Completed
Push — fix/instant-search-carousel-co... ( adc1d1...d5c170 )
by Jeremy
26:49 queued 19:35
created

class.jetpack.php (64 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
use Automattic\Jetpack\Assets;
3
use Automattic\Jetpack\Assets\Logo as Jetpack_Logo;
4
use Automattic\Jetpack\Config;
5
use Automattic\Jetpack\Connection\Client;
6
use Automattic\Jetpack\Connection\Manager as Connection_Manager;
7
use Automattic\Jetpack\Connection\Utils as Connection_Utils;
8
use Automattic\Jetpack\Constants;
9
use Automattic\Jetpack\Partner;
10
use Automattic\Jetpack\Roles;
11
use Automattic\Jetpack\Status;
12
use Automattic\Jetpack\Sync\Functions;
13
use Automattic\Jetpack\Sync\Health;
14
use Automattic\Jetpack\Sync\Sender;
15
use Automattic\Jetpack\Sync\Users;
16
use Automattic\Jetpack\Terms_Of_Service;
17
use Automattic\Jetpack\Tracking;
18
use Automattic\Jetpack\Plugin\Tracking as Plugin_Tracking;
19
20
/*
21
Options:
22
jetpack_options (array)
23
	An array of options.
24
	@see Jetpack_Options::get_option_names()
25
26
jetpack_register (string)
27
	Temporary verification secrets.
28
29
jetpack_activated (int)
30
	1: the plugin was activated normally
31
	2: the plugin was activated on this site because of a network-wide activation
32
	3: the plugin was auto-installed
33
	4: the plugin was manually disconnected (but is still installed)
34
35
jetpack_active_modules (array)
36
	Array of active module slugs.
37
38
jetpack_do_activate (bool)
39
	Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
40
*/
41
42
require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.media.php';
43
44
class Jetpack {
45
	public $xmlrpc_server = null;
46
47
	private $rest_authentication_status = null;
48
49
	public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
50
51
	/**
52
	 * @var array The handles of styles that are concatenated into jetpack.css.
53
	 *
54
	 * When making changes to that list, you must also update concat_list in tools/builder/frontend-css.js.
55
	 */
56
	public $concatenated_style_handles = array(
57
		'jetpack-carousel',
58
		'grunion.css',
59
		'the-neverending-homepage',
60
		'jetpack_likes',
61
		'jetpack_related-posts',
62
		'sharedaddy',
63
		'jetpack-slideshow',
64
		'presentations',
65
		'quiz',
66
		'jetpack-subscriptions',
67
		'jetpack-responsive-videos-style',
68
		'jetpack-social-menu',
69
		'tiled-gallery',
70
		'jetpack_display_posts_widget',
71
		'gravatar-profile-widget',
72
		'goodreads-widget',
73
		'jetpack_social_media_icons_widget',
74
		'jetpack-top-posts-widget',
75
		'jetpack_image_widget',
76
		'jetpack-my-community-widget',
77
		'jetpack-authors-widget',
78
		'wordads',
79
		'eu-cookie-law-style',
80
		'flickr-widget-style',
81
		'jetpack-search-widget',
82
		'jetpack-simple-payments-widget-style',
83
		'jetpack-widget-social-icons-styles',
84
	);
85
86
	/**
87
	 * The handles of scripts that can be loaded asynchronously.
88
	 *
89
	 * @var array
90
	 */
91
	public $async_script_handles = array(
92
		'woocommerce-analytics',
93
	);
94
95
	/**
96
	 * Contains all assets that have had their URL rewritten to minified versions.
97
	 *
98
	 * @var array
99
	 */
100
	static $min_assets = array();
101
102
	public $plugins_to_deactivate = array(
103
		'stats'               => array( 'stats/stats.php', 'WordPress.com Stats' ),
104
		'shortlinks'          => array( 'stats/stats.php', 'WordPress.com Stats' ),
105
		'sharedaddy'          => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
106
		'twitter-widget'      => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
107
		'contact-form'        => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
108
		'contact-form'        => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
109
		'custom-css'          => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
110
		'random-redirect'     => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
111
		'videopress'          => array( 'video/video.php', 'VideoPress' ),
112
		'widget-visibility'   => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
113
		'widget-visibility'   => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
114
		'sharedaddy'          => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
115
		'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
116
		'latex'               => array( 'wp-latex/wp-latex.php', 'WP LaTeX' ),
117
	);
118
119
	/**
120
	 * Map of roles we care about, and their corresponding minimum capabilities.
121
	 *
122
	 * @deprecated 7.6 Use Automattic\Jetpack\Roles::$capability_translations instead.
123
	 *
124
	 * @access public
125
	 * @static
126
	 *
127
	 * @var array
128
	 */
129
	public static $capability_translations = array(
130
		'administrator' => 'manage_options',
131
		'editor'        => 'edit_others_posts',
132
		'author'        => 'publish_posts',
133
		'contributor'   => 'edit_posts',
134
		'subscriber'    => 'read',
135
	);
136
137
	/**
138
	 * Map of modules that have conflicts with plugins and should not be auto-activated
139
	 * if the plugins are active.  Used by filter_default_modules
140
	 *
141
	 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
142
	 * change `module-slug` and add this to your plugin:
143
	 *
144
	 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
145
	 * function my_jetpack_get_default_modules( $modules ) {
146
	 *     return array_diff( $modules, array( 'module-slug' ) );
147
	 * }
148
	 *
149
	 * @var array
150
	 */
151
	private $conflicting_plugins = array(
152
		'comments'           => array(
153
			'Intense Debate'                 => 'intensedebate/intensedebate.php',
154
			'Disqus'                         => 'disqus-comment-system/disqus.php',
155
			'Livefyre'                       => 'livefyre-comments/livefyre.php',
156
			'Comments Evolved for WordPress' => 'gplus-comments/comments-evolved.php',
157
			'Google+ Comments'               => 'google-plus-comments/google-plus-comments.php',
158
			'WP-SpamShield Anti-Spam'        => 'wp-spamshield/wp-spamshield.php',
159
		),
160
		'comment-likes'      => array(
161
			'Epoch' => 'epoch/plugincore.php',
162
		),
163
		'contact-form'       => array(
164
			'Contact Form 7'           => 'contact-form-7/wp-contact-form-7.php',
165
			'Gravity Forms'            => 'gravityforms/gravityforms.php',
166
			'Contact Form Plugin'      => 'contact-form-plugin/contact_form.php',
167
			'Easy Contact Forms'       => 'easy-contact-forms/easy-contact-forms.php',
168
			'Fast Secure Contact Form' => 'si-contact-form/si-contact-form.php',
169
			'Ninja Forms'              => 'ninja-forms/ninja-forms.php',
170
		),
171
		'latex'              => array(
172
			'LaTeX for WordPress'     => 'latex/latex.php',
173
			'Youngwhans Simple Latex' => 'youngwhans-simple-latex/yw-latex.php',
174
			'Easy WP LaTeX'           => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
175
			'MathJax-LaTeX'           => 'mathjax-latex/mathjax-latex.php',
176
			'Enable Latex'            => 'enable-latex/enable-latex.php',
177
			'WP QuickLaTeX'           => 'wp-quicklatex/wp-quicklatex.php',
178
		),
179
		'protect'            => array(
180
			'Limit Login Attempts'              => 'limit-login-attempts/limit-login-attempts.php',
181
			'Captcha'                           => 'captcha/captcha.php',
182
			'Brute Force Login Protection'      => 'brute-force-login-protection/brute-force-login-protection.php',
183
			'Login Security Solution'           => 'login-security-solution/login-security-solution.php',
184
			'WPSecureOps Brute Force Protect'   => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
185
			'BulletProof Security'              => 'bulletproof-security/bulletproof-security.php',
186
			'SiteGuard WP Plugin'               => 'siteguard/siteguard.php',
187
			'Security-protection'               => 'security-protection/security-protection.php',
188
			'Login Security'                    => 'login-security/login-security.php',
189
			'Botnet Attack Blocker'             => 'botnet-attack-blocker/botnet-attack-blocker.php',
190
			'Wordfence Security'                => 'wordfence/wordfence.php',
191
			'All In One WP Security & Firewall' => 'all-in-one-wp-security-and-firewall/wp-security.php',
192
			'iThemes Security'                  => 'better-wp-security/better-wp-security.php',
193
		),
194
		'random-redirect'    => array(
195
			'Random Redirect 2' => 'random-redirect-2/random-redirect.php',
196
		),
197
		'related-posts'      => array(
198
			'YARPP'                       => 'yet-another-related-posts-plugin/yarpp.php',
199
			'WordPress Related Posts'     => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
200
			'nrelate Related Content'     => 'nrelate-related-content/nrelate-related.php',
201
			'Contextual Related Posts'    => 'contextual-related-posts/contextual-related-posts.php',
202
			'Related Posts for WordPress' => 'microkids-related-posts/microkids-related-posts.php',
203
			'outbrain'                    => 'outbrain/outbrain.php',
204
			'Shareaholic'                 => 'shareaholic/shareaholic.php',
205
			'Sexybookmarks'               => 'sexybookmarks/shareaholic.php',
206
		),
207
		'sharedaddy'         => array(
208
			'AddThis'     => 'addthis/addthis_social_widget.php',
209
			'Add To Any'  => 'add-to-any/add-to-any.php',
210
			'ShareThis'   => 'share-this/sharethis.php',
211
			'Shareaholic' => 'shareaholic/shareaholic.php',
212
		),
213
		'seo-tools'          => array(
214
			'WordPress SEO by Yoast'         => 'wordpress-seo/wp-seo.php',
215
			'WordPress SEO Premium by Yoast' => 'wordpress-seo-premium/wp-seo-premium.php',
216
			'All in One SEO Pack'            => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
217
			'All in One SEO Pack Pro'        => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
218
			'The SEO Framework'              => 'autodescription/autodescription.php',
219
		),
220
		'verification-tools' => array(
221
			'WordPress SEO by Yoast'         => 'wordpress-seo/wp-seo.php',
222
			'WordPress SEO Premium by Yoast' => 'wordpress-seo-premium/wp-seo-premium.php',
223
			'All in One SEO Pack'            => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
224
			'All in One SEO Pack Pro'        => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
225
			'The SEO Framework'              => 'autodescription/autodescription.php',
226
		),
227
		'widget-visibility'  => array(
228
			'Widget Logic'    => 'widget-logic/widget_logic.php',
229
			'Dynamic Widgets' => 'dynamic-widgets/dynamic-widgets.php',
230
		),
231
		'sitemaps'           => array(
232
			'Google XML Sitemaps'                  => 'google-sitemap-generator/sitemap.php',
233
			'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
234
			'Google XML Sitemaps for qTranslate'   => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
235
			'XML Sitemap & Google News feeds'      => 'xml-sitemap-feed/xml-sitemap.php',
236
			'Google Sitemap by BestWebSoft'        => 'google-sitemap-plugin/google-sitemap-plugin.php',
237
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
238
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
239
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
240
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
241
			'The SEO Framework'                    => 'autodescription/autodescription.php',
242
			'Sitemap'                              => 'sitemap/sitemap.php',
243
			'Simple Wp Sitemap'                    => 'simple-wp-sitemap/simple-wp-sitemap.php',
244
			'Simple Sitemap'                       => 'simple-sitemap/simple-sitemap.php',
245
			'XML Sitemaps'                         => 'xml-sitemaps/xml-sitemaps.php',
246
			'MSM Sitemaps'                         => 'msm-sitemap/msm-sitemap.php',
247
		),
248
		'lazy-images'        => array(
249
			'Lazy Load'              => 'lazy-load/lazy-load.php',
250
			'BJ Lazy Load'           => 'bj-lazy-load/bj-lazy-load.php',
251
			'Lazy Load by WP Rocket' => 'rocket-lazy-load/rocket-lazy-load.php',
252
		),
253
	);
254
255
	/**
256
	 * Plugins for which we turn off our Facebook OG Tags implementation.
