
		 *
1676
		 * @since 4.3.0
1677
		 *
1678
		 * @param bool $development_version Is this a develoment version of Jetpack?
1679
		 */
1680
		return (bool) apply_filters(
1681
			'jetpack_development_version',
1682
			! preg_match( '/^\d+(\.\d+)+$/', Jetpack_Constants::get_constant( 'JETPACK__VERSION' ) )
1683
		);
1684
	}
1685
1686
	/**
1687
	 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1688
	 */
1689
	public static function is_user_connected( $user_id = false ) {
1690
		$user_id = false === $user_id ? get_current_user_id() : absint( $user_id );
1691
		if ( ! $user_id ) {
1692
			return false;
1693
		}
1694
1695
		return (bool) Jetpack_Data::get_access_token( $user_id );
1696
	}
1697
1698
	/**
1699
	 * Get the wpcom user data of the current|specified connected user.
1700
	 */
1701
	public static function get_connected_user_data( $user_id = null ) {
1702
		if ( ! $user_id ) {
1703
			$user_id = get_current_user_id();
1704
		}
1705
1706
		$transient_key = "jetpack_connected_user_data_$user_id";
1707
1708
		if ( $cached_user_data = get_transient( $transient_key ) ) {
1709
			return $cached_user_data;
1710
		}
1711
1712
		Jetpack::load_xml_rpc_client();
1713
		$xml = new Jetpack_IXR_Client( array(
1714
			'user_id' => $user_id,
1715
		) );
1716
		$xml->query( 'wpcom.getUser' );
1717
		if ( ! $xml->isError() ) {
1718
			$user_data = $xml->getResponse();
1719
			set_transient( $transient_key, $xml->getResponse(), DAY_IN_SECONDS );
1720
			return $user_data;
1721
		}
1722
1723
		return false;
1724
	}
1725
1726
	/**
1727
	 * Get the wpcom email of the current|specified connected user.
1728
	 */
1729 View Code Duplication
	public static function get_connected_user_email( $user_id = null ) {
1730
		if ( ! $user_id ) {
1731
			$user_id = get_current_user_id();
1732
		}
1733
		Jetpack::load_xml_rpc_client();
1734
		$xml = new Jetpack_IXR_Client( array(
1735
			'user_id' => $user_id,
1736
		) );
1737
		$xml->query( 'wpcom.getUserEmail' );
1738
		if ( ! $xml->isError() ) {
1739
			return $xml->getResponse();
1740
		}
1741
		return false;
1742
	}
1743
1744
	/**
1745
	 * Get the wpcom email of the master user.
1746
	 */
1747
	public static function get_master_user_email() {
1748
		$master_user_id = Jetpack_Options::get_option( 'master_user' );
1749
		if ( $master_user_id ) {
1750
			return self::get_connected_user_email( $master_user_id );
1751
		}
1752
		return '';
1753
	}
1754
1755
	function current_user_is_connection_owner() {
1756
		$user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1757
		return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && get_current_user_id() === $user_token->external_user_id;
1758
	}
1759
1760
	/**
1761
	 * Gets current user IP address.
1762
	 *
1763
	 * @param  bool $check_all_headers Check all headers? Default is `false`.
1764
	 *
1765
	 * @return string                  Current user IP address.
1766
	 */
1767
	public static function current_user_ip( $check_all_headers = false ) {
1768
		if ( $check_all_headers ) {
1769
			foreach ( array(
1770
				'HTTP_CF_CONNECTING_IP',
1771
				'HTTP_CLIENT_IP',
1772
				'HTTP_X_FORWARDED_FOR',
1773
				'HTTP_X_FORWARDED',
1774
				'HTTP_X_CLUSTER_CLIENT_IP',
1775
				'HTTP_FORWARDED_FOR',
1776
				'HTTP_FORWARDED',
1777
				'HTTP_VIA',
1778
			) as $key ) {
1779
				if ( ! empty( $_SERVER[ $key ] ) ) {
1780
					return $_SERVER[ $key ];
1781
				}
1782
			}
1783
		}
1784
1785
		return ! empty( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : '';
1786
	}
1787
1788
	/**
1789
	 * Add any extra oEmbed providers that we know about and use on wpcom for feature parity.
1790
	 */
1791
	function extra_oembed_providers() {
1792
		// Cloudup: https://dev.cloudup.com/#oembed
1793
		wp_oembed_add_provider( 'https://cloudup.com/*' , 'https://cloudup.com/oembed' );
1794
		wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' );
1795
		wp_oembed_add_provider( '#https?://(www\.)?gfycat\.com/.*#i', 'https://api.gfycat.com/v1/oembed', true );
1796
		wp_oembed_add_provider( '#https?://[^.]+\.(wistia\.com|wi\.st)/(medias|embed)/.*#', 'https://fast.wistia.com/oembed', true );
1797
		wp_oembed_add_provider( '#https?://sketchfab\.com/.*#i', 'https://sketchfab.com/oembed', true );
1798
		wp_oembed_add_provider( '#https?://(www\.)?icloud\.com/keynote/.*#i', 'https://iwmb.icloud.com/iwmb/oembed', true );
1799
	}
1800
1801
	/**
1802
	 * Synchronize connected user role changes
1803
	 */
1804
	function user_role_change( $user_id ) {
1805
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Jetpack_Sync_Users::user_role_change()' );
1806
		Jetpack_Sync_Users::user_role_change( $user_id );
1807
	}
1808
1809
	/**
1810
	 * Loads the currently active modules.
1811
	 */
1812
	public static function load_modules() {
1813
		if (
1814
			! self::is_active()
1815
			&& ! self::is_development_mode()
1816
			&& ! self::is_onboarding()
1817
			&& (
1818
				! is_multisite()
1819
				|| ! get_site_option( 'jetpack_protect_active' )
1820
			)
1821
		) {
1822
			return;
1823
		}
1824
1825
		$version = Jetpack_Options::get_option( 'version' );
1826 View Code Duplication
		if ( ! $version ) {
1827
			$version = $old_version = JETPACK__VERSION . ':' . time();
1828
			/** This action is documented in class.jetpack.php */
1829
			do_action( 'updating_jetpack_version', $version, false );
1830
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1831
		}
1832
		list( $version ) = explode( ':', $version );
1833
1834
		$modules = array_filter( Jetpack::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1835
1836
		$modules_data = array();
1837
1838
		// Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1839
		if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1840
			$updated_modules = array();
1841
			foreach ( $modules as $module ) {
1842
				$modules_data[ $module ] = Jetpack::get_module( $module );
1843
				if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1844
					continue;
1845
				}
1846
1847
				if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1848
					continue;
1849
				}
1850
1851
				$updated_modules[] = $module;
1852
			}
1853
1854
			$modules = array_diff( $modules, $updated_modules );
1855
		}
1856
1857
		$is_development_mode = Jetpack::is_development_mode();
1858
1859
		foreach ( $modules as $index => $module ) {
1860
			// If we're in dev mode, disable modules requiring a connection
1861
			if ( $is_development_mode ) {
1862
				// Prime the pump if we need to
1863
				if ( empty( $modules_data[ $module ] ) ) {
1864
					$modules_data[ $module ] = Jetpack::get_module( $module );
1865
				}
1866
				// If the module requires a connection, but we're in local mode, don't include it.
1867
				if ( $modules_data[ $module ]['requires_connection'] ) {
1868
					continue;
1869
				}
1870
			}
1871
1872
			if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1873
				continue;
1874
			}
1875
1876
			if ( ! include_once( Jetpack::get_module_path( $module ) ) ) {
1877
				unset( $modules[ $index ] );
1878
				self::update_active_modules( array_values( $modules ) );
1879
				continue;
1880
			}
1881
1882
			/**
1883
			 * Fires when a specific module is loaded.
1884
			 * The dynamic part of the hook, $module, is the module slug.
1885
			 *
1886
			 * @since 1.1.0
1887
			 */
1888
			do_action( 'jetpack_module_loaded_' . $module );
1889
		}
1890
1891
		/**
1892
		 * Fires when all the modules are loaded.
1893
		 *
1894
		 * @since 1.1.0
1895
		 */
1896
		do_action( 'jetpack_modules_loaded' );
1897
1898
		// Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1899
		require_once( JETPACK__PLUGIN_DIR . 'modules/module-extras.php' );
1900
	}
1901
1902
	/**
1903
	 * Check if Jetpack's REST API compat file should be included
1904
	 * @action plugins_loaded
1905
	 * @return null
1906
	 */
1907
	public function check_rest_api_compat() {
1908
		/**
1909
		 * Filters the list of REST API compat files to be included.
1910
		 *
1911
		 * @since 2.2.5
1912
		 *
1913
		 * @param array $args Array of REST API compat files to include.
1914
		 */
1915
		$_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1916
1917
		if ( function_exists( 'bbpress' ) )
1918
			$_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php';
1919
1920
		foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include )
1921
			require_once $_jetpack_rest_api_compat_include;
1922
	}
1923
1924
	/**
1925
	 * Gets all plugins currently active in values, regardless of whether they're
1926
	 * traditionally activated or network activated.
1927
	 *
1928
	 * @todo Store the result in core's object cache maybe?
0 ignored issues
show
Coding Style introduced by
Comment refers to a TODO task

This check looks TODO comments that have been left in the code.

``TODO``s show that something is left unfinished and should be attended to.

Loading history...
1929
	 */
1930
	public static function get_active_plugins() {
1931
		$active_plugins = (array) get_option( 'active_plugins', array() );
1932
1933
		if ( is_multisite() ) {
1934
			// Due to legacy code, active_sitewide_plugins stores them in the keys,
1935
			// whereas active_plugins stores them in the values.
1936
			$network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
1937
			if ( $network_plugins ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $network_plugins of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
1938
				$active_plugins = array_merge( $active_plugins, $network_plugins );
1939
			}
1940
		}
1941
1942
		sort( $active_plugins );
1943
1944
		return array_unique( $active_plugins );
1945
	}
1946
1947
	/**
1948
	 * Gets and parses additional plugin data to send with the heartbeat data
1949
	 *
1950
	 * @since 3.8.1
1951
	 *
1952
	 * @return array Array of plugin data
1953
	 */
1954
	public static function get_parsed_plugin_data() {
1955
		if ( ! function_exists( 'get_plugins' ) ) {
1956
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1957
		}
1958
		/** This filter is documented in wp-admin/includes/class-wp-plugins-list-table.php */
1959
		$all_plugins    = apply_filters( 'all_plugins', get_plugins() );
1960
		$active_plugins = Jetpack::get_active_plugins();
1961
1962
		$plugins = array();
1963
		foreach ( $all_plugins as $path => $plugin_data ) {
1964
			$plugins[ $path ] = array(
1965
					'is_active' => in_array( $path, $active_plugins ),
1966
					'file'      => $path,
1967
					'name'      => $plugin_data['Name'],
1968
					'version'   => $plugin_data['Version'],
1969
					'author'    => $plugin_data['Author'],
1970
			);
1971
		}
1972
1973
		return $plugins;
1974
	}
1975
1976
	/**
1977
	 * Gets and parses theme data to send with the heartbeat data
1978
	 *
1979
	 * @since 3.8.1
1980
	 *
1981
	 * @return array Array of theme data
1982
	 */
1983
	public static function get_parsed_theme_data() {
1984
		$all_themes = wp_get_themes( array( 'allowed' => true ) );
1985
		$header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
1986
1987
		$themes = array();
1988
		foreach ( $all_themes as $slug => $theme_data ) {
1989
			$theme_headers = array();
1990
			foreach ( $header_keys as $header_key ) {
1991
				$theme_headers[ $header_key ] = $theme_data->get( $header_key );
1992
			}
1993
1994
			$themes[ $slug ] = array(
1995
					'is_active_theme' => $slug == wp_get_theme()->get_template(),
1996
					'slug' => $slug,
1997
					'theme_root' => $theme_data->get_theme_root_uri(),
1998
					'parent' => $theme_data->parent(),
1999
					'headers' => $theme_headers
2000
			);
2001
		}
2002
2003
		return $themes;
2004
	}
2005
2006
	/**
2007
	 * Checks whether a specific plugin is active.
2008
	 *
2009
	 * We don't want to store these in a static variable, in case
2010
	 * there are switch_to_blog() calls involved.
2011
	 */
2012
	public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
2013
		return in_array( $plugin, self::get_active_plugins() );
2014
	}
2015
2016
	/**
2017
	 * Check if Jetpack's Open Graph tags should be used.
2018
	 * If certain plugins are active, Jetpack's og tags are suppressed.
2019
	 *
2020
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
2021
	 * @action plugins_loaded
2022
	 * @return null
2023
	 */
2024
	public function check_open_graph() {
2025
		if ( in_array( 'publicize', Jetpack::get_active_modules() ) || in_array( 'sharedaddy', Jetpack::get_active_modules() ) ) {
2026
			add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
2027
		}
2028
2029
		$active_plugins = self::get_active_plugins();
2030
2031
		if ( ! empty( $active_plugins ) ) {
2032
			foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
2033
				if ( in_array( $plugin, $active_plugins ) ) {
2034
					add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
2035
					break;
2036
				}
2037
			}
2038
		}
2039
2040
		/**
2041
		 * Allow the addition of Open Graph Meta Tags to all pages.
2042
		 *
2043
		 * @since 2.0.3
2044
		 *
2045
		 * @param bool false Should Open Graph Meta tags be added. Default to false.
2046
		 */
2047
		if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
2048
			require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
2049
		}
2050
	}
2051
2052
	/**
2053
	 * Check if Jetpack's Twitter tags should be used.
2054
	 * If certain plugins are active, Jetpack's twitter tags are suppressed.
2055
	 *
2056
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
2057
	 * @action plugins_loaded
2058
	 * @return null
2059
	 */
2060
	public function check_twitter_tags() {
2061
2062
		$active_plugins = self::get_active_plugins();
2063
2064
		if ( ! empty( $active_plugins ) ) {
2065
			foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
2066
				if ( in_array( $plugin, $active_plugins ) ) {
2067
					add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
2068
					break;
2069
				}
2070
			}
2071
		}
2072
2073
		/**
2074
		 * Allow Twitter Card Meta tags to be disabled.
2075
		 *
2076
		 * @since 2.6.0
2077
		 *
2078
		 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
2079
		 */
2080
		if ( ! apply_filters( 'jetpack_disable_twitter_cards', false ) ) {
2081
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
2082
		}
2083
	}
2084
2085
	/**
2086
	 * Allows plugins to submit security reports.
2087
 	 *
2088
	 * @param string  $type         Report type (login_form, backup, file_scanning, spam)
2089
	 * @param string  $plugin_file  Plugin __FILE__, so that we can pull plugin data
2090
	 * @param array   $args         See definitions above
2091
	 */
2092
	public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
2093
		_deprecated_function( __FUNCTION__, 'jetpack-4.2', null );
2094
	}
2095
2096
/* Jetpack Options API */
2097
2098
	public static function get_option_names( $type = 'compact' ) {
2099
		return Jetpack_Options::get_option_names( $type );
2100
	}
2101
2102
	/**
2103
	 * Returns the requested option.  Looks in jetpack_options or jetpack_$name as appropriate.
2104
 	 *
2105
	 * @param string $name    Option name
2106
	 * @param mixed  $default (optional)
2107
	 */
2108
	public static function get_option( $name, $default = false ) {
2109
		return Jetpack_Options::get_option( $name, $default );
2110
	}
2111
2112
	/**
2113
	 * Updates the single given option.  Updates jetpack_options or jetpack_$name as appropriate.
2114
 	 *
2115
	 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
2116
	 * @param string $name  Option name
2117
	 * @param mixed  $value Option value
2118
	 */
2119
	public static function update_option( $name, $value ) {
2120
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
2121
		return Jetpack_Options::update_option( $name, $value );
2122
	}
2123
2124
	/**
2125
	 * Updates the multiple given options.  Updates jetpack_options and/or jetpack_$name as appropriate.
2126
 	 *
2127
	 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
2128
	 * @param array $array array( option name => option value, ... )
2129
	 */
2130
	public static function update_options( $array ) {
2131
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
2132
		return Jetpack_Options::update_options( $array );
2133
	}
2134
2135
	/**
2136
	 * Deletes the given option.  May be passed multiple option names as an array.
2137
	 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
2138
	 *
2139
	 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
2140
	 * @param string|array $names
2141
	 */
2142
	public static function delete_option( $names ) {
2143
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
2144
		return Jetpack_Options::delete_option( $names );
2145
	}
2146
2147
	/**
2148
	 * Enters a user token into the user_tokens option
2149
	 *
2150
	 * @param int $user_id
2151
	 * @param string $token
2152
	 * return bool
2153
	 */
2154
	public static function update_user_token( $user_id, $token, $is_master_user ) {
2155
		// not designed for concurrent updates
2156
		$user_tokens = Jetpack_Options::get_option( 'user_tokens' );
2157
		if ( ! is_array( $user_tokens ) )
2158
			$user_tokens = array();
2159
		$user_tokens[$user_id] = $token;
2160
		if ( $is_master_user ) {
2161
			$master_user = $user_id;
2162
			$options     = compact( 'user_tokens', 'master_user' );
2163
		} else {
2164
			$options = compact( 'user_tokens' );
2165
		}
2166
		return Jetpack_Options::update_options( $options );
2167
	}
2168
2169
	/**
2170
	 * Returns an array of all PHP files in the specified absolute path.
2171
	 * Equivalent to glob( "$absolute_path/*.php" ).
2172
	 *
2173
	 * @param string $absolute_path The absolute path of the directory to search.
2174
	 * @return array Array of absolute paths to the PHP files.
2175
	 */
2176
	public static function glob_php( $absolute_path ) {
2177
		if ( function_exists( 'glob' ) ) {
2178
			return glob( "$absolute_path/*.php" );
2179
		}
2180
2181
		$absolute_path = untrailingslashit( $absolute_path );
2182
		$files = array();
2183
		if ( ! $dir = @opendir( $absolute_path ) ) {
2184
			return $files;
2185
		}
2186
2187
		while ( false !== $file = readdir( $dir ) ) {
2188
			if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
2189
				continue;
2190
			}
2191
2192
			$file = "$absolute_path/$file";
2193
2194
			if ( ! is_file( $file ) ) {
2195
				continue;
2196
			}
2197
2198
			$files[] = $file;
2199
		}
2200
2201
		closedir( $dir );
2202
2203
		return $files;
2204
	}
2205
2206
	public static function activate_new_modules( $redirect = false ) {
2207
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
2208
			return;
2209
		}
2210
2211
		$jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
2212 View Code Duplication
		if ( ! $jetpack_old_version ) {
2213
			$jetpack_old_version = $version = $old_version = '1.1:' . time();
2214
			/** This action is documented in class.jetpack.php */
2215
			do_action( 'updating_jetpack_version', $version, false );
2216
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2217
		}
2218
2219
		list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
2220
2221
		if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
2222
			return;
2223
		}
2224
2225
		$active_modules     = Jetpack::get_active_modules();
2226
		$reactivate_modules = array();
2227
		foreach ( $active_modules as $active_module ) {
2228
			$module = Jetpack::get_module( $active_module );
2229
			if ( ! isset( $module['changed'] ) ) {
2230
				continue;
2231
			}
2232
2233
			if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
2234
				continue;
2235
			}
2236
2237
			$reactivate_modules[] = $active_module;
2238
			Jetpack::deactivate_module( $active_module );
2239
		}
2240
2241
		$new_version = JETPACK__VERSION . ':' . time();
2242
		/** This action is documented in class.jetpack.php */
2243
		do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
2244
		Jetpack_Options::update_options(
2245
			array(
2246
				'version'     => $new_version,
2247
				'old_version' => $jetpack_old_version,
2248
			)
2249
		);
2250
2251
		Jetpack::state( 'message', 'modules_activated' );
2252
		Jetpack::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules );
0 ignored issues
show
Documentation introduced by
JETPACK__VERSION is of type string, but the function expects a boolean.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
2253
2254
		if ( $redirect ) {
2255
			$page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
2256
			if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
2257
				$page = $_GET['page'];
2258
			}
2259
2260
			wp_safe_redirect( Jetpack::admin_url( 'page=' . $page ) );
2261
			exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method activate_new_modules() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
2262
		}
2263
	}
2264
2265
	/**
2266
	 * List available Jetpack modules. Simply lists .php files in /modules/.
2267
	 * Make sure to tuck away module "library" files in a sub-directory.
2268
	 */
2269
	public static function get_available_modules( $min_version = false, $max_version = false ) {
2270
		static $modules = null;
2271
2272
		if ( ! isset( $modules ) ) {
2273
			$available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
2274
			// Use the cache if we're on the front-end and it's available...
2275
			if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
2276
				$modules = $available_modules_option[ JETPACK__VERSION ];
2277
			} else {
2278
				$files = Jetpack::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
2279
2280
				$modules = array();
2281
2282
				foreach ( $files as $file ) {
2283
					if ( ! $headers = Jetpack::get_module( $file ) ) {
2284
						continue;
2285
					}
2286
2287
					$modules[ Jetpack::get_module_slug( $file ) ] = $headers['introduced'];
2288
				}
2289
2290
				Jetpack_Options::update_option( 'available_modules', array(
2291
					JETPACK__VERSION => $modules,
2292
				) );
2293
			}
2294
		}
2295
2296
		/**
2297
		 * Filters the array of modules available to be activated.
2298
		 *
2299
		 * @since 2.4.0
2300
		 *
2301
		 * @param array $modules Array of available modules.
2302
		 * @param string $min_version Minimum version number required to use modules.
2303
		 * @param string $max_version Maximum version number required to use modules.
2304
		 */
2305
		$mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2306
2307
		if ( ! $min_version && ! $max_version ) {
2308
			return array_keys( $mods );
2309
		}
2310
2311
		$r = array();
2312
		foreach ( $mods as $slug => $introduced ) {
2313
			if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2314
				continue;
2315
			}
2316
2317
			if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2318
				continue;
2319
			}
2320
2321
			$r[] = $slug;
2322
		}
2323
2324
		return $r;
2325
	}
2326
2327
	/**
2328
	 * Default modules loaded on activation.
2329
	 */
2330
	public static function get_default_modules( $min_version = false, $max_version = false ) {
2331
		$return = array();
2332
2333
		foreach ( Jetpack::get_available_modules( $min_version, $max_version ) as $module ) {
2334
			$module_data = Jetpack::get_module( $module );
2335
2336
			switch ( strtolower( $module_data['auto_activate'] ) ) {
2337
				case 'yes' :
2338
					$return[] = $module;
2339
					break;
2340
				case 'public' :
2341
					if ( Jetpack_Options::get_option( 'public' ) ) {
2342
						$return[] = $module;
2343
					}
2344
					break;
2345
				case 'no' :
2346
				default :
0 ignored issues
show
Coding Style introduced by
There must be no space before the colon in a DEFAULT statement

As per the PSR-2 coding standard, there must not be a space in front of the colon in the default statement.

switch ($expr) {
    default : //wrong
        doSomething();
        break;
}

switch ($expr) {
    default: //right
        doSomething();
        break;
}

To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.