257
	 *
258
	 * Note: All in One SEO Pack, All in one SEO Pack Pro, WordPress SEO by Yoast, and WordPress SEO Premium by Yoast automatically deactivate
259
	 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
260
	 *
261
	 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
262
	 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
263
	 */
264
	private $open_graph_conflicting_plugins = array(
265
		'2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
266
		// 2 Click Social Media Buttons
267
		'add-link-to-facebook/add-link-to-facebook.php',         // Add Link to Facebook
268
		'add-meta-tags/add-meta-tags.php',                       // Add Meta Tags
269
		'complete-open-graph/complete-open-graph.php',           // Complete Open Graph
270
		'easy-facebook-share-thumbnails/esft.php',               // Easy Facebook Share Thumbnail
271
		'heateor-open-graph-meta-tags/heateor-open-graph-meta-tags.php',
272
		// Open Graph Meta Tags by Heateor
273
		'facebook/facebook.php',                                 // Facebook (official plugin)
274
		'facebook-awd/AWD_facebook.php',                         // Facebook AWD All in one
275
		'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
276
		// Facebook Featured Image & OG Meta Tags
277
		'facebook-meta-tags/facebook-metatags.php',              // Facebook Meta Tags
278
		'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
279
		// Facebook Open Graph Meta Tags for WordPress
280
		'facebook-revised-open-graph-meta-tag/index.php',        // Facebook Revised Open Graph Meta Tag
281
		'facebook-thumb-fixer/_facebook-thumb-fixer.php',        // Facebook Thumb Fixer
282
		'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
283
		// Fedmich's Facebook Open Graph Meta
284
		'network-publisher/networkpub.php',                      // Network Publisher
285
		'nextgen-facebook/nextgen-facebook.php',                 // NextGEN Facebook OG
286
		'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
287
		// NextScripts SNAP
288
		'og-tags/og-tags.php',                                   // OG Tags
289
		'opengraph/opengraph.php',                               // Open Graph
290
		'open-graph-protocol-framework/open-graph-protocol-framework.php',
291
		// Open Graph Protocol Framework
292
		'seo-facebook-comments/seofacebook.php',                 // SEO Facebook Comments
293
		'seo-ultimate/seo-ultimate.php',                         // SEO Ultimate
294
		'sexybookmarks/sexy-bookmarks.php',                      // Shareaholic
295
		'shareaholic/sexy-bookmarks.php',                        // Shareaholic
296
		'sharepress/sharepress.php',                             // SharePress
297
		'simple-facebook-connect/sfc.php',                       // Simple Facebook Connect
298
		'social-discussions/social-discussions.php',             // Social Discussions
299
		'social-sharing-toolkit/social_sharing_toolkit.php',     // Social Sharing Toolkit
300
		'socialize/socialize.php',                               // Socialize
301
		'squirrly-seo/squirrly.php',                             // SEO by SQUIRRLY™
302
		'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
303
		// Tweet, Like, Google +1 and Share
304
		'wordbooker/wordbooker.php',                             // Wordbooker
305
		'wpsso/wpsso.php',                                       // WordPress Social Sharing Optimization
306
		'wp-caregiver/wp-caregiver.php',                         // WP Caregiver
307
		'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
308
		// WP Facebook Like Send & Open Graph Meta
309
		'wp-facebook-open-graph-protocol/wp-facebook-ogp.php',   // WP Facebook Open Graph protocol
310
		'wp-ogp/wp-ogp.php',                                     // WP-OGP
311
		'zoltonorg-social-plugin/zosp.php',                      // Zolton.org Social Plugin
312
		'wp-fb-share-like-button/wp_fb_share-like_widget.php',   // WP Facebook Like Button
313
		'open-graph-metabox/open-graph-metabox.php',              // Open Graph Metabox
314
	);
315
316
	/**
317
	 * Plugins for which we turn off our Twitter Cards Tags implementation.
318
	 */
319
	private $twitter_cards_conflicting_plugins = array(
320
		// 'twitter/twitter.php',                       // The official one handles this on its own.
321
		// https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
322
			'eewee-twitter-card/index.php',              // Eewee Twitter Card
323
		'ig-twitter-cards/ig-twitter-cards.php',     // IG:Twitter Cards
324
		'jm-twitter-cards/jm-twitter-cards.php',     // JM Twitter Cards
325
		'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
326
		// Pure Web Brilliant's Social Graph Twitter Cards Extension
327
		'twitter-cards/twitter-cards.php',           // Twitter Cards
328
		'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
329
		'wp-to-twitter/wp-to-twitter.php',           // WP to Twitter
330
		'wp-twitter-cards/twitter_cards.php',        // WP Twitter Cards
331
	);
332
333
	/**
334
	 * Message to display in admin_notice
335
	 *
336
	 * @var string
337
	 */
338
	public $message = '';
339
340
	/**
341
	 * Error to display in admin_notice
342
	 *
343
	 * @var string
344
	 */
345
	public $error = '';
346
347
	/**
348
	 * Modules that need more privacy description.
349
	 *
350
	 * @var string
351
	 */
352
	public $privacy_checks = '';
353
354
	/**
355
	 * Stats to record once the page loads
356
	 *
357
	 * @var array
358
	 */
359
	public $stats = array();
360
361
	/**
362
	 * Jetpack_Sync object
363
	 */
364
	public $sync;
365
366
	/**
367
	 * Verified data for JSON authorization request
368
	 */
369
	public $json_api_authorization_request = array();
370
371
	/**
372
	 * @var Automattic\Jetpack\Connection\Manager
373
	 */
374
	protected $connection_manager;
375
376
	/**
377
	 * @var string Transient key used to prevent multiple simultaneous plugin upgrades
378
	 */
379
	public static $plugin_upgrade_lock_key = 'jetpack_upgrade_lock';
380
381
	/**
382
	 * Constant for login redirect key.
383
	 *
384
	 * @var string
385
	 * @since 8.4.0
386
	 */
387
	public static $jetpack_redirect_login = 'jetpack_connect_login_redirect';
388
389
	/**
390
	 * Holds the singleton instance of this class
391
	 *
392
	 * @since 2.3.3
393
	 * @var Jetpack
394
	 */
395
	static $instance = false;
396
397
	/**
398
	 * Singleton
399
	 *
400
	 * @static
401
	 */
402
	public static function init() {
403
		if ( ! self::$instance ) {
404
			self::$instance = new Jetpack();
405
			add_action( 'plugins_loaded', array( self::$instance, 'plugin_upgrade' ) );
406
		}
407
408
		return self::$instance;
409
	}
410
411
	/**
412
	 * Must never be called statically
413
	 */
414
	function plugin_upgrade() {
415
		if ( self::is_active() ) {
416
			list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
417
			if ( JETPACK__VERSION != $version ) {
418
				// Prevent multiple upgrades at once - only a single process should trigger
419
				// an upgrade to avoid stampedes
420
				if ( false !== get_transient( self::$plugin_upgrade_lock_key ) ) {
421
					return;
422
				}
423
424
				// Set a short lock to prevent multiple instances of the upgrade
425
				set_transient( self::$plugin_upgrade_lock_key, 1, 10 );
426
427
				// check which active modules actually exist and remove others from active_modules list
428
				$unfiltered_modules = self::get_active_modules();
429
				$modules            = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
430
				if ( array_diff( $unfiltered_modules, $modules ) ) {
431
					self::update_active_modules( $modules );
432
				}
433
434
				add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
435
436
				// Upgrade to 4.3.0
437
				if ( Jetpack_Options::get_option( 'identity_crisis_whitelist' ) ) {
438
					Jetpack_Options::delete_option( 'identity_crisis_whitelist' );
439
				}
440
441
				// Make sure Markdown for posts gets turned back on
442
				if ( ! get_option( 'wpcom_publish_posts_with_markdown' ) ) {
443
					update_option( 'wpcom_publish_posts_with_markdown', true );
444
				}
445
446
				/*
447
				 * Minileven deprecation. 8.3.0.
448
				 * Only delete options if not using
449
				 * the replacement standalone Minileven plugin.
450
				 */
451
				if (
452
					! self::is_plugin_active( 'minileven-master/minileven.php' )
453
					&& ! self::is_plugin_active( 'minileven/minileven.php' )
454
				) {
455
					if ( get_option( 'wp_mobile_custom_css' ) ) {
456
						delete_option( 'wp_mobile_custom_css' );
457
					}
458
					if ( get_option( 'wp_mobile_excerpt' ) ) {
459
						delete_option( 'wp_mobile_excerpt' );
460
					}
461
					if ( get_option( 'wp_mobile_featured_images' ) ) {
462
						delete_option( 'wp_mobile_featured_images' );
463
					}
464
					if ( get_option( 'wp_mobile_app_promos' ) ) {
465
						delete_option( 'wp_mobile_app_promos' );
466
					}
467
				}
468
469
				// Upgrade to 8.4.0.
470
				if ( Jetpack_Options::get_option( 'ab_connect_banner_green_bar' ) ) {
471
					Jetpack_Options::delete_option( 'ab_connect_banner_green_bar' );
472
				}
473
474
				if ( did_action( 'wp_loaded' ) ) {
475
					self::upgrade_on_load();
476
				} else {
477
					add_action(
478
						'wp_loaded',
479
						array( __CLASS__, 'upgrade_on_load' )
480
					);
481
				}
482
			}
483
		}
484
	}
485
486
	/**
487
	 * Runs upgrade routines that need to have modules loaded.
488
	 */
489
	static function upgrade_on_load() {
490
491
		// Not attempting any upgrades if jetpack_modules_loaded did not fire.
492
		// This can happen in case Jetpack has been just upgraded and is
493
		// being initialized late during the page load. In this case we wait
494
		// until the next proper admin page load with Jetpack active.
495
		if ( ! did_action( 'jetpack_modules_loaded' ) ) {
496
			delete_transient( self::$plugin_upgrade_lock_key );
497
498
			return;
499
		}
500
501
		self::maybe_set_version_option();
502
503
		if ( method_exists( 'Jetpack_Widget_Conditions', 'migrate_post_type_rules' ) ) {
504
			Jetpack_Widget_Conditions::migrate_post_type_rules();
505
		}
506
507
		if (
508
			class_exists( 'Jetpack_Sitemap_Manager' )
509
			&& version_compare( JETPACK__VERSION, '5.3', '>=' )
510
		) {
511
			do_action( 'jetpack_sitemaps_purge_data' );
512
		}
513
514
		// Delete old stats cache
515
		delete_option( 'jetpack_restapi_stats_cache' );
516
517
		delete_transient( self::$plugin_upgrade_lock_key );
518
	}
519
520
	/**
521
	 * Saves all the currently active modules to options.
522
	 * Also fires Action hooks for each newly activated and deactivated module.
523
	 *
524
	 * @param $modules Array Array of active modules to be saved in options.
525
	 *
526
	 * @return $success bool true for success, false for failure.
0 ignored issues
show
The doc-type $success could not be parsed: Unknown type name "$success" at position 0. (view supported doc-types)

This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types.

Loading history...
527
	 */
528
	static function update_active_modules( $modules ) {
529
		$current_modules      = Jetpack_Options::get_option( 'active_modules', array() );
530
		$active_modules       = self::get_active_modules();
531
		$new_active_modules   = array_diff( $modules, $current_modules );
532
		$new_inactive_modules = array_diff( $active_modules, $modules );
533
		$new_current_modules  = array_diff( array_merge( $current_modules, $new_active_modules ), $new_inactive_modules );
534
		$reindexed_modules    = array_values( $new_current_modules );
535
		$success              = Jetpack_Options::update_option( 'active_modules', array_unique( $reindexed_modules ) );
536
537
		foreach ( $new_active_modules as $module ) {
538
			/**
539
			 * Fires when a specific module is activated.
540
			 *
541
			 * @since 1.9.0
542
			 *
543
			 * @param string $module Module slug.
544
			 * @param boolean $success whether the module was activated. @since 4.2
545
			 */
546
			do_action( 'jetpack_activate_module', $module, $success );
547
			/**
548
			 * Fires when a module is activated.
549
			 * The dynamic part of the filter, $module, is the module slug.
550
			 *
551
			 * @since 1.9.0
552
			 *
553
			 * @param string $module Module slug.
554
			 */
555
			do_action( "jetpack_activate_module_$module", $module );
556
		}
557
558
		foreach ( $new_inactive_modules as $module ) {
559
			/**
560
			 * Fired after a module has been deactivated.
561
			 *
562
			 * @since 4.2.0
563
			 *
564
			 * @param string $module Module slug.
565
			 * @param boolean $success whether the module was deactivated.
566
			 */
567
			do_action( 'jetpack_deactivate_module', $module, $success );
568
			/**
569
			 * Fires when a module is deactivated.
570
			 * The dynamic part of the filter, $module, is the module slug.
571
			 *
572
			 * @since 1.9.0
573
			 *
574
			 * @param string $module Module slug.
575
			 */
576
			do_action( "jetpack_deactivate_module_$module", $module );
577
		}
578
579
		return $success;
580
	}
581
582
	static function delete_active_modules() {
583
		self::update_active_modules( array() );
584
	}
585
586
	/**
587
	 * Adds a hook to plugins_loaded at a priority that's currently the earliest
588
	 * available.
589
	 */
590
	public function add_configure_hook() {
591
		global $wp_filter;
592
593
		$current_priority = has_filter( 'plugins_loaded', array( $this, 'configure' ) );
594
		if ( false !== $current_priority ) {
595
			remove_action( 'plugins_loaded', array( $this, 'configure' ), $current_priority );
596
		}
597
598
		$taken_priorities = array_map( 'intval', array_keys( $wp_filter['plugins_loaded']->callbacks ) );
599
		sort( $taken_priorities );
600
601
		$first_priority = array_shift( $taken_priorities );
602
603
		if ( defined( 'PHP_INT_MAX' ) && $first_priority <= - PHP_INT_MAX ) {
604
			$new_priority = - PHP_INT_MAX;
605
		} else {
606
			$new_priority = $first_priority - 1;
607
		}
608
609
		add_action( 'plugins_loaded', array( $this, 'configure' ), $new_priority );
610
	}
611
612
	/**
613
	 * Constructor.  Initializes WordPress hooks
614
	 */
615
	private function __construct() {
616
		/*
617
		 * Check for and alert any deprecated hooks
618
		 */
619
		add_action( 'init', array( $this, 'deprecated_hooks' ) );
620
621
		// Note how this runs at an earlier plugin_loaded hook intentionally to accomodate for other plugins.
622
		add_action( 'plugin_loaded', array( $this, 'add_configure_hook' ), 90 );
623
		add_action( 'network_plugin_loaded', array( $this, 'add_configure_hook' ), 90 );
624
		add_action( 'mu_plugin_loaded', array( $this, 'add_configure_hook' ), 90 );
625
		add_action( 'plugins_loaded', array( $this, 'late_initialization' ), 90 );
626
627
		add_action( 'jetpack_verify_signature_error', array( $this, 'track_xmlrpc_error' ) );
628
629
		add_filter(
630
			'jetpack_signature_check_token',
631
			array( __CLASS__, 'verify_onboarding_token' ),
632
			10,
633
			3
634
		);
635
636
		/**
637
		 * Prepare Gutenberg Editor functionality
638
		 */
639
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-gutenberg.php';
640
		add_action( 'plugins_loaded', array( 'Jetpack_Gutenberg', 'init' ) );
641
		add_action( 'plugins_loaded', array( 'Jetpack_Gutenberg', 'load_independent_blocks' ) );
642
		add_action( 'enqueue_block_editor_assets', array( 'Jetpack_Gutenberg', 'enqueue_block_editor_assets' ) );
643
644
		add_action( 'set_user_role', array( $this, 'maybe_clear_other_linked_admins_transient' ), 10, 3 );
645
646
		// Unlink user before deleting the user from WP.com.
647
		add_action( 'deleted_user', array( 'Automattic\\Jetpack\\Connection\\Manager', 'disconnect_user' ), 10, 1 );
648
		add_action( 'remove_user_from_blog', array( 'Automattic\\Jetpack\\Connection\\Manager', 'disconnect_user' ), 10, 1 );
649
650
		add_action( 'jetpack_event_log', array( 'Jetpack', 'log' ), 10, 2 );
651
652
		add_filter( 'login_url', array( $this, 'login_url' ), 10, 2 );
653
		add_action( 'login_init', array( $this, 'login_init' ) );
654
655
		add_filter( 'determine_current_user', array( $this, 'wp_rest_authenticate' ) );
656
		add_filter( 'rest_authentication_errors', array( $this, 'wp_rest_authentication_errors' ) );
657
658
		add_action( 'admin_init', array( $this, 'admin_init' ) );
659
		add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
660
661
		add_filter( 'admin_body_class', array( $this, 'admin_body_class' ), 20 );
662
663
		add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
664
		// Filter the dashboard meta box order to swap the new one in in place of the old one.
665
		add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
666
667
		// returns HTTPS support status
668
		add_action( 'wp_ajax_jetpack-recheck-ssl', array( $this, 'ajax_recheck_ssl' ) );
669
670
		add_action( 'wp_ajax_jetpack_connection_banner', array( $this, 'jetpack_connection_banner_callback' ) );
671
672
		add_action( 'wp_loaded', array( $this, 'register_assets' ) );
673
674
		/**
675
		 * These actions run checks to load additional files.
676
		 * They check for external files or plugins, so they need to run as late as possible.
677
		 */
678
		add_action( 'wp_head', array( $this, 'check_open_graph' ), 1 );
679
		add_action( 'amp_story_head', array( $this, 'check_open_graph' ), 1 );
680
		add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ), 999 );
681
		add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
682
683
		add_filter( 'plugins_url', array( 'Jetpack', 'maybe_min_asset' ), 1, 3 );
684
		add_action( 'style_loader_src', array( 'Jetpack', 'set_suffix_on_min' ), 10, 2 );
685
		add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
686
687
		add_filter( 'profile_update', array( 'Jetpack', 'user_meta_cleanup' ) );
688
689
		add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
690
		add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
691
692
		// A filter to control all just in time messages
693
		add_filter( 'jetpack_just_in_time_msgs', array( $this, 'is_active_and_not_development_mode' ), 9 );
694
695
		add_filter( 'jetpack_just_in_time_msg_cache', '__return_true', 9 );
696
697
		// Hide edit post link if mobile app.
698
		if ( Jetpack_User_Agent_Info::is_mobile_app() ) {
699
			add_filter( 'get_edit_post_link', '__return_empty_string' );
700
		}
701
702
		// Update the Jetpack plan from API on heartbeats
703
		add_action( 'jetpack_heartbeat', array( 'Jetpack_Plan', 'refresh_from_wpcom' ) );
704
705
		/**
706
		 * This is the hack to concatenate all css files into one.
707
		 * For description and reasoning see the implode_frontend_css method
708
		 *
709
		 * Super late priority so we catch all the registered styles
710
		 */
711
		if ( ! is_admin() ) {
712
			add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
713
			add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
714
		}
715
716
		/**
717
		 * These are sync actions that we need to keep track of for jitms
718
		 */
719
		add_filter( 'jetpack_sync_before_send_updated_option', array( $this, 'jetpack_track_last_sync_callback' ), 99 );
720
721
		// Actually push the stats on shutdown.
722
		if ( ! has_action( 'shutdown', array( $this, 'push_stats' ) ) ) {
723
			add_action( 'shutdown', array( $this, 'push_stats' ) );
724
		}
725
726
		/*
727
		 * Load some scripts asynchronously.
728
		 */
729
		add_action( 'script_loader_tag', array( $this, 'script_add_async' ), 10, 3 );
730
731
		// Actions for Manager::authorize().
732
		add_action( 'jetpack_authorize_starting', array( $this, 'authorize_starting' ) );
733
		add_action( 'jetpack_authorize_ending_linked', array( $this, 'authorize_ending_linked' ) );
734
		add_action( 'jetpack_authorize_ending_authorized', array( $this, 'authorize_ending_authorized' ) );
735
736
		// Filters for the Manager::get_token() urls and request body.
737
		add_filter( 'jetpack_token_processing_url', array( __CLASS__, 'filter_connect_processing_url' ) );
738
		add_filter( 'jetpack_token_redirect_url', array( __CLASS__, 'filter_connect_redirect_url' ) );
739
		add_filter( 'jetpack_token_request_body', array( __CLASS__, 'filter_token_request_body' ) );
740
	}
741
742
	/**
743
	 * Before everything else starts getting initalized, we need to initialize Jetpack using the
744
	 * Config object.
745
	 */
746
	public function configure() {
747
		$config = new Config();
748
749
		foreach (
750
			array(
751
				'connection',
752
				'sync',
753
				'tracking',
754
				'tos',
755
			)
756
			as $feature
757
		) {
758
			$config->ensure( $feature );
759
		}
760
761
		if ( is_admin() ) {
762
			$config->ensure( 'jitm' );
763
		}
764
765
		if ( ! $this->connection_manager ) {
766
			$this->connection_manager = new Connection_Manager();
767
		}
768
769
		/*
770
		 * Load things that should only be in Network Admin.
771
		 *
772
		 * For now blow away everything else until a more full
773
		 * understanding of what is needed at the network level is
774
		 * available
775
		 */
776
		if ( is_multisite() ) {
777
			$network = Jetpack_Network::init();
778
			$network->set_connection( $this->connection_manager );
779
		}
780
781
		if ( $this->connection_manager->is_active() ) {
782
			add_action( 'login_form_jetpack_json_api_authorization', array( $this, 'login_form_json_api_authorization' ) );
783
784
			Jetpack_Heartbeat::init();
785
			if ( self::is_module_active( 'stats' ) && self::is_module_active( 'search' ) ) {
786
				require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-search-performance-logger.php';
787
				Jetpack_Search_Performance_Logger::init();
788
			}
789
		}
790
791
		// Initialize remote file upload request handlers.
792
		$this->add_remote_request_handlers();
793
794
		/*
795
		 * Enable enhanced handling of previewing sites in Calypso
796
		 */
797
		if ( self::is_active() ) {
798
			require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-iframe-embed.php';
799
			add_action( 'init', array( 'Jetpack_Iframe_Embed', 'init' ), 9, 0 );
800
			require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-keyring-service-helper.php';
801
			add_action( 'init', array( 'Jetpack_Keyring_Service_Helper', 'init' ), 9, 0 );
802
		}
803
804
		/*
805
		 * If enabled, point edit post, page, and comment links to Calypso instead of WP-Admin.
806
		 * We should make sure to only do this for front end links.
807
		 */
808
		if ( self::get_option( 'edit_links_calypso_redirect' ) && ! is_admin() ) {
809
			add_filter( 'get_edit_post_link', array( $this, 'point_edit_post_links_to_calypso' ), 1, 2 );
810
			add_filter( 'get_edit_comment_link', array( $this, 'point_edit_comment_links_to_calypso' ), 1 );
811
812
			/*
813
			 * We'll override wp_notify_postauthor and wp_notify_moderator pluggable functions
814
			 * so they point moderation links on emails to Calypso.
815
			 */
816
			jetpack_require_lib( 'functions.wp-notify' );
817
		}
818
819
	}
820
821
	/**
822
	 * Runs on plugins_loaded. Use this to add code that needs to be executed later than other
823
	 * initialization code.
824
	 *
825
	 * @action plugins_loaded
826
	 */
827
	public function late_initialization() {
828
		add_action( 'plugins_loaded', array( 'Jetpack', 'plugin_textdomain' ), 99 );
829
		add_action( 'plugins_loaded', array( 'Jetpack', 'load_modules' ), 100 );
830
831
		Partner::init();
832
833
		/**
834
		 * Fires when Jetpack is fully loaded and ready. This is the point where it's safe
835
		 * to instantiate classes from packages and namespaces that are managed by the Jetpack Autoloader.
836
		 *
837
		 * @since 8.1.0
838
		 *
839
		 * @param Jetpack $jetpack the main plugin class object.
840
		 */
841
		do_action( 'jetpack_loaded', $this );
842
843
		add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
844
	}
845
846
	/**
847
	 * Sets up the XMLRPC request handlers.
848
	 *
849
	 * @deprecated since 7.7.0
850
	 * @see Automattic\Jetpack\Connection\Manager::setup_xmlrpc_handlers()
851
	 *
852
	 * @param Array                 $request_params Incoming request parameters.
853
	 * @param Boolean               $is_active      Whether the connection is currently active.
854
	 * @param Boolean               $is_signed      Whether the signature check has been successful.
855
	 * @param Jetpack_XMLRPC_Server $xmlrpc_server  (optional) An instance of the server to use instead of instantiating a new one.
0 ignored issues
show
Should the type for parameter $xmlrpc_server not be null|Jetpack_XMLRPC_Server?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
856
	 */
857 View Code Duplication
	public function setup_xmlrpc_handlers(
858
		$request_params,
859
		$is_active,
860
		$is_signed,
861
		Jetpack_XMLRPC_Server $xmlrpc_server = null
862
	) {
863
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::setup_xmlrpc_handlers' );
864
865
		if ( ! $this->connection_manager ) {
866
			$this->connection_manager = new Connection_Manager();
867
		}
868
869
		return $this->connection_manager->setup_xmlrpc_handlers(
870
			$request_params,
871
			$is_active,
872
			$is_signed,
873
			$xmlrpc_server
874
		);
875
	}
876
877
	/**
878
	 * Initialize REST API registration connector.
879
	 *
880
	 * @deprecated since 7.7.0
881
	 * @see Automattic\Jetpack\Connection\Manager::initialize_rest_api_registration_connector()
882
	 */
883 View Code Duplication
	public function initialize_rest_api_registration_connector() {
884
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::initialize_rest_api_registration_connector' );
885
886
		if ( ! $this->connection_manager ) {
887
			$this->connection_manager = new Connection_Manager();
888
		}
889
890
		$this->connection_manager->initialize_rest_api_registration_connector();
891
	}
892
893
	/**
894
	 * This is ported over from the manage module, which has been deprecated and baked in here.
895
	 *
896
	 * @param $domains
897
	 */
898
	function add_wpcom_to_allowed_redirect_hosts( $domains ) {
899
		add_filter( 'allowed_redirect_hosts', array( $this, 'allow_wpcom_domain' ) );
900
	}
901
902
	/**
903
	 * Return $domains, with 'wordpress.com' appended.
904
	 * This is ported over from the manage module, which has been deprecated and baked in here.
905
	 *
906
	 * @param $domains
907
	 * @return array
908
	 */
909
	function allow_wpcom_domain( $domains ) {
910
		if ( empty( $domains ) ) {
911
			$domains = array();
912
		}
913
		$domains[] = 'wordpress.com';
914
		return array_unique( $domains );
915
	}
916
917
	function point_edit_post_links_to_calypso( $default_url, $post_id ) {
918
		$post = get_post( $post_id );
919
920
		if ( empty( $post ) ) {
921
			return $default_url;
922
		}
923
924
		$post_type = $post->post_type;
925
926
		// Mapping the allowed CPTs on WordPress.com to corresponding paths in Calypso.
927
		// https://en.support.wordpress.com/custom-post-types/
928
		$allowed_post_types = array(
929
			'post'                => 'post',
930
			'page'                => 'page',
931
			'jetpack-portfolio'   => 'edit/jetpack-portfolio',
932
			'jetpack-testimonial' => 'edit/jetpack-testimonial',
933
		);
934
935
		if ( ! in_array( $post_type, array_keys( $allowed_post_types ) ) ) {
936
			return $default_url;
937
		}
938
939
		$path_prefix = $allowed_post_types[ $post_type ];
940
941
		$site_slug = self::build_raw_urls( get_home_url() );
942
943
		return esc_url( sprintf( 'https://wordpress.com/%s/%s/%d', $path_prefix, $site_slug, $post_id ) );
944
	}
945
946
	function point_edit_comment_links_to_calypso( $url ) {
947
		// Take the `query` key value from the URL, and parse its parts to the $query_args. `amp;c` matches the comment ID.