Loading history...
2347
					break;
2348
			}
2349
		}
2350
		/**
2351
		 * Filters the array of default modules.
2352
		 *
2353
		 * @since 2.5.0
2354
		 *
2355
		 * @param array $return Array of default modules.
2356
		 * @param string $min_version Minimum version number required to use modules.
2357
		 * @param string $max_version Maximum version number required to use modules.
2358
		 */
2359
		return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2360
	}
2361
2362
	/**
2363
	 * Checks activated modules during auto-activation to determine
2364
	 * if any of those modules are being deprecated.  If so, close
2365
	 * them out, and add any replacement modules.
2366
	 *
2367
	 * Runs at priority 99 by default.
2368
	 *
2369
	 * This is run late, so that it can still activate a module if
2370
	 * the new module is a replacement for another that the user
2371
	 * currently has active, even if something at the normal priority
2372
	 * would kibosh everything.
2373
	 *
2374
	 * @since 2.6
2375
	 * @uses jetpack_get_default_modules filter
2376
	 * @param array $modules
2377
	 * @return array
2378
	 */
2379
	function handle_deprecated_modules( $modules ) {
2380
		$deprecated_modules = array(
2381
			'debug'            => null,  // Closed out and moved to ./class.jetpack-debugger.php
2382
			'wpcc'             => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2383
			'gplus-authorship' => null,  // Closed out in 3.2 -- Google dropped support.
2384
		);
2385
2386
		// Don't activate SSO if they never completed activating WPCC.
2387
		if ( Jetpack::is_module_active( 'wpcc' ) ) {
2388
			$wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2389
			if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2390
				$deprecated_modules['wpcc'] = null;
2391
			}
2392
		}
2393
2394
		foreach ( $deprecated_modules as $module => $replacement ) {
2395
			if ( Jetpack::is_module_active( $module ) ) {
2396
				self::deactivate_module( $module );
2397
				if ( $replacement ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $replacement of type null|string is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
2398
					$modules[] = $replacement;
2399
				}
2400
			}
2401
		}
2402
2403
		return array_unique( $modules );
2404
	}
2405
2406
	/**
2407
	 * Checks activated plugins during auto-activation to determine
2408
	 * if any of those plugins are in the list with a corresponding module
2409
	 * that is not compatible with the plugin. The module will not be allowed
2410
	 * to auto-activate.
2411
	 *
2412
	 * @since 2.6
2413
	 * @uses jetpack_get_default_modules filter
2414
	 * @param array $modules
2415
	 * @return array
2416
	 */
2417
	function filter_default_modules( $modules ) {
2418
2419
		$active_plugins = self::get_active_plugins();
2420
2421
		if ( ! empty( $active_plugins ) ) {
2422
2423
			// For each module we'd like to auto-activate...
2424
			foreach ( $modules as $key => $module ) {
2425
				// If there are potential conflicts for it...
2426
				if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2427
					// For each potential conflict...
2428
					foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2429
						// If that conflicting plugin is active...
2430
						if ( in_array( $plugin, $active_plugins ) ) {
2431
							// Remove that item from being auto-activated.
2432
							unset( $modules[ $key ] );
2433
						}
2434
					}
2435
				}
2436
			}
2437
		}
2438
2439
		return $modules;
2440
	}
2441
2442
	/**
2443
	 * Extract a module's slug from its full path.
2444
	 */
2445
	public static function get_module_slug( $file ) {
2446
		return str_replace( '.php', '', basename( $file ) );
2447
	}
2448
2449
	/**
2450
	 * Generate a module's path from its slug.
2451
	 */
2452
	public static function get_module_path( $slug ) {
2453
		return JETPACK__PLUGIN_DIR . "modules/$slug.php";
2454
	}
2455
2456
	/**
2457
	 * Load module data from module file. Headers differ from WordPress
2458
	 * plugin headers to avoid them being identified as standalone
2459
	 * plugins on the WordPress plugins page.
2460
	 */
2461
	public static function get_module( $module ) {
2462
		$headers = array(
2463
			'name'                      => 'Module Name',
2464
			'description'               => 'Module Description',
2465
			'jumpstart_desc'            => 'Jumpstart Description',
2466
			'sort'                      => 'Sort Order',
2467
			'recommendation_order'      => 'Recommendation Order',
2468
			'introduced'                => 'First Introduced',
2469
			'changed'                   => 'Major Changes In',
2470
			'deactivate'                => 'Deactivate',
2471
			'free'                      => 'Free',
2472
			'requires_connection'       => 'Requires Connection',
2473
			'auto_activate'             => 'Auto Activate',
2474
			'module_tags'               => 'Module Tags',
2475
			'feature'                   => 'Feature',
2476
			'additional_search_queries' => 'Additional Search Queries',
2477
			'plan_classes'              => 'Plans',
2478
		);
2479
2480
		$file = Jetpack::get_module_path( Jetpack::get_module_slug( $module ) );
2481
2482
		$mod = Jetpack::get_file_data( $file, $headers );
2483
		if ( empty( $mod['name'] ) ) {
2484
			return false;
2485
		}
2486
2487
		$mod['sort']                    = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2488
		$mod['recommendation_order']    = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2489
		$mod['deactivate']              = empty( $mod['deactivate'] );
2490
		$mod['free']                    = empty( $mod['free'] );
2491
		$mod['requires_connection']     = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2492
2493
		if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2494
			$mod['auto_activate'] = 'No';
2495
		} else {
2496
			$mod['auto_activate'] = (string) $mod['auto_activate'];
2497
		}
2498
2499
		if ( $mod['module_tags'] ) {
2500
			$mod['module_tags'] = explode( ',', $mod['module_tags'] );
2501
			$mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2502
			$mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2503
		} else {
2504
			$mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2505
		}
2506
2507 View Code Duplication
		if ( $mod['plan_classes'] ) {
2508
			$mod['plan_classes'] = explode( ',', $mod['plan_classes'] );
2509
			$mod['plan_classes'] = array_map( 'strtolower', array_map( 'trim', $mod['plan_classes'] ) );
2510
		} else {
2511
			$mod['plan_classes'] = array( 'free' );
2512
		}
2513
2514 View Code Duplication
		if ( $mod['feature'] ) {
2515
			$mod['feature'] = explode( ',', $mod['feature'] );
2516
			$mod['feature'] = array_map( 'trim', $mod['feature'] );
2517
		} else {
2518
			$mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2519
		}
2520
2521
		/**
2522
		 * Filters the feature array on a module.
2523
		 *
2524
		 * This filter allows you to control where each module is filtered: Recommended,
2525
		 * Jumpstart, and the default "Other" listing.
2526
		 *
2527
		 * @since 3.5.0
2528
		 *
2529
		 * @param array   $mod['feature'] The areas to feature this module:
2530
		 *     'Jumpstart' adds to the "Jumpstart" option to activate many modules at once.
2531
		 *     'Recommended' shows on the main Jetpack admin screen.
2532
		 *     'Other' should be the default if no other value is in the array.
2533
		 * @param string  $module The slug of the module, e.g. sharedaddy.
2534
		 * @param array   $mod All the currently assembled module data.
2535
		 */
2536
		$mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2537
2538
		/**
2539
		 * Filter the returned data about a module.
2540
		 *
2541
		 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2542
		 * so please be careful.
2543
		 *
2544
		 * @since 3.6.0
2545
		 *
2546
		 * @param array   $mod    The details of the requested module.
2547
		 * @param string  $module The slug of the module, e.g. sharedaddy
2548
		 * @param string  $file   The path to the module source file.
2549
		 */
2550
		return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2551
	}
2552
2553
	/**
2554
	 * Like core's get_file_data implementation, but caches the result.
2555
	 */
2556
	public static function get_file_data( $file, $headers ) {
2557
		//Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2558
		$file_name = basename( $file );
2559
2560
		$cache_key = 'jetpack_file_data_' . JETPACK__VERSION;
2561
2562
		$file_data_option = get_transient( $cache_key );
2563
2564
		if ( false === $file_data_option ) {
2565
			$file_data_option = array();
2566
		}
2567
2568
		$key           = md5( $file_name . serialize( $headers ) );
2569
		$refresh_cache = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2570
2571
		// If we don't need to refresh the cache, and already have the value, short-circuit!
2572
		if ( ! $refresh_cache && isset( $file_data_option[ $key ] ) ) {
2573
			return $file_data_option[ $key ];
2574
		}
2575
2576
		$data = get_file_data( $file, $headers );
2577
2578
		$file_data_option[ $key ] = $data;
2579
2580
		set_transient( $cache_key, $file_data_option, 29 * DAY_IN_SECONDS );
2581
2582
		return $data;
2583
	}
2584
2585
2586
	/**
2587
	 * Return translated module tag.
2588
	 *
2589
	 * @param string $tag Tag as it appears in each module heading.
2590
	 *
2591
	 * @return mixed
2592
	 */
2593
	public static function translate_module_tag( $tag ) {
2594
		return jetpack_get_module_i18n_tag( $tag );
2595
	}
2596
2597
	/**
2598
	 * Get i18n strings as a JSON-encoded string
2599
	 *
2600
	 * @return string The locale as JSON
2601
	 */
2602
	public static function get_i18n_data_json() {
2603
		$i18n_json = JETPACK__PLUGIN_DIR . 'languages/json/jetpack-' . jetpack_get_user_locale() . '.json';
2604
2605
		if ( is_file( $i18n_json ) && is_readable( $i18n_json ) ) {
2606
			$locale_data = @file_get_contents( $i18n_json );
2607
			if ( $locale_data ) {
2608
				return $locale_data;
2609
			}
2610
		}
2611
2612
		// Return valid empty Jed locale
2613
		return json_encode( array(
2614
			'' => array(
2615
				'domain' => 'jetpack',
2616
				'lang'   => is_admin() ? get_user_locale() : get_locale(),
2617
			),
2618
		) );
2619
	}
2620
2621
	/**
2622
	 * Return module name translation. Uses matching string created in modules/module-headings.php.
2623
	 *
2624
	 * @since 3.9.2
2625
	 *
2626
	 * @param array $modules
2627
	 *
2628
	 * @return string|void
2629
	 */
2630
	public static function get_translated_modules( $modules ) {
2631
		foreach ( $modules as $index => $module ) {
2632
			$i18n_module = jetpack_get_module_i18n( $module['module'] );
2633
			if ( isset( $module['name'] ) ) {
2634
				$modules[ $index ]['name'] = $i18n_module['name'];
2635
			}
2636
			if ( isset( $module['description'] ) ) {
2637
				$modules[ $index ]['description'] = $i18n_module['description'];
2638
				$modules[ $index ]['short_description'] = $i18n_module['description'];
2639
			}
2640
		}
2641
		return $modules;
2642
	}
2643
2644
	/**
2645
	 * Get a list of activated modules as an array of module slugs.
2646
	 */
2647
	public static function get_active_modules() {
2648
		$active = Jetpack_Options::get_option( 'active_modules' );
2649
2650
		if ( ! is_array( $active ) ) {
2651
			$active = array();
2652
		}
2653
2654
		if ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) {
2655
			$active[] = 'vaultpress';
2656
		} else {
2657
			$active = array_diff( $active, array( 'vaultpress' ) );
2658
		}
2659
2660
		//If protect is active on the main site of a multisite, it should be active on all sites.
2661
		if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2662
			$active[] = 'protect';
2663
		}
2664
2665
		/**
2666
		 * Allow filtering of the active modules.
2667
		 *
2668
		 * Gives theme and plugin developers the power to alter the modules that
2669
		 * are activated on the fly.
2670
		 *
2671
		 * @since 5.8.0
2672
		 *
2673
		 * @param array $active Array of active module slugs.
2674
		 */
2675
		$active = apply_filters( 'jetpack_active_modules', $active );
2676
2677
		return array_unique( $active );
2678
	}
2679
2680
	/**
2681
	 * Check whether or not a Jetpack module is active.
2682
	 *
2683
	 * @param string $module The slug of a Jetpack module.
2684
	 * @return bool
2685
	 *
2686
	 * @static
2687
	 */
2688
	public static function is_module_active( $module ) {
2689
		return in_array( $module, self::get_active_modules() );
2690
	}
2691
2692
	public static function is_module( $module ) {
2693
		return ! empty( $module ) && ! validate_file( $module, Jetpack::get_available_modules() );
2694
	}
2695
2696
	/**
2697
	 * Catches PHP errors.  Must be used in conjunction with output buffering.
2698
	 *
2699
	 * @param bool $catch True to start catching, False to stop.
2700
	 *
2701
	 * @static
2702
	 */
2703
	public static function catch_errors( $catch ) {
2704
		static $display_errors, $error_reporting;
2705
2706
		if ( $catch ) {
2707
			$display_errors  = @ini_set( 'display_errors', 1 );
2708
			$error_reporting = @error_reporting( E_ALL );
2709
			add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2710
		} else {
2711
			@ini_set( 'display_errors', $display_errors );
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
2712
			@error_reporting( $error_reporting );
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
2713
			remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2714
		}
2715
	}
2716
2717
	/**
2718
	 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2719
	 */
2720
	public static function catch_errors_on_shutdown() {
2721
		Jetpack::state( 'php_errors', self::alias_directories( ob_get_clean() ) );
2722
	}
2723
2724
	/**
2725
	 * Rewrite any string to make paths easier to read.
2726
	 *
2727
	 * Rewrites ABSPATH (eg `/home/jetpack/wordpress/`) to ABSPATH, and if WP_CONTENT_DIR
2728
	 * is located outside of ABSPATH, rewrites that to WP_CONTENT_DIR.
2729
	 *
2730
	 * @param $string
2731
	 * @return mixed
2732
	 */
2733
	public static function alias_directories( $string ) {
2734
		// ABSPATH has a trailing slash.
2735
		$string = str_replace( ABSPATH, 'ABSPATH/', $string );
2736
		// WP_CONTENT_DIR does not have a trailing slash.
2737
		$string = str_replace( WP_CONTENT_DIR, 'WP_CONTENT_DIR', $string );
2738
2739
		return $string;
2740
	}
2741
2742
	public static function activate_default_modules(
2743
		$min_version = false,
2744
		$max_version = false,
2745
		$other_modules = array(),
2746
		$redirect = true,
2747
		$send_state_messages = true
2748
	) {
2749
		$jetpack = Jetpack::init();
2750
2751
		$modules = Jetpack::get_default_modules( $min_version, $max_version );
2752
		$modules = array_merge( $other_modules, $modules );
2753
2754
		// Look for standalone plugins and disable if active.
2755
2756
		$to_deactivate = array();
2757
		foreach ( $modules as $module ) {
2758
			if ( isset( $jetpack->plugins_to_deactivate[$module] ) ) {
2759
				$to_deactivate[$module] = $jetpack->plugins_to_deactivate[$module];
2760
			}
2761
		}
2762
2763
		$deactivated = array();
2764
		foreach ( $to_deactivate as $module => $deactivate_me ) {
2765
			list( $probable_file, $probable_title ) = $deactivate_me;
2766
			if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2767
				$deactivated[] = $module;
2768
			}
2769
		}
2770
2771
		if ( $deactivated && $redirect ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $deactivated of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
2772
			Jetpack::state( 'deactivated_plugins', join( ',', $deactivated ) );
2773
2774
			$url = add_query_arg(
2775
				array(
2776
					'action'   => 'activate_default_modules',
2777
					'_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2778
				),
2779
				add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), Jetpack::admin_url( 'page=jetpack' ) )
2780
			);
2781
			wp_safe_redirect( $url );
2782
			exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method activate_default_modules() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
2783
		}
2784
2785
		/**
2786
		 * Fires before default modules are activated.
2787
		 *
2788
		 * @since 1.9.0
2789
		 *
2790
		 * @param string $min_version Minimum version number required to use modules.
2791
		 * @param string $max_version Maximum version number required to use modules.
2792
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2793
		 */
2794
		do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2795
2796
		// Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2797
		Jetpack::restate();
2798
		Jetpack::catch_errors( true );
2799
2800
		$active = Jetpack::get_active_modules();
2801
2802
		foreach ( $modules as $module ) {
2803
			if ( did_action( "jetpack_module_loaded_$module" ) ) {
2804
				$active[] = $module;
2805
				self::update_active_modules( $active );
2806
				continue;
2807
			}
2808
2809
			if ( $send_state_messages && in_array( $module, $active ) ) {
2810
				$module_info = Jetpack::get_module( $module );
2811 View Code Duplication
				if ( ! $module_info['deactivate'] ) {
2812
					$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2813
					if ( $active_state = Jetpack::state( $state ) ) {
2814
						$active_state = explode( ',', $active_state );
2815
					} else {
2816
						$active_state = array();
2817
					}
2818
					$active_state[] = $module;
2819
					Jetpack::state( $state, implode( ',', $active_state ) );
2820
				}
2821
				continue;
2822
			}
2823
2824
			$file = Jetpack::get_module_path( $module );
2825
			if ( ! file_exists( $file ) ) {
2826
				continue;
2827
			}
2828
2829
			// we'll override this later if the plugin can be included without fatal error
2830
			if ( $redirect ) {
2831
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2832
			}
2833
2834
			if ( $send_state_messages ) {
2835
				Jetpack::state( 'error', 'module_activation_failed' );
2836
				Jetpack::state( 'module', $module );
2837
			}
2838
2839
			ob_start();
2840
			require_once $file;
2841
2842
			$active[] = $module;
2843
2844 View Code Duplication
			if ( $send_state_messages ) {
2845
2846
				$state    = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
0 ignored issues
show
Coding Style introduced by
Equals sign not aligned correctly; expected 1 space but found 4 spaces

This check looks for improperly formatted assignments.

Every assignment must have exactly one space before and one space after the equals operator.

To illustrate:

$a = "a";
$ab = "ab";
$abc = "abc";

will have no issues, while

$a   = "a";
$ab  = "ab";
$abc = "abc";

will report issues in lines 1 and 2.

Loading history...
2847
				if ( $active_state = Jetpack::state( $state ) ) {
2848
					$active_state = explode( ',', $active_state );
2849
				} else {
2850
					$active_state = array();
2851
				}
2852
				$active_state[] = $module;
2853
				Jetpack::state( $state, implode( ',', $active_state ) );
2854
			}
2855
2856
			Jetpack::update_active_modules( $active );
2857
2858
			ob_end_clean();
2859
		}
2860
2861
		if ( $send_state_messages ) {
2862
			Jetpack::state( 'error', false );
0 ignored issues
show
Documentation introduced by
false is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
2863
			Jetpack::state( 'module', false );
0 ignored issues
show
Documentation introduced by
false is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
2864
		}
2865
2866
		Jetpack::catch_errors( false );
2867
		/**
2868
		 * Fires when default modules are activated.
2869
		 *
2870
		 * @since 1.9.0
2871
		 *
2872
		 * @param string $min_version Minimum version number required to use modules.
2873
		 * @param string $max_version Maximum version number required to use modules.
2874
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2875
		 */
2876
		do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
2877
	}
2878
2879
	public static function activate_module( $module, $exit = true, $redirect = true ) {
2880
		/**
2881
		 * Fires before a module is activated.
2882
		 *
2883
		 * @since 2.6.0
2884
		 *
2885
		 * @param string $module Module slug.
2886
		 * @param bool $exit Should we exit after the module has been activated. Default to true.
2887
		 * @param bool $redirect Should the user be redirected after module activation? Default to true.
2888
		 */
2889
		do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
2890
2891
		$jetpack = Jetpack::init();
2892
2893
		if ( ! strlen( $module ) )
2894
			return false;
2895
2896
		if ( ! Jetpack::is_module( $module ) )
2897
			return false;
2898
2899
		// If it's already active, then don't do it again
2900
		$active = Jetpack::get_active_modules();
2901
		foreach ( $active as $act ) {
2902
			if ( $act == $module )
2903
				return true;
2904
		}
2905
2906
		$module_data = Jetpack::get_module( $module );
2907
2908
		if ( ! Jetpack::is_active() ) {
2909
			if ( ! Jetpack::is_development_mode() && ! Jetpack::is_onboarding() )
2910
				return false;
2911
2912
			// If we're not connected but in development mode, make sure the module doesn't require a connection
2913
			if ( Jetpack::is_development_mode() && $module_data['requires_connection'] )
2914
				return false;
2915
		}
2916
2917
		// Check and see if the old plugin is active
2918
		if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2919
			// Deactivate the old plugin
2920
			if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
2921
				// If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
2922
				// We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
2923
				Jetpack::state( 'deactivated_plugins', $module );
2924
				wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
2925
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method activate_module() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
2926
			}
2927
		}
2928
2929
		// Protect won't work with mis-configured IPs
2930
		if ( 'protect' === $module ) {
2931
			include_once JETPACK__PLUGIN_DIR . 'modules/protect/shared-functions.php';
2932
			if ( ! jetpack_protect_get_ip() ) {
2933
				Jetpack::state( 'message', 'protect_misconfigured_ip' );
2934
				return false;
2935
			}
2936
		}
2937
2938
		if ( ! Jetpack::active_plan_supports( $module ) ) {
2939
			return false;
2940
		}
2941
2942
		// Check the file for fatal errors, a la wp-admin/plugins.php::activate
2943
		Jetpack::state( 'module', $module );
2944
		Jetpack::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
2945
2946
		Jetpack::catch_errors( true );
2947
		ob_start();
2948
		require Jetpack::get_module_path( $module );
2949
		/** This action is documented in class.jetpack.php */
2950
		do_action( 'jetpack_activate_module', $module );
2951
		$active[] = $module;
2952
		Jetpack::update_active_modules( $active );
2953
2954
		Jetpack::state( 'error', false ); // the override
0 ignored issues
show
Documentation introduced by
false is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
2955
		ob_end_clean();
2956
		Jetpack::catch_errors( false );
2957
2958
		// A flag for Jump Start so it's not shown again. Only set if it hasn't been yet.
2959 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2960
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2961
2962
			//Jump start is being dismissed send data to MC Stats
2963
			$jetpack->stat( 'jumpstart', 'manual,'.$module );
2964
2965
			$jetpack->do_stats( 'server_side' );
2966
		}
2967
2968
		if ( $redirect ) {
2969
			wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2970
		}
2971
		if ( $exit ) {
2972
			exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method activate_module() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
2973
		}
2974
		return true;
2975
	}
2976
2977
	function activate_module_actions( $module ) {
2978
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
2979
	}
2980
2981
	public static function deactivate_module( $module ) {
2982
		/**
2983
		 * Fires when a module is deactivated.
2984
		 *
2985
		 * @since 1.9.0
2986
		 *
2987
		 * @param string $module Module slug.
2988
		 */
2989
		do_action( 'jetpack_pre_deactivate_module', $module );
2990
2991
		$jetpack = Jetpack::init();
2992
2993
		$active = Jetpack::get_active_modules();
2994
		$new    = array_filter( array_diff( $active, (array) $module ) );
2995
2996
		// A flag for Jump Start so it's not shown again.
2997 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2998
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2999
3000
			//Jump start is being dismissed send data to MC Stats
3001
			$jetpack->stat( 'jumpstart', 'manual,deactivated-'.$module );
3002
3003
			$jetpack->do_stats( 'server_side' );
3004
		}
3005
3006
		return self::update_active_modules( $new );
3007
	}
3008
3009
	public static function enable_module_configurable( $module ) {
3010
		$module = Jetpack::get_module_slug( $module );
3011
		add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
3012
	}
3013
3014
	public static function module_configuration_url( $module ) {
3015
		$module = Jetpack::get_module_slug( $module );
3016
		return Jetpack::admin_url( array( 'page' => 'jetpack', 'configure' => $module ) );
3017
	}
3018
3019
	public static function module_configuration_load( $module, $method ) {
3020
		$module = Jetpack::get_module_slug( $module );
3021
		add_action( 'jetpack_module_configuration_load_' . $module, $method );
3022
	}
3023
3024
	public static function module_configuration_head( $module, $method ) {
3025
		$module = Jetpack::get_module_slug( $module );
3026
		add_action( 'jetpack_module_configuration_head_' . $module, $method );
3027
	}
3028
3029
	public static function module_configuration_screen( $module, $method ) {
3030
		$module = Jetpack::get_module_slug( $module );
3031
		add_action( 'jetpack_module_configuration_screen_' . $module, $method );
3032
	}
3033
3034
	public static function module_configuration_activation_screen( $module, $method ) {
3035
		$module = Jetpack::get_module_slug( $module );
3036
		add_action( 'display_activate_module_setting_' . $module, $method );
3037
	}
3038
3039
/* Installation */
3040
3041
	public static function bail_on_activation( $message, $deactivate = true ) {
3042
?>
3043
<!doctype html>
3044
<html>
3045
<head>
3046
<meta charset="<?php bloginfo( 'charset' ); ?>">
3047
<style>
3048
* {
3049
	text-align: center;
3050
	margin: 0;
3051
	padding: 0;
3052
	font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
3053
}
3054
p {
3055
	margin-top: 1em;
3056
	font-size: 18px;
3057
}
3058
</style>
3059
<body>
3060
<p><?php echo esc_html( $message ); ?></p>
3061
</body>
3062
</html>
3063
<?php
3064
		if ( $deactivate ) {
3065
			$plugins = get_option( 'active_plugins' );
3066
			$jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
3067
			$update  = false;
3068
			foreach ( $plugins as $i => $plugin ) {
3069
				if ( $plugin === $jetpack ) {
3070
					$plugins[$i] = false;
3071
					$update = true;
3072
				}
3073
			}
3074
3075
			if ( $update ) {
3076
				update_option( 'active_plugins', array_filter( $plugins ) );
3077
			}
3078
		}
3079
		exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method bail_on_activation() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3080
	}
3081
3082
	/**
3083
	 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
3084
	 * @static
3085
	 */
3086
	public static function plugin_activation( $network_wide ) {
3087
		Jetpack_Options::update_option( 'activated', 1 );
3088
3089
		if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
3090
			Jetpack::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
3091
		}
3092
3093
		if ( $network_wide )
3094
			Jetpack::state( 'network_nag', true );
0 ignored issues
show
Documentation introduced by
true is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
3095
3096
		// For firing one-off events (notices) immediately after activation
3097
		set_transient( 'activated_jetpack', true, .1 * MINUTE_IN_SECONDS );
3098
3099
		update_option( 'jetpack_activation_source', self::get_activation_source( wp_get_referer() ) );
3100
3101
		Jetpack::plugin_initialize();
3102
	}
3103
3104
	public static function get_activation_source( $referer_url ) {
3105
3106
		if ( defined( 'WP_CLI' ) && WP_CLI ) {
3107
			return array( 'wp-cli', null );
3108
		}
3109
3110
		$referer = parse_url( $referer_url );
3111
3112
		$source_type = 'unknown';
3113
		$source_query = null;
3114
3115
		if ( ! is_array( $referer ) ) {
3116
			return array( $source_type, $source_query );
3117
		}
3118
3119
		$plugins_path = parse_url( admin_url( 'plugins.php' ), PHP_URL_PATH );
3120
		$plugins_install_path = parse_url( admin_url( 'plugin-install.php' ), PHP_URL_PATH );// /wp-admin/plugin-install.php
3121
3122
		if ( isset( $referer['query'] ) ) {
3123
			parse_str( $referer['query'], $query_parts );
3124
		} else {
3125
			$query_parts = array();
3126
		}
3127
3128
		if ( $plugins_path === $referer['path'] ) {
3129
			$source_type = 'list';
3130
		} elseif ( $plugins_install_path === $referer['path'] ) {
3131
			$tab = isset( $query_parts['tab'] ) ? $query_parts['tab'] : 'featured';
3132
			switch( $tab ) {
3133
				case 'popular':
3134
					$source_type = 'popular';
3135
					break;
3136
				case 'recommended':
3137
					$source_type = 'recommended';
3138
					break;
3139
				case 'favorites':
3140
					$source_type = 'favorites';
3141
					break;
3142
				case 'search':
3143
					$source_type = 'search-' . ( isset( $query_parts['type'] ) ? $query_parts['type'] : 'term' );
3144
					$source_query = isset( $query_parts['s'] ) ? $query_parts['s'] : null;
3145
					break;
3146
				default:
3147
					$source_type = 'featured';
3148
			}
3149
		}
3150
3151
		return array( $source_type, $source_query );
3152
	}
3153
3154
	/**
3155
	 * Runs before bumping version numbers up to a new version
3156
	 * @param  string $version    Version:timestamp
3157
	 * @param  string $old_version Old Version:timestamp or false if not set yet.
3158
	 * @return null              [description]
3159
	 */
3160
	public static function do_version_bump( $version, $old_version ) {
3161
3162
		if ( ! $old_version ) { // For new sites
3163
			// Setting up jetpack manage
3164
			Jetpack::activate_manage();
3165
		}
3166
	}
3167
3168
	/**
3169
	 * Sets the internal version number and activation state.
3170
	 * @static
3171
	 */
3172
	public static function plugin_initialize() {
3173
		if ( ! Jetpack_Options::get_option( 'activated' ) ) {
3174
			Jetpack_Options::update_option( 'activated', 2 );
3175
		}
3176
3177 View Code Duplication
		if ( ! Jetpack_Options::get_option( 'version' ) ) {
3178
			$version = $old_version = JETPACK__VERSION . ':' . time();
3179
			/** This action is documented in class.jetpack.php */
3180
			do_action( 'updating_jetpack_version', $version, false );
3181
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
3182
		}
3183
3184
		Jetpack::load_modules();
3185
3186
		Jetpack_Options::delete_option( 'do_activate' );
3187
		Jetpack_Options::delete_option( 'dismissed_connection_banner' );
3188
	}
3189
3190
	/**
3191
	 * Removes all connection options
3192
	 * @static
3193
	 */
3194
	public static function plugin_deactivation( ) {
3195
		require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
3196
		if( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
3197
			Jetpack_Network::init()->deactivate();
3198
		} else {
3199
			Jetpack::disconnect( false );
3200
			//Jetpack_Heartbeat::init()->deactivate();
3201
		}
3202
	}
3203
3204
	/**
3205
	 * Disconnects from the Jetpack servers.
3206
	 * Forgets all connection details and tells the Jetpack servers to do the same.
3207
	 * @static
3208
	 */
3209
	public static function disconnect( $update_activated_state = true ) {
3210
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
3211
		Jetpack::clean_nonces( true );
3212
3213
		// If the site is in an IDC because sync is not allowed,
3214
		// let's make sure to not disconnect the production site.
3215
		if ( ! self::validate_sync_error_idc_option() ) {
3216
			JetpackTracking::record_user_event( 'disconnect_site', array() );
3217
			Jetpack::load_xml_rpc_client();
3218
			$xml = new Jetpack_IXR_Client();
3219
			$xml->query( 'jetpack.deregister' );
3220
		}
3221
3222
		Jetpack_Options::delete_option(
3223
			array(
3224
				'blog_token',
3225
				'user_token',
3226
				'user_tokens',
3227
				'master_user',
3228
				'time_diff',
3229
				'fallback_no_verify_ssl_certs',
3230
			)
3231
		);
3232
3233
		Jetpack_IDC::clear_all_idc_options();
3234
		Jetpack_Options::delete_raw_option( 'jetpack_secrets' );
3235
3236
		if ( $update_activated_state ) {
3237
			Jetpack_Options::update_option( 'activated', 4 );
3238
		}
3239
3240
		if ( $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' ) ) {
3241
			// Check then record unique disconnection if site has never been disconnected previously
3242
			if ( - 1 == $jetpack_unique_connection['disconnected'] ) {
3243
				$jetpack_unique_connection['disconnected'] = 1;
3244
			} else {
3245
				if ( 0 == $jetpack_unique_connection['disconnected'] ) {
3246
					//track unique disconnect
3247
					$jetpack = Jetpack::init();
3248
3249
					$jetpack->stat( 'connections', 'unique-disconnect' );
3250
					$jetpack->do_stats( 'server_side' );
3251
				}
3252
				// increment number of times disconnected
3253
				$jetpack_unique_connection['disconnected'] += 1;
3254
			}
3255
3256
			Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
3257
		}
3258
3259
		// Delete cached connected user data
3260
		$transient_key = "jetpack_connected_user_data_" . get_current_user_id();
3261
		delete_transient( $transient_key );
3262
3263
		// Delete all the sync related data. Since it could be taking up space.
3264
		require_once JETPACK__PLUGIN_DIR . 'sync/class.jetpack-sync-sender.php';
3265
		Jetpack_Sync_Sender::get_instance()->uninstall();
3266
3267
		// Disable the Heartbeat cron
3268
		Jetpack_Heartbeat::init()->deactivate();
3269
	}
3270
3271
	/**
3272
	 * Unlinks the current user from the linked WordPress.com user
3273
	 */
3274
	public static function unlink_user( $user_id = null ) {
3275
		if ( ! $tokens = Jetpack_Options::get_option( 'user_tokens' ) )
3276
			return false;
3277
3278
		$user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id );
3279
3280
		if ( Jetpack_Options::get_option( 'master_user' ) == $user_id )
3281
			return false;
3282
3283
		if ( ! isset( $tokens[ $user_id ] ) )
3284
			return false;
3285
3286
		Jetpack::load_xml_rpc_client();
3287
		$xml = new Jetpack_IXR_Client( compact( 'user_id' ) );
3288
		$xml->query( 'jetpack.unlink_user', $user_id );
3289
3290
		unset( $tokens[ $user_id ] );
3291
3292
		Jetpack_Options::update_option( 'user_tokens', $tokens );
3293
3294
		/**
3295
		 * Fires after the current user has been unlinked from WordPress.com.
3296
		 *
3297
		 * @since 4.1.0
3298
		 *
3299
		 * @param int $user_id The current user's ID.
3300
		 */
3301
		do_action( 'jetpack_unlinked_user', $user_id );
3302
3303
		return true;
3304
	}
3305
3306
	/**
3307
	 * Attempts Jetpack registration.  If it fail, a state flag is set: @see ::admin_page_load()
3308
	 */
3309
	public static function try_registration() {
3310
		// The user has agreed to the TOS at some point by now.
3311
		Jetpack_Options::update_option( 'tos_agreed', true );
3312
3313
		// Let's get some testing in beta versions and such.
3314
		if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
3315
			// Before attempting to connect, let's make sure that the domains are viable.
3316
			$domains_to_check = array_unique( array(
3317
				'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),
3318
				'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),
3319
			) );
3320
			foreach ( $domains_to_check as $domain ) {
3321
				$result = Jetpack_Data::is_usable_domain( $domain );
3322
				if ( is_wp_error( $result ) ) {
3323
					return $result;
3324
				}
3325
			}
3326
		}
3327
3328
		$result = Jetpack::register();
3329
3330
		// If there was an error with registration and the site was not registered, record this so we can show a message.
3331
		if ( ! $result || is_wp_error( $result ) ) {
3332
			return $result;
3333
		} else {
3334
			return true;
3335
		}
3336
	}
3337
3338
	/**
3339
	 * Tracking an internal event log. Try not to put too much chaff in here.
3340
	 *
3341
	 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
3342
	 */
3343
	public static function log( $code, $data = null ) {
3344
		// only grab the latest 200 entries
3345
		$log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
3346
3347
		// Append our event to the log
3348
		$log_entry = array(
3349
			'time'    => time(),
3350
			'user_id' => get_current_user_id(),
3351
			'blog_id' => Jetpack_Options::get_option( 'id' ),
3352
			'code'    => $code,
3353
		);
3354
		// Don't bother storing it unless we've got some.
3355
		if ( ! is_null( $data ) ) {
3356
			$log_entry['data'] = $data;
3357
		}
3358
		$log[] = $log_entry;
3359
3360
		// Try add_option first, to make sure it's not autoloaded.
3361
		// @todo: Add an add_option method to Jetpack_Options
0 ignored issues
show
Coding Style Best Practice introduced by
Comments for TODO tasks are often forgotten in the code; it might be better to use a dedicated issue tracker.
Loading history...
3362
		if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
3363
			Jetpack_Options::update_option( 'log', $log );
3364
		}
3365
3366
		/**
3367
		 * Fires when Jetpack logs an internal event.
3368
		 *
3369
		 * @since 3.0.0
3370
		 *
3371
		 * @param array $log_entry {
3372
		 *	Array of details about the log entry.
3373
		 *
3374
		 *	@param string time Time of the event.
3375
		 *	@param int user_id ID of the user who trigerred the event.
3376
		 *	@param int blog_id Jetpack Blog ID.
3377
		 *	@param string code Unique name for the event.
3378
		 *	@param string data Data about the event.
3379
		 * }
3380
		 */
3381
		do_action( 'jetpack_log_entry', $log_entry );
3382
	}
3383
3384
	/**
3385
	 * Get the internal event log.
3386
	 *
3387
	 * @param $event (string) - only return the specific log events
3388
	 * @param $num   (int)    - get specific number of latest results, limited to 200
3389
	 *
3390
	 * @return array of log events || WP_Error for invalid params
3391
	 */
3392
	public static function get_log( $event = false, $num = false ) {
3393
		if ( $event && ! is_string( $event ) ) {
3394
			return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
3395
		}
3396
3397
		if ( $num && ! is_numeric( $num ) ) {
3398
			return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
3399
		}
3400
3401
		$entire_log = Jetpack_Options::get_option( 'log', array() );
3402
3403
		// If nothing set - act as it did before, otherwise let's start customizing the output
3404
		if ( ! $num && ! $event ) {
3405
			return $entire_log;
3406
		} else {
3407
			$entire_log = array_reverse( $entire_log );
3408
		}
3409
3410
		$custom_log_output = array();
3411
3412
		if ( $event ) {
3413
			foreach ( $entire_log as $log_event ) {
3414
				if ( $event == $log_event[ 'code' ] ) {
3415
					$custom_log_output[] = $log_event;
3416
				}
3417
			}
3418
		} else {
3419
			$custom_log_output = $entire_log;
3420
		}
3421
3422
		if ( $num ) {
3423
			$custom_log_output = array_slice( $custom_log_output, 0, $num );
3424
		}
3425
3426
		return $custom_log_output;
3427
	}
3428
3429
	/**
3430
	 * Log modification of important settings.
3431
	 */
3432
	public static function log_settings_change( $option, $old_value, $value ) {
3433
		switch( $option ) {
3434
			case 'jetpack_sync_non_public_post_stati':
3435
				self::log( $option, $value );
3436
				break;
3437
		}
3438
	}
3439
3440
	/**
3441
	 * Return stat data for WPCOM sync
3442
	 */
3443
	public static function get_stat_data( $encode = true, $extended = true ) {
3444
		$data = Jetpack_Heartbeat::generate_stats_array();
3445
3446
		if ( $extended ) {
3447
			$additional_data = self::get_additional_stat_data();
3448
			$data = array_merge( $data, $additional_data );
3449
		}
3450
3451
		if ( $encode ) {
3452
			return json_encode( $data );
3453
		}
3454
3455
		return $data;
3456
	}
3457
3458
	/**
3459
	 * Get additional stat data to sync to WPCOM
3460
	 */
3461
	public static function get_additional_stat_data( $prefix = '' ) {
3462
		$return["{$prefix}themes"]         = Jetpack::get_parsed_theme_data();
0 ignored issues
show
Coding Style Comprehensibility introduced by
$return was never initialized. Although not strictly required by PHP, it is generally a good practice to add $return = array(); before regardless.

Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code.

Let’s take a look at an example:

foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}

As you can see in this example, the array $myArray is initialized the first time when the foreach loop is entered. You can also see that the value of the bar key is only written conditionally; thus, its value might result from a previous iteration.

This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.

Loading history...
3463
		$return["{$prefix}plugins-extra"]  = Jetpack::get_parsed_plugin_data();
3464
		$return["{$prefix}users"]          = (int) Jetpack::get_site_user_count();
3465
		$return["{$prefix}site-count"]     = 0;
3466
3467
		if ( function_exists( 'get_blog_count' ) ) {
3468
			$return["{$prefix}site-count"] = get_blog_count();
3469
		}
3470
		return $return;
3471
	}
3472
3473
	private static function get_site_user_count() {
3474
		global $wpdb;
3475
3476
		if ( function_exists( 'wp_is_large_network' ) ) {
3477
			if ( wp_is_large_network( 'users' ) ) {
3478
				return -1; // Not a real value but should tell us that we are dealing with a large network.
3479
			}
3480
		}
3481 View Code Duplication
		if ( false === ( $user_count = get_transient( 'jetpack_site_user_count' ) ) ) {
3482
			// It wasn't there, so regenerate the data and save the transient
3483
			$user_count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities'" );
3484
			set_transient( 'jetpack_site_user_count', $user_count, DAY_IN_SECONDS );
3485
		}
3486
		return $user_count;
3487
	}
3488
3489
	/* Admin Pages */
3490
3491
	function admin_init() {
3492
		// If the plugin is not connected, display a connect message.
3493
		if (
3494
			// the plugin was auto-activated and needs its candy
3495
			Jetpack_Options::get_option_and_ensure_autoload( 'do_activate', '0' )
3496
		||
3497
			// the plugin is active, but was never activated.  Probably came from a site-wide network activation
3498
			! Jetpack_Options::get_option( 'activated' )
3499
		) {
3500
			Jetpack::plugin_initialize();
3501
		}
3502
3503
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
3504
			Jetpack_Connection_Banner::init();
3505
		} elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3506
			// Upgrade: 1.1 -> 1.1.1
3507
			// Check and see if host can verify the Jetpack servers' SSL certificate
3508
			$args = array();
3509
			Jetpack_Client::_wp_remote_request(
3510
				Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'test' ) ),
3511
				$args,
3512
				true
3513
			);
3514
		} else if ( $this->can_display_jetpack_manage_notice() && ! Jetpack_Options::get_option( 'dismissed_manage_banner' ) ) {
3515
			// Show the notice on the Dashboard only for now
3516
			add_action( 'load-index.php', array( $this, 'prepare_manage_jetpack_notice' ) );
3517
		}
3518
3519
		if ( current_user_can( 'manage_options' ) && 'AUTO' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3520
			add_action( 'jetpack_notices', array( $this, 'alert_auto_ssl_fail' ) );
3521
		}
3522
3523
		add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3524
		add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3525
		add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3526
3527
		if ( Jetpack::is_active() || Jetpack::is_development_mode() ) {
3528
			// Artificially throw errors in certain whitelisted cases during plugin activation
3529
			add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3530
		}
3531
3532
		// Jetpack Manage Activation Screen from .com
3533
		Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
3534
3535
		// Add custom column in wp-admin/users.php to show whether user is linked.
3536
		add_filter( 'manage_users_columns',       array( $this, 'jetpack_icon_user_connected' ) );
3537
		add_action( 'manage_users_custom_column', array( $this, 'jetpack_show_user_connected_icon' ), 10, 3 );
3538
		add_action( 'admin_print_styles',         array( $this, 'jetpack_user_col_style' ) );
3539
	}
3540
3541
	function admin_body_class( $admin_body_class = '' ) {
3542
		$classes = explode( ' ', trim( $admin_body_class ) );
3543
3544
		$classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3545
3546
		$admin_body_class = implode( ' ', array_unique( $classes ) );
3547
		return " $admin_body_class ";
3548
	}
3549
3550
	static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3551
		return $admin_body_class . ' jetpack-pagestyles ';
3552
	}
3553
3554
	/**
3555
	 * Call this function if you want the Big Jetpack Manage Notice to show up.
3556
	 *
3557
	 * @return null
3558
	 */
3559
	function prepare_manage_jetpack_notice() {
3560
3561
		add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) );
3562
		add_action( 'admin_notices', array( $this, 'admin_jetpack_manage_notice' ) );
3563
	}
3564
3565
	function manage_activate_screen() {
3566
		include ( JETPACK__PLUGIN_DIR . 'modules/manage/activate-admin.php' );
3567
	}
3568
	/**
3569
	 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3570
	 * This function artificially throws errors for such cases (whitelisted).
3571
	 *
3572
	 * @param string $plugin The activated plugin.
3573
	 */
3574
	function throw_error_on_activate_plugin( $plugin ) {
3575
		$active_modules = Jetpack::get_active_modules();
3576
3577
		// The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3578
		if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3579
			$throw = false;
3580
3581
			// Try and make sure it really was the stats plugin
3582
			if ( ! class_exists( 'ReflectionFunction' ) ) {
3583
				if ( 'stats.php' == basename( $plugin ) ) {
3584
					$throw = true;
3585
				}
3586
			} else {
3587
				$reflection = new ReflectionFunction( 'stats_get_api_key' );
3588
				if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3589
					$throw = true;
3590
				}
3591
			}
3592
3593
			if ( $throw ) {
3594
				trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3595
			}
3596
		}
3597
	}
3598
3599
	function intercept_plugin_error_scrape_init() {
3600
		add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3601
	}
3602
3603
	function intercept_plugin_error_scrape( $action, $result ) {
3604
		if ( ! $result ) {
3605
			return;
3606
		}
3607
3608
		foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3609
			if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3610
				Jetpack::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3611
			}
3612
		}
3613
	}
3614
3615
	function add_remote_request_handlers() {
3616
		add_action( 'wp_ajax_nopriv_jetpack_upload_file', array( $this, 'remote_request_handlers' ) );
3617
		add_action( 'wp_ajax_nopriv_jetpack_update_file', array( $this, 'remote_request_handlers' ) );
3618
	}
3619
3620
	function remote_request_handlers() {
3621
		$action = current_filter();
0 ignored issues
show
Unused Code introduced by
$action is not used, you could remove the assignment.

This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.

$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

Both the $myVar assignment in line 1 and the $higher assignment in line 2 are dead. The first because $myVar is never used and the second because $higher is always overwritten for every possible time line.

Loading history...
3622
3623
		switch ( current_filter() ) {
3624
		case 'wp_ajax_nopriv_jetpack_upload_file' :
3625
			$response = $this->upload_handler();
3626
			break;
3627
3628
		case 'wp_ajax_nopriv_jetpack_update_file' :
3629
			$response = $this->upload_handler( true );
3630
			break;
3631
		default :
0 ignored issues
show
Coding Style introduced by
There must be no space before the colon in a DEFAULT statement

As per the PSR-2 coding standard, there must not be a space in front of the colon in the default statement.

switch ($expr) {
    default : //wrong
        doSomething();
        break;
}

switch ($expr) {
    default: //right
        doSomething();
        break;
}

To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.

Loading history...
3632
			$response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
3633
			break;
3634
		}
3635
3636
		if ( ! $response ) {
3637
			$response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
3638
		}
3639
3640
		if ( is_wp_error( $response ) ) {
3641
			$status_code       = $response->get_error_data();
3642
			$error             = $response->get_error_code();
3643
			$error_description = $response->get_error_message();
3644
3645
			if ( ! is_int( $status_code ) ) {
3646
				$status_code = 400;
3647
			}
3648
3649
			status_header( $status_code );
3650
			die( json_encode( (object) compact( 'error', 'error_description' ) ) );
0 ignored issues
show
Coding Style Compatibility introduced by
The method remote_request_handlers() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3651
		}
3652
3653
		status_header( 200 );
3654
		if ( true === $response ) {
3655
			exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method remote_request_handlers() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3656
		}
3657
3658
		die( json_encode( (object) $response ) );
0 ignored issues
show
Coding Style Compatibility introduced by
The method remote_request_handlers() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3659
	}
3660
3661
	/**
3662
	 * Uploads a file gotten from the global $_FILES.
3663
	 * If `$update_media_item` is true and `post_id` is defined
3664
	 * the attachment file of the media item (gotten through of the post_id)
3665
	 * will be updated instead of add a new one.
3666
	 *
3667
	 * @param  boolean $update_media_item - update media attachment
3668
	 * @return array - An array describing the uploadind files process
3669
	 */
3670
	function upload_handler( $update_media_item = false ) {
3671
		if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3672
			return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
3673
		}
3674
3675
		$user = wp_authenticate( '', '' );
3676
		if ( ! $user || is_wp_error( $user ) ) {
3677
			return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
3678
		}
3679
3680
		wp_set_current_user( $user->ID );
3681
3682
		if ( ! current_user_can( 'upload_files' ) ) {
3683
			return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
3684
		}
3685
3686
		if ( empty( $_FILES ) ) {
3687
			return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
3688
		}
3689
3690
		foreach ( array_keys( $_FILES ) as $files_key ) {
3691
			if ( ! isset( $_POST["_jetpack_file_hmac_{$files_key}"] ) ) {
3692
				return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
3693
			}
3694
		}
3695
3696
		$media_keys = array_keys( $_FILES['media'] );
3697
3698
		$token = Jetpack_Data::get_access_token( get_current_user_id() );
3699
		if ( ! $token || is_wp_error( $token ) ) {
3700
			return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
3701
		}
3702
3703
		$uploaded_files = array();
3704
		$global_post    = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3705
		unset( $GLOBALS['post'] );
3706
		foreach ( $_FILES['media']['name'] as $index => $name ) {
3707
			$file = array();
3708
			foreach ( $media_keys as $media_key ) {
3709
				$file[$media_key] = $_FILES['media'][$media_key][$index];
3710
			}
3711
3712
			list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][$index] );
3713
3714
			$hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3715
			if ( $hmac_provided !== $hmac_file ) {
3716
				$uploaded_files[$index] = (object) array( 'error' => 'invalid_hmac', 'error_description' => 'The corresponding HMAC for this file does not match' );
3717
				continue;
3718
			}
3719
3720
			$_FILES['.jetpack.upload.'] = $file;
3721
			$post_id = isset( $_POST['post_id'][$index] ) ? absint( $_POST['post_id'][$index] ) : 0;
3722
			if ( ! current_user_can( 'edit_post', $post_id ) ) {
3723
				$post_id = 0;
3724
			}
3725
3726
			if ( $update_media_item ) {
3727
				if ( ! isset( $post_id ) || $post_id === 0 ) {
3728
					return new Jetpack_Error( 'invalid_input', 'Media ID must be defined.', 400 );
3729
				}
3730
3731
				$media_array = $_FILES['media'];
3732
3733
				$file_array['name'] = $media_array['name'][0];
0 ignored issues
show
Coding Style Comprehensibility introduced by
$file_array was never initialized. Although not strictly required by PHP, it is generally a good practice to add $file_array = array(); before regardless.

Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code.

Let’s take a look at an example:

foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}

As you can see in this example, the array $myArray is initialized the first time when the foreach loop is entered. You can also see that the value of the bar key is only written conditionally; thus, its value might result from a previous iteration.

This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.