948
		wp_parse_str( wp_parse_url( $url, PHP_URL_QUERY ), $query_args );
0 ignored issues
show
The variable $query_args does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
949
		return esc_url(
950
			sprintf(
951
				'https://wordpress.com/comment/%s/%d',
952
				self::build_raw_urls( get_home_url() ),
953
				$query_args['amp;c']
954
			)
955
		);
956
	}
957
958
	function jetpack_track_last_sync_callback( $params ) {
959
		/**
960
		 * Filter to turn off jitm caching
961
		 *
962
		 * @since 5.4.0
963
		 *
964
		 * @param bool false Whether to cache just in time messages
965
		 */
966
		if ( ! apply_filters( 'jetpack_just_in_time_msg_cache', false ) ) {
967
			return $params;
968
		}
969
970
		if ( is_array( $params ) && isset( $params[0] ) ) {
971
			$option = $params[0];
972
			if ( 'active_plugins' === $option ) {
973
				// use the cache if we can, but not terribly important if it gets evicted
974
				set_transient( 'jetpack_last_plugin_sync', time(), HOUR_IN_SECONDS );
975
			}
976
		}
977
978
		return $params;
979
	}
980
981
	function jetpack_connection_banner_callback() {
982
		check_ajax_referer( 'jp-connection-banner-nonce', 'nonce' );
983
984
		if ( isset( $_REQUEST['dismissBanner'] ) ) {
985
			Jetpack_Options::update_option( 'dismissed_connection_banner', 1 );
986
			wp_send_json_success();
987
		}
988
989
		wp_die();
990
	}
991
992
	/**
993
	 * Removes all XML-RPC methods that are not `jetpack.*`.
994
	 * Only used in our alternate XML-RPC endpoint, where we want to
995
	 * ensure that Core and other plugins' methods are not exposed.
996
	 *
997
	 * @deprecated since 7.7.0
998
	 * @see Automattic\Jetpack\Connection\Manager::remove_non_jetpack_xmlrpc_methods()
999
	 *
1000
	 * @param array $methods A list of registered WordPress XMLRPC methods.
1001
	 * @return array Filtered $methods
1002
	 */
1003 View Code Duplication
	public function remove_non_jetpack_xmlrpc_methods( $methods ) {
1004
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::remove_non_jetpack_xmlrpc_methods' );
1005
1006
		if ( ! $this->connection_manager ) {
1007
			$this->connection_manager = new Connection_Manager();
1008
		}
1009
1010
		return $this->connection_manager->remove_non_jetpack_xmlrpc_methods( $methods );
1011
	}
1012
1013
	/**
1014
	 * Since a lot of hosts use a hammer approach to "protecting" WordPress sites,
1015
	 * and just blanket block all requests to /xmlrpc.php, or apply other overly-sensitive
1016
	 * security/firewall policies, we provide our own alternate XML RPC API endpoint
1017
	 * which is accessible via a different URI. Most of the below is copied directly
1018
	 * from /xmlrpc.php so that we're replicating it as closely as possible.
1019
	 *
1020
	 * @deprecated since 7.7.0
1021
	 * @see Automattic\Jetpack\Connection\Manager::alternate_xmlrpc()
1022
	 */
1023 View Code Duplication
	public function alternate_xmlrpc() {
1024
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::alternate_xmlrpc' );
1025
1026
		if ( ! $this->connection_manager ) {
1027
			$this->connection_manager = new Connection_Manager();
1028
		}
1029
1030
		$this->connection_manager->alternate_xmlrpc();
1031
	}
1032
1033
	/**
1034
	 * The callback for the JITM ajax requests.
1035
	 *
1036
	 * @deprecated since 7.9.0
1037
	 */
1038
	function jetpack_jitm_ajax_callback() {
1039
		_deprecated_function( __METHOD__, 'jetpack-7.9' );
1040
	}
1041
1042
	/**
1043
	 * If there are any stats that need to be pushed, but haven't been, push them now.
1044
	 */
1045
	function push_stats() {
1046
		if ( ! empty( $this->stats ) ) {
1047
			$this->do_stats( 'server_side' );
1048
		}
1049
	}
1050
1051
	function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
1052
		$is_development_mode = ( new Status() )->is_development_mode();
1053
		switch ( $cap ) {
1054
			case 'jetpack_connect':
1055
			case 'jetpack_reconnect':
1056
				if ( $is_development_mode ) {
1057
					$caps = array( 'do_not_allow' );
1058
					break;
1059
				}
1060
				/**
1061
				 * Pass through. If it's not development mode, these should match disconnect.
1062
				 * Let users disconnect if it's development mode, just in case things glitch.
1063
				 */
1064
			case 'jetpack_disconnect':
1065
				/**
1066
				 * In multisite, can individual site admins manage their own connection?
1067
				 *
1068
				 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
1069
				 */
1070
				if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
1071
					if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
1072
						/**
1073
						 * We need to update the option name -- it's terribly unclear which
1074
						 * direction the override goes.
1075
						 *
1076
						 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
1077
						 */
1078
						$caps = array( 'do_not_allow' );
1079
						break;
1080
					}
1081
				}
1082
1083
				$caps = array( 'manage_options' );
1084
				break;
1085
			case 'jetpack_manage_modules':
1086
			case 'jetpack_activate_modules':
1087
			case 'jetpack_deactivate_modules':
1088
				$caps = array( 'manage_options' );
1089
				break;
1090
			case 'jetpack_configure_modules':
1091
				$caps = array( 'manage_options' );
1092
				break;
1093
			case 'jetpack_manage_autoupdates':
1094
				$caps = array(
1095
					'manage_options',
1096
					'update_plugins',
1097
				);
1098
				break;
1099
			case 'jetpack_network_admin_page':
1100
			case 'jetpack_network_settings_page':
1101
				$caps = array( 'manage_network_plugins' );
1102
				break;
1103
			case 'jetpack_network_sites_page':
1104
				$caps = array( 'manage_sites' );
1105
				break;
1106
			case 'jetpack_admin_page':
1107
				if ( $is_development_mode ) {
1108
					$caps = array( 'manage_options' );
1109
					break;
1110
				} else {
1111
					$caps = array( 'read' );
1112
				}
1113
				break;
1114
			case 'jetpack_connect_user':
1115
				if ( $is_development_mode ) {
1116
					$caps = array( 'do_not_allow' );
1117
					break;
1118
				}
1119
				$caps = array( 'read' );
1120
				break;
1121
		}
1122
		return $caps;
1123
	}
1124
1125
	/**
1126
	 * Require a Jetpack authentication.
1127
	 *
1128
	 * @deprecated since 7.7.0
1129
	 * @see Automattic\Jetpack\Connection\Manager::require_jetpack_authentication()
1130
	 */
1131 View Code Duplication
	public function require_jetpack_authentication() {
1132
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::require_jetpack_authentication' );
1133
1134
		if ( ! $this->connection_manager ) {
1135
			$this->connection_manager = new Connection_Manager();
1136
		}
1137
1138
		$this->connection_manager->require_jetpack_authentication();
1139
	}
1140
1141
	/**
1142
	 * Load language files
1143
	 *
1144
	 * @action plugins_loaded
1145
	 */
1146
	public static function plugin_textdomain() {
1147
		// Note to self, the third argument must not be hardcoded, to account for relocated folders.
1148
		load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
1149
	}
1150
1151
	/**
1152
	 * Register assets for use in various modules and the Jetpack admin page.
1153
	 *
1154
	 * @uses wp_script_is, wp_register_script, plugins_url
1155
	 * @action wp_loaded
1156
	 * @return null
1157
	 */
1158
	public function register_assets() {
1159
		if ( ! wp_script_is( 'spin', 'registered' ) ) {
1160
			wp_register_script(
1161
				'spin',
1162
				Assets::get_file_url_for_environment( '_inc/build/spin.min.js', '_inc/spin.js' ),
1163
				false,
1164
				'1.3'
1165
			);
1166
		}
1167
1168 View Code Duplication
		if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
1169
			wp_register_script(
1170
				'jquery.spin',
1171
				Assets::get_file_url_for_environment( '_inc/build/jquery.spin.min.js', '_inc/jquery.spin.js' ),
1172
				array( 'jquery', 'spin' ),
1173
				'1.3'
1174
			);
1175
		}
1176
1177 View Code Duplication
		if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
1178
			wp_register_script(
1179
				'jetpack-gallery-settings',
1180
				Assets::get_file_url_for_environment( '_inc/build/gallery-settings.min.js', '_inc/gallery-settings.js' ),
1181
				array( 'media-views' ),
1182
				'20121225'
1183
			);
1184
		}
1185
1186 View Code Duplication
		if ( ! wp_script_is( 'jetpack-twitter-timeline', 'registered' ) ) {
1187
			wp_register_script(
1188
				'jetpack-twitter-timeline',
1189
				Assets::get_file_url_for_environment( '_inc/build/twitter-timeline.min.js', '_inc/twitter-timeline.js' ),
1190
				array( 'jquery' ),
1191
				'4.0.0',
1192
				true
1193
			);
1194
		}
1195
1196
		if ( ! wp_script_is( 'jetpack-facebook-embed', 'registered' ) ) {
1197
			wp_register_script(
1198
				'jetpack-facebook-embed',
1199
				Assets::get_file_url_for_environment( '_inc/build/facebook-embed.min.js', '_inc/facebook-embed.js' ),
1200
				array(),
1201
				null,
1202
				true
1203
			);
1204
1205
			/** This filter is documented in modules/sharedaddy/sharing-sources.php */
1206
			$fb_app_id = apply_filters( 'jetpack_sharing_facebook_app_id', '249643311490' );
1207
			if ( ! is_numeric( $fb_app_id ) ) {
1208
				$fb_app_id = '';
1209
			}
1210
			wp_localize_script(
1211
				'jetpack-facebook-embed',
1212
				'jpfbembed',
1213
				array(
1214
					'appid'  => $fb_app_id,
1215
					'locale' => $this->get_locale(),
1216
				)
1217
			);
1218
		}
1219
1220
		/**
1221
		 * As jetpack_register_genericons is by default fired off a hook,
1222
		 * the hook may have already fired by this point.
1223
		 * So, let's just trigger it manually.
1224
		 */
1225
		require_once JETPACK__PLUGIN_DIR . '_inc/genericons.php';
1226
		jetpack_register_genericons();
1227
1228
		/**
1229
		 * Register the social logos
1230
		 */
1231
		require_once JETPACK__PLUGIN_DIR . '_inc/social-logos.php';
1232
		jetpack_register_social_logos();
1233
1234 View Code Duplication
		if ( ! wp_style_is( 'jetpack-icons', 'registered' ) ) {
1235
			wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
1236
		}
1237
	}
1238
1239
	/**
1240
	 * Guess locale from language code.
1241
	 *
1242
	 * @param string $lang Language code.
1243
	 * @return string|bool
1244
	 */
1245 View Code Duplication
	function guess_locale_from_lang( $lang ) {
1246
		if ( 'en' === $lang || 'en_US' === $lang || ! $lang ) {
1247
			return 'en_US';
1248
		}
1249
1250
		if ( ! class_exists( 'GP_Locales' ) ) {
1251
			if ( ! defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) || ! file_exists( JETPACK__GLOTPRESS_LOCALES_PATH ) ) {
1252
				return false;
1253
			}
1254
1255
			require JETPACK__GLOTPRESS_LOCALES_PATH;
1256
		}
1257
1258
		if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
1259
			// WP.com: get_locale() returns 'it'
1260
			$locale = GP_Locales::by_slug( $lang );
1261
		} else {
1262
			// Jetpack: get_locale() returns 'it_IT';
1263
			$locale = GP_Locales::by_field( 'facebook_locale', $lang );
1264
		}
1265
1266
		if ( ! $locale ) {
1267
			return false;
1268
		}
1269
1270
		if ( empty( $locale->facebook_locale ) ) {
1271
			if ( empty( $locale->wp_locale ) ) {
1272
				return false;
1273
			} else {
1274
				// Facebook SDK is smart enough to fall back to en_US if a
1275
				// locale isn't supported. Since supported Facebook locales
1276
				// can fall out of sync, we'll attempt to use the known
1277
				// wp_locale value and rely on said fallback.
1278
				return $locale->wp_locale;
1279
			}
1280
		}
1281
1282
		return $locale->facebook_locale;
1283
	}
1284
1285
	/**
1286
	 * Get the locale.
1287
	 *
1288
	 * @return string|bool
1289
	 */
1290
	function get_locale() {
1291
		$locale = $this->guess_locale_from_lang( get_locale() );
1292
1293
		if ( ! $locale ) {
1294
			$locale = 'en_US';
1295
		}
1296
1297
		return $locale;
1298
	}
1299
1300
	/**
1301
	 * Return the network_site_url so that .com knows what network this site is a part of.
1302
	 *
1303
	 * @param  bool $option
1304
	 * @return string
1305
	 */
1306
	public function jetpack_main_network_site_option( $option ) {
1307
		return network_site_url();
1308
	}
1309
	/**
1310
	 * Network Name.
1311
	 */
1312
	static function network_name( $option = null ) {
1313
		global $current_site;
1314
		return $current_site->site_name;
1315
	}
1316
	/**
1317
	 * Does the network allow new user and site registrations.
1318
	 *
1319
	 * @return string
1320
	 */
1321
	static function network_allow_new_registrations( $option = null ) {
1322
		return ( in_array( get_site_option( 'registration' ), array( 'none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration' ) : 'none' );
1323
	}
1324
	/**
1325
	 * Does the network allow admins to add new users.
1326
	 *
1327
	 * @return boolian
1328
	 */
1329
	static function network_add_new_users( $option = null ) {
1330
		return (bool) get_site_option( 'add_new_users' );
1331
	}
1332
	/**
1333
	 * File upload psace left per site in MB.
1334
	 *  -1 means NO LIMIT.
1335
	 *
1336
	 * @return number
1337
	 */
1338
	static function network_site_upload_space( $option = null ) {
1339
		// value in MB
1340
		return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
1341
	}
1342
1343
	/**
1344
	 * Network allowed file types.