Loading history...
3734
				$file_array['type'] = $media_array['type'][0];
3735
				$file_array['tmp_name'] = $media_array['tmp_name'][0];
3736
				$file_array['error'] = $media_array['error'][0];
3737
				$file_array['size'] = $media_array['size'][0];
3738
3739
				$edited_media_item = Jetpack_Media::edit_media_file( $post_id, $file_array );
3740
3741
				if ( is_wp_error( $edited_media_item ) ) {
3742
					return $edited_media_item;
3743
				}
3744
3745
				$response = (object) array(
3746
					'id'   => (string) $post_id,
3747
					'file' => (string) $edited_media_item->post_title,
3748
					'url'  => (string) wp_get_attachment_url( $post_id ),
3749
					'type' => (string) $edited_media_item->post_mime_type,
3750
					'meta' => (array) wp_get_attachment_metadata( $post_id ),
3751
				);
3752
3753
				return (array) array( $response );
3754
			}
3755
3756
			$attachment_id = media_handle_upload(
3757
				'.jetpack.upload.',
3758
				$post_id,
3759
				array(),
3760
				array(
3761
					'action' => 'jetpack_upload_file',
3762
				)
3763
			);
3764
3765
			if ( ! $attachment_id ) {
3766
				$uploaded_files[$index] = (object) array( 'error' => 'unknown', 'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site' );
3767
			} elseif ( is_wp_error( $attachment_id ) ) {
3768
				$uploaded_files[$index] = (object) array( 'error' => 'attachment_' . $attachment_id->get_error_code(), 'error_description' => $attachment_id->get_error_message() );
3769
			} else {
3770
				$attachment = get_post( $attachment_id );
3771
				$uploaded_files[$index] = (object) array(
3772
					'id'   => (string) $attachment_id,
3773
					'file' => $attachment->post_title,
3774
					'url'  => wp_get_attachment_url( $attachment_id ),
3775
					'type' => $attachment->post_mime_type,
3776
					'meta' => wp_get_attachment_metadata( $attachment_id ),
3777
				);
3778
				// Zip files uploads are not supported unless they are done for installation purposed
3779
				// lets delete them in case something goes wrong in this whole process
3780
				if ( 'application/zip' === $attachment->post_mime_type ) {
3781
					// Schedule a cleanup for 2 hours from now in case of failed install.
3782
					wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $attachment_id ) );
3783
				}
3784
			}
3785
		}
3786
		if ( ! is_null( $global_post ) ) {
3787
			$GLOBALS['post'] = $global_post;
3788
		}
3789
3790
		return $uploaded_files;
3791
	}
3792
3793
	/**
3794
	 * Add help to the Jetpack page
3795
	 *
3796
	 * @since Jetpack (1.2.3)
3797
	 * @return false if not the Jetpack page
3798
	 */
3799
	function admin_help() {
3800
		$current_screen = get_current_screen();
3801
3802
		// Overview
3803
		$current_screen->add_help_tab(
3804
			array(
3805
				'id'		=> 'home',
3806
				'title'		=> __( 'Home', 'jetpack' ),
3807
				'content'	=>
3808
					'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3809
					'<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3810
					'<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3811
			)
3812
		);
3813
3814
		// Screen Content
3815
		if ( current_user_can( 'manage_options' ) ) {
3816
			$current_screen->add_help_tab(
3817
				array(
3818
					'id'		=> 'settings',
3819
					'title'		=> __( 'Settings', 'jetpack' ),
3820
					'content'	=>
3821
						'<p><strong>' . __( 'Jetpack by WordPress.com',                                              'jetpack' ) . '</strong></p>' .
3822
						'<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3823
						'<ol>' .
3824
							'<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.',														'jetpack' ) . '</li>' .
3825
							'<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.',	'jetpack' ) . '</li>' .
3826
						'</ol>' .
3827
						'<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>'
3828
				)
3829
			);
3830
		}
3831
3832
		// Help Sidebar
3833
		$current_screen->set_help_sidebar(
3834
			'<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3835
			'<p><a href="https://jetpack.com/faq/" target="_blank">'     . __( 'Jetpack FAQ',     'jetpack' ) . '</a></p>' .
3836
			'<p><a href="https://jetpack.com/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3837
			'<p><a href="' . Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) .'">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3838
		);
3839
	}
3840
3841
	function admin_menu_css() {
3842
		wp_enqueue_style( 'jetpack-icons' );
3843
	}
3844
3845
	function admin_menu_order() {
3846
		return true;
3847
	}
3848
3849
	function enqueue_gutenberg_locale() {
3850
		wp_add_inline_script(
3851
			'wp-i18n',
3852
			'wp.i18n.setLocaleData( ' . self::get_i18n_data_json() . ', \'jetpack\' );'
3853
		);
3854
	}
3855
3856 View Code Duplication
	function jetpack_menu_order( $menu_order ) {
3857
		$jp_menu_order = array();
3858
3859
		foreach ( $menu_order as $index => $item ) {
3860
			if ( $item != 'jetpack' ) {
3861
				$jp_menu_order[] = $item;
3862
			}
3863
3864
			if ( $index == 0 ) {
3865
				$jp_menu_order[] = 'jetpack';
3866
			}
3867
		}
3868
3869
		return $jp_menu_order;
3870
	}
3871
3872
	function admin_head() {
3873 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) )
3874
			/** This action is documented in class.jetpack-admin-page.php */
3875
			do_action( 'jetpack_module_configuration_head_' . $_GET['configure'] );
3876
	}
3877
3878
	function admin_banner_styles() {
3879
		$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3880
3881
		if ( ! wp_style_is( 'jetpack-dops-style' ) ) {
3882
			wp_register_style(
3883
				'jetpack-dops-style',
3884
				plugins_url( '_inc/build/admin.dops-style.css', JETPACK__PLUGIN_FILE ),
3885
				array(),
3886
				JETPACK__VERSION
3887
			);
3888
		}
3889
3890
		wp_enqueue_style(
3891
			'jetpack',
3892
			plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ),
3893
			array( 'jetpack-dops-style' ),
3894
			 JETPACK__VERSION . '-20121016'
3895
		);
3896
		wp_style_add_data( 'jetpack', 'rtl', 'replace' );
3897
		wp_style_add_data( 'jetpack', 'suffix', $min );
3898
	}
3899
3900
	function plugin_action_links( $actions ) {
3901
3902
		$jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack' ), __( 'Jetpack', 'jetpack' ) ) );
3903
3904
		if( current_user_can( 'jetpack_manage_modules' ) && ( Jetpack::is_active() || Jetpack::is_development_mode() ) ) {
3905
			return array_merge(
3906
				$jetpack_home,
3907
				array( 'settings' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack#/settings' ), __( 'Settings', 'jetpack' ) ) ),
3908
				array( 'support' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack-debugger '), __( 'Support', 'jetpack' ) ) ),
3909
				$actions
3910
				);
3911
			}
3912
3913
		return array_merge( $jetpack_home, $actions );
3914
	}
3915
3916
	/**
3917
	 * This is the first banner
3918
	 * It should be visible only to user that can update the option
3919
	 * Are not connected
3920
	 *
3921
	 * @return null
3922
	 */
3923
	function admin_jetpack_manage_notice() {
3924
		$screen = get_current_screen();
3925
3926
		// Don't show the connect notice on the jetpack settings page.
3927
		if ( ! in_array( $screen->base, array( 'dashboard' ) ) || $screen->is_network || $screen->action ) {
3928
			return;
3929
		}
3930
3931
		$opt_out_url = $this->opt_out_jetpack_manage_url();
3932
		$opt_in_url  = $this->opt_in_jetpack_manage_url();
3933
		/**
3934
		 * I think it would be great to have different wordsing depending on where you are
3935
		 * for example if we show the notice on dashboard and a different one if we show it on Plugins screen
3936
		 * etc..
3937
		 */
3938
3939
		?>
3940
		<div id="message" class="updated jp-banner">
3941
				<a href="<?php echo esc_url( $opt_out_url ); ?>" class="notice-dismiss" title="<?php esc_attr_e( 'Dismiss this notice', 'jetpack' ); ?>"></a>
3942
				<div class="jp-banner__description-container">
3943
					<h2 class="jp-banner__header"><?php esc_html_e( 'Jetpack Centralized Site Management', 'jetpack' ); ?></h2>
3944
					<p class="jp-banner__description"><?php printf( __( 'Manage multiple Jetpack enabled sites from one single dashboard at wordpress.com. Allows all existing, connected Administrators to modify your site.', 'jetpack' ), 'https://jetpack.com/support/site-management' ); ?></p>
3945
					<p class="jp-banner__button-container">
3946
						<a href="<?php echo esc_url( $opt_in_url ); ?>" class="button button-primary" id="wpcom-connect"><?php _e( 'Activate Jetpack Manage', 'jetpack' ); ?></a>
3947
						<a href="https://jetpack.com/support/site-management" class="button" target="_blank" title="<?php esc_attr_e( 'Learn more about Jetpack Manage on Jetpack.com', 'jetpack' ); ?>"><?php _e( 'Learn more', 'jetpack' ); ?></a>
3948
					</p>
3949
				</div>
3950
		</div>
3951
		<?php
3952
	}
3953
3954
	/**
3955
	 * Returns the url that the user clicks to remove the notice for the big banner
3956
	 * @return string
3957
	 */
3958
	function opt_out_jetpack_manage_url() {
3959
		$referer = '&_wp_http_referer=' . add_query_arg( '_wp_http_referer', null );
3960
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-out' . $referer ), 'jetpack_manage_banner_opt_out' );
3961
	}
3962
	/**
3963
	 * Returns the url that the user clicks to opt in to Jetpack Manage
3964
	 * @return string
3965
	 */
3966
	function opt_in_jetpack_manage_url() {
3967
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-in' ), 'jetpack_manage_banner_opt_in' );
3968
	}
3969
3970
	function opt_in_jetpack_manage_notice() {
3971
		?>
3972
		<div class="wrap">
3973
			<div id="message" class="jetpack-message is-opt-in">
3974
				<?php echo sprintf( __( '<p><a href="%1$s" title="Opt in to WordPress.com Site Management" >Activate Site Management</a> to manage multiple sites from our centralized dashboard at wordpress.com/sites. <a href="%2$s" target="_blank">Learn more</a>.</p><a href="%1$s" class="jp-button">Activate Now</a>', 'jetpack' ), $this->opt_in_jetpack_manage_url(), 'https://jetpack.com/support/site-management' ); ?>
3975
			</div>
3976
		</div>
3977
		<?php
3978
3979
	}
3980
	/**
3981
	 * Determines whether to show the notice of not true = display notice
3982
	 * @return bool
3983
	 */
3984
	function can_display_jetpack_manage_notice() {
3985
		// never display the notice to users that can't do anything about it anyways
3986
		if( ! current_user_can( 'jetpack_manage_modules' ) )
3987
			return false;
3988
3989
		// don't display if we are in development more
3990
		if( Jetpack::is_development_mode() ) {
3991
			return false;
3992
		}
3993
		// don't display if the site is private
3994
		if(  ! Jetpack_Options::get_option( 'public' ) )
3995
			return false;
3996
3997
		/**
3998
		 * Should the Jetpack Remote Site Management notice be displayed.
3999
		 *
4000
		 * @since 3.3.0
4001
		 *
4002
		 * @param bool ! self::is_module_active( 'manage' ) Is the Manage module inactive.
4003
		 */
4004
		return apply_filters( 'can_display_jetpack_manage_notice', ! self::is_module_active( 'manage' ) );
4005
	}
4006
4007
	/*
4008
	 * Registration flow:
4009
	 * 1 - ::admin_page_load() action=register
4010
	 * 2 - ::try_registration()
4011
	 * 3 - ::register()
4012
	 *     - Creates jetpack_register option containing two secrets and a timestamp
4013
	 *     - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
4014
	 *       siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
4015
	 *     - That request to jetpack.wordpress.com does not immediately respond.  It first makes a request BACK to this site's
4016
	 *       xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
4017
	 *     - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
4018
	 *     - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
4019
	 *       jetpack_id, jetpack_secret, jetpack_public
4020
	 *     - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
4021
	 * 4 - redirect to https://wordpress.com/start/jetpack-connect
4022
	 * 5 - user logs in with WP.com account
4023
	 * 6 - remote request to this site's xmlrpc.php with action remoteAuthorize, Jetpack_XMLRPC_Server->remote_authorize
4024
	 *		- Jetpack_Client_Server::authorize()
4025
	 *		- Jetpack_Client_Server::get_token()
4026
	 *		- GET https://jetpack.wordpress.com/jetpack.token/1/ with
4027
	 *        client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
4028
	 *			- which responds with access_token, token_type, scope
4029
	 *		- Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id
4030
	 *		- Jetpack::activate_default_modules()
4031
	 *     		- Deactivates deprecated plugins
4032
	 *     		- Activates all default modules
4033
	 *		- Responds with either error, or 'connected' for new connection, or 'linked' for additional linked users
4034
	 * 7 - For a new connection, user selects a Jetpack plan on wordpress.com
4035
	 * 8 - User is redirected back to wp-admin/index.php?page=jetpack with state:message=authorized
4036
	 *     Done!
4037
	 */
4038
4039
	/**
4040
	 * Handles the page load events for the Jetpack admin page
4041
	 */
4042
	function admin_page_load() {
4043
		$error = false;
4044
4045
		// Make sure we have the right body class to hook stylings for subpages off of.
4046
		add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ) );
4047
4048
		if ( ! empty( $_GET['jetpack_restate'] ) ) {
4049
			// Should only be used in intermediate redirects to preserve state across redirects
4050
			Jetpack::restate();
4051
		}
4052
4053
		if ( isset( $_GET['connect_url_redirect'] ) ) {
4054
			// User clicked in the iframe to link their accounts
4055
			if ( ! Jetpack::is_user_connected() ) {
4056
				$from = ! empty( $_GET['from'] ) ? $_GET['from'] : 'iframe';
4057
				$redirect = ! empty( $_GET['redirect_after_auth'] ) ? $_GET['redirect_after_auth'] : false;
4058
4059
				add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
4060
				$connect_url = $this->build_connect_url( true, $redirect, $from );
4061
				remove_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
4062
4063
				if ( isset( $_GET['notes_iframe'] ) )
4064
					$connect_url .= '&notes_iframe';
4065
				wp_redirect( $connect_url );
4066
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4067
			} else {
4068
				if ( ! isset( $_GET['calypso_env'] ) ) {
4069
					Jetpack::state( 'message', 'already_authorized' );
4070
					wp_safe_redirect( Jetpack::admin_url() );
4071
					exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4072
				} else {
4073
					$connect_url = $this->build_connect_url( true, false, 'iframe' );
4074
					$connect_url .= '&already_authorized=true';
4075
					wp_redirect( $connect_url );
4076
					exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4077
				}
4078
			}
4079
		}
4080
4081
4082
		if ( isset( $_GET['action'] ) ) {
4083
			switch ( $_GET['action'] ) {
4084
			case 'authorize':
4085
				if ( Jetpack::is_active() && Jetpack::is_user_connected() ) {
4086
					Jetpack::state( 'message', 'already_authorized' );
4087
					wp_safe_redirect( Jetpack::admin_url() );
4088
					exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4089
				}
4090
				Jetpack::log( 'authorize' );
4091
				$client_server = new Jetpack_Client_Server;
4092
				$client_server->client_authorize();
4093
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4094
			case 'register' :
4095
				if ( ! current_user_can( 'jetpack_connect' ) ) {
4096
					$error = 'cheatin';
4097
					break;
4098
				}
4099
				check_admin_referer( 'jetpack-register' );
4100
				Jetpack::log( 'register' );
4101
				Jetpack::maybe_set_version_option();
4102
				$registered = Jetpack::try_registration();
4103
				if ( is_wp_error( $registered ) ) {
4104
					$error = $registered->get_error_code();
4105
					Jetpack::state( 'error', $error );
4106
					Jetpack::state( 'error', $registered->get_error_message() );
4107
					JetpackTracking::record_user_event( 'jpc_register_fail', array(
4108
						'error_code' => $error,
4109
						'error_message' => $registered->get_error_message()
4110
					) );
4111
					break;
4112
				}
4113
4114
				$from = isset( $_GET['from'] ) ? $_GET['from'] : false;
4115
				$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : false;
4116
4117
				JetpackTracking::record_user_event( 'jpc_register_success', array(
4118
					'from' => $from
4119
				) );
4120
4121
				$url = $this->build_connect_url( true, $redirect, $from );
4122
4123
				if ( ! empty( $_GET['onboarding'] ) ) {
4124
					$url = add_query_arg( 'onboarding', $_GET['onboarding'], $url );
4125
				}
4126
4127
				if ( ! empty( $_GET['auth_approved'] ) && 'true' === $_GET['auth_approved'] ) {
4128
					$url = add_query_arg( 'auth_approved', 'true', $url );
4129
				}
4130
4131
				wp_redirect( $url );
4132
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4133
			case 'activate' :
4134
				if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
4135
					$error = 'cheatin';
4136
					break;
4137
				}
4138
4139
				$module = stripslashes( $_GET['module'] );
4140
				check_admin_referer( "jetpack_activate-$module" );
4141
				Jetpack::log( 'activate', $module );
4142
				if ( ! Jetpack::activate_module( $module ) ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression \Jetpack::activate_module($module) of type boolean|null is loosely compared to false; this is ambiguous if the boolean can be false. You might want to explicitly use !== null instead.

If an expression can have both false, and null as possible values. It is generally a good practice to always use strict comparison to clearly distinguish between those two values.

$a = canBeFalseAndNull();

// Instead of
if ( ! $a) { }

// Better use one of the explicit versions:
if ($a !== null) { }
if ($a !== false) { }
if ($a !== null && $a !== false) { }
Loading history...
4143
					Jetpack::state( 'error', sprintf( __( 'Could not activate %s', 'jetpack' ), $module ) );
4144
				}
4145
				// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
4146
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4147
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4148
			case 'activate_default_modules' :
4149
				check_admin_referer( 'activate_default_modules' );
4150
				Jetpack::log( 'activate_default_modules' );
4151
				Jetpack::restate();
4152
				$min_version   = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
4153
				$max_version   = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
4154
				$other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
4155
				Jetpack::activate_default_modules( $min_version, $max_version, $other_modules );
4156
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4157
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4158
			case 'disconnect' :
4159
				if ( ! current_user_can( 'jetpack_disconnect' ) ) {
4160
					$error = 'cheatin';
4161
					break;
4162
				}
4163
4164
				check_admin_referer( 'jetpack-disconnect' );
4165
				Jetpack::log( 'disconnect' );
4166
				Jetpack::disconnect();
4167
				wp_safe_redirect( Jetpack::admin_url( 'disconnected=true' ) );
4168
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4169
			case 'reconnect' :
4170
				if ( ! current_user_can( 'jetpack_reconnect' ) ) {
4171
					$error = 'cheatin';
4172
					break;
4173
				}
4174
4175
				check_admin_referer( 'jetpack-reconnect' );
4176
				Jetpack::log( 'reconnect' );
4177
				$this->disconnect();
4178
				wp_redirect( $this->build_connect_url( true, false, 'reconnect' ) );
4179
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4180 View Code Duplication
			case 'deactivate' :
4181
				if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
4182
					$error = 'cheatin';
4183
					break;
4184
				}
4185
4186
				$modules = stripslashes( $_GET['module'] );
4187
				check_admin_referer( "jetpack_deactivate-$modules" );
4188
				foreach ( explode( ',', $modules ) as $module ) {
4189
					Jetpack::log( 'deactivate', $module );
4190
					Jetpack::deactivate_module( $module );
4191
					Jetpack::state( 'message', 'module_deactivated' );
4192
				}
4193
				Jetpack::state( 'module', $modules );
4194
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4195
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4196
			case 'unlink' :
4197
				$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
4198
				check_admin_referer( 'jetpack-unlink' );
4199
				Jetpack::log( 'unlink' );
4200
				$this->unlink_user();
4201
				Jetpack::state( 'message', 'unlinked' );
4202
				if ( 'sub-unlink' == $redirect ) {
4203
					wp_safe_redirect( admin_url() );
4204
				} else {
4205
					wp_safe_redirect( Jetpack::admin_url( array( 'page' => $redirect ) ) );
4206
				}
4207
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4208
			case 'onboard' :
4209
				if ( ! current_user_can( 'manage_options' ) ) {
4210
					wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4211
				} else {
4212
					Jetpack::create_onboarding_token();
4213
					$url = $this->build_connect_url( true );
4214
4215
					if ( false !== ( $token = Jetpack_Options::get_option( 'onboarding' ) ) ) {
4216
						$url = add_query_arg( 'onboarding', $token, $url );
4217
					}
4218
4219
					$calypso_env = ! empty( $_GET[ 'calypso_env' ] ) ? $_GET[ 'calypso_env' ] : false;
4220
					if ( $calypso_env ) {
4221
						$url = add_query_arg( 'calypso_env', $calypso_env, $url );
4222
					}
4223
4224
					wp_redirect( $url );
4225
					exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4226
				}
4227
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4228
			default:
4229
				/**
4230
				 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
4231
				 *
4232
				 * @since 2.6.0
4233
				 *
4234
				 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
4235
				 */
4236
				do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
4237
			}
4238
		}
4239
4240
		if ( ! $error = $error ? $error : Jetpack::state( 'error' ) ) {
4241
			self::activate_new_modules( true );
4242
		}
4243
4244
		$message_code = Jetpack::state( 'message' );
4245
		if ( Jetpack::state( 'optin-manage' ) ) {
4246
			$activated_manage = $message_code;
4247
			$message_code = 'jetpack-manage';
4248
		}
4249
4250
		switch ( $message_code ) {
4251
		case 'jetpack-manage':
4252
			$this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>';
4253
			if ( $activated_manage ) {
0 ignored issues
show
Bug introduced by
The variable $activated_manage does not seem to be defined for all execution paths leading up to this point.

If you define a variable conditionally, it can happen that it is not defined for all execution paths.

Let’s take a look at an example:

function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}

In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.

Available Fixes

  1. Check for existence of the variable explicitly:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        if (isset($x)) { // Make sure it's always set.
            echo $x;
        }
    }
    
  2. Define a default value for the variable:

    function myFunction($a) {
        $x = ''; // Set a default which gets overridden for certain paths.
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        echo $x;
    }
    
  3. Add a value for the missing path:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
    
            // We add support for the missing case.
            default:
                $x = '';
                break;
        }
    
        echo $x;
    }
    
Loading history...
4254
				$this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack'  ) . '</strong>';
4255
			}
4256
			break;
4257
4258
		}
4259
4260
		$deactivated_plugins = Jetpack::state( 'deactivated_plugins' );
4261
4262
		if ( ! empty( $deactivated_plugins ) ) {
4263
			$deactivated_plugins = explode( ',', $deactivated_plugins );
4264
			$deactivated_titles  = array();
4265
			foreach ( $deactivated_plugins as $deactivated_plugin ) {
4266
				if ( ! isset( $this->plugins_to_deactivate[$deactivated_plugin] ) ) {
4267
					continue;
4268
				}
4269
4270
				$deactivated_titles[] = '<strong>' . str_replace( ' ', '&nbsp;', $this->plugins_to_deactivate[$deactivated_plugin][1] ) . '</strong>';
4271
			}
4272
4273
			if ( $deactivated_titles ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $deactivated_titles of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
4274
				if ( $this->message ) {
4275
					$this->message .= "<br /><br />\n";
4276
				}
4277
4278
				$this->message .= wp_sprintf(
4279
					_n(
4280
						'Jetpack contains the most recent version of the old %l plugin.',
4281
						'Jetpack contains the most recent versions of the old %l plugins.',
4282
						count( $deactivated_titles ),
4283
						'jetpack'
4284
					),
4285
					$deactivated_titles
4286
				);
4287
4288
				$this->message .= "<br />\n";
4289
4290
				$this->message .= _n(
4291
					'The old version has been deactivated and can be removed from your site.',
4292
					'The old versions have been deactivated and can be removed from your site.',
4293
					count( $deactivated_titles ),
4294
					'jetpack'
4295
				);
4296
			}
4297
		}
4298
4299
		$this->privacy_checks = Jetpack::state( 'privacy_checks' );
4300
4301
		if ( $this->message || $this->error || $this->privacy_checks || $this->can_display_jetpack_manage_notice() ) {
4302
			add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
4303
		}
4304
4305 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) ) {
4306
			/**
4307
			 * Fires when a module configuration page is loaded.
4308
			 * The dynamic part of the hook is the configure parameter from the URL.
4309
			 *
4310
			 * @since 1.1.0
4311
			 */
4312
			do_action( 'jetpack_module_configuration_load_' . $_GET['configure'] );
4313
		}
4314
4315
		add_filter( 'jetpack_short_module_description', 'wptexturize' );
4316
	}
4317
4318
	function admin_notices() {
4319
4320
		if ( $this->error ) {
4321
?>
4322
<div id="message" class="jetpack-message jetpack-err">
4323
	<div class="squeezer">
4324
		<h2><?php echo wp_kses( $this->error, array( 'a' => array( 'href' => array() ), 'small' => true, 'code' => true, 'strong' => true, 'br' => true, 'b' => true ) ); ?></h2>
4325
<?php	if ( $desc = Jetpack::state( 'error_description' ) ) : ?>
4326
		<p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
4327
<?php	endif; ?>
4328
	</div>
4329
</div>
4330
<?php
4331
		}
4332
4333
		if ( $this->message ) {
4334
?>
4335
<div id="message" class="jetpack-message">
4336
	<div class="squeezer">
4337
		<h2><?php echo wp_kses( $this->message, array( 'strong' => array(), 'a' => array( 'href' => true ), 'br' => true ) ); ?></h2>
4338
	</div>
4339
</div>
4340
<?php
4341
		}
4342
4343
		if ( $this->privacy_checks ) :
4344
			$module_names = $module_slugs = array();
4345
4346
			$privacy_checks = explode( ',', $this->privacy_checks );
4347
			$privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
4348
			foreach ( $privacy_checks as $module_slug ) {
4349
				$module = Jetpack::get_module( $module_slug );
4350
				if ( ! $module ) {
4351
					continue;
4352
				}
4353
4354
				$module_slugs[] = $module_slug;
4355
				$module_names[] = "<strong>{$module['name']}</strong>";
4356
			}
4357
4358
			$module_slugs = join( ',', $module_slugs );
4359
?>
4360
<div id="message" class="jetpack-message jetpack-err">
4361
	<div class="squeezer">
4362
		<h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
4363
		<p><?php
4364
			echo wp_kses(
4365
				wptexturize(
4366
					wp_sprintf(
4367
						_nx(
4368
							"Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
4369
							"Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
4370
							count( $privacy_checks ),
4371
							'%l = list of Jetpack module/feature names',
4372
							'jetpack'
4373
						),
4374
						$module_names
4375
					)
4376
				),
4377
				array( 'strong' => true )
4378
			);
4379
4380
			echo "\n<br />\n";
4381
4382
			echo wp_kses(
4383
				sprintf(
4384
					_nx(
4385
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
4386
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
4387
						count( $privacy_checks ),
4388
						'%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
4389
						'jetpack'
4390
					),
4391
					wp_nonce_url(
4392
						Jetpack::admin_url(
4393
							array(
4394
								'page'   => 'jetpack',
4395
								'action' => 'deactivate',
4396
								'module' => urlencode( $module_slugs ),
4397
							)
4398
						),
4399
						"jetpack_deactivate-$module_slugs"
4400
					),
4401
					esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
4402
				),
4403
				array( 'a' => array( 'href' => true, 'title' => true ) )
4404
			);
4405
		?></p>
4406
	</div>
4407
</div>
4408
<?php endif;
4409
	// only display the notice if the other stuff is not there
4410
	if( $this->can_display_jetpack_manage_notice() && !  $this->error && ! $this->message && ! $this->privacy_checks ) {
4411
		if( isset( $_GET['page'] ) && 'jetpack' != $_GET['page'] )
4412
			$this->opt_in_jetpack_manage_notice();
4413
		}
4414
	}
4415
4416
	/**
4417
	 * Record a stat for later output.  This will only currently output in the admin_footer.
4418
	 */
4419
	function stat( $group, $detail ) {
4420
		if ( ! isset( $this->stats[ $group ] ) )
4421
			$this->stats[ $group ] = array();
4422
		$this->stats[ $group ][] = $detail;
4423
	}
4424
4425
	/**
4426
	 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
4427
	 */
4428
	function do_stats( $method = '' ) {
4429
		if ( is_array( $this->stats ) && count( $this->stats ) ) {
4430
			foreach ( $this->stats as $group => $stats ) {
4431
				if ( is_array( $stats ) && count( $stats ) ) {
4432
					$args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
4433
					if ( 'server_side' === $method ) {
4434
						self::do_server_side_stat( $args );
4435
					} else {
4436
						echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
4437
					}
4438
				}
4439
				unset( $this->stats[ $group ] );
4440
			}
4441
		}
4442
	}
4443
4444
	/**
4445
	 * Runs stats code for a one-off, server-side.
4446
	 *
4447
	 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
4448
	 *
4449
	 * @return bool If it worked.
4450
	 */
4451
	static function do_server_side_stat( $args ) {
4452
		$response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
4453
		if ( is_wp_error( $response ) )
4454
			return false;
4455
4456
		if ( 200 !== wp_remote_retrieve_response_code( $response ) )
4457
			return false;
4458
4459
		return true;
4460
	}
4461
4462
	/**
4463
	 * Builds the stats url.
4464
	 *
4465
	 * @param $args array|string The arguments to append to the URL.
4466
	 *
4467
	 * @return string The URL to be pinged.
4468
	 */
4469
	static function build_stats_url( $args ) {
4470
		$defaults = array(
4471
			'v'    => 'wpcom2',
4472
			'rand' => md5( mt_rand( 0, 999 ) . time() ),
4473
		);
4474
		$args     = wp_parse_args( $args, $defaults );
4475
		/**
4476
		 * Filter the URL used as the Stats tracking pixel.
4477
		 *
4478
		 * @since 2.3.2
4479
		 *
4480
		 * @param string $url Base URL used as the Stats tracking pixel.
4481
		 */
4482
		$base_url = apply_filters(
4483
			'jetpack_stats_base_url',
4484
			'https://pixel.wp.com/g.gif'
4485
		);
4486
		$url      = add_query_arg( $args, $base_url );
4487
		return $url;
4488
	}
4489
4490
	static function translate_current_user_to_role() {
4491
		foreach ( self::$capability_translations as $role => $cap ) {
4492
			if ( current_user_can( $role ) || current_user_can( $cap ) ) {
4493
				return $role;
4494
			}
4495
		}
4496
4497
		return false;
4498
	}
4499
4500
	static function translate_user_to_role( $user ) {
4501
		foreach ( self::$capability_translations as $role => $cap ) {
4502
			if ( user_can( $user, $role ) || user_can( $user, $cap ) ) {
4503
				return $role;
4504
			}
4505
		}
4506
4507
		return false;
4508
    }
4509
4510
	static function translate_role_to_cap( $role ) {
4511
		if ( ! isset( self::$capability_translations[$role] ) ) {
4512
			return false;
4513
		}
4514
4515
		return self::$capability_translations[$role];
4516
	}
4517
4518
	static function sign_role( $role, $user_id = null ) {
4519
		if ( empty( $user_id ) ) {
4520
			$user_id = (int) get_current_user_id();
4521
		}
4522
4523
		if ( ! $user_id  ) {
4524
			return false;
4525
		}
4526
4527
		$token = Jetpack_Data::get_access_token();
4528
		if ( ! $token || is_wp_error( $token ) ) {
4529
			return false;
4530
		}
4531
4532
		return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret );
4533
	}
4534
4535
4536
	/**
4537
	 * Builds a URL to the Jetpack connection auth page
4538
	 *
4539
	 * @since 3.9.5
4540
	 *
4541
	 * @param bool $raw If true, URL will not be escaped.
4542
	 * @param bool|string $redirect If true, will redirect back to Jetpack wp-admin landing page after connection.
4543
	 *                              If string, will be a custom redirect.
4544
	 * @param bool|string $from If not false, adds 'from=$from' param to the connect URL.
4545
	 * @param bool $register If true, will generate a register URL regardless of the existing token, since 4.9.0
4546
	 *
4547
	 * @return string Connect URL
4548
	 */
4549
	function build_connect_url( $raw = false, $redirect = false, $from = false, $register = false ) {
4550
		$site_id = Jetpack_Options::get_option( 'id' );
4551
		$token = Jetpack_Options::get_option( 'blog_token' );
4552
4553
		if ( $register || ! $token || ! $site_id ) {
4554
			$url = Jetpack::nonce_url_no_esc( Jetpack::admin_url( 'action=register' ), 'jetpack-register' );
4555
4556
			if ( ! empty( $redirect ) ) {
4557
				$url = add_query_arg(
4558
					'redirect',
4559
					urlencode( wp_validate_redirect( esc_url_raw( $redirect ) ) ),
4560
					$url
4561
				);
4562
			}
4563
4564
			if( is_network_admin() ) {
4565
				$url = add_query_arg( 'is_multisite', network_admin_url( 'admin.php?page=jetpack-settings' ), $url );
4566
			}
4567
		} else {
4568
4569
			// Let's check the existing blog token to see if we need to re-register. We only check once per minute
4570
			// because otherwise this logic can get us in to a loop.
4571
			$last_connect_url_check = intval( Jetpack_Options::get_raw_option( 'jetpack_last_connect_url_check' ) );
4572
			if ( ! $last_connect_url_check || ( time() - $last_connect_url_check ) > MINUTE_IN_SECONDS ) {
4573
				Jetpack_Options::update_raw_option( 'jetpack_last_connect_url_check', time() );
4574
4575
				$response = Jetpack_Client::wpcom_json_api_request_as_blog(
4576
					sprintf( '/sites/%d', $site_id ) .'?force=wpcom',
4577
					'1.1'
4578
				);
4579
4580
				if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
4581
					// Generating a register URL instead to refresh the existing token
4582
					return $this->build_connect_url( $raw, $redirect, $from, true );
4583
				}
4584
			}
4585
4586
			if ( defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) && include_once JETPACK__GLOTPRESS_LOCALES_PATH ) {
4587
				$gp_locale = GP_Locales::by_field( 'wp_locale', get_locale() );
4588
			}
4589
4590
			$role = self::translate_current_user_to_role();
4591
			$signed_role = self::sign_role( $role );
4592
4593
			$user = wp_get_current_user();
4594
4595
			$jetpack_admin_page = esc_url_raw( admin_url( 'admin.php?page=jetpack' ) );
4596
			$redirect = $redirect
4597
				? wp_validate_redirect( esc_url_raw( $redirect ), $jetpack_admin_page )
4598
				: $jetpack_admin_page;
4599
4600
			if( isset( $_REQUEST['is_multisite'] ) ) {
4601
				$redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4602
			}
4603
4604
			$secrets = Jetpack::generate_secrets( 'authorize', false, 2 * HOUR_IN_SECONDS );
4605
4606
			$site_icon = ( function_exists( 'has_site_icon') && has_site_icon() )
4607
				? get_site_icon_url()
4608
				: false;
4609
4610
			/**
4611
			 * Filter the type of authorization.
4612
			 * 'calypso' completes authorization on wordpress.com/jetpack/connect
4613
			 * while 'jetpack' ( or any other value ) completes the authorization at jetpack.wordpress.com.
4614
			 *
4615
			 * @since 4.3.3
4616
			 *
4617
			 * @param string $auth_type Defaults to 'calypso', can also be 'jetpack'.
4618
			 */
4619
			$auth_type = apply_filters( 'jetpack_auth_type', 'calypso' );
4620
4621
			$tracks_identity = jetpack_tracks_get_identity( get_current_user_id() );
4622
4623
			$args = urlencode_deep(
4624
				array(
4625
					'response_type' => 'code',
4626
					'client_id'     => Jetpack_Options::get_option( 'id' ),
4627
					'redirect_uri'  => add_query_arg(
4628
						array(
4629
							'action'   => 'authorize',
4630
							'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
4631
							'redirect' => urlencode( $redirect ),
4632
						),
4633
						esc_url( admin_url( 'admin.php?page=jetpack' ) )
4634
					),
4635
					'state'         => $user->ID,
4636
					'scope'         => $signed_role,
4637
					'user_email'    => $user->user_email,
4638
					'user_login'    => $user->user_login,
4639
					'is_active'     => Jetpack::is_active(),
4640
					'jp_version'    => JETPACK__VERSION,
4641
					'auth_type'     => $auth_type,
4642
					'secret'        => $secrets['secret_1'],
4643
					'locale'        => ( isset( $gp_locale ) && isset( $gp_locale->slug ) ) ? $gp_locale->slug : '',
4644
					'blogname'      => get_option( 'blogname' ),
4645
					'site_url'      => site_url(),
4646
					'home_url'      => home_url(),
4647
					'site_icon'     => $site_icon,
4648
					'site_lang'     => get_locale(),
4649
					'_ui'           => $tracks_identity['_ui'],
4650
					'_ut'           => $tracks_identity['_ut']
4651
				)
4652
			);
4653
4654
			self::apply_activation_source_to_args( $args );
4655
4656
			$url = add_query_arg( $args, Jetpack::api_url( 'authorize' ) );
4657
		}
4658
4659
		if ( $from ) {
4660
			$url = add_query_arg( 'from', $from, $url );
4661
		}
4662
4663
4664
		if ( isset( $_GET['calypso_env'] ) ) {
4665
			$url = add_query_arg( 'calypso_env', sanitize_key( $_GET['calypso_env'] ), $url );
4666
		}
4667
4668
		return $raw ? $url : esc_url( $url );
4669
	}
4670
4671
	public static function apply_activation_source_to_args( &$args ) {
4672
		list( $activation_source_name, $activation_source_keyword ) = get_option( 'jetpack_activation_source' );
4673
4674
		if ( $activation_source_name ) {
4675
			$args['_as'] = urlencode( $activation_source_name );
4676
		}
4677
4678
		if ( $activation_source_keyword ) {
4679
			$args['_ak'] = urlencode( $activation_source_keyword );
4680
		}
4681
	}
4682
4683
	function build_reconnect_url( $raw = false ) {
4684
		$url = wp_nonce_url( Jetpack::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4685
		return $raw ? $url : esc_url( $url );
4686
	}
4687
4688
	public static function admin_url( $args = null ) {
4689
		$args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4690
		$url = add_query_arg( $args, admin_url( 'admin.php' ) );
4691
		return $url;
4692
	}
4693
4694
	public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4695
		$actionurl = str_replace( '&amp;', '&', $actionurl );
4696
		return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4697
	}
4698
4699
	function dismiss_jetpack_notice() {
4700
4701
		if ( ! isset( $_GET['jetpack-notice'] ) ) {
4702
			return;
4703
		}
4704
4705
		switch( $_GET['jetpack-notice'] ) {
4706
			case 'dismiss':
4707
				if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4708
4709
					require_once ABSPATH . 'wp-admin/includes/plugin.php';
4710
					deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4711
					wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4712
				}
4713
				break;
4714 View Code Duplication
			case 'jetpack-manage-opt-out':
0 ignored issues
show
Coding Style introduced by
The case body in a switch statement must start on the line following the statement.

According to the PSR-2, the body of a case statement must start on the line immediately following the case statement.

switch ($expr) {
case "A":
    doSomething(); //right
    break;
case "B":

    doSomethingElse(); //wrong
    break;

}

To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.

Loading history...
4715
4716
				if ( check_admin_referer( 'jetpack_manage_banner_opt_out' ) ) {
4717
					// Don't show the banner again
4718
4719
					Jetpack_Options::update_option( 'dismissed_manage_banner', true );
4720
					// redirect back to the page that had the notice
4721
					if ( wp_get_referer() ) {
4722
						wp_safe_redirect( wp_get_referer() );
4723
					} else {
4724
						// Take me to Jetpack
4725
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4726
					}
4727
				}
4728
				break;
4729 View Code Duplication
			case 'jetpack-protect-multisite-opt-out':
0 ignored issues
show
Coding Style introduced by
The case body in a switch statement must start on the line following the statement.

According to the PSR-2, the body of a case statement must start on the line immediately following the case statement.

switch ($expr) {
case "A":
    doSomething(); //right
    break;
case "B":

    doSomethingElse(); //wrong
    break;

}

To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.

Loading history...
4730
4731
				if ( check_admin_referer( 'jetpack_protect_multisite_banner_opt_out' ) ) {
4732
					// Don't show the banner again
4733
4734
					update_site_option( 'jetpack_dismissed_protect_multisite_banner', true );
4735
					// redirect back to the page that had the notice
4736
					if ( wp_get_referer() ) {
4737
						wp_safe_redirect( wp_get_referer() );
4738
					} else {
4739
						// Take me to Jetpack
4740
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4741
					}
4742
				}
4743
				break;
4744
			case 'jetpack-manage-opt-in':
4745
				if ( check_admin_referer( 'jetpack_manage_banner_opt_in' ) ) {
4746
					// This makes sure that we are redirect to jetpack home so that we can see the Success Message.
4747
4748
					$redirection_url = Jetpack::admin_url();
4749
					remove_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4750
4751
					// Don't redirect form the Jetpack Setting Page
4752
					$referer_parsed = parse_url ( wp_get_referer() );
4753
					// check that we do have a wp_get_referer and the query paramater is set orderwise go to the Jetpack Home
4754
					if ( isset( $referer_parsed['query'] ) && false !== strpos( $referer_parsed['query'], 'page=jetpack_modules' ) ) {
4755
						// Take the user to Jetpack home except when on the setting page
4756
						$redirection_url = wp_get_referer();
4757
						add_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4758
					}
4759
					// Also update the JSON API FULL MANAGEMENT Option
4760
					Jetpack::activate_module( 'manage', false, false );
4761
4762
					// Special Message when option in.
4763
					Jetpack::state( 'optin-manage', 'true' );
4764
					// Activate the Module if not activated already
4765
4766
					// Redirect properly
4767
					wp_safe_redirect( $redirection_url );
4768
4769
				}
4770
				break;
4771
		}
4772
	}
4773
4774
	public static function admin_screen_configure_module( $module_id ) {
4775
4776
		// User that doesn't have 'jetpack_configure_modules' will never end up here since Jetpack Landing Page woun't let them.
4777
		if ( ! in_array( $module_id, Jetpack::get_active_modules() ) && current_user_can( 'manage_options' ) ) {
4778
			if ( has_action( 'display_activate_module_setting_' . $module_id ) ) {
4779
				/**
4780
				 * Fires to diplay a custom module activation screen.
4781
				 *
4782
				 * To add a module actionation screen use Jetpack::module_configuration_activation_screen method.
4783
				 * Example: Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
4784
				 *
4785
				 * @module manage
4786
				 *
4787
				 * @since 3.8.0
4788
				 *
4789
				 * @param int $module_id Module ID.
4790
				 */
4791
				do_action( 'display_activate_module_setting_' . $module_id );
4792
			} else {
4793
				self::display_activate_module_link( $module_id );
4794
			}
4795
4796
			return false;
4797
		} ?>
4798
4799
		<div id="jp-settings-screen" style="position: relative">
4800
			<h3>
4801
			<?php
4802
				$module = Jetpack::get_module( $module_id );
4803
				echo '<a href="' . Jetpack::admin_url( 'page=jetpack_modules' ) . '">' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</a> &rarr; ';
4804
				printf( __( 'Configure %s', 'jetpack' ), $module['name'] );
4805
			?>
4806
			</h3>
4807
			<?php
4808
				/**
4809
				 * Fires within the displayed message when a feature configuation is updated.
4810
				 *
4811
				 * @since 3.4.0
4812
				 *
4813
				 * @param int $module_id Module ID.
4814
				 */
4815
				do_action( 'jetpack_notices_update_settings', $module_id );
4816
				/**
4817
				 * Fires when a feature configuation screen is loaded.
4818
				 * The dynamic part of the hook, $module_id, is the module ID.
4819
				 *
4820
				 * @since 1.1.0
4821
				 */
4822
				do_action( 'jetpack_module_configuration_screen_' . $module_id );
4823
			?>
4824
		</div><?php
4825
	}
4826
4827
	/**
4828
	 * Display link to activate the module to see the settings screen.
4829
	 * @param  string $module_id
4830
	 * @return null
4831
	 */
4832
	public static function display_activate_module_link( $module_id ) {
4833
4834
		$info =  Jetpack::get_module( $module_id );
4835
		$extra = '';
4836
		$activate_url = wp_nonce_url(
4837
				Jetpack::admin_url(
4838
					array(
4839
						'page'   => 'jetpack',
4840
						'action' => 'activate',
4841
						'module' => $module_id,
4842
					)
4843
				),
4844
				"jetpack_activate-$module_id"
4845
			);
4846
4847
		?>
4848
4849
		<div class="wrap configure-module">
4850
			<div id="jp-settings-screen">
4851
				<?php
4852
				if ( $module_id == 'json-api' ) {
4853
4854
					$info['name'] = esc_html__( 'Activate Site Management and JSON API', 'jetpack' );
4855
4856
					$activate_url = Jetpack::init()->opt_in_jetpack_manage_url();
4857
4858
					$info['description'] = sprintf( __( 'Manage your multiple Jetpack sites from our centralized dashboard at wordpress.com/sites. <a href="%s" target="_blank">Learn more</a>.', 'jetpack' ), 'https://jetpack.com/support/site-management' );
4859
4860
					// $extra = __( 'To use Site Management, you need to first activate JSON API to allow remote management of your site. ', 'jetpack' );
4861
				} ?>
4862
4863
				<h3><?php echo esc_html( $info['name'] ); ?></h3>
4864
				<div class="narrow">
4865
					<p><?php echo  $info['description']; ?></p>
4866
					<?php if( $extra ) { ?>
4867
					<p><?php echo esc_html( $extra ); ?></p>
4868
					<?php } ?>
4869
					<p>
4870
						<?php
4871
						if( wp_get_referer() ) {
4872
							printf( __( '<a class="button-primary" href="%s">Activate Now</a> or <a href="%s" >return to previous page</a>.', 'jetpack' ) , $activate_url, wp_get_referer() );
4873
						} else {
4874
							printf( __( '<a class="button-primary" href="%s">Activate Now</a>', 'jetpack' ) , $activate_url  );
4875
						} ?>
4876
					</p>
4877
				</div>
4878
4879
			</div>
4880
		</div>
4881
4882
		<?php
4883
	}
4884
4885
	public static function sort_modules( $a, $b ) {
4886
		if ( $a['sort'] == $b['sort'] )
4887
			return 0;
4888
4889
		return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4890
	}
4891
4892
	function ajax_recheck_ssl() {
4893
		check_ajax_referer( 'recheck-ssl', 'ajax-nonce' );
4894
		$result = Jetpack::permit_ssl( true );
4895
		wp_send_json( array(
4896
			'enabled' => $result,
4897
			'message' => get_transient( 'jetpack_https_test_message' )
4898
		) );
4899
	}
4900
4901
/* Client API */
4902
4903
	/**
4904
	 * Returns the requested Jetpack API URL
4905
	 *
4906
	 * @return string
4907
	 */
4908
	public static function api_url( $relative_url ) {
4909
		return trailingslashit( JETPACK__API_BASE . $relative_url  ) . JETPACK__API_VERSION . '/';
4910
	}
4911
4912
	/**
4913
	 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
4914
	 */
4915
	public static function fix_url_for_bad_hosts( $url ) {
4916
		if ( 0 !== strpos( $url, 'https://' ) ) {
4917
			return $url;
4918
		}
4919
4920
		switch ( JETPACK_CLIENT__HTTPS ) {
4921
			case 'ALWAYS' :
4922
				return $url;
4923
			case 'NEVER' :
4924
				return set_url_scheme( $url, 'http' );
4925
			// default : case 'AUTO' :
4926
		}
4927
4928
		// we now return the unmodified SSL URL by default, as a security precaution
4929
		return $url;
4930
	}
4931
4932
	/**
4933
	 * Create a random secret for validating onboarding payload
4934
	 *
4935
	 * @return string Secret token
4936
	 */
4937
	public static function create_onboarding_token() {
4938
		if ( false === ( $token = Jetpack_Options::get_option( 'onboarding' ) ) ) {
4939
			$token = wp_generate_password( 32, false );
4940
			Jetpack_Options::update_option( 'onboarding', $token );
4941
		}
4942
4943
		return $token;
4944
	}
4945
4946
	/**
4947
	 * Remove the onboarding token
4948
	 *
4949
	 * @return bool True on success, false on failure
4950
	 */
4951
	public static function invalidate_onboarding_token() {
4952
		return Jetpack_Options::delete_option( 'onboarding' );
4953
	}
4954
4955
	/**
4956
	 * Validate an onboarding token for a specific action
4957
	 *
4958
	 * @return boolean True if token/action pair is accepted, false if not
4959
	 */
4960
	public static function validate_onboarding_token_action( $token, $action ) {
4961
		// Compare tokens, bail if tokens do not match
4962
		if ( ! hash_equals( $token, Jetpack_Options::get_option( 'onboarding' ) ) ) {
4963
			return false;
4964
		}
4965
4966
		// List of valid actions we can take
4967
		$valid_actions = array(
4968
			'/jetpack/v4/settings',
4969
		);
4970
4971
		// Whitelist the action
4972
		if ( ! in_array( $action, $valid_actions ) ) {
4973
			return false;
4974
		}
4975
4976
		return true;
4977
	}
4978
4979
	/**
4980
	 * Checks to see if the URL is using SSL to connect with Jetpack
4981
	 *
4982
	 * @since 2.3.3
4983
	 * @return boolean
4984
	 */
4985
	public static function permit_ssl( $force_recheck = false ) {
4986
		// Do some fancy tests to see if ssl is being supported
4987
		if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
4988
			$message = '';
4989
			if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
4990
				$ssl = 0;
4991
			} else {
4992
				switch ( JETPACK_CLIENT__HTTPS ) {
4993
					case 'NEVER':
4994
						$ssl = 0;
4995
						$message = __( 'JETPACK_CLIENT__HTTPS is set to NEVER', 'jetpack' );
4996
						break;
4997
					case 'ALWAYS':
4998
					case 'AUTO':
4999
					default:
5000
						$ssl = 1;
5001
						break;
5002
				}
5003
5004
				// If it's not 'NEVER', test to see
5005
				if ( $ssl ) {
5006
					if ( ! wp_http_supports( array( 'ssl' => true ) ) ) {
5007
						$ssl = 0;
5008
						$message = __( 'WordPress reports no SSL support', 'jetpack' );
5009
					} else {
5010
						$response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
5011
						if ( is_wp_error( $response ) ) {
5012
							$ssl = 0;
5013
							$message = __( 'WordPress reports no SSL support', 'jetpack' );
5014
						} elseif ( 'OK' !== wp_remote_retrieve_body( $response ) ) {
5015
							$ssl = 0;
5016
							$message = __( 'Response was not OK: ', 'jetpack' ) . wp_remote_retrieve_body( $response );
5017
						}
5018
					}
5019
				}
5020
			}
5021
			set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
5022
			set_transient( 'jetpack_https_test_message', $message, DAY_IN_SECONDS );
5023
		}
5024
5025
		return (bool) $ssl;
5026
	}
5027
5028
	/*
5029
	 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'AUTO' but SSL isn't working.
5030
	 */
5031
	public function alert_auto_ssl_fail() {
5032
		if ( ! current_user_can( 'manage_options' ) )
5033
			return;
5034
5035
		$ajax_nonce = wp_create_nonce( 'recheck-ssl' );
5036
		?>
5037
5038
		<div id="jetpack-ssl-warning" class="error jp-identity-crisis">
5039
			<div class="jp-banner__content">
5040
				<h2><?php _e( 'Outbound HTTPS not working', 'jetpack' ); ?></h2>
5041
				<p><?php _e( 'Your site could not connect to WordPress.com via HTTPS. This could be due to any number of reasons, including faulty SSL certificates, misconfigured or missing SSL libraries, or network issues.', 'jetpack' ); ?></p>
5042
				<p>
5043
					<?php _e( 'Jetpack will re-test for HTTPS support once a day, but you can click here to try again immediately: ', 'jetpack' ); ?>
5044
					<a href="#" id="jetpack-recheck-ssl-button"><?php _e( 'Try again', 'jetpack' ); ?></a>
5045
					<span id="jetpack-recheck-ssl-output"><?php echo get_transient( 'jetpack_https_test_message' ); ?></span>
5046
				</p>
5047
				<p>
5048
					<?php printf( __( 'For more help, try our <a href="%1$s">connection debugger</a> or <a href="%2$s" target="_blank">troubleshooting tips</a>.', 'jetpack' ),
5049
							esc_url( Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) ),
5050
							esc_url( 'https://jetpack.com/support/getting-started-with-jetpack/troubleshooting-tips/' ) ); ?>
5051
				</p>
5052
			</div>
5053
		</div>
5054
		<style>
5055
			#jetpack-recheck-ssl-output { margin-left: 5px; color: red; }
5056
		</style>
5057
		<script type="text/javascript">
5058
			jQuery( document ).ready( function( $ ) {
5059
				$( '#jetpack-recheck-ssl-button' ).click( function( e ) {
5060
					var $this = $( this );
5061
					$this.html( <?php echo json_encode( __( 'Checking', 'jetpack' ) ); ?> );
5062
					$( '#jetpack-recheck-ssl-output' ).html( '' );
5063
					e.preventDefault();
5064
					var data = { action: 'jetpack-recheck-ssl', 'ajax-nonce': '<?php echo $ajax_nonce; ?>' };
5065
					$.post( ajaxurl, data )
5066
					  .done( function( response ) {
5067
					  	if ( response.enabled ) {
5068
					  		$( '#jetpack-ssl-warning' ).hide();
5069
					  	} else {
5070
					  		this.html( <?php echo json_encode( __( 'Try again', 'jetpack' ) ); ?> );
5071
					  		$( '#jetpack-recheck-ssl-output' ).html( 'SSL Failed: ' + response.message );
5072
					  	}
5073
					  }.bind( $this ) );
5074
				} );
5075
			} );
5076
		</script>
5077
5078
		<?php
5079
	}
5080
5081
	/**
5082
	 * Returns the Jetpack XML-RPC API
5083
	 *
5084
	 * @return string
5085
	 */
5086
	public static function xmlrpc_api_url() {
5087
		$base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE );
5088
		return untrailingslashit( $base ) . '/xmlrpc.php';
5089
	}
5090
5091
	/**
5092
	 * Creates two secret tokens and the end of life timestamp for them.
5093
	 *
5094
	 * Note these tokens are unique per call, NOT static per site for connecting.
5095
	 *
5096
	 * @since 2.6
5097
	 * @return array
5098
	 */
5099
	public static function generate_secrets( $action, $user_id = false, $exp = 600 ) {
5100
		if ( ! $user_id ) {
5101
			$user_id = get_current_user_id();
5102
		}
5103
5104
		$secret_name  = 'jetpack_' . $action . '_' . $user_id;
5105
		$secrets      = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
5106
5107
		if (
5108
			isset( $secrets[ $secret_name ] ) &&
5109
			$secrets[ $secret_name ]['exp'] > time()
5110
		) {
5111
			return $secrets[ $secret_name ];
5112
		}
5113
5114
		$secret_value = array(
5115
			'secret_1'  => wp_generate_password( 32, false ),
5116
			'secret_2'  => wp_generate_password( 32, false ),
5117
			'exp'       => time() + $exp,
5118
		);
5119
5120
		$secrets[ $secret_name ] = $secret_value;
5121
5122
		Jetpack_Options::update_raw_option( 'jetpack_secrets', $secrets );
5123
		return $secrets[ $secret_name ];
5124
	}
5125
5126
	public static function get_secrets( $action, $user_id ) {
5127
		$secret_name = 'jetpack_' . $action . '_' . $user_id;
5128
		$secrets = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
5129
5130
		if ( ! isset( $secrets[ $secret_name ] ) ) {
5131
			return new WP_Error( 'verify_secrets_missing', 'Verification secrets not found' );
5132
		}
5133
5134
		if ( $secrets[ $secret_name ]['exp'] < time() ) {
5135
			self::delete_secrets( $action, $user_id );
5136
			return new WP_Error( 'verify_secrets_expired', 'Verification took too long' );
5137
		}
5138
5139
		return $secrets[ $secret_name ];
5140
	}
5141
5142
	public static function delete_secrets( $action, $user_id ) {
5143
		$secret_name = 'jetpack_' . $action . '_' . $user_id;
5144
		$secrets = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
5145
		if ( isset( $secrets[ $secret_name ] ) ) {
5146
			unset( $secrets[ $secret_name ] );
5147
			Jetpack_Options::update_raw_option( 'jetpack_secrets', $secrets );
5148
		}
5149
	}
5150
5151
	/**
5152
	 * Builds the timeout limit for queries talking with the wpcom servers.
5153
	 *
5154
	 * Based on local php max_execution_time in php.ini
5155
	 *
5156
	 * @since 2.6
5157
	 * @return int
5158
	 * @deprecated
5159
	 **/
5160
	public function get_remote_query_timeout_limit() {
5161
		_deprecated_function( __METHOD__, 'jetpack-5.4' );
5162
		return Jetpack::get_max_execution_time();
5163
	}
5164
5165
	/**
5166
	 * Builds the timeout limit for queries talking with the wpcom servers.
5167
	 *
5168
	 * Based on local php max_execution_time in php.ini
5169
	 *
5170
	 * @since 5.4
5171
	 * @return int
5172
	 **/
5173
	public static function get_max_execution_time() {
5174
		$timeout = (int) ini_get( 'max_execution_time' );
5175
5176
		// Ensure exec time set in php.ini
5177
		if ( ! $timeout ) {
5178
			$timeout = 30;
5179
		}
5180
		return $timeout;
5181
	}
5182
5183
	/**
5184
	 * Sets a minimum request timeout, and returns the current timeout
5185
	 *
5186
	 * @since 5.4
5187
	 **/
5188
	public static function set_min_time_limit( $min_timeout ) {
5189
		$timeout = self::get_max_execution_time();
5190
		if ( $timeout < $min_timeout ) {
5191
			$timeout = $min_timeout;
5192
			set_time_limit( $timeout );
5193
		}
5194
		return $timeout;
5195
	}
5196
5197
5198
	/**
5199
	 * Takes the response from the Jetpack register new site endpoint and
5200
	 * verifies it worked properly.
5201
	 *
5202
	 * @since 2.6
5203
	 * @return string|Jetpack_Error A JSON object on success or Jetpack_Error on failures
5204
	 **/
5205
	public function validate_remote_register_response( $response ) {
5206
	  if ( is_wp_error( $response ) ) {
5207
			return new Jetpack_Error( 'register_http_request_failed', $response->get_error_message() );
5208
		}
5209
5210
		$code   = wp_remote_retrieve_response_code( $response );
5211
		$entity = wp_remote_retrieve_body( $response );
5212
		if ( $entity )
5213
			$registration_response = json_decode( $entity );
5214
		else
5215
			$registration_response = false;
5216
5217
		$code_type = intval( $code / 100 );
5218
		if ( 5 == $code_type ) {
5219
			return new Jetpack_Error( 'wpcom_5??', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
5220
		} elseif ( 408 == $code ) {
5221
			return new Jetpack_Error( 'wpcom_408', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
5222
		} elseif ( ! empty( $registration_response->error ) ) {
5223
			if ( 'xml_rpc-32700' == $registration_response->error && ! function_exists( 'xml_parser_create' ) ) {
5224
				$error_description = __( "PHP's XML extension is not available. Jetpack requires the XML extension to communicate with WordPress.com. Please contact your hosting provider to enable PHP's XML extension.", 'jetpack' );
5225
			} else {
5226
				$error_description = isset( $registration_response->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $registration_response->error_description ) : '';
5227
			}
5228
5229
			return new Jetpack_Error( (string) $registration_response->error, $error_description, $code );
5230
		} elseif ( 200 != $code ) {
5231
			return new Jetpack_Error( 'wpcom_bad_response', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
5232
		}
5233
5234
		// Jetpack ID error block
5235
		if ( empty( $registration_response->jetpack_id ) ) {
5236
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ), $entity );
5237
		} elseif ( ! is_scalar( $registration_response->jetpack_id ) ) {
5238
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
5239
		} elseif ( preg_match( '/[^0-9]/', $registration_response->jetpack_id ) ) {
5240
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
5241
		}
5242
5243
	    return $registration_response;
5244
	}
5245
	/**
5246
	 * @return bool|WP_Error
5247
	 */
5248
	public static function register() {
5249
		JetpackTracking::record_user_event( 'jpc_register_begin' );
5250
		add_action( 'pre_update_jetpack_option_register', array( 'Jetpack_Options', 'delete_option' ) );
5251
		$secrets = Jetpack::generate_secrets( 'register' );
5252
5253 View Code Duplication
		if (
5254
			empty( $secrets['secret_1'] ) ||
5255
			empty( $secrets['secret_2'] ) ||
5256
			empty( $secrets['exp'] )
5257
		) {
5258
			return new Jetpack_Error( 'missing_secrets' );
5259
		}
5260
5261
		// better to try (and fail) to set a higher timeout than this system
5262
		// supports than to have register fail for more users than it should
5263
		$timeout = Jetpack::set_min_time_limit( 60 ) / 2;
5264
5265
		$gmt_offset = get_option( 'gmt_offset' );
5266
		if ( ! $gmt_offset ) {
5267
			$gmt_offset = 0;
5268
		}
5269
5270
		$stats_options = get_option( 'stats_options' );
5271
		$stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null;
5272
5273
		$tracks_identity = jetpack_tracks_get_identity( get_current_user_id() );
5274
5275
		$args = array(
5276
			'method'  => 'POST',
5277
			'body'    => array(
5278
				'siteurl'         => site_url(),
5279
				'home'            => home_url(),
5280
				'gmt_offset'      => $gmt_offset,
5281
				'timezone_string' => (string) get_option( 'timezone_string' ),
5282
				'site_name'       => (string) get_option( 'blogname' ),
5283
				'secret_1'        => $secrets['secret_1'],
5284
				'secret_2'        => $secrets['secret_2'],
5285
				'site_lang'       => get_locale(),
5286
				'timeout'         => $timeout,
5287
				'stats_id'        => $stats_id,
5288
				'state'           => get_current_user_id(),
5289
				'_ui'             => $tracks_identity['_ui'],
5290
				'_ut'             => $tracks_identity['_ut'],
5291
				'jetpack_version' => JETPACK__VERSION
5292
			),
5293
			'headers' => array(
5294
				'Accept' => 'application/json',
5295
			),
5296
			'timeout' => $timeout,
5297
		);
5298
5299
		self::apply_activation_source_to_args( $args['body'] );
5300
5301
		$response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'register' ) ), $args, true );
5302
5303
		// Make sure the response is valid and does not contain any Jetpack errors
5304
		$registration_details = Jetpack::init()->validate_remote_register_response( $response );
5305
		if ( is_wp_error( $registration_details ) ) {
5306
			return $registration_details;
5307
		} elseif ( ! $registration_details ) {
5308
			return new Jetpack_Error( 'unknown_error', __( 'Unknown error registering your Jetpack site', 'jetpack' ), wp_remote_retrieve_response_code( $response ) );
5309
		}
5310
5311 View Code Duplication
		if ( empty( $registration_details->jetpack_secret ) || ! is_string( $registration_details->jetpack_secret ) ) {
5312
			return new Jetpack_Error( 'jetpack_secret', '', wp_remote_retrieve_response_code( $response ) );
5313
		}
5314
5315
		if ( isset( $registration_details->jetpack_public ) ) {
5316
			$jetpack_public = (int) $registration_details->jetpack_public;
5317
		} else {
5318
			$jetpack_public = false;
5319
		}
5320
5321
		Jetpack_Options::update_options(
5322
			array(
5323
				'id'         => (int)    $registration_details->jetpack_id,
5324
				'blog_token' => (string) $registration_details->jetpack_secret,
5325
				'public'     => $jetpack_public,
5326
			)
5327
		);
5328
5329
		/**
5330
		 * Fires when a site is registered on WordPress.com.
5331
		 *
5332
		 * @since 3.7.0
5333
		 *
5334
		 * @param int $json->jetpack_id Jetpack Blog ID.
5335
		 * @param string $json->jetpack_secret Jetpack Blog Token.
5336
		 * @param int|bool $jetpack_public Is the site public.
5337
		 */
5338
		do_action( 'jetpack_site_registered', $registration_details->jetpack_id, $registration_details->jetpack_secret, $jetpack_public );
5339
5340
		// Initialize Jump Start for the first and only time.
5341
		if ( ! Jetpack_Options::get_option( 'jumpstart' ) ) {
5342
			Jetpack_Options::update_option( 'jumpstart', 'new_connection' );
5343
5344
			$jetpack = Jetpack::init();
5345
5346
			$jetpack->stat( 'jumpstart', 'unique-views' );
5347
			$jetpack->do_stats( 'server_side' );
5348
		};
5349
5350
		return true;
5351
	}
5352
5353
	/**
5354
	 * If the db version is showing something other that what we've got now, bump it to current.
5355
	 *
5356
	 * @return bool: True if the option was incorrect and updated, false if nothing happened.
0 ignored issues
show
Documentation introduced by
The doc-type bool: could not be parsed: Unknown type name "bool:" at position 0. (view supported doc-types)