1345
	 *
1346
	 * @return string
1347
	 */
1348
	static function network_upload_file_types( $option = null ) {
1349
		return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
1350
	}
1351
1352
	/**
1353
	 * Maximum file upload size set by the network.
1354
	 *
1355
	 * @return number
1356
	 */
1357
	static function network_max_upload_file_size( $option = null ) {
1358
		// value in KB
1359
		return get_site_option( 'fileupload_maxk', 300 );
1360
	}
1361
1362
	/**
1363
	 * Lets us know if a site allows admins to manage the network.
1364
	 *
1365
	 * @return array
1366
	 */
1367
	static function network_enable_administration_menus( $option = null ) {
1368
		return get_site_option( 'menu_items' );
1369
	}
1370
1371
	/**
1372
	 * If a user has been promoted to or demoted from admin, we need to clear the
1373
	 * jetpack_other_linked_admins transient.
1374
	 *
1375
	 * @since 4.3.2
1376
	 * @since 4.4.0  $old_roles is null by default and if it's not passed, the transient is cleared.
1377
	 *
1378
	 * @param int    $user_id   The user ID whose role changed.
1379
	 * @param string $role      The new role.
1380
	 * @param array  $old_roles An array of the user's previous roles.
0 ignored issues
show
Should the type for parameter $old_roles not be array|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
1381
	 */
1382
	function maybe_clear_other_linked_admins_transient( $user_id, $role, $old_roles = null ) {
1383
		if ( 'administrator' == $role
1384
			|| ( is_array( $old_roles ) && in_array( 'administrator', $old_roles ) )
1385
			|| is_null( $old_roles )
1386
		) {
1387
			delete_transient( 'jetpack_other_linked_admins' );
1388
		}
1389
	}
1390
1391
	/**
1392
	 * Checks to see if there are any other users available to become primary
1393
	 * Users must both:
1394
	 * - Be linked to wpcom
1395
	 * - Be an admin
1396
	 *
1397
	 * @return mixed False if no other users are linked, Int if there are.
1398
	 */
1399
	static function get_other_linked_admins() {
1400
		$other_linked_users = get_transient( 'jetpack_other_linked_admins' );
1401
1402
		if ( false === $other_linked_users ) {
1403
			$admins = get_users( array( 'role' => 'administrator' ) );
1404
			if ( count( $admins ) > 1 ) {
1405
				$available = array();
1406
				foreach ( $admins as $admin ) {
1407
					if ( self::is_user_connected( $admin->ID ) ) {
1408
						$available[] = $admin->ID;
1409
					}
1410
				}
1411
1412
				$count_connected_admins = count( $available );
1413
				if ( count( $available ) > 1 ) {
1414
					$other_linked_users = $count_connected_admins;
1415
				} else {
1416
					$other_linked_users = 0;
1417
				}
1418
			} else {
1419
				$other_linked_users = 0;
1420
			}
1421
1422
			set_transient( 'jetpack_other_linked_admins', $other_linked_users, HOUR_IN_SECONDS );
1423
		}
1424
1425
		return ( 0 === $other_linked_users ) ? false : $other_linked_users;
1426
	}
1427
1428
	/**
1429
	 * Return whether we are dealing with a multi network setup or not.
1430
	 * The reason we are type casting this is because we want to avoid the situation where
1431
	 * the result is false since when is_main_network_option return false it cases
1432
	 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
1433
	 * database which could be set to anything as opposed to what this function returns.
1434
	 *
1435
	 * @param  bool $option
1436
	 *
1437
	 * @return boolean
1438
	 */
1439
	public function is_main_network_option( $option ) {
1440
		// return '1' or ''
1441
		return (string) (bool) self::is_multi_network();
1442
	}
1443
1444
	/**
1445
	 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
1446
	 *
1447
	 * @param  string $option
1448
	 * @return boolean
1449
	 */
1450
	public function is_multisite( $option ) {
1451
		return (string) (bool) is_multisite();
1452
	}
1453
1454
	/**
1455
	 * Implemented since there is no core is multi network function
1456
	 * Right now there is no way to tell if we which network is the dominant network on the system
1457
	 *
1458
	 * @since  3.3
1459
	 * @return boolean
1460
	 */
1461 View Code Duplication
	public static function is_multi_network() {
1462
		global  $wpdb;
1463
1464
		// if we don't have a multi site setup no need to do any more
1465
		if ( ! is_multisite() ) {
1466
			return false;
1467
		}
1468
1469
		$num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
1470
		if ( $num_sites > 1 ) {
1471
			return true;
1472
		} else {
1473
			return false;
1474
		}
1475
	}
1476
1477
	/**
1478
	 * Trigger an update to the main_network_site when we update the siteurl of a site.
1479
	 *
1480
	 * @return null
1481
	 */
1482
	function update_jetpack_main_network_site_option() {
1483
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1484
	}
1485
	/**
1486
	 * Triggered after a user updates the network settings via Network Settings Admin Page
1487
	 */
1488
	function update_jetpack_network_settings() {
1489
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1490
		// Only sync this info for the main network site.
1491
	}
1492
1493
	/**
1494
	 * Get back if the current site is single user site.
1495
	 *
1496
	 * @return bool
1497
	 */
1498 View Code Duplication
	public static function is_single_user_site() {
1499
		global $wpdb;
1500
1501
		if ( false === ( $some_users = get_transient( 'jetpack_is_single_user' ) ) ) {
1502
			$some_users = $wpdb->get_var( "SELECT COUNT(*) FROM (SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities' LIMIT 2) AS someusers" );
1503
			set_transient( 'jetpack_is_single_user', (int) $some_users, 12 * HOUR_IN_SECONDS );
1504
		}
1505
		return 1 === (int) $some_users;
1506
	}
1507
1508
	/**
1509
	 * Returns true if the site has file write access false otherwise.
1510
	 *
1511
	 * @return string ( '1' | '0' )
1512
	 **/
1513
	public static function file_system_write_access() {
1514
		if ( ! function_exists( 'get_filesystem_method' ) ) {
1515
			require_once ABSPATH . 'wp-admin/includes/file.php';
1516
		}
1517
1518
		require_once ABSPATH . 'wp-admin/includes/template.php';
1519
1520
		$filesystem_method = get_filesystem_method();
1521
		if ( $filesystem_method === 'direct' ) {
1522
			return 1;
1523
		}
1524
1525
		ob_start();
1526
		$filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1527
		ob_end_clean();
1528
		if ( $filesystem_credentials_are_stored ) {
1529
			return 1;
1530
		}
1531
		return 0;
1532
	}
1533
1534
	/**
1535
	 * Finds out if a site is using a version control system.
1536
	 *
1537
	 * @return string ( '1' | '0' )
1538
	 **/
1539
	public static function is_version_controlled() {
1540
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Functions::is_version_controlled' );
1541
		return (string) (int) Functions::is_version_controlled();
1542
	}
1543
1544
	/**
1545
	 * Determines whether the current theme supports featured images or not.
1546
	 *
1547
	 * @return string ( '1' | '0' )
1548
	 */
1549
	public static function featured_images_enabled() {
1550
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1551
		return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1552
	}
1553
1554
	/**
1555
	 * Wrapper for core's get_avatar_url().  This one is deprecated.
1556
	 *
1557
	 * @deprecated 4.7 use get_avatar_url instead.
1558
	 * @param int|string|object $id_or_email A user ID,  email address, or comment object
1559
	 * @param int               $size Size of the avatar image
1560
	 * @param string            $default URL to a default image to use if no avatar is available
1561
	 * @param bool              $force_display Whether to force it to return an avatar even if show_avatars is disabled
1562
	 *
1563
	 * @return array
1564
	 */
1565
	public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
1566
		_deprecated_function( __METHOD__, 'jetpack-4.7', 'get_avatar_url' );
1567
		return get_avatar_url(
1568
			$id_or_email,
1569
			array(
1570
				'size'          => $size,
1571
				'default'       => $default,
1572
				'force_default' => $force_display,
1573
			)
1574
		);
1575
	}
1576
1577
	/**
1578
	 * jetpack_updates is saved in the following schema:
1579
	 *
1580
	 * array (
1581
	 *      'plugins'                       => (int) Number of plugin updates available.
1582
	 *      'themes'                        => (int) Number of theme updates available.
1583
	 *      'wordpress'                     => (int) Number of WordPress core updates available. // phpcs:ignore WordPress.WP.CapitalPDangit.Misspelled
1584
	 *      'translations'                  => (int) Number of translation updates available.
1585
	 *      'total'                         => (int) Total of all available updates.
1586
	 *      'wp_update_version'             => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1587
	 * )
1588
	 *
1589
	 * @return array
1590
	 */
1591
	public static function get_updates() {
1592
		$update_data = wp_get_update_data();
1593
1594
		// Stores the individual update counts as well as the total count.
1595
		if ( isset( $update_data['counts'] ) ) {
1596
			$updates = $update_data['counts'];
1597
		}
1598
1599
		// If we need to update WordPress core, let's find the latest version number.
1600 View Code Duplication
		if ( ! empty( $updates['wordpress'] ) ) {
1601
			$cur = get_preferred_from_update_core();
1602
			if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1603
				$updates['wp_update_version'] = $cur->current;
1604
			}
1605
		}
1606
		return isset( $updates ) ? $updates : array();
1607
	}
1608
1609
	public static function get_update_details() {
1610
		$update_details = array(
1611
			'update_core'    => get_site_transient( 'update_core' ),
1612
			'update_plugins' => get_site_transient( 'update_plugins' ),
1613
			'update_themes'  => get_site_transient( 'update_themes' ),
1614
		);
1615
		return $update_details;
1616
	}
1617
1618
	public static function refresh_update_data() {
1619
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1620
1621
	}
1622
1623
	public static function refresh_theme_data() {
1624
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1625
	}
1626
1627
	/**
1628
	 * Is Jetpack active?
1629
	 */
1630
	public static function is_active() {
1631
		return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
0 ignored issues
show
Deprecated Code introduced by
The method Jetpack_Data::get_access_token() has been deprecated with message: 7.5 Use Connection_Manager instead.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
1632
	}
1633
1634
	/**
1635
	 * Make an API call to WordPress.com for plan status
1636
	 *
1637
	 * @deprecated 7.2.0 Use Jetpack_Plan::refresh_from_wpcom.
1638
	 *
1639
	 * @return bool True if plan is updated, false if no update
1640
	 */
1641
	public static function refresh_active_plan_from_wpcom() {
1642
		_deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::refresh_from_wpcom' );
1643
		return Jetpack_Plan::refresh_from_wpcom();
1644
	}
1645
1646
	/**
1647
	 * Get the plan that this Jetpack site is currently using
1648
	 *
1649
	 * @deprecated 7.2.0 Use Jetpack_Plan::get.
1650
	 * @return array Active Jetpack plan details.
1651
	 */
1652
	public static function get_active_plan() {
1653
		_deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::get' );
1654
		return Jetpack_Plan::get();
1655
	}
1656
1657
	/**
1658
	 * Determine whether the active plan supports a particular feature
1659
	 *
1660
	 * @deprecated 7.2.0 Use Jetpack_Plan::supports.
1661
	 * @return bool True if plan supports feature, false if not.
1662
	 */
1663
	public static function active_plan_supports( $feature ) {
1664
		_deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::supports' );
1665
		return Jetpack_Plan::supports( $feature );
1666
	}
1667
1668
	/**
1669
	 * Deprecated: Is Jetpack in development (offline) mode?
1670
	 *
1671
	 * This static method is being left here intentionally without the use of _deprecated_function(), as other plugins
1672
	 * and themes still use it, and we do not want to flood them with notices.
1673
	 *
1674
	 * Please use Automattic\Jetpack\Status()->is_development_mode() instead.
1675
	 *
1676
	 * @deprecated since 8.0.
1677
	 */
1678
	public static function is_development_mode() {
1679
		return ( new Status() )->is_development_mode();
1680
	}
1681
1682
	/**
1683
	 * Whether the site is currently onboarding or not.
1684
	 * A site is considered as being onboarded if it currently has an onboarding token.
1685
	 *
1686
	 * @since 5.8
1687
	 *
1688
	 * @access public
1689
	 * @static
1690
	 *
1691
	 * @return bool True if the site is currently onboarding, false otherwise
1692
	 */
1693
	public static function is_onboarding() {
1694
		return Jetpack_Options::get_option( 'onboarding' ) !== false;
1695
	}
1696
1697
	/**
1698
	 * Determines reason for Jetpack development mode.
1699
	 */
1700
	public static function development_mode_trigger_text() {
1701
		if ( ! ( new Status() )->is_development_mode() ) {
1702
			return __( 'Jetpack is not in Development Mode.', 'jetpack' );
1703
		}
1704
1705
		if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1706
			$notice = __( 'The JETPACK_DEV_DEBUG constant is defined in wp-config.php or elsewhere.', 'jetpack' );
1707
		} elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1708
			$notice = __( 'The site URL lacking a dot (e.g. http://localhost).', 'jetpack' );
1709
		} else {
1710
			$notice = __( 'The jetpack_development_mode filter is set to true.', 'jetpack' );
1711
		}
1712
1713
		return $notice;
1714
1715
	}
1716
	/**
1717
	 * Get Jetpack development mode notice text and notice class.
1718
	 *
1719
	 * Mirrors the checks made in Automattic\Jetpack\Status->is_development_mode
1720
	 */
1721
	public static function show_development_mode_notice() {
1722
		if ( ( new Status() )->is_development_mode() ) {
1723
			$notice = sprintf(
1724
				/* translators: %s is a URL */
1725
				__( 'In <a href="%s" target="_blank">Development Mode</a>:', 'jetpack' ),
1726
				'https://jetpack.com/support/development-mode/'
1727
			);
1728
1729
			$notice .= ' ' . self::development_mode_trigger_text();
1730
1731
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1732
		}
1733
1734
		// Throw up a notice if using a development version and as for feedback.
1735
		if ( self::is_development_version() ) {
1736
			/* translators: %s is a URL */
1737
			$notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.com/contact-support/beta-group/' );
1738
1739
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1740
		}
1741
		// Throw up a notice if using staging mode
1742
		if ( ( new Status() )->is_staging_site() ) {
1743
			/* translators: %s is a URL */
1744
			$notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', 'jetpack' ), 'https://jetpack.com/support/staging-sites/' );
1745
1746
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1747
		}
1748
	}
1749
1750
	/**
1751
	 * Whether Jetpack's version maps to a public release, or a development version.
1752
	 */
1753
	public static function is_development_version() {
1754
		/**
1755
		 * Allows filtering whether this is a development version of Jetpack.
1756
		 *
1757
		 * This filter is especially useful for tests.
1758
		 *
1759
		 * @since 4.3.0
1760
		 *
1761
		 * @param bool $development_version Is this a develoment version of Jetpack?
1762
		 */
1763
		return (bool) apply_filters(
1764
			'jetpack_development_version',
1765
			! preg_match( '/^\d+(\.\d+)+$/', Constants::get_constant( 'JETPACK__VERSION' ) )
1766
		);
1767
	}
1768
1769
	/**
1770
	 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1771
	 */
1772
	public static function is_user_connected( $user_id = false ) {
1773
		return self::connection()->is_user_connected( $user_id );
1774
	}
1775
1776
	/**
1777
	 * Get the wpcom user data of the current|specified connected user.
1778
	 */
1779 View Code Duplication
	public static function get_connected_user_data( $user_id = null ) {
1780
		// TODO: remove in favor of Connection_Manager->get_connected_user_data
1781
		if ( ! $user_id ) {
1782
			$user_id = get_current_user_id();
1783
		}
1784
1785
		$transient_key = "jetpack_connected_user_data_$user_id";
1786
1787
		if ( $cached_user_data = get_transient( $transient_key ) ) {
1788
			return $cached_user_data;
1789
		}
1790
1791
		$xml = new Jetpack_IXR_Client(
1792
			array(
1793
				'user_id' => $user_id,
1794
			)
1795
		);
1796
		$xml->query( 'wpcom.getUser' );
1797
		if ( ! $xml->isError() ) {
1798
			$user_data = $xml->getResponse();
1799
			set_transient( $transient_key, $xml->getResponse(), DAY_IN_SECONDS );
1800
			return $user_data;
1801
		}
1802
1803
		return false;
1804
	}
1805
1806
	/**
1807
	 * Get the wpcom email of the current|specified connected user.
1808
	 */
1809
	public static function get_connected_user_email( $user_id = null ) {
1810
		if ( ! $user_id ) {
1811
			$user_id = get_current_user_id();
1812
		}
1813
1814
		$xml = new Jetpack_IXR_Client(
1815
			array(
1816
				'user_id' => $user_id,
1817
			)
1818
		);
1819
		$xml->query( 'wpcom.getUserEmail' );
1820
		if ( ! $xml->isError() ) {
1821
			return $xml->getResponse();
1822
		}
1823
		return false;
1824
	}
1825
1826
	/**
1827
	 * Get the wpcom email of the master user.
1828
	 */
1829
	public static function get_master_user_email() {
1830
		$master_user_id = Jetpack_Options::get_option( 'master_user' );
1831
		if ( $master_user_id ) {
1832
			return self::get_connected_user_email( $master_user_id );
1833
		}
1834
		return '';
1835
	}
1836
1837
	/**
1838
	 * Whether the current user is the connection owner.
1839
	 *
1840
	 * @deprecated since 7.7
1841
	 *
1842
	 * @return bool Whether the current user is the connection owner.
1843
	 */
1844
	public function current_user_is_connection_owner() {
1845
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::is_connection_owner' );
1846
		return self::connection()->is_connection_owner();
1847
	}
1848
1849
	/**
1850
	 * Gets current user IP address.
1851
	 *
1852
	 * @param  bool $check_all_headers Check all headers? Default is `false`.
1853
	 *
1854
	 * @return string                  Current user IP address.
1855
	 */
1856
	public static function current_user_ip( $check_all_headers = false ) {
1857
		if ( $check_all_headers ) {
1858
			foreach ( array(
1859
				'HTTP_CF_CONNECTING_IP',
1860
				'HTTP_CLIENT_IP',
1861
				'HTTP_X_FORWARDED_FOR',
1862
				'HTTP_X_FORWARDED',
1863
				'HTTP_X_CLUSTER_CLIENT_IP',
1864
				'HTTP_FORWARDED_FOR',
1865
				'HTTP_FORWARDED',
1866
				'HTTP_VIA',
1867
			) as $key ) {
1868
				if ( ! empty( $_SERVER[ $key ] ) ) {
1869
					return $_SERVER[ $key ];
1870
				}
1871
			}
1872
		}
1873
1874
		return ! empty( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : '';
1875
	}
1876
1877
	/**
1878
	 * Synchronize connected user role changes
1879
	 */
1880
	function user_role_change( $user_id ) {
1881
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Users::user_role_change()' );
1882
		Users::user_role_change( $user_id );
1883
	}
1884
1885
	/**
1886
	 * Loads the currently active modules.
1887
	 */
1888
	public static function load_modules() {
1889
		$is_development_mode = ( new Status() )->is_development_mode();
1890
		if (
1891
			! self::is_active()
1892
			&& ! $is_development_mode
1893
			&& ! self::is_onboarding()
1894
			&& (
1895
				! is_multisite()
1896
				|| ! get_site_option( 'jetpack_protect_active' )
1897
			)
1898
		) {
1899
			return;
1900
		}
1901
1902
		$version = Jetpack_Options::get_option( 'version' );
1903 View Code Duplication
		if ( ! $version ) {
1904
			$version = $old_version = JETPACK__VERSION . ':' . time();
1905
			/** This action is documented in class.jetpack.php */
1906
			do_action( 'updating_jetpack_version', $version, false );
1907
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1908
		}
1909
		list( $version ) = explode( ':', $version );
1910
1911
		$modules = array_filter( self::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1912
1913
		$modules_data = array();
1914
1915
		// Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1916
		if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1917
			$updated_modules = array();
1918
			foreach ( $modules as $module ) {
1919
				$modules_data[ $module ] = self::get_module( $module );
1920
				if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1921
					continue;
1922
				}
1923
1924
				if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1925
					continue;
1926
				}
1927
1928
				$updated_modules[] = $module;
1929
			}
1930
1931
			$modules = array_diff( $modules, $updated_modules );
1932
		}
1933
1934
		foreach ( $modules as $index => $module ) {
1935
			// If we're in dev mode, disable modules requiring a connection
1936
			if ( $is_development_mode ) {
1937
				// Prime the pump if we need to
1938
				if ( empty( $modules_data[ $module ] ) ) {
1939
					$modules_data[ $module ] = self::get_module( $module );
1940
				}
1941
				// If the module requires a connection, but we're in local mode, don't include it.
1942
				if ( $modules_data[ $module ]['requires_connection'] ) {
1943
					continue;
1944
				}
1945
			}
1946
1947
			if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1948
				continue;
1949
			}
1950
1951
			if ( ! include_once self::get_module_path( $module ) ) {
1952
				unset( $modules[ $index ] );
1953
				self::update_active_modules( array_values( $modules ) );
1954
				continue;
1955
			}
1956
1957
			/**
1958
			 * Fires when a specific module is loaded.
1959
			 * The dynamic part of the hook, $module, is the module slug.
1960
			 *
1961
			 * @since 1.1.0
1962
			 */
1963
			do_action( 'jetpack_module_loaded_' . $module );
1964
		}
1965
1966
		/**
1967
		 * Fires when all the modules are loaded.
1968
		 *
1969
		 * @since 1.1.0
1970
		 */
1971
		do_action( 'jetpack_modules_loaded' );
1972
1973
		// Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1974
		require_once JETPACK__PLUGIN_DIR . 'modules/module-extras.php';
1975
	}
1976
1977
	/**
1978
	 * Check if Jetpack's REST API compat file should be included
1979
	 *
1980
	 * @action plugins_loaded
1981
	 * @return null
1982
	 */
1983
	public function check_rest_api_compat() {
1984
		/**
1985
		 * Filters the list of REST API compat files to be included.
1986
		 *
1987
		 * @since 2.2.5
1988
		 *
1989
		 * @param array $args Array of REST API compat files to include.
1990
		 */
1991
		$_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1992
1993
		foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include ) {
1994
			require_once $_jetpack_rest_api_compat_include;
1995
		}
1996
	}
1997
1998
	/**
1999
	 * Gets all plugins currently active in values, regardless of whether they're
2000
	 * traditionally activated or network activated.
2001
	 *
2002
	 * @todo Store the result in core's object cache maybe?
2003
	 */
2004
	public static function get_active_plugins() {
2005
		$active_plugins = (array) get_option( 'active_plugins', array() );
2006
2007
		if ( is_multisite() ) {
2008
			// Due to legacy code, active_sitewide_plugins stores them in the keys,
2009
			// whereas active_plugins stores them in the values.
2010
			$network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
2011
			if ( $network_plugins ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $network_plugins of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
2012
				$active_plugins = array_merge( $active_plugins, $network_plugins );
2013
			}
2014
		}
2015
2016
		sort( $active_plugins );
2017
2018
		return array_unique( $active_plugins );
2019
	}
2020
2021
	/**
2022
	 * Gets and parses additional plugin data to send with the heartbeat data
2023
	 *
2024
	 * @since 3.8.1
2025
	 *
2026
	 * @return array Array of plugin data
2027
	 */
2028
	public static function get_parsed_plugin_data() {
2029
		if ( ! function_exists( 'get_plugins' ) ) {
2030
			require_once ABSPATH . 'wp-admin/includes/plugin.php';
2031
		}
2032
		/** This filter is documented in wp-admin/includes/class-wp-plugins-list-table.php */
2033
		$all_plugins    = apply_filters( 'all_plugins', get_plugins() );
2034
		$active_plugins = self::get_active_plugins();
2035
2036
		$plugins = array();
2037
		foreach ( $all_plugins as $path => $plugin_data ) {
2038
			$plugins[ $path ] = array(
2039
				'is_active' => in_array( $path, $active_plugins ),
2040
				'file'      => $path,
2041
				'name'      => $plugin_data['Name'],
2042
				'version'   => $plugin_data['Version'],
2043
				'author'    => $plugin_data['Author'],
2044
			);
2045
		}
2046
2047
		return $plugins;
2048
	}
2049
2050
	/**
2051
	 * Gets and parses theme data to send with the heartbeat data
2052
	 *
2053
	 * @since 3.8.1
2054
	 *
2055
	 * @return array Array of theme data
2056
	 */
2057
	public static function get_parsed_theme_data() {
2058
		$all_themes  = wp_get_themes( array( 'allowed' => true ) );
2059
		$header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
2060
2061
		$themes = array();
2062
		foreach ( $all_themes as $slug => $theme_data ) {
2063
			$theme_headers = array();
2064
			foreach ( $header_keys as $header_key ) {
2065
				$theme_headers[ $header_key ] = $theme_data->get( $header_key );
2066
			}
2067
2068
			$themes[ $slug ] = array(
2069
				'is_active_theme' => $slug == wp_get_theme()->get_template(),
2070
				'slug'            => $slug,
2071
				'theme_root'      => $theme_data->get_theme_root_uri(),
2072
				'parent'          => $theme_data->parent(),
2073
				'headers'         => $theme_headers,
2074
			);
2075
		}
2076
2077
		return $themes;
2078
	}
2079
2080
	/**
2081
	 * Checks whether a specific plugin is active.
2082
	 *
2083
	 * We don't want to store these in a static variable, in case
2084
	 * there are switch_to_blog() calls involved.
2085
	 */
2086
	public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
2087
		return in_array( $plugin, self::get_active_plugins() );
2088
	}
2089
2090
	/**
2091
	 * Check if Jetpack's Open Graph tags should be used.
2092
	 * If certain plugins are active, Jetpack's og tags are suppressed.
2093
	 *
2094
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
2095
	 * @action plugins_loaded
2096
	 * @return null
2097
	 */
2098
	public function check_open_graph() {
2099
		if ( in_array( 'publicize', self::get_active_modules() ) || in_array( 'sharedaddy', self::get_active_modules() ) ) {
2100
			add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
2101
		}
2102
2103
		$active_plugins = self::get_active_plugins();
2104
2105
		if ( ! empty( $active_plugins ) ) {
2106
			foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
2107
				if ( in_array( $plugin, $active_plugins ) ) {
2108
					add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
2109
					break;
2110
				}
2111
			}
2112
		}
2113
2114
		/**
2115
		 * Allow the addition of Open Graph Meta Tags to all pages.
2116
		 *
2117
		 * @since 2.0.3
2118
		 *
2119
		 * @param bool false Should Open Graph Meta tags be added. Default to false.
2120
		 */
2121
		if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
2122
			require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
2123
		}
2124
	}
2125
2126
	/**
2127
	 * Check if Jetpack's Twitter tags should be used.
2128
	 * If certain plugins are active, Jetpack's twitter tags are suppressed.