This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types.

Loading history...
5357
	 */
5358
	public static function maybe_set_version_option() {
5359
		list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
5360
		if ( JETPACK__VERSION != $version ) {
5361
			Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
5362
5363
			if ( version_compare( JETPACK__VERSION, $version, '>' ) ) {
5364
				/** This action is documented in class.jetpack.php */
5365
				do_action( 'updating_jetpack_version', JETPACK__VERSION, $version );
5366
			}
5367
5368
			return true;
5369
		}
5370
		return false;
5371
	}
5372
5373
/* Client Server API */
5374
5375
	/**
5376
	 * Loads the Jetpack XML-RPC client
5377
	 */
5378
	public static function load_xml_rpc_client() {
5379
		require_once ABSPATH . WPINC . '/class-IXR.php';
5380
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-ixr-client.php';
5381
	}
5382
5383
	/**
5384
	 * Resets the saved authentication state in between testing requests.
5385
	 */
5386
	public function reset_saved_auth_state() {
5387
		$this->xmlrpc_verification = null;
5388
		$this->rest_authentication_status = null;
5389
	}
5390
5391
	function verify_xml_rpc_signature() {
5392
		if ( $this->xmlrpc_verification ) {
5393
			return $this->xmlrpc_verification;
5394
		}
5395
5396
		// It's not for us
5397
		if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) {
5398
			return false;
5399
		}
5400
5401
		@list( $token_key, $version, $user_id ) = explode( ':', $_GET['token'] );
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
5402
		if (
5403
			empty( $token_key )
5404
		||
5405
			empty( $version ) || strval( JETPACK__API_VERSION ) !== $version
5406
		) {
5407
			return false;
5408
		}
5409
5410
		if ( '0' === $user_id ) {
5411
			$token_type = 'blog';
5412
			$user_id = 0;
5413
		} else {
5414
			$token_type = 'user';
5415
			if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) {
5416
				return false;
5417
			}
5418
			$user_id = (int) $user_id;
5419
5420
			$user = new WP_User( $user_id );
5421
			if ( ! $user || ! $user->exists() ) {
5422
				return false;
5423
			}
5424
		}
5425
5426
		$token = Jetpack_Data::get_access_token( $user_id );
0 ignored issues
show
Documentation introduced by
$user_id is of type integer, but the function expects a boolean.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
5427
		if ( ! $token ) {
5428
			return false;
5429
		}
5430
5431
		$token_check = "$token_key.";
5432
		if ( ! hash_equals( substr( $token->secret, 0, strlen( $token_check ) ), $token_check ) ) {
5433
			return false;
5434
		}
5435
5436
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5437
5438
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5439
		if ( isset( $_POST['_jetpack_is_multipart'] ) ) {
5440
			$post_data   = $_POST;
5441
			$file_hashes = array();
5442
			foreach ( $post_data as $post_data_key => $post_data_value ) {
5443
				if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) {
5444
					continue;
5445
				}
5446
				$post_data_key = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) );
5447
				$file_hashes[$post_data_key] = $post_data_value;
5448
			}
5449
5450
			foreach ( $file_hashes as $post_data_key => $post_data_value ) {
5451
				unset( $post_data["_jetpack_file_hmac_{$post_data_key}"] );
5452
				$post_data[$post_data_key] = $post_data_value;
5453
			}
5454
5455
			ksort( $post_data );
5456
5457
			$body = http_build_query( stripslashes_deep( $post_data ) );
5458
		} elseif ( is_null( $this->HTTP_RAW_POST_DATA ) ) {
5459
			$body = file_get_contents( 'php://input' );
5460
		} else {
5461
			$body = null;
5462
		}
5463
5464
		$signature = $jetpack_signature->sign_current_request(
5465
			array( 'body' => is_null( $body ) ? $this->HTTP_RAW_POST_DATA : $body, )
5466
		);
5467
5468
		if ( ! $signature ) {
5469
			return false;
5470
		} else if ( is_wp_error( $signature ) ) {
5471
			return $signature;
5472
		} else if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
5473
			return false;
5474
		}
5475
5476
		$timestamp = (int) $_GET['timestamp'];
5477
		$nonce     = stripslashes( (string) $_GET['nonce'] );
5478
5479
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5480
			return false;
5481
		}
5482
5483
		// Let's see if this is onboarding. In such case, use user token type and the provided user id.
5484
		if ( isset( $this->HTTP_RAW_POST_DATA ) || ! empty( $_GET['onboarding'] ) ) {
5485
			if ( ! empty( $_GET['onboarding'] ) ) {
5486
				$jpo = $_GET;
5487
			} else {
5488
				$jpo = json_decode( $this->HTTP_RAW_POST_DATA, true );
5489
			}
5490
5491
			$jpo_token = ! empty( $jpo['onboarding']['token'] ) ? $jpo['onboarding']['token'] : null;
5492
			$jpo_user = ! empty( $jpo['onboarding']['jpUser'] ) ? $jpo['onboarding']['jpUser'] : null;
5493
5494
			if (
5495
				isset( $jpo_user ) && isset( $jpo_token ) &&
5496
				is_email( $jpo_user ) && ctype_alnum( $jpo_token ) &&
5497
				isset( $_GET['rest_route'] ) &&
5498
				self::validate_onboarding_token_action( $jpo_token, $_GET['rest_route'] )
5499
			) {
5500
				$jpUser = get_user_by( 'email', $jpo_user );
5501
				if ( is_a( $jpUser, 'WP_User' ) ) {
5502
					wp_set_current_user( $jpUser->ID );
5503
					$user_can = is_multisite()
5504
						? current_user_can_for_blog( get_current_blog_id(), 'manage_options' )
5505
						: current_user_can( 'manage_options' );
5506
					if ( $user_can ) {
5507
						$token_type = 'user';
5508
						$token->external_user_id = $jpUser->ID;
5509
					}
5510
				}
5511
			}
5512
		}
5513
5514
		$this->xmlrpc_verification = array(
5515
			'type'    => $token_type,
5516
			'user_id' => $token->external_user_id,
5517
		);
5518
5519
		return $this->xmlrpc_verification;
5520
	}
5521
5522
	/**
5523
	 * Authenticates XML-RPC and other requests from the Jetpack Server
5524
	 */
5525
	function authenticate_jetpack( $user, $username, $password ) {
5526
		if ( is_a( $user, 'WP_User' ) ) {
5527
			return $user;
5528
		}
5529
5530
		$token_details = $this->verify_xml_rpc_signature();
5531
5532
		if ( ! $token_details || is_wp_error( $token_details ) ) {
5533
			return $user;
5534
		}
5535
5536
		if ( 'user' !== $token_details['type'] ) {
5537
			return $user;
5538
		}
5539
5540
		if ( ! $token_details['user_id'] ) {
5541
			return $user;
5542
		}
5543
5544
		nocache_headers();
5545
5546
		return new WP_User( $token_details['user_id'] );
5547
	}
5548
5549
	// Authenticates requests from Jetpack server to WP REST API endpoints.
5550
	// Uses the existing XMLRPC request signing implementation.
5551
	function wp_rest_authenticate( $user ) {
5552
		if ( ! empty( $user ) ) {
5553
			// Another authentication method is in effect.
5554
			return $user;
5555
		}
5556
5557
		if ( ! isset( $_GET['_for'] ) || $_GET['_for'] !== 'jetpack' ) {
5558
			// Nothing to do for this authentication method.
5559
			return null;
5560
		}
5561
5562
		if ( ! isset( $_GET['token'] ) && ! isset( $_GET['signature'] ) ) {
5563
			// Nothing to do for this authentication method.
5564
			return null;
5565
		}
5566
5567
		// Ensure that we always have the request body available.  At this
5568
		// point, the WP REST API code to determine the request body has not
5569
		// run yet.  That code may try to read from 'php://input' later, but
5570
		// this can only be done once per request in PHP versions prior to 5.6.
5571
		// So we will go ahead and perform this read now if needed, and save
5572
		// the request body where both the Jetpack signature verification code
5573
		// and the WP REST API code can see it.
5574
		if ( ! isset( $GLOBALS['HTTP_RAW_POST_DATA'] ) ) {
5575
			$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents( 'php://input' );
5576
		}
5577
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5578
5579
		// Only support specific request parameters that have been tested and
5580
		// are known to work with signature verification.  A different method
5581
		// can be passed to the WP REST API via the '?_method=' parameter if
5582
		// needed.
5583
		if ( $_SERVER['REQUEST_METHOD'] !== 'GET' && $_SERVER['REQUEST_METHOD'] !== 'POST' ) {
5584
			$this->rest_authentication_status = new WP_Error(
5585
				'rest_invalid_request',
5586
				__( 'This request method is not supported.', 'jetpack' ),
5587
				array( 'status' => 400 )
5588
			);
5589
			return null;
5590
		}
5591
		if ( $_SERVER['REQUEST_METHOD'] !== 'POST' && ! empty( $this->HTTP_RAW_POST_DATA ) ) {
5592
			$this->rest_authentication_status = new WP_Error(
5593
				'rest_invalid_request',
5594
				__( 'This request method does not support body parameters.', 'jetpack' ),
5595
				array( 'status' => 400 )
5596
			);
5597
			return null;
5598
		}
5599
5600
		if ( ! empty( $_SERVER['CONTENT_TYPE'] ) ) {
5601
			$content_type = $_SERVER['CONTENT_TYPE'];
5602
		} elseif ( ! empty( $_SERVER['HTTP_CONTENT_TYPE'] ) ) {
5603
			$content_type = $_SERVER['HTTP_CONTENT_TYPE'];
5604
		}
5605
5606
		if (
5607
			isset( $content_type ) &&
5608
			$content_type !== 'application/x-www-form-urlencoded' &&
5609
			$content_type !== 'application/json'
5610
		) {
5611
			$this->rest_authentication_status = new WP_Error(
5612
				'rest_invalid_request',
5613
				__( 'This Content-Type is not supported.', 'jetpack' ),
5614
				array( 'status' => 400 )
5615
			);
5616
			return null;
5617
		}
5618
5619
		$verified = $this->verify_xml_rpc_signature();
5620
5621
		if ( is_wp_error( $verified ) ) {
5622
			$this->rest_authentication_status = $verified;
5623
			return null;
5624
		}
5625
5626
		if (
5627
			$verified &&
5628
			isset( $verified['type'] ) &&
5629
			'user' === $verified['type'] &&
5630
			! empty( $verified['user_id'] )
5631
		) {
5632
			// Authentication successful.
5633
			$this->rest_authentication_status = true;
5634
			return $verified['user_id'];
5635
		}
5636
5637
		// Something else went wrong.  Probably a signature error.
5638
		$this->rest_authentication_status = new WP_Error(
5639
			'rest_invalid_signature',
5640
			__( 'The request is not signed correctly.', 'jetpack' ),
5641
			array( 'status' => 400 )
5642
		);
5643
		return null;
5644
	}
5645
5646
	/**
5647
	 * Report authentication status to the WP REST API.
5648
	 *
5649
	 * @param  WP_Error|mixed $result Error from another authentication handler, null if we should handle it, or another value if not
0 ignored issues
show
Bug introduced by
There is no parameter named $result. Was it maybe removed?

This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.

Consider the following example. The parameter $italy is not defined by the method finale(...).

/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}

The most likely cause is that the parameter was removed, but the annotation was not.

Loading history...
5650
	 * @return WP_Error|boolean|null {@see WP_JSON_Server::check_authentication}
5651
	 */
5652
	public function wp_rest_authentication_errors( $value ) {
5653
		if ( $value !== null ) {
5654
			return $value;
5655
		}
5656
		return $this->rest_authentication_status;
5657
	}
5658
5659
	function add_nonce( $timestamp, $nonce ) {
5660
		global $wpdb;
5661
		static $nonces_used_this_request = array();
5662
5663
		if ( isset( $nonces_used_this_request["$timestamp:$nonce"] ) ) {
5664
			return $nonces_used_this_request["$timestamp:$nonce"];
5665
		}
5666
5667
		// This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce
5668
		$timestamp = (int) $timestamp;
5669
		$nonce     = esc_sql( $nonce );
5670
5671
		// Raw query so we can avoid races: add_option will also update
5672
		$show_errors = $wpdb->show_errors( false );
5673
5674
		$old_nonce = $wpdb->get_row(
5675
			$wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" )
5676
		);
5677
5678
		if ( is_null( $old_nonce ) ) {
5679
			$return = $wpdb->query(
5680
				$wpdb->prepare(
5681
					"INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",
5682
					"jetpack_nonce_{$timestamp}_{$nonce}",
5683
					time(),
5684
					'no'
5685
				)
5686
			);
5687
		} else {
5688
			$return = false;
5689
		}
5690
5691
		$wpdb->show_errors( $show_errors );
5692
5693
		$nonces_used_this_request["$timestamp:$nonce"] = $return;
5694
5695
		return $return;
5696
	}
5697
5698
	/**
5699
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
5700
	 * Capture it here so we can verify the signature later.
5701
	 */
5702
	function xmlrpc_methods( $methods ) {
5703
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5704
		return $methods;
5705
	}
5706
5707
	function public_xmlrpc_methods( $methods ) {
5708
		if ( array_key_exists( 'wp.getOptions', $methods ) ) {
5709
			$methods['wp.getOptions'] = array( $this, 'jetpack_getOptions' );
5710
		}
5711
		return $methods;
5712
	}
5713
5714
	function jetpack_getOptions( $args ) {
5715
		global $wp_xmlrpc_server;
5716
5717
		$wp_xmlrpc_server->escape( $args );
5718
5719
		$username	= $args[1];
5720
		$password	= $args[2];
5721
5722
		if ( !$user = $wp_xmlrpc_server->login($username, $password) ) {
5723
			return $wp_xmlrpc_server->error;
5724
		}
5725
5726
		$options = array();
5727
		$user_data = $this->get_connected_user_data();
5728
		if ( is_array( $user_data ) ) {
5729
			$options['jetpack_user_id'] = array(
5730
				'desc'          => __( 'The WP.com user ID of the connected user', 'jetpack' ),
5731
				'readonly'      => true,
5732
				'value'         => $user_data['ID'],
5733
			);
5734
			$options['jetpack_user_login'] = array(
5735
				'desc'          => __( 'The WP.com username of the connected user', 'jetpack' ),
5736
				'readonly'      => true,
5737
				'value'         => $user_data['login'],
5738
			);
5739
			$options['jetpack_user_email'] = array(
5740
				'desc'          => __( 'The WP.com user email of the connected user', 'jetpack' ),
5741
				'readonly'      => true,
5742
				'value'         => $user_data['email'],
5743
			);
5744
			$options['jetpack_user_site_count'] = array(
5745
				'desc'          => __( 'The number of sites of the connected WP.com user', 'jetpack' ),
5746
				'readonly'      => true,
5747
				'value'         => $user_data['site_count'],
5748
			);
5749
		}
5750
		$wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options );
5751
		$args = stripslashes_deep( $args );
5752
		return $wp_xmlrpc_server->wp_getOptions( $args );
5753
	}
5754
5755
	function xmlrpc_options( $options ) {
5756
		$jetpack_client_id = false;
5757
		if ( self::is_active() ) {
5758
			$jetpack_client_id = Jetpack_Options::get_option( 'id' );
5759
		}
5760
		$options['jetpack_version'] = array(
5761
				'desc'          => __( 'Jetpack Plugin Version', 'jetpack' ),
5762
				'readonly'      => true,
5763
				'value'         => JETPACK__VERSION,
5764
		);
5765
5766
		$options['jetpack_client_id'] = array(
5767
				'desc'          => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),
5768
				'readonly'      => true,
5769
				'value'         => $jetpack_client_id,
5770
		);
5771
		return $options;
5772
	}
5773
5774
	public static function clean_nonces( $all = false ) {
5775
		global $wpdb;
5776
5777
		$sql = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s";
5778
		$sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' );
5779
5780
		if ( true !== $all ) {
5781
			$sql .= ' AND CAST( `option_value` AS UNSIGNED ) < %d';
5782
			$sql_args[] = time() - 3600;
5783
		}
5784
5785
		$sql .= ' ORDER BY `option_id` LIMIT 100';
5786
5787
		$sql = $wpdb->prepare( $sql, $sql_args );
5788
5789
		for ( $i = 0; $i < 1000; $i++ ) {
5790
			if ( ! $wpdb->query( $sql ) ) {
5791
				break;
5792
			}
5793
		}
5794
	}
5795
5796
	/**
5797
	 * State is passed via cookies from one request to the next, but never to subsequent requests.
5798
	 * SET: state( $key, $value );
5799
	 * GET: $value = state( $key );
5800
	 *
5801
	 * @param string $key
0 ignored issues
show
Documentation introduced by
Should the type for parameter $key not be string|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
5802
	 * @param string $value
0 ignored issues
show
Documentation introduced by
Should the type for parameter $value not be string|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
5803
	 * @param bool $restate private
5804
	 */
5805
	public static function state( $key = null, $value = null, $restate = false ) {
5806
		static $state = array();
5807
		static $path, $domain;
5808
		if ( ! isset( $path ) ) {
5809
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
5810
			$admin_url = Jetpack::admin_url();
5811
			$bits      = parse_url( $admin_url );
5812
5813
			if ( is_array( $bits ) ) {
5814
				$path   = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
5815
				$domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
5816
			} else {
5817
				$path = $domain = null;
5818
			}
5819
		}
5820
5821
		// Extract state from cookies and delete cookies
5822
		if ( isset( $_COOKIE[ 'jetpackState' ] ) && is_array( $_COOKIE[ 'jetpackState' ] ) ) {
5823
			$yum = $_COOKIE[ 'jetpackState' ];
5824
			unset( $_COOKIE[ 'jetpackState' ] );
5825
			foreach ( $yum as $k => $v ) {
5826
				if ( strlen( $v ) )
5827
					$state[ $k ] = $v;
5828
				setcookie( "jetpackState[$k]", false, 0, $path, $domain );
5829
			}
5830
		}
5831
5832
		if ( $restate ) {
5833
			foreach ( $state as $k => $v ) {
5834
				setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
5835
			}
5836
			return;
5837
		}
5838
5839
		// Get a state variable
5840
		if ( isset( $key ) && ! isset( $value ) ) {
5841
			if ( array_key_exists( $key, $state ) )
5842
				return $state[ $key ];
5843
			return null;
5844
		}
5845
5846
		// Set a state variable
5847
		if ( isset ( $key ) && isset( $value ) ) {
5848
			if( is_array( $value ) && isset( $value[0] ) ) {
5849
				$value = $value[0];
5850
			}
5851
			$state[ $key ] = $value;
5852
			setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5853
		}
5854
	}
5855
5856
	public static function restate() {
5857
		Jetpack::state( null, null, true );
5858
	}
5859
5860
	public static function check_privacy( $file ) {
5861
		static $is_site_publicly_accessible = null;
5862
5863
		if ( is_null( $is_site_publicly_accessible ) ) {
5864
			$is_site_publicly_accessible = false;
5865
5866
			Jetpack::load_xml_rpc_client();
5867
			$rpc = new Jetpack_IXR_Client();
5868
5869
			$success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5870
			if ( $success ) {
5871
				$response = $rpc->getResponse();
5872
				if ( $response ) {
5873
					$is_site_publicly_accessible = true;
5874
				}
5875
			}
5876
5877
			Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5878
		}
5879
5880
		if ( $is_site_publicly_accessible ) {
5881
			return;
5882
		}
5883
5884
		$module_slug = self::get_module_slug( $file );
5885
5886
		$privacy_checks = Jetpack::state( 'privacy_checks' );
5887
		if ( ! $privacy_checks ) {
5888
			$privacy_checks = $module_slug;
5889
		} else {
5890
			$privacy_checks .= ",$module_slug";
5891
		}
5892
5893
		Jetpack::state( 'privacy_checks', $privacy_checks );
5894
	}
5895
5896
	/**
5897
	 * Helper method for multicall XMLRPC.
5898
	 */
5899
	public static function xmlrpc_async_call() {
5900
		global $blog_id;
5901
		static $clients = array();
5902
5903
		$client_blog_id = is_multisite() ? $blog_id : 0;
5904
5905
		if ( ! isset( $clients[$client_blog_id] ) ) {
5906
			Jetpack::load_xml_rpc_client();
5907
			$clients[$client_blog_id] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER, ) );
5908
			if ( function_exists( 'ignore_user_abort' ) ) {
5909
				ignore_user_abort( true );
5910
			}
5911
			add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5912
		}
5913
5914
		$args = func_get_args();
5915
5916
		if ( ! empty( $args[0] ) ) {
5917
			call_user_func_array( array( $clients[$client_blog_id], 'addCall' ), $args );
5918
		} elseif ( is_multisite() ) {
5919
			foreach ( $clients as $client_blog_id => $client ) {
5920
				if ( ! $client_blog_id || empty( $client->calls ) ) {
5921
					continue;
5922
				}
5923
5924
				$switch_success = switch_to_blog( $client_blog_id, true );
5925
				if ( ! $switch_success ) {
5926
					continue;
5927
				}
5928
5929
				flush();
5930
				$client->query();
5931
5932
				restore_current_blog();
5933
			}
5934
		} else {
5935
			if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5936
				flush();
5937
				$clients[0]->query();
5938
			}
5939
		}
5940
	}
5941
5942
	public static function staticize_subdomain( $url ) {
5943
5944
		// Extract hostname from URL
5945
		$host = parse_url( $url, PHP_URL_HOST );
5946
5947
		// Explode hostname on '.'
5948
		$exploded_host = explode( '.', $host );
5949
5950
		// Retrieve the name and TLD
5951
		if ( count( $exploded_host ) > 1 ) {
5952
			$name = $exploded_host[ count( $exploded_host ) - 2 ];
5953
			$tld = $exploded_host[ count( $exploded_host ) - 1 ];
5954
			// Rebuild domain excluding subdomains
5955
			$domain = $name . '.' . $tld;
5956
		} else {
5957
			$domain = $host;
5958
		}
5959
		// Array of Automattic domains
5960
		$domain_whitelist = array( 'wordpress.com', 'wp.com' );
5961
5962
		// Return $url if not an Automattic domain
5963
		if ( ! in_array( $domain, $domain_whitelist ) ) {
5964
			return $url;
5965
		}
5966
5967
		if ( is_ssl() ) {
5968
			return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5969
		}
5970
5971
		srand( crc32( basename( $url ) ) );
5972
		$static_counter = rand( 0, 2 );
5973
		srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5974
5975
		return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5976
	}
5977
5978
/* JSON API Authorization */
5979
5980
	/**
5981
	 * Handles the login action for Authorizing the JSON API
5982
	 */
5983
	function login_form_json_api_authorization() {
5984
		$this->verify_json_api_authorization_request();
5985
5986
		add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5987
5988
		add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5989
		add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5990
		add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5991
	}
5992
5993
	// Make sure the login form is POSTed to the signed URL so we can reverify the request
5994
	function post_login_form_to_signed_url( $url, $path, $scheme ) {
5995
		if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5996
			return $url;
5997
		}
5998
5999
		$parsed_url = parse_url( $url );
6000
		$url = strtok( $url, '?' );
6001
		$url = "$url?{$_SERVER['QUERY_STRING']}";
6002
		if ( ! empty( $parsed_url['query'] ) )
6003
			$url .= "&{$parsed_url['query']}";
6004
6005
		return $url;
6006
	}
6007
6008
	// Make sure the POSTed request is handled by the same action
6009
	function preserve_action_in_login_form_for_json_api_authorization() {
6010
		echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
6011
		echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
6012
	}
6013
6014
	// If someone logs in to approve API access, store the Access Code in usermeta
6015
	function store_json_api_authorization_token( $user_login, $user ) {
6016
		add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
6017
		add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
6018
		$token = wp_generate_password( 32, false );
6019
		update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
6020
	}
6021
6022
	// Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
6023
	function allow_wpcom_public_api_domain( $domains ) {
6024
		$domains[] = 'public-api.wordpress.com';
6025
		return $domains;
6026
	}
6027
6028
	// Add all wordpress.com environments to the safe redirect whitelist
6029
	function allow_wpcom_environments( $domains ) {
6030
		$domains[] = 'wordpress.com';
6031
		$domains[] = 'wpcalypso.wordpress.com';
6032
		$domains[] = 'horizon.wordpress.com';
6033
		$domains[] = 'calypso.localhost';
6034
		return $domains;
6035
	}
6036
6037
	// Add the Access Code details to the public-api.wordpress.com redirect
6038
	function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
6039
		return add_query_arg(
6040
			urlencode_deep(
6041
				array(
6042
					'jetpack-code'    => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
6043
					'jetpack-user-id' => (int) $user->ID,
6044
					'jetpack-state'   => $this->json_api_authorization_request['state'],
6045
				)
6046
			),
6047
			$redirect_to
6048
		);
6049
	}
6050
6051
6052
	/**
6053
	 * Verifies the request by checking the signature
6054
	 *
6055
	 * @since 4.6.0 Method was updated to use `$_REQUEST` instead of `$_GET` and `$_POST`. Method also updated to allow
6056
	 * passing in an `$environment` argument that overrides `$_REQUEST`. This was useful for integrating with SSO.
6057
	 *
6058
	 * @param null|array $environment
6059
	 */
6060
	function verify_json_api_authorization_request( $environment = null ) {
6061
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
6062
6063
		$environment = is_null( $environment )
6064
			? $_REQUEST
6065
			: $environment;
6066
6067
		list( $envToken, $envVersion, $envUserId ) = explode( ':', $environment['token'] );
0 ignored issues
show
Unused Code introduced by
The assignment to $envToken is unused. Consider omitting it like so list($first,,$third).

This checks looks for assignemnts to variables using the list(...) function, where not all assigned variables are subsequently used.

Consider the following code example.

<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;

Only the variables $a and $c are used. There was no need to assign $b.

Instead, the list call could have been.

list($a,, $c) = returnThreeValues();
Loading history...
Unused Code introduced by
The assignment to $envVersion is unused. Consider omitting it like so list($first,,$third).

This checks looks for assignemnts to variables using the list(...) function, where not all assigned variables are subsequently used.

Consider the following code example.

<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;

Only the variables $a and $c are used. There was no need to assign $b.

Instead, the list call could have been.

list($a,, $c) = returnThreeValues();
Loading history...
6068
		$token = Jetpack_Data::get_access_token( $envUserId );
6069
		if ( ! $token || empty( $token->secret ) ) {
6070
			wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.' , 'jetpack' ) );
6071
		}
6072
6073
		$die_error = __( 'Someone may be trying to trick you into giving them access to your site.  Or it could be you just encountered a bug :).  Either way, please close this window.', 'jetpack' );
6074
6075
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
6076
6077
		if ( isset( $environment['jetpack_json_api_original_query'] ) ) {
6078
			$signature = $jetpack_signature->sign_request(
6079
				$environment['token'],
6080
				$environment['timestamp'],
6081
				$environment['nonce'],
6082
				'',
6083
				'GET',
6084
				$environment['jetpack_json_api_original_query'],
6085
				null,
6086
				true
6087
			);
6088
		} else {
6089
			$signature = $jetpack_signature->sign_current_request( array( 'body' => null, 'method' => 'GET' ) );
6090
		}
6091
6092
		if ( ! $signature ) {
6093
			wp_die( $die_error );
6094
		} else if ( is_wp_error( $signature ) ) {
6095
			wp_die( $die_error );
6096
		} else if ( ! hash_equals( $signature, $environment['signature'] ) ) {
6097
			if ( is_ssl() ) {
6098
				// If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
6099
				$signature = $jetpack_signature->sign_current_request( array( 'scheme' => 'http', 'body' => null, 'method' => 'GET' ) );
6100
				if ( ! $signature || is_wp_error( $signature ) || ! hash_equals( $signature, $environment['signature'] ) ) {
6101
					wp_die( $die_error );
6102
				}
6103
			} else {
6104
				wp_die( $die_error );
6105
			}
6106
		}
6107
6108
		$timestamp = (int) $environment['timestamp'];
6109
		$nonce     = stripslashes( (string) $environment['nonce'] );
6110
6111
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
6112
			// De-nonce the nonce, at least for 5 minutes.
6113
			// We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
6114
			$old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
6115
			if ( $old_nonce_time < time() - 300 ) {
6116
				wp_die( __( 'The authorization process expired.  Please go back and try again.' , 'jetpack' ) );
6117
			}
6118
		}
6119
6120
		$data = json_decode( base64_decode( stripslashes( $environment['data'] ) ) );
6121
		$data_filters = array(
6122
			'state'        => 'opaque',
6123
			'client_id'    => 'int',
6124
			'client_title' => 'string',
6125
			'client_image' => 'url',
6126
		);
6127
6128
		foreach ( $data_filters as $key => $sanitation ) {
6129
			if ( ! isset( $data->$key ) ) {
6130
				wp_die( $die_error );
6131
			}
6132
6133
			switch ( $sanitation ) {
6134
			case 'int' :
6135
				$this->json_api_authorization_request[$key] = (int) $data->$key;
6136
				break;
6137
			case 'opaque' :
6138
				$this->json_api_authorization_request[$key] = (string) $data->$key;
6139
				break;
6140
			case 'string' :
6141
				$this->json_api_authorization_request[$key] = wp_kses( (string) $data->$key, array() );
6142
				break;
6143
			case 'url' :
6144
				$this->json_api_authorization_request[$key] = esc_url_raw( (string) $data->$key );
6145
				break;
6146
			}
6147
		}
6148
6149
		if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
6150
			wp_die( $die_error );
6151
		}
6152
	}
6153
6154
	function login_message_json_api_authorization( $message ) {
6155
		return '<p class="message">' . sprintf(
6156
			esc_html__( '%s wants to access your site&#8217;s data.  Log in to authorize that access.' , 'jetpack' ),
6157
			'<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
6158
		) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
6159
	}
6160
6161
	/**
6162
	 * Get $content_width, but with a <s>twist</s> filter.
6163
	 */
6164
	public static function get_content_width() {
6165
		$content_width = isset( $GLOBALS['content_width'] ) ? $GLOBALS['content_width'] : false;
6166
		/**
6167
		 * Filter the Content Width value.
6168
		 *
6169
		 * @since 2.2.3
6170
		 *
6171
		 * @param string $content_width Content Width value.
6172
		 */
6173
		return apply_filters( 'jetpack_content_width', $content_width );
6174
	}
6175
6176
	/**
6177
	 * Pings the WordPress.com Mirror Site for the specified options.
6178
	 *
6179
	 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
6180
	 *
6181
	 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
6182
	 */
6183
	public function get_cloud_site_options( $option_names ) {
6184
		$option_names = array_filter( (array) $option_names, 'is_string' );
6185
6186
		Jetpack::load_xml_rpc_client();
6187
		$xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER, ) );
6188
		$xml->query( 'jetpack.fetchSiteOptions', $option_names );
6189
		if ( $xml->isError() ) {
6190
			return array(
6191
				'error_code' => $xml->getErrorCode(),
6192
				'error_msg'  => $xml->getErrorMessage(),
6193
			);
6194
		}
6195
		$cloud_site_options = $xml->getResponse();
6196
6197
		return $cloud_site_options;
6198
	}
6199
6200
	/**
6201
	 * Checks if the site is currently in an identity crisis.
6202
	 *
6203
	 * @return array|bool Array of options that are in a crisis, or false if everything is OK.
6204
	 */
6205
	public static function check_identity_crisis() {
6206
		if ( ! Jetpack::is_active() || Jetpack::is_development_mode() || ! self::validate_sync_error_idc_option() ) {
6207
			return false;
6208
		}
6209
6210
		return Jetpack_Options::get_option( 'sync_error_idc' );
6211
	}
6212
6213
	/**
6214
	 * Checks whether the home and siteurl specifically are whitelisted
6215
	 * Written so that we don't have re-check $key and $value params every time
6216
	 * we want to check if this site is whitelisted, for example in footer.php
6217
	 *
6218
	 * @since  3.8.0
6219
	 * @return bool True = already whitelisted False = not whitelisted
6220
	 */
6221
	public static function is_staging_site() {
6222
		$is_staging = false;
6223
6224
		$known_staging = array(
6225
			'urls' => array(
6226
				'#\.staging\.wpengine\.com$#i', // WP Engine
6227
				'#\.staging\.kinsta\.com$#i',   // Kinsta.com
6228
				),
6229
			'constants' => array(
6230
				'IS_WPE_SNAPSHOT',      // WP Engine
6231
				'KINSTA_DEV_ENV',       // Kinsta.com
6232
				'WPSTAGECOACH_STAGING', // WP Stagecoach
6233
				'JETPACK_STAGING_MODE', // Generic
6234
				)
6235
			);
6236
		/**
6237
		 * Filters the flags of known staging sites.
6238
		 *
6239
		 * @since 3.9.0
6240
		 *
6241
		 * @param array $known_staging {
6242
		 *     An array of arrays that each are used to check if the current site is staging.
6243
		 *     @type array $urls      URLs of staging sites in regex to check against site_url.
6244
		 *     @type array $constants PHP constants of known staging/developement environments.
6245
		 *  }
6246
		 */
6247
		$known_staging = apply_filters( 'jetpack_known_staging', $known_staging );
6248
6249
		if ( isset( $known_staging['urls'] ) ) {
6250
			foreach ( $known_staging['urls'] as $url ){
6251
				if ( preg_match( $url, site_url() ) ) {
6252
					$is_staging = true;
6253
					break;
6254
				}
6255
			}
6256
		}
6257
6258
		if ( isset( $known_staging['constants'] ) ) {
6259
			foreach ( $known_staging['constants'] as $constant ) {
6260
				if ( defined( $constant ) && constant( $constant ) ) {
6261
					$is_staging = true;
6262
				}
6263
			}
6264
		}
6265
6266
		// Last, let's check if sync is erroring due to an IDC. If so, set the site to staging mode.
6267
		if ( ! $is_staging && self::validate_sync_error_idc_option() ) {
6268
			$is_staging = true;
6269
		}
6270
6271
		/**
6272
		 * Filters is_staging_site check.
6273
		 *
6274
		 * @since 3.9.0
6275
		 *
6276
		 * @param bool $is_staging If the current site is a staging site.
6277
		 */
6278
		return apply_filters( 'jetpack_is_staging_site', $is_staging );
6279
	}
6280
6281
	/**
6282
	 * Checks whether the sync_error_idc option is valid or not, and if not, will do cleanup.
6283
	 *
6284
	 * @since 4.4.0
6285
	 * @since 5.4.0 Do not call get_sync_error_idc_option() unless site is in IDC
6286
	 *
6287
	 * @return bool
6288
	 */
6289
	public static function validate_sync_error_idc_option() {
6290
		$is_valid = false;
6291
6292
		$idc_allowed = get_transient( 'jetpack_idc_allowed' );
6293
		if ( false === $idc_allowed ) {
6294
			$response = wp_remote_get( 'https://jetpack.com/is-idc-allowed/' );
6295
			if ( 200 === (int) wp_remote_retrieve_response_code( $response ) ) {
6296
				$json = json_decode( wp_remote_retrieve_body( $response ) );
6297
				$idc_allowed = isset( $json, $json->result ) && $json->result ? '1' : '0';
6298
				$transient_duration = HOUR_IN_SECONDS;
6299
			} else {
6300
				// If the request failed for some reason, then assume IDC is allowed and set shorter transient.
6301
				$idc_allowed = '1';
6302
				$transient_duration = 5 * MINUTE_IN_SECONDS;
6303
			}
6304
6305
			set_transient( 'jetpack_idc_allowed', $idc_allowed, $transient_duration );
6306
		}
6307
6308
		// Is the site opted in and does the stored sync_error_idc option match what we now generate?
6309
		$sync_error = Jetpack_Options::get_option( 'sync_error_idc' );
6310
		if ( $idc_allowed && $sync_error && self::sync_idc_optin() ) {
6311
			$local_options = self::get_sync_error_idc_option();
6312
			if ( $sync_error['home'] === $local_options['home'] && $sync_error['siteurl'] === $local_options['siteurl'] ) {
6313
				$is_valid = true;
6314
			}
6315
		}
6316
6317
		/**
6318
		 * Filters whether the sync_error_idc option is valid.
6319
		 *
6320
		 * @since 4.4.0
6321
		 *
6322
		 * @param bool $is_valid If the sync_error_idc is valid or not.
6323
		 */
6324
		$is_valid = (bool) apply_filters( 'jetpack_sync_error_idc_validation', $is_valid );
6325
6326
		if ( ! $idc_allowed || ( ! $is_valid && $sync_error ) ) {
6327
			// Since the option exists, and did not validate, delete it
6328
			Jetpack_Options::delete_option( 'sync_error_idc' );
6329
		}
6330
6331
		return $is_valid;
6332
	}
6333
6334
	/**
6335
	 * Normalizes a url by doing three things:
6336
	 *  - Strips protocol
6337
	 *  - Strips www
6338
	 *  - Adds a trailing slash
6339
	 *
6340
	 * @since 4.4.0
6341
	 * @param string $url
6342
	 * @return WP_Error|string
6343
	 */
6344
	public static function normalize_url_protocol_agnostic( $url ) {
6345
		$parsed_url = wp_parse_url( trailingslashit( esc_url_raw( $url ) ) );
6346
		if ( ! $parsed_url || empty( $parsed_url['host'] ) || empty( $parsed_url['path'] ) ) {
6347
			return new WP_Error( 'cannot_parse_url', sprintf( esc_html__( 'Cannot parse URL %s', 'jetpack' ), $url ) );
6348
		}
6349
6350
		// Strip www and protocols
6351
		$url = preg_replace( '/^www\./i', '', $parsed_url['host'] . $parsed_url['path'] );
6352
		return $url;
6353
	}
6354
6355
	/**
6356
	 * Gets the value that is to be saved in the jetpack_sync_error_idc option.
6357
	 *
6358
	 * @since 4.4.0
6359
	 * @since 5.4.0 Add transient since home/siteurl retrieved directly from DB
6360
	 *
6361
	 * @param array $response
6362
	 * @return array Array of the local urls, wpcom urls, and error code
6363
	 */
6364
	public static function get_sync_error_idc_option( $response = array() ) {
6365
		// Since the local options will hit the database directly, store the values
6366
		// in a transient to allow for autoloading and caching on subsequent views.
6367
		$local_options = get_transient( 'jetpack_idc_local' );
6368
		if ( false === $local_options ) {
6369
			require_once JETPACK__PLUGIN_DIR . 'sync/class.jetpack-sync-functions.php';
6370
			$local_options = array(
6371
				'home'    => Jetpack_Sync_Functions::home_url(),
6372
				'siteurl' => Jetpack_Sync_Functions::site_url(),
6373
			);
6374
			set_transient( 'jetpack_idc_local', $local_options, MINUTE_IN_SECONDS );
6375
		}
6376
6377
		$options = array_merge( $local_options, $response );
6378
6379
		$returned_values = array();
6380
		foreach( $options as $key => $option ) {
6381
			if ( 'error_code' === $key ) {
6382
				$returned_values[ $key ] = $option;
6383
				continue;
6384
			}
6385
6386
			if ( is_wp_error( $normalized_url = self::normalize_url_protocol_agnostic( $option ) ) ) {
6387
				continue;
6388
			}
6389
6390
			$returned_values[ $key ] = $normalized_url;
6391
		}
6392
6393
		set_transient( 'jetpack_idc_option', $returned_values, MINUTE_IN_SECONDS );
6394
6395
		return $returned_values;
6396
	}
6397
6398
	/**
6399
	 * Returns the value of the jetpack_sync_idc_optin filter, or constant.
6400
	 * If set to true, the site will be put into staging mode.
6401
	 *
6402
	 * @since 4.3.2
6403
	 * @return bool
6404
	 */
6405
	public static function sync_idc_optin() {
6406
		if ( Jetpack_Constants::is_defined( 'JETPACK_SYNC_IDC_OPTIN' ) ) {
6407
			$default = Jetpack_Constants::get_constant( 'JETPACK_SYNC_IDC_OPTIN' );
6408
		} else {
6409
			$default = ! Jetpack_Constants::is_defined( 'SUNRISE' ) && ! is_multisite();
6410
		}
6411
6412
		/**
6413
		 * Allows sites to optin to IDC mitigation which blocks the site from syncing to WordPress.com when the home
6414
		 * URL or site URL do not match what WordPress.com expects. The default value is either false, or the value of
6415
		 * JETPACK_SYNC_IDC_OPTIN constant if set.
6416
		 *
6417
		 * @since 4.3.2
6418
		 *
6419
		 * @param bool $default Whether the site is opted in to IDC mitigation.
6420
		 */
6421
		return (bool) apply_filters( 'jetpack_sync_idc_optin', $default );
6422
	}
6423
6424
	/**
6425
	 * Maybe Use a .min.css stylesheet, maybe not.
6426
	 *
6427
	 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
6428
	 */
6429
	public static function maybe_min_asset( $url, $path, $plugin ) {
6430
		// Short out on things trying to find actual paths.
6431
		if ( ! $path || empty( $plugin ) ) {
6432
			return $url;
6433
		}
6434
6435
		$path = ltrim( $path, '/' );
6436
6437
		// Strip out the abspath.
6438
		$base = dirname( plugin_basename( $plugin ) );
6439
6440
		// Short out on non-Jetpack assets.
6441
		if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
6442
			return $url;
6443
		}
6444
6445
		// File name parsing.
6446
		$file              = "{$base}/{$path}";
6447
		$full_path         = JETPACK__PLUGIN_DIR . substr( $file, 8 );
6448
		$file_name         = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
6449
		$file_name_parts_r = array_reverse( explode( '.', $file_name ) );
6450
		$extension         = array_shift( $file_name_parts_r );
6451
6452
		if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
6453
			// Already pointing at the minified version.
6454
			if ( 'min' === $file_name_parts_r[0] ) {
6455
				return $url;
6456
			}
6457
6458
			$min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
6459
			if ( file_exists( $min_full_path ) ) {
6460
				$url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
6461
				// If it's a CSS file, stash it so we can set the .min suffix for rtl-ing.
6462
				if ( 'css' === $extension ) {
6463
					$key = str_replace( JETPACK__PLUGIN_DIR, 'jetpack/', $min_full_path );
6464
					self::$min_assets[ $key ] = $path;
6465
				}
6466
			}
6467
		}
6468
6469
		return $url;
6470
	}
6471
6472
	/**
6473
	 * If the asset is minified, let's flag .min as the suffix.
6474
	 *
6475
	 * Attached to `style_loader_src` filter.
6476
	 *
6477
	 * @param string $tag The tag that would link to the external asset.
0 ignored issues
show
Bug introduced by
There is no parameter named $tag. Was it maybe removed?

This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.

Consider the following example. The parameter $italy is not defined by the method finale(...).

/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}

The most likely cause is that the parameter was removed, but the annotation was not.

Loading history...
6478
	 * @param string $handle The registered handle of the script in question.
6479
	 * @param string $href The url of the asset in question.
0 ignored issues
show
Bug introduced by
There is no parameter named $href. Was it maybe removed?

This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.

Consider the following example. The parameter $italy is not defined by the method finale(...).

/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}

The most likely cause is that the parameter was removed, but the annotation was not.