2129
	 *
2130
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
2131
	 * @action plugins_loaded
2132
	 * @return null
2133
	 */
2134
	public function check_twitter_tags() {
2135
2136
		$active_plugins = self::get_active_plugins();
2137
2138
		if ( ! empty( $active_plugins ) ) {
2139
			foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
2140
				if ( in_array( $plugin, $active_plugins ) ) {
2141
					add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
2142
					break;
2143
				}
2144
			}
2145
		}
2146
2147
		/**
2148
		 * Allow Twitter Card Meta tags to be disabled.
2149
		 *
2150
		 * @since 2.6.0
2151
		 *
2152
		 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
2153
		 */
2154
		if ( ! apply_filters( 'jetpack_disable_twitter_cards', false ) ) {
2155
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
2156
		}
2157
	}
2158
2159
	/**
2160
	 * Allows plugins to submit security reports.
2161
	 *
2162
	 * @param string $type         Report type (login_form, backup, file_scanning, spam)
2163
	 * @param string $plugin_file  Plugin __FILE__, so that we can pull plugin data
2164
	 * @param array  $args         See definitions above
2165
	 */
2166
	public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
2167
		_deprecated_function( __FUNCTION__, 'jetpack-4.2', null );
2168
	}
2169
2170
	/* Jetpack Options API */
2171
2172
	public static function get_option_names( $type = 'compact' ) {
2173
		return Jetpack_Options::get_option_names( $type );
2174
	}
2175
2176
	/**
2177
	 * Returns the requested option.  Looks in jetpack_options or jetpack_$name as appropriate.
2178
	 *
2179
	 * @param string $name    Option name
2180
	 * @param mixed  $default (optional)
2181
	 */
2182
	public static function get_option( $name, $default = false ) {
2183
		return Jetpack_Options::get_option( $name, $default );
2184
	}
2185
2186
	/**
2187
	 * Updates the single given option.  Updates jetpack_options or jetpack_$name as appropriate.
2188
	 *
2189
	 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
2190
	 * @param string $name  Option name
2191
	 * @param mixed  $value Option value
2192
	 */
2193
	public static function update_option( $name, $value ) {
2194
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
2195
		return Jetpack_Options::update_option( $name, $value );
2196
	}
2197
2198
	/**
2199
	 * Updates the multiple given options.  Updates jetpack_options and/or jetpack_$name as appropriate.
2200
	 *
2201
	 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
2202
	 * @param array $array array( option name => option value, ... )
2203
	 */
2204
	public static function update_options( $array ) {
2205
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
2206
		return Jetpack_Options::update_options( $array );
2207
	}
2208
2209
	/**
2210
	 * Deletes the given option.  May be passed multiple option names as an array.
2211
	 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
2212
	 *
2213
	 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
2214
	 * @param string|array $names
2215
	 */
2216
	public static function delete_option( $names ) {
2217
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
2218
		return Jetpack_Options::delete_option( $names );
2219
	}
2220
2221
	/**
2222
	 * @deprecated 8.0 Use Automattic\Jetpack\Connection\Utils::update_user_token() instead.
2223
	 *
2224
	 * Enters a user token into the user_tokens option
2225
	 *
2226
	 * @param int    $user_id The user id.
2227
	 * @param string $token The user token.
2228
	 * @param bool   $is_master_user Whether the user is the master user.
2229
	 * @return bool
2230
	 */
2231
	public static function update_user_token( $user_id, $token, $is_master_user ) {
2232
		_deprecated_function( __METHOD__, 'jetpack-8.0', 'Automattic\\Jetpack\\Connection\\Utils::update_user_token' );
2233
		return Connection_Utils::update_user_token( $user_id, $token, $is_master_user );
2234
	}
2235
2236
	/**
2237
	 * Returns an array of all PHP files in the specified absolute path.
2238
	 * Equivalent to glob( "$absolute_path/*.php" ).
2239
	 *
2240
	 * @param string $absolute_path The absolute path of the directory to search.
2241
	 * @return array Array of absolute paths to the PHP files.
2242
	 */
2243
	public static function glob_php( $absolute_path ) {
2244
		if ( function_exists( 'glob' ) ) {
2245
			return glob( "$absolute_path/*.php" );
2246
		}
2247
2248
		$absolute_path = untrailingslashit( $absolute_path );
2249
		$files         = array();
2250
		if ( ! $dir = @opendir( $absolute_path ) ) {
2251
			return $files;
2252
		}
2253
2254
		while ( false !== $file = readdir( $dir ) ) {
2255
			if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
2256
				continue;
2257
			}
2258
2259
			$file = "$absolute_path/$file";
2260
2261
			if ( ! is_file( $file ) ) {
2262
				continue;
2263
			}
2264
2265
			$files[] = $file;
2266
		}
2267
2268
		closedir( $dir );
2269
2270
		return $files;
2271
	}
2272
2273
	public static function activate_new_modules( $redirect = false ) {
2274
		if ( ! self::is_active() && ! ( new Status() )->is_development_mode() ) {
2275
			return;
2276
		}
2277
2278
		$jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
2279 View Code Duplication
		if ( ! $jetpack_old_version ) {
2280
			$jetpack_old_version = $version = $old_version = '1.1:' . time();
2281
			/** This action is documented in class.jetpack.php */
2282
			do_action( 'updating_jetpack_version', $version, false );
2283
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2284
		}
2285
2286
		list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
2287
2288
		if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
2289
			return;
2290
		}
2291
2292
		$active_modules     = self::get_active_modules();
2293
		$reactivate_modules = array();
2294
		foreach ( $active_modules as $active_module ) {
2295
			$module = self::get_module( $active_module );
2296
			if ( ! isset( $module['changed'] ) ) {
2297
				continue;
2298
			}
2299
2300
			if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
2301
				continue;
2302
			}
2303
2304
			$reactivate_modules[] = $active_module;
2305
			self::deactivate_module( $active_module );
2306
		}
2307
2308
		$new_version = JETPACK__VERSION . ':' . time();
2309
		/** This action is documented in class.jetpack.php */
2310
		do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
2311
		Jetpack_Options::update_options(
2312
			array(
2313
				'version'     => $new_version,
2314
				'old_version' => $jetpack_old_version,
2315
			)
2316
		);
2317
2318
		self::state( 'message', 'modules_activated' );
2319
		self::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules, $redirect );
0 ignored issues
show
JETPACK__VERSION is of type string, but the function expects a boolean.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
2320
2321
		if ( $redirect ) {
2322
			$page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
2323
			if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
2324
				$page = $_GET['page'];
2325
			}
2326
2327
			wp_safe_redirect( self::admin_url( 'page=' . $page ) );
2328
			exit;
2329
		}
2330
	}
2331
2332
	/**
2333
	 * List available Jetpack modules. Simply lists .php files in /modules/.
2334
	 * Make sure to tuck away module "library" files in a sub-directory.
2335
	 */
2336
	public static function get_available_modules( $min_version = false, $max_version = false ) {
2337
		static $modules = null;
2338
2339
		if ( ! isset( $modules ) ) {
2340
			$available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
2341
			// Use the cache if we're on the front-end and it's available...
2342
			if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
2343
				$modules = $available_modules_option[ JETPACK__VERSION ];
2344
			} else {
2345
				$files = self::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
2346
2347
				$modules = array();
2348
2349
				foreach ( $files as $file ) {
2350
					if ( ! $headers = self::get_module( $file ) ) {
2351
						continue;
2352
					}
2353
2354
					$modules[ self::get_module_slug( $file ) ] = $headers['introduced'];
2355
				}
2356
2357
				Jetpack_Options::update_option(
2358
					'available_modules',
2359
					array(
2360
						JETPACK__VERSION => $modules,
2361
					)
2362
				);
2363
			}
2364
		}
2365
2366
		/**
2367
		 * Filters the array of modules available to be activated.
2368
		 *
2369
		 * @since 2.4.0
2370
		 *
2371
		 * @param array $modules Array of available modules.
2372
		 * @param string $min_version Minimum version number required to use modules.
2373
		 * @param string $max_version Maximum version number required to use modules.
2374
		 */
2375
		$mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2376
2377
		if ( ! $min_version && ! $max_version ) {
2378
			return array_keys( $mods );
2379
		}
2380
2381
		$r = array();
2382
		foreach ( $mods as $slug => $introduced ) {
2383
			if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2384
				continue;
2385
			}
2386
2387
			if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2388
				continue;
2389
			}
2390
2391
			$r[] = $slug;
2392
		}
2393
2394
		return $r;
2395
	}
2396
2397
	/**
2398
	 * Default modules loaded on activation.
2399
	 */
2400
	public static function get_default_modules( $min_version = false, $max_version = false ) {
2401
		$return = array();
2402
2403
		foreach ( self::get_available_modules( $min_version, $max_version ) as $module ) {
2404
			$module_data = self::get_module( $module );
2405
2406
			switch ( strtolower( $module_data['auto_activate'] ) ) {
2407
				case 'yes':
2408
					$return[] = $module;
2409
					break;
2410
				case 'public':
2411
					if ( Jetpack_Options::get_option( 'public' ) ) {
2412
						$return[] = $module;
2413
					}
2414
					break;
2415
				case 'no':
2416
				default:
2417
					break;
2418
			}
2419
		}
2420
		/**
2421
		 * Filters the array of default modules.
2422
		 *
2423
		 * @since 2.5.0
2424
		 *
2425
		 * @param array $return Array of default modules.
2426
		 * @param string $min_version Minimum version number required to use modules.
2427
		 * @param string $max_version Maximum version number required to use modules.
2428
		 */
2429
		return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2430
	}
2431
2432
	/**
2433
	 * Checks activated modules during auto-activation to determine
2434
	 * if any of those modules are being deprecated.  If so, close
2435
	 * them out, and add any replacement modules.
2436
	 *
2437
	 * Runs at priority 99 by default.
2438
	 *
2439
	 * This is run late, so that it can still activate a module if
2440
	 * the new module is a replacement for another that the user
2441
	 * currently has active, even if something at the normal priority
2442
	 * would kibosh everything.
2443
	 *
2444
	 * @since 2.6
2445
	 * @uses jetpack_get_default_modules filter
2446
	 * @param array $modules
2447
	 * @return array
2448
	 */
2449
	function handle_deprecated_modules( $modules ) {
2450
		$deprecated_modules = array(
2451
			'debug'            => null,  // Closed out and moved to the debugger library.
2452
			'wpcc'             => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2453
			'gplus-authorship' => null,  // Closed out in 3.2 -- Google dropped support.
2454
			'minileven'        => null,  // Closed out in 8.3 -- Responsive themes are common now, and so is AMP.
2455
		);
2456
2457
		// Don't activate SSO if they never completed activating WPCC.
2458
		if ( self::is_module_active( 'wpcc' ) ) {
2459
			$wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2460
			if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2461
				$deprecated_modules['wpcc'] = null;
2462
			}
2463
		}
2464
2465
		foreach ( $deprecated_modules as $module => $replacement ) {
2466
			if ( self::is_module_active( $module ) ) {
2467
				self::deactivate_module( $module );
2468
				if ( $replacement ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $replacement of type null|string is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
2469
					$modules[] = $replacement;
2470
				}
2471
			}
2472
		}
2473
2474
		return array_unique( $modules );
2475
	}
2476
2477
	/**
2478
	 * Checks activated plugins during auto-activation to determine
2479
	 * if any of those plugins are in the list with a corresponding module
2480
	 * that is not compatible with the plugin. The module will not be allowed
2481
	 * to auto-activate.
2482
	 *
2483
	 * @since 2.6
2484
	 * @uses jetpack_get_default_modules filter
2485
	 * @param array $modules
2486
	 * @return array
2487
	 */
2488
	function filter_default_modules( $modules ) {
2489
2490
		$active_plugins = self::get_active_plugins();
2491
2492
		if ( ! empty( $active_plugins ) ) {
2493
2494
			// For each module we'd like to auto-activate...
2495
			foreach ( $modules as $key => $module ) {
2496
				// If there are potential conflicts for it...
2497
				if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2498
					// For each potential conflict...
2499
					foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2500
						// If that conflicting plugin is active...
2501
						if ( in_array( $plugin, $active_plugins ) ) {
2502
							// Remove that item from being auto-activated.
2503
							unset( $modules[ $key ] );
2504
						}
2505
					}
2506
				}
2507
			}
2508
		}
2509
2510
		return $modules;
2511
	}
2512
2513
	/**
2514
	 * Extract a module's slug from its full path.
2515
	 */
2516
	public static function get_module_slug( $file ) {
2517
		return str_replace( '.php', '', basename( $file ) );
2518
	}
2519
2520
	/**
2521
	 * Generate a module's path from its slug.
2522
	 */
2523
	public static function get_module_path( $slug ) {
2524
		/**
2525
		 * Filters the path of a modules.
2526
		 *
2527
		 * @since 7.4.0
2528
		 *
2529
		 * @param array $return The absolute path to a module's root php file
2530
		 * @param string $slug The module slug
2531
		 */
2532
		return apply_filters( 'jetpack_get_module_path', JETPACK__PLUGIN_DIR . "modules/$slug.php", $slug );
2533
	}
2534
2535
	/**
2536
	 * Load module data from module file. Headers differ from WordPress
2537
	 * plugin headers to avoid them being identified as standalone
2538
	 * plugins on the WordPress plugins page.