Loading history...
6480
	 */
6481
	public static function set_suffix_on_min( $src, $handle ) {
6482
		if ( false === strpos( $src, '.min.css' ) ) {
6483
			return $src;
6484
		}
6485
6486
		if ( ! empty( self::$min_assets ) ) {
6487
			foreach ( self::$min_assets as $file => $path ) {
6488
				if ( false !== strpos( $src, $file ) ) {
6489
					wp_style_add_data( $handle, 'suffix', '.min' );
6490
					return $src;
6491
				}
6492
			}
6493
		}
6494
6495
		return $src;
6496
	}
6497
6498
	/**
6499
	 * Maybe inlines a stylesheet.
6500
	 *
6501
	 * If you'd like to inline a stylesheet instead of printing a link to it,
6502
	 * wp_style_add_data( 'handle', 'jetpack-inline', true );
6503
	 *
6504
	 * Attached to `style_loader_tag` filter.
6505
	 *
6506
	 * @param string $tag The tag that would link to the external asset.
6507
	 * @param string $handle The registered handle of the script in question.
6508
	 *
6509
	 * @return string
6510
	 */
6511
	public static function maybe_inline_style( $tag, $handle ) {
6512
		global $wp_styles;
6513
		$item = $wp_styles->registered[ $handle ];
6514
6515
		if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
6516
			return $tag;
6517
		}
6518
6519
		if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
6520
			$href = $matches[1];
6521
			// Strip off query string
6522
			if ( $pos = strpos( $href, '?' ) ) {
6523
				$href = substr( $href, 0, $pos );
6524
			}
6525
			// Strip off fragment
6526
			if ( $pos = strpos( $href, '#' ) ) {
6527
				$href = substr( $href, 0, $pos );
6528
			}
6529
		} else {
6530
			return $tag;
6531
		}
6532
6533
		$plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
6534
		if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
6535
			return $tag;
6536
		}
6537
6538
		// If this stylesheet has a RTL version, and the RTL version replaces normal...
6539
		if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
6540
			// And this isn't the pass that actually deals with the RTL version...
6541
			if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
6542
				// Short out, as the RTL version will deal with it in a moment.
6543
				return $tag;
6544
			}
6545
		}
6546
6547
		$file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
6548
		$css  = Jetpack::absolutize_css_urls( file_get_contents( $file ), $href );
6549
		if ( $css ) {
6550
			$tag = "<!-- Inline {$item->handle} -->\r\n";
6551
			if ( empty( $item->extra['after'] ) ) {
6552
				wp_add_inline_style( $handle, $css );
6553
			} else {
6554
				array_unshift( $item->extra['after'], $css );
6555
				wp_style_add_data( $handle, 'after', $item->extra['after'] );
6556
			}
6557
		}
6558
6559
		return $tag;
6560
	}
6561
6562
	/**
6563
	 * Loads a view file from the views
6564
	 *
6565
	 * Data passed in with the $data parameter will be available in the
6566
	 * template file as $data['value']
6567
	 *
6568
	 * @param string $template - Template file to load
6569
	 * @param array $data - Any data to pass along to the template
6570
	 * @return boolean - If template file was found
6571
	 **/
6572
	public function load_view( $template, $data = array() ) {
6573
		$views_dir = JETPACK__PLUGIN_DIR . 'views/';
6574
6575
		if( file_exists( $views_dir . $template ) ) {
6576
			require_once( $views_dir . $template );
6577
			return true;
6578
		}
6579
6580
		error_log( "Jetpack: Unable to find view file $views_dir$template" );
6581
		return false;
6582
	}
6583
6584
	/**
6585
	 * Throws warnings for deprecated hooks to be removed from Jetpack
6586
	 */
6587
	public function deprecated_hooks() {
6588
		global $wp_filter;
6589
6590
		/*
6591
		 * Format:
6592
		 * deprecated_filter_name => replacement_name
6593
		 *
6594
		 * If there is no replacement, use null for replacement_name
6595
		 */
6596
		$deprecated_list = array(
6597
			'jetpack_bail_on_shortcode'                              => 'jetpack_shortcodes_to_include',
6598
			'wpl_sharing_2014_1'                                     => null,
6599
			'jetpack-tools-to-include'                               => 'jetpack_tools_to_include',
6600
			'jetpack_identity_crisis_options_to_check'               => null,
6601
			'update_option_jetpack_single_user_site'                 => null,
6602
			'audio_player_default_colors'                            => null,
6603
			'add_option_jetpack_featured_images_enabled'             => null,
6604
			'add_option_jetpack_update_details'                      => null,
6605
			'add_option_jetpack_updates'                             => null,
6606
			'add_option_jetpack_network_name'                        => null,
6607
			'add_option_jetpack_network_allow_new_registrations'     => null,
6608
			'add_option_jetpack_network_add_new_users'               => null,
6609
			'add_option_jetpack_network_site_upload_space'           => null,
6610
			'add_option_jetpack_network_upload_file_types'           => null,
6611
			'add_option_jetpack_network_enable_administration_menus' => null,
6612
			'add_option_jetpack_is_multi_site'                       => null,
6613
			'add_option_jetpack_is_main_network'                     => null,
6614
			'add_option_jetpack_main_network_site'                   => null,
6615
			'jetpack_sync_all_registered_options'                    => null,
6616
			'jetpack_has_identity_crisis'                            => 'jetpack_sync_error_idc_validation',
6617
			'jetpack_is_post_mailable'                               => null,
6618
			'jetpack_seo_site_host'                                  => null,
6619
			'jetpack_installed_plugin'                               => 'jetpack_plugin_installed',
6620
			'jetpack_holiday_snow_option_name'                       => null,
6621
			'jetpack_holiday_chance_of_snow'                         => null,
6622
			'jetpack_holiday_snow_js_url'                            => null,
6623
			'jetpack_is_holiday_snow_season'                         => null,
6624
			'jetpack_holiday_snow_option_updated'                    => null,
6625
			'jetpack_holiday_snowing'                                => null,
6626
			'jetpack_sso_auth_cookie_expirtation'                    => 'jetpack_sso_auth_cookie_expiration',
6627
			'jetpack_cache_plans'                                    => null,
6628
			'jetpack_updated_theme'                                  => 'jetpack_updated_themes',
6629
		);
6630
6631
		// This is a silly loop depth. Better way?
6632
		foreach( $deprecated_list AS $hook => $hook_alt ) {
6633
			if ( has_action( $hook ) ) {
6634
				foreach( $wp_filter[ $hook ] AS $func => $values ) {
6635
					foreach( $values AS $hooked ) {
6636
						if ( is_callable( $hooked['function'] ) ) {
6637
							$function_name = 'an anonymous function';
6638
						} else {
6639
							$function_name = $hooked['function'];
6640
						}
6641
						_deprecated_function( $hook . ' used for ' . $function_name, null, $hook_alt );
6642
					}
6643
				}
6644
			}
6645
		}
6646
	}
6647
6648
	/**
6649
	 * Converts any url in a stylesheet, to the correct absolute url.
6650
	 *
6651
	 * Considerations:
6652
	 *  - Normal, relative URLs     `feh.png`
6653
	 *  - Data URLs                 `data:image/gif;base64,eh129ehiuehjdhsa==`
6654
	 *  - Schema-agnostic URLs      `//domain.com/feh.png`
6655
	 *  - Absolute URLs             `http://domain.com/feh.png`
6656
	 *  - Domain root relative URLs `/feh.png`
6657
	 *
6658
	 * @param $css string: The raw CSS -- should be read in directly from the file.
6659
	 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
6660
	 *
6661
	 * @return mixed|string
6662
	 */
6663
	public static function absolutize_css_urls( $css, $css_file_url ) {
6664
		$pattern = '#url\((?P<path>[^)]*)\)#i';
6665
		$css_dir = dirname( $css_file_url );
6666
		$p       = parse_url( $css_dir );
6667
		$domain  = sprintf(
6668
					'%1$s//%2$s%3$s%4$s',
6669
					isset( $p['scheme'] )           ? "{$p['scheme']}:" : '',
6670
					isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
6671
					$p['host'],
6672
					isset( $p['port'] )             ? ":{$p['port']}" : ''
6673
				);
6674
6675
		if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
6676
			$find = $replace = array();
6677
			foreach ( $matches as $match ) {
6678
				$url = trim( $match['path'], "'\" \t" );
6679
6680
				// If this is a data url, we don't want to mess with it.
6681
				if ( 'data:' === substr( $url, 0, 5 ) ) {
6682
					continue;
6683
				}
6684
6685
				// If this is an absolute or protocol-agnostic url,
6686
				// we don't want to mess with it.
6687
				if ( preg_match( '#^(https?:)?//#i', $url ) ) {
6688
					continue;
6689
				}
6690
6691
				switch ( substr( $url, 0, 1 ) ) {
6692
					case '/':
6693
						$absolute = $domain . $url;
6694
						break;
6695
					default:
6696
						$absolute = $css_dir . '/' . $url;
6697
				}
6698
6699
				$find[]    = $match[0];
6700
				$replace[] = sprintf( 'url("%s")', $absolute );
6701
			}
6702
			$css = str_replace( $find, $replace, $css );
6703
		}
6704
6705
		return $css;
6706
	}
6707
6708
	/**
6709
	 * This methods removes all of the registered css files on the front end
6710
	 * from Jetpack in favor of using a single file. In effect "imploding"
6711
	 * all the files into one file.
6712
	 *
6713
	 * Pros:
6714
	 * - Uses only ONE css asset connection instead of 15
6715
	 * - Saves a minimum of 56k
6716
	 * - Reduces server load
6717
	 * - Reduces time to first painted byte
6718
	 *
6719
	 * Cons:
6720
	 * - Loads css for ALL modules. However all selectors are prefixed so it
6721
	 *		should not cause any issues with themes.
6722
	 * - Plugins/themes dequeuing styles no longer do anything. See
6723
	 *		jetpack_implode_frontend_css filter for a workaround
6724
	 *
6725
	 * For some situations developers may wish to disable css imploding and
6726
	 * instead operate in legacy mode where each file loads seperately and
6727
	 * can be edited individually or dequeued. This can be accomplished with
6728
	 * the following line:
6729
	 *
6730
	 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
6731
	 *
6732
	 * @since 3.2
6733
	 **/
6734
	public function implode_frontend_css( $travis_test = false ) {
6735
		$do_implode = true;
6736
		if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
6737
			$do_implode = false;
6738
		}
6739
6740
		/**
6741
		 * Allow CSS to be concatenated into a single jetpack.css file.
6742
		 *
6743
		 * @since 3.2.0
6744
		 *
6745
		 * @param bool $do_implode Should CSS be concatenated? Default to true.
6746
		 */
6747
		$do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
6748
6749
		// Do not use the imploded file when default behaviour was altered through the filter
6750
		if ( ! $do_implode ) {
6751
			return;
6752
		}
6753
6754
		// We do not want to use the imploded file in dev mode, or if not connected
6755
		if ( Jetpack::is_development_mode() || ! self::is_active() ) {
6756
			if ( ! $travis_test ) {
6757
				return;
6758
			}
6759
		}
6760
6761
		// Do not use the imploded file if sharing css was dequeued via the sharing settings screen
6762
		if ( get_option( 'sharedaddy_disable_resources' ) ) {
6763
			return;
6764
		}
6765
6766
		/*
6767
		 * Now we assume Jetpack is connected and able to serve the single
6768
		 * file.
6769
		 *
6770
		 * In the future there will be a check here to serve the file locally
6771
		 * or potentially from the Jetpack CDN
6772
		 *
6773
		 * For now:
6774
		 * - Enqueue a single imploded css file
6775
		 * - Zero out the style_loader_tag for the bundled ones
6776
		 * - Be happy, drink scotch
6777
		 */
6778
6779
		add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
6780
6781
		$version = Jetpack::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
6782
6783
		wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
6784
		wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
6785
	}
6786
6787
	function concat_remove_style_loader_tag( $tag, $handle ) {
6788
		if ( in_array( $handle, $this->concatenated_style_handles ) ) {
6789
			$tag = '';
6790
			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
6791
				$tag = "<!-- `" . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
6792
			}
6793
		}
6794
6795
		return $tag;
6796
	}
6797
6798
	/*
6799
	 * Check the heartbeat data
6800
	 *
6801
	 * Organizes the heartbeat data by severity.  For example, if the site
6802
	 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
6803
	 *
6804
	 * Data will be added to "caution" array, if it either:
6805
	 *  - Out of date Jetpack version
6806
	 *  - Out of date WP version
6807
	 *  - Out of date PHP version
6808
	 *
6809
	 * $return array $filtered_data
6810
	 */
6811
	public static function jetpack_check_heartbeat_data() {
6812
		$raw_data = Jetpack_Heartbeat::generate_stats_array();
6813
6814
		$good    = array();
6815
		$caution = array();
6816
		$bad     = array();
6817
6818
		foreach ( $raw_data as $stat => $value ) {
6819
6820
			// Check jetpack version
6821
			if ( 'version' == $stat ) {
6822
				if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
6823
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__VERSION;
6824
					continue;
6825
				}
6826
			}
6827
6828
			// Check WP version
6829
			if ( 'wp-version' == $stat ) {
6830
				if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
6831
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_WP_VERSION;
6832
					continue;
6833
				}
6834
			}
6835
6836
			// Check PHP version
6837
			if ( 'php-version' == $stat ) {
6838
				if ( version_compare( PHP_VERSION, '5.2.4', '<' ) ) {
6839
					$caution[ $stat ] = $value . " - min supported is 5.2.4";
6840
					continue;
6841
				}
6842
			}
6843
6844
			// Check ID crisis
6845
			if ( 'identitycrisis' == $stat ) {
6846
				if ( 'yes' == $value ) {
6847
					$bad[ $stat ] = $value;
6848
					continue;
6849
				}
6850
			}
6851
6852
			// The rest are good :)
6853
			$good[ $stat ] = $value;
6854
		}
6855
6856
		$filtered_data = array(
6857
			'good'    => $good,
6858
			'caution' => $caution,
6859
			'bad'     => $bad
6860
		);
6861
6862
		return $filtered_data;
6863
	}
6864
6865
6866
	/*
6867
	 * This method is used to organize all options that can be reset
6868
	 * without disconnecting Jetpack.
6869
	 *
6870
	 * It is used in class.jetpack-cli.php to reset options
6871
	 *
6872
	 * @since 5.4.0 Logic moved to Jetpack_Options class. Method left in Jetpack class for backwards compat.
6873
	 *
6874
	 * @return array of options to delete.
6875
	 */
6876
	public static function get_jetpack_options_for_reset() {
6877
		return Jetpack_Options::get_options_for_reset();
6878
	}
6879
6880
	/**
6881
	 * Check if an option of a Jetpack module has been updated.
6882
	 *
6883
	 * If any module option has been updated before Jump Start has been dismissed,
6884
	 * update the 'jumpstart' option so we can hide Jump Start.
6885
	 *
6886
	 * @param string $option_name
6887
	 *
6888
	 * @return bool
6889
	 */
6890
	public static function jumpstart_has_updated_module_option( $option_name = '' ) {
6891
		// Bail if Jump Start has already been dismissed
6892
		if ( 'new_connection' !== Jetpack_Options::get_option( 'jumpstart' ) ) {
6893
			return false;
6894
		}
6895
6896
		$jetpack = Jetpack::init();
6897
6898
		// Manual build of module options
6899
		$option_names = self::get_jetpack_options_for_reset();
6900
6901
		if ( in_array( $option_name, $option_names['wp_options'] ) ) {
6902
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
6903
6904
			//Jump start is being dismissed send data to MC Stats
6905
			$jetpack->stat( 'jumpstart', 'manual,'.$option_name );
6906
6907
			$jetpack->do_stats( 'server_side' );
6908
		}
6909
6910
	}
6911
6912
	/*
6913
	 * Strip http:// or https:// from a url, replaces forward slash with ::,
6914
	 * so we can bring them directly to their site in calypso.
6915
	 *
6916
	 * @param string | url
6917
	 * @return string | url without the guff
6918
	 */
6919
	public static function build_raw_urls( $url ) {
6920
		$strip_http = '/.*?:\/\//i';
6921
		$url = preg_replace( $strip_http, '', $url  );
6922
		$url = str_replace( '/', '::', $url );
6923
		return $url;
6924
	}
6925
6926
	/**
6927
	 * Stores and prints out domains to prefetch for page speed optimization.
6928
	 *
6929
	 * @param mixed $new_urls
6930
	 */
6931
	public static function dns_prefetch( $new_urls = null ) {
6932
		static $prefetch_urls = array();
6933
		if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6934
			echo "\r\n";
6935
			foreach ( $prefetch_urls as $this_prefetch_url ) {
6936
				printf( "<link rel='dns-prefetch' href='%s'/>\r\n", esc_attr( $this_prefetch_url ) );
6937
			}
6938
		} elseif ( ! empty( $new_urls ) ) {
6939
			if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6940
				add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6941
			}
6942
			foreach ( (array) $new_urls as $this_new_url ) {
6943
				$prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6944
			}
6945
			$prefetch_urls = array_unique( $prefetch_urls );
6946
		}
6947
	}
6948
6949
	public function wp_dashboard_setup() {
6950
		if ( self::is_active() ) {
6951
			add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6952
		}
6953
6954
		if ( has_action( 'jetpack_dashboard_widget' ) ) {
6955
			wp_add_dashboard_widget(
6956
				'jetpack_summary_widget',
6957
				esc_html__( 'Site Stats', 'jetpack' ),
6958
				array( __CLASS__, 'dashboard_widget' )
6959
			);
6960
			wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6961
6962
			// If we're inactive and not in development mode, sort our box to the top.
6963
			if ( ! self::is_active() && ! self::is_development_mode() ) {
6964
				global $wp_meta_boxes;
6965
6966
				$dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6967
				$ours      = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6968
6969
				$wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6970
			}
6971
		}
6972
	}
6973
6974
	/**
6975
	 * @param mixed $result Value for the user's option
0 ignored issues
show
Bug introduced by
There is no parameter named $result. Was it maybe removed?

This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.

Consider the following example. The parameter $italy is not defined by the method finale(...).

/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}

The most likely cause is that the parameter was removed, but the annotation was not.

Loading history...
6976
	 * @return mixed
6977
	 */
6978
	function get_user_option_meta_box_order_dashboard( $sorted ) {
6979
		if ( ! is_array( $sorted ) ) {
6980
			return $sorted;
6981
		}
6982
6983
		foreach ( $sorted as $box_context => $ids ) {
6984
			if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6985
				// If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6986
				continue;
6987
			}
6988
6989
			$ids_array = explode( ',', $ids );
6990
			$key = array_search( 'dashboard_stats', $ids_array );
6991
6992
			if ( false !== $key ) {
6993
				// If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6994
				$ids_array[ $key ] = 'jetpack_summary_widget';
6995
				$sorted[ $box_context ] = implode( ',', $ids_array );
6996
				// We've found it, stop searching, and just return.
6997
				break;
6998
			}
6999
		}
7000
7001
		return $sorted;
7002
	}
7003
7004
	public static function dashboard_widget() {
7005
		/**
7006
		 * Fires when the dashboard is loaded.
7007
		 *
7008
		 * @since 3.4.0
7009
		 */
7010
		do_action( 'jetpack_dashboard_widget' );
7011
	}
7012
7013
	public static function dashboard_widget_footer() {
7014
		?>
7015
		<footer>
7016
7017
		<div class="protect">
7018
			<?php if ( Jetpack::is_module_active( 'protect' ) ) : ?>
7019
				<h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3>
7020
				<p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
7021
			<?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?>
7022
				<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( array( 'action' => 'activate', 'module' => 'protect' ) ), 'jetpack_activate-protect' ) ); ?>" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
7023
					<?php esc_html_e( 'Activate Protect', 'jetpack' ); ?>
7024
				</a>
7025
			<?php else : ?>
7026
				<?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?>
7027
			<?php endif; ?>
7028
		</div>
7029
7030
		<div class="akismet">
7031
			<?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
7032
				<h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3>
7033
				<p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
7034
			<?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
7035
				<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => 'akismet/akismet.php' ), admin_url( 'plugins.php' ) ), 'activate-plugin_akismet/akismet.php' ) ); ?>" class="button button-jetpack">
7036
					<?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?>
7037
				</a>
7038
			<?php else : ?>
7039
				<p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
7040
			<?php endif; ?>
7041
		</div>
7042
7043
		</footer>
7044
		<?php
7045
	}
7046
7047
	/**
7048
	 * Return string containing the Jetpack logo.
7049
	 *
7050
	 * @since 3.9.0
7051
	 *
7052
	 * @return string
7053
	 */
7054
	public static function get_jp_emblem() {
7055
		return '<svg id="jetpack-logo__icon" xmlns="http://www.w3.org/2000/svg" x="0px" y="0px" viewBox="0 0 32 32"><path fill="#00BE28" d="M16,0C7.2,0,0,7.2,0,16s7.2,16,16,16c8.8,0,16-7.2,16-16S24.8,0,16,0z M15.2,18.7h-8l8-15.5V18.7z M16.8,28.8 V13.3h8L16.8,28.8z"/></svg>';
7056
	}
7057
7058
	/*
7059
	 * Adds a "blank" column in the user admin table to display indication of user connection.
7060
	 */
7061
	function jetpack_icon_user_connected( $columns ) {
7062
		$columns['user_jetpack'] = '';
7063
		return $columns;
7064
	}
7065
7066
	/*
7067
	 * Show Jetpack icon if the user is linked.
7068
	 */
7069
	function jetpack_show_user_connected_icon( $val, $col, $user_id ) {
7070
		if ( 'user_jetpack' == $col && Jetpack::is_user_connected( $user_id ) ) {
7071
			$emblem_html = sprintf(
7072
				'<a title="%1$s" class="jp-emblem-user-admin">%2$s</a>',
7073
				esc_attr__( 'This user is linked and ready to fly with Jetpack.', 'jetpack' ),
7074
				Jetpack::get_jp_emblem()
7075
			);
7076
			return $emblem_html;
7077
		}
7078
7079
		return $val;
7080
	}
7081
7082
	/*
7083
	 * Style the Jetpack user column
7084
	 */
7085
	function jetpack_user_col_style() {
7086
		global $current_screen;
7087
		if ( ! empty( $current_screen->base ) && 'users' == $current_screen->base ) { ?>
7088
			<style>
7089
				.fixed .column-user_jetpack {
7090
					width: 21px;
7091
				}
7092
				.jp-emblem-user-admin svg {
7093
					width: 20px;
7094
					height: 20px;
7095
				}
7096
				.jp-emblem-user-admin path {
7097
					fill: #00BE28;
7098
				}
7099
			</style>
7100
		<?php }
7101
	}
7102
7103
	/**
7104
	 * Checks if Akismet is active and working.
7105
	 *
7106
	 * We dropped support for Akismet 3.0 with Jetpack 6.1.1 while introducing a check for an Akismet valid key
7107
	 * that implied usage of methods present since more recent version.
7108
	 * See https://github.com/Automattic/jetpack/pull/9585
7109
	 *
7110
	 * @since  5.1.0
7111
	 *
7112
	 * @return bool True = Akismet available. False = Aksimet not available.
7113
	 */
7114
	public static function is_akismet_active() {
7115
		if ( method_exists( 'Akismet' , 'http_post' ) ) {
7116
			$akismet_key = Akismet::get_api_key();
7117
			if ( ! $akismet_key ) {
7118
				return false;
7119
			}
7120
			$cached_key_verification = get_transient( 'jetpack_akismet_key_is_valid' );
7121
7122
			// We cache the result of the Akismet key verification for ten minutes.
7123
			if ( in_array( $cached_key_verification, array( 'valid', 'invalid' ) ) ) {
7124
				$akismet_key_state = $cached_key_verification;
7125
			} else {
7126
				$akismet_key_state = Akismet::verify_key( $akismet_key );
7127
				if ( 'failed' === $akismet_key_state ) {
7128
					return false;
7129
				}
7130
				set_transient( 'jetpack_akismet_key_is_valid', $akismet_key_state, 10 * MINUTE_IN_SECONDS );
7131
			}
7132
7133
			return ( 'valid' === $akismet_key_state );
7134
		}
7135
		return false;
7136
	}
7137
7138
	/**
7139
	 * Checks if one or more function names is in debug_backtrace
7140
	 *
7141
	 * @param $names Mixed string name of function or array of string names of functions
7142
	 *
7143
	 * @return bool
7144
	 */
7145
	public static function is_function_in_backtrace( $names ) {
7146
		$backtrace = debug_backtrace( false );
7147
		if ( ! is_array( $names ) ) {
7148
			$names = array( $names );
7149
		}
7150
		$names_as_keys = array_flip( $names );
7151
7152
		//Do check in constant O(1) time for PHP5.5+
7153
		if ( function_exists( 'array_column' ) ) {
7154
			$backtrace_functions = array_column( $backtrace, 'function' );
7155
			$backtrace_functions_as_keys = array_flip( $backtrace_functions );
7156
			$intersection = array_intersect_key( $backtrace_functions_as_keys, $names_as_keys );
7157
			return ! empty ( $intersection );
7158
		}
7159
7160
		//Do check in linear O(n) time for < PHP5.5 ( using isset at least prevents O(n^2) )
7161
		foreach ( $backtrace as $call ) {
7162
			if ( isset( $names_as_keys[ $call['function'] ] ) ) {
7163
				return true;
7164
			}
7165
		}
7166
		return false;
7167
	}
7168
7169
	/**
7170
	 * Given a minified path, and a non-minified path, will return
7171
	 * a minified or non-minified file URL based on whether SCRIPT_DEBUG is set and truthy.
7172
	 *
7173
	 * Both `$min_base` and `$non_min_base` are expected to be relative to the
7174
	 * root Jetpack directory.
7175
	 *
7176
	 * @since 5.6.0
7177
	 *
7178
	 * @param string $min_path
7179
	 * @param string $non_min_path
7180
	 * @return string The URL to the file
7181
	 */
7182
	public static function get_file_url_for_environment( $min_path, $non_min_path ) {
7183
		$path = ( Jetpack_Constants::is_defined( 'SCRIPT_DEBUG' ) && Jetpack_Constants::get_constant( 'SCRIPT_DEBUG' ) )
7184
			? $non_min_path
7185
			: $min_path;
7186
7187
		return plugins_url( $path, JETPACK__PLUGIN_FILE );
7188
	}
7189
7190
	/**
7191
	 * Checks for whether Jetpack Rewind is enabled.
7192
	 * Will return true if the state of Rewind is anything except "unavailable".
7193
	 * @return bool|int|mixed
7194
	 */
7195
	public static function is_rewind_enabled() {
7196
		if ( ! Jetpack::is_active() ) {
7197
			return false;
7198
		}
7199
7200
		$rewind_enabled = get_transient( 'jetpack_rewind_enabled' );
7201
		if ( false === $rewind_enabled ) {
7202
			jetpack_require_lib( 'class.core-rest-api-endpoints' );
7203
			$rewind_data = (array) Jetpack_Core_Json_Api_Endpoints::rewind_data();
7204
			$rewind_enabled = ( ! is_wp_error( $rewind_data )
7205
				&& ! empty( $rewind_data['state'] )
7206
				&& 'active' === $rewind_data['state'] )
7207
				? 1
7208
				: 0;
7209
7210
			set_transient( 'jetpack_rewind_enabled', $rewind_enabled, 10 * MINUTE_IN_SECONDS );
7211
		}
7212
		return $rewind_enabled;
7213
	}
7214
7215
	/**
7216
	 * Checks whether or not TOS has been agreed upon.
7217
	 * Will return true if a user has clicked to register, or is already connected.
7218
	 */
7219
	public static function jetpack_tos_agreed() {
7220
		return Jetpack_Options::get_option( 'tos_agreed' ) || Jetpack::is_active();
7221
	}
7222
7223
	/**
7224
	 * Handles activating default modules as well general cleanup for the new connection.
7225
	 *
7226
	 * @param boolean $activate_sso                 Whether to activate the SSO module when activating default modules.
7227
	 * @param boolean $redirect_on_activation_error Whether to redirect on activation error.
7228
	 * @return void
7229
	 */
7230
	public static function handle_post_authorization_actions( $activate_sso = false, $redirect_on_activation_error = false ) {
7231
		$other_modules = $activate_sso
7232
			? array( 'sso' )
7233
			: array();
7234
7235 View Code Duplication
		if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
7236
			Jetpack::delete_active_modules();
7237
7238
			Jetpack::activate_default_modules( 999, 1, array_merge( $active_modules, $other_modules ), $redirect_on_activation_error, false );
0 ignored issues
show
Documentation introduced by
999 is of type integer, but the function expects a boolean.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
7239
		} else {
7240
			Jetpack::activate_default_modules( false, false, $other_modules, $redirect_on_activation_error, false );
7241
		}
7242
7243
		// Since this is a fresh connection, be sure to clear out IDC options
7244
		Jetpack_IDC::clear_all_idc_options();
7245
		Jetpack_Options::delete_raw_option( 'jetpack_last_connect_url_check' );
7246
7247
		// Start nonce cleaner
7248
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
7249
		wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
7250
7251
		Jetpack::state( 'message', 'authorized' );
7252
	}
7253
}
7254