2539
	 */
2540
	public static function get_module( $module ) {
2541
		$headers = array(
2542
			'name'                      => 'Module Name',
2543
			'description'               => 'Module Description',
2544
			'sort'                      => 'Sort Order',
2545
			'recommendation_order'      => 'Recommendation Order',
2546
			'introduced'                => 'First Introduced',
2547
			'changed'                   => 'Major Changes In',
2548
			'deactivate'                => 'Deactivate',
2549
			'free'                      => 'Free',
2550
			'requires_connection'       => 'Requires Connection',
2551
			'auto_activate'             => 'Auto Activate',
2552
			'module_tags'               => 'Module Tags',
2553
			'feature'                   => 'Feature',
2554
			'additional_search_queries' => 'Additional Search Queries',
2555
			'plan_classes'              => 'Plans',
2556
		);
2557
2558
		$file = self::get_module_path( self::get_module_slug( $module ) );
2559
2560
		$mod = self::get_file_data( $file, $headers );
2561
		if ( empty( $mod['name'] ) ) {
2562
			return false;
2563
		}
2564
2565
		$mod['sort']                 = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2566
		$mod['recommendation_order'] = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2567
		$mod['deactivate']           = empty( $mod['deactivate'] );
2568
		$mod['free']                 = empty( $mod['free'] );
2569
		$mod['requires_connection']  = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2570
2571
		if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2572
			$mod['auto_activate'] = 'No';
2573
		} else {
2574
			$mod['auto_activate'] = (string) $mod['auto_activate'];
2575
		}
2576
2577
		if ( $mod['module_tags'] ) {
2578
			$mod['module_tags'] = explode( ',', $mod['module_tags'] );
2579
			$mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2580
			$mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2581
		} else {
2582
			$mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2583
		}
2584
2585 View Code Duplication
		if ( $mod['plan_classes'] ) {
2586
			$mod['plan_classes'] = explode( ',', $mod['plan_classes'] );
2587
			$mod['plan_classes'] = array_map( 'strtolower', array_map( 'trim', $mod['plan_classes'] ) );
2588
		} else {
2589
			$mod['plan_classes'] = array( 'free' );
2590
		}
2591
2592 View Code Duplication
		if ( $mod['feature'] ) {
2593
			$mod['feature'] = explode( ',', $mod['feature'] );
2594
			$mod['feature'] = array_map( 'trim', $mod['feature'] );
2595
		} else {
2596
			$mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2597
		}
2598
2599
		/**
2600
		 * Filters the feature array on a module.
2601
		 *
2602
		 * This filter allows you to control where each module is filtered: Recommended,
2603
		 * and the default "Other" listing.
2604
		 *
2605
		 * @since 3.5.0
2606
		 *
2607
		 * @param array   $mod['feature'] The areas to feature this module:
2608
		 *     'Recommended' shows on the main Jetpack admin screen.
2609
		 *     'Other' should be the default if no other value is in the array.
2610
		 * @param string  $module The slug of the module, e.g. sharedaddy.
2611
		 * @param array   $mod All the currently assembled module data.
2612
		 */
2613
		$mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2614
2615
		/**
2616
		 * Filter the returned data about a module.
2617
		 *
2618
		 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2619
		 * so please be careful.
2620
		 *
2621
		 * @since 3.6.0
2622
		 *
2623
		 * @param array   $mod    The details of the requested module.
2624
		 * @param string  $module The slug of the module, e.g. sharedaddy
2625
		 * @param string  $file   The path to the module source file.
2626
		 */
2627
		return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2628
	}
2629
2630
	/**
2631
	 * Like core's get_file_data implementation, but caches the result.
2632
	 */
2633
	public static function get_file_data( $file, $headers ) {
2634
		// Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2635
		$file_name = basename( $file );
2636
2637
		$cache_key = 'jetpack_file_data_' . JETPACK__VERSION;
2638
2639
		$file_data_option = get_transient( $cache_key );
2640
2641
		if ( ! is_array( $file_data_option ) ) {
2642
			delete_transient( $cache_key );
2643
			$file_data_option = false;
2644
		}
2645
2646
		if ( false === $file_data_option ) {
2647
			$file_data_option = array();
2648
		}
2649
2650
		$key           = md5( $file_name . serialize( $headers ) );
2651
		$refresh_cache = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2652
2653
		// If we don't need to refresh the cache, and already have the value, short-circuit!
2654
		if ( ! $refresh_cache && isset( $file_data_option[ $key ] ) ) {
2655
			return $file_data_option[ $key ];
2656
		}
2657
2658
		$data = get_file_data( $file, $headers );
2659
2660
		$file_data_option[ $key ] = $data;
2661
2662
		set_transient( $cache_key, $file_data_option, 29 * DAY_IN_SECONDS );
2663
2664
		return $data;
2665
	}
2666
2667
2668
	/**
2669
	 * Return translated module tag.
2670
	 *
2671
	 * @param string $tag Tag as it appears in each module heading.
2672
	 *
2673
	 * @return mixed
2674
	 */
2675
	public static function translate_module_tag( $tag ) {
2676
		return jetpack_get_module_i18n_tag( $tag );
2677
	}
2678
2679
	/**
2680
	 * Get i18n strings as a JSON-encoded string
2681
	 *
2682
	 * @return string The locale as JSON
2683
	 */
2684
	public static function get_i18n_data_json() {
2685
2686
		// WordPress 5.0 uses md5 hashes of file paths to associate translation
2687
		// JSON files with the file they should be included for. This is an md5
2688
		// of '_inc/build/admin.js'.
2689
		$path_md5 = '1bac79e646a8bf4081a5011ab72d5807';
2690
2691
		$i18n_json =
2692
				   JETPACK__PLUGIN_DIR
2693
				   . 'languages/json/jetpack-'
2694
				   . get_user_locale()
2695
				   . '-'
2696
				   . $path_md5
2697
				   . '.json';
2698
2699
		if ( is_file( $i18n_json ) && is_readable( $i18n_json ) ) {
2700
			$locale_data = @file_get_contents( $i18n_json );
2701
			if ( $locale_data ) {
2702
				return $locale_data;
2703
			}
2704
		}
2705
2706
		// Return valid empty Jed locale
2707
		return '{ "locale_data": { "messages": { "": {} } } }';
2708
	}
2709
2710
	/**
2711
	 * Add locale data setup to wp-i18n
2712
	 *
2713
	 * Any Jetpack script that depends on wp-i18n should use this method to set up the locale.
2714
	 *
2715
	 * The locale setup depends on an adding inline script. This is error-prone and could easily
2716
	 * result in multiple additions of the same script when exactly 0 or 1 is desireable.
2717
	 *
2718
	 * This method provides a safe way to request the setup multiple times but add the script at
2719
	 * most once.
2720
	 *
2721
	 * @since 6.7.0
2722
	 *
2723
	 * @return void
2724
	 */
2725
	public static function setup_wp_i18n_locale_data() {
2726
		static $script_added = false;
2727
		if ( ! $script_added ) {
2728
			$script_added = true;
2729
			wp_add_inline_script(
2730
				'wp-i18n',
2731
				'wp.i18n.setLocaleData( ' . self::get_i18n_data_json() . ', \'jetpack\' );'
2732
			);
2733
		}
2734
	}
2735
2736
	/**
2737
	 * Return module name translation. Uses matching string created in modules/module-headings.php.
2738
	 *
2739
	 * @since 3.9.2
2740
	 *
2741
	 * @param array $modules
2742
	 *
2743
	 * @return string|void
2744
	 */
2745
	public static function get_translated_modules( $modules ) {
2746
		foreach ( $modules as $index => $module ) {
2747
			$i18n_module = jetpack_get_module_i18n( $module['module'] );
2748
			if ( isset( $module['name'] ) ) {
2749
				$modules[ $index ]['name'] = $i18n_module['name'];
2750
			}
2751
			if ( isset( $module['description'] ) ) {
2752
				$modules[ $index ]['description']       = $i18n_module['description'];
2753
				$modules[ $index ]['short_description'] = $i18n_module['description'];
2754
			}
2755
		}
2756
		return $modules;
2757
	}
2758
2759
	/**
2760
	 * Get a list of activated modules as an array of module slugs.
2761
	 */
2762
	public static function get_active_modules() {
2763
		$active = Jetpack_Options::get_option( 'active_modules' );
2764
2765
		if ( ! is_array( $active ) ) {
2766
			$active = array();
2767
		}
2768
2769
		if ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) {
2770
			$active[] = 'vaultpress';
2771
		} else {
2772
			$active = array_diff( $active, array( 'vaultpress' ) );
2773
		}
2774
2775
		// If protect is active on the main site of a multisite, it should be active on all sites.
2776
		if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2777
			$active[] = 'protect';
2778
		}
2779
2780
		/**
2781
		 * Allow filtering of the active modules.
2782
		 *
2783
		 * Gives theme and plugin developers the power to alter the modules that
2784
		 * are activated on the fly.
2785
		 *
2786
		 * @since 5.8.0
2787
		 *
2788
		 * @param array $active Array of active module slugs.
2789
		 */
2790
		$active = apply_filters( 'jetpack_active_modules', $active );
2791
2792
		return array_unique( $active );
2793
	}
2794
2795
	/**
2796
	 * Check whether or not a Jetpack module is active.
2797
	 *
2798
	 * @param string $module The slug of a Jetpack module.
2799
	 * @return bool
2800
	 *
2801
	 * @static
2802
	 */
2803
	public static function is_module_active( $module ) {
2804
		return in_array( $module, self::get_active_modules() );
2805
	}
2806
2807
	public static function is_module( $module ) {
2808
		return ! empty( $module ) && ! validate_file( $module, self::get_available_modules() );
2809
	}
2810
2811
	/**
2812
	 * Catches PHP errors.  Must be used in conjunction with output buffering.
2813
	 *
2814
	 * @param bool $catch True to start catching, False to stop.
2815
	 *
2816
	 * @static
2817
	 */
2818
	public static function catch_errors( $catch ) {
2819
		static $display_errors, $error_reporting;
2820
2821
		if ( $catch ) {
2822
			$display_errors  = @ini_set( 'display_errors', 1 );
2823
			$error_reporting = @error_reporting( E_ALL );
2824
			add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2825
		} else {
2826
			@ini_set( 'display_errors', $display_errors );
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
2827
			@error_reporting( $error_reporting );
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
2828
			remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2829
		}
2830
	}
2831
2832
	/**
2833
	 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2834
	 */
2835
	public static function catch_errors_on_shutdown() {
2836
		self::state( 'php_errors', self::alias_directories( ob_get_clean() ) );
2837
	}
2838
2839
	/**
2840
	 * Rewrite any string to make paths easier to read.
2841
	 *
2842
	 * Rewrites ABSPATH (eg `/home/jetpack/wordpress/`) to ABSPATH, and if WP_CONTENT_DIR
2843
	 * is located outside of ABSPATH, rewrites that to WP_CONTENT_DIR.
2844
	 *
2845
	 * @param $string
2846
	 * @return mixed
2847
	 */
2848
	public static function alias_directories( $string ) {
2849
		// ABSPATH has a trailing slash.
2850
		$string = str_replace( ABSPATH, 'ABSPATH/', $string );
2851
		// WP_CONTENT_DIR does not have a trailing slash.
2852
		$string = str_replace( WP_CONTENT_DIR, 'WP_CONTENT_DIR', $string );
2853
2854
		return $string;
2855
	}
2856
2857
	public static function activate_default_modules(
2858
		$min_version = false,
2859
		$max_version = false,
2860
		$other_modules = array(),
2861
		$redirect = null,
2862
		$send_state_messages = null
2863
	) {
2864
		$jetpack = self::init();
2865
2866
		if ( is_null( $redirect ) ) {
2867
			if (
2868
				( defined( 'REST_REQUEST' ) && REST_REQUEST )
2869
			||
2870
				( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST )
2871
			||
2872
				( defined( 'WP_CLI' ) && WP_CLI )
2873
			||
2874
				( defined( 'DOING_CRON' ) && DOING_CRON )
2875
			||
2876
				( defined( 'DOING_AJAX' ) && DOING_AJAX )
2877
			) {
2878
				$redirect = false;
2879
			} elseif ( is_admin() ) {
2880
				$redirect = true;
2881
			} else {
2882
				$redirect = false;
2883
			}
2884
		}
2885
2886
		if ( is_null( $send_state_messages ) ) {
2887
			$send_state_messages = current_user_can( 'jetpack_activate_modules' );
2888
		}
2889
2890
		$modules = self::get_default_modules( $min_version, $max_version );
2891
		$modules = array_merge( $other_modules, $modules );
2892
2893
		// Look for standalone plugins and disable if active.
2894
2895
		$to_deactivate = array();
2896
		foreach ( $modules as $module ) {
2897
			if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2898
				$to_deactivate[ $module ] = $jetpack->plugins_to_deactivate[ $module ];
2899
			}
2900
		}
2901
2902
		$deactivated = array();
2903
		foreach ( $to_deactivate as $module => $deactivate_me ) {
2904
			list( $probable_file, $probable_title ) = $deactivate_me;
2905
			if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2906
				$deactivated[] = $module;
2907
			}
2908
		}
2909
2910
		if ( $deactivated ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $deactivated of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
2911
			if ( $send_state_messages ) {
2912
				self::state( 'deactivated_plugins', join( ',', $deactivated ) );
2913
			}
2914
2915
			if ( $redirect ) {
2916
				$url = add_query_arg(
2917
					array(
2918
						'action'   => 'activate_default_modules',
2919
						'_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2920
					),
2921
					add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), self::admin_url( 'page=jetpack' ) )
2922
				);
2923
				wp_safe_redirect( $url );
2924
				exit;
2925
			}
2926
		}
2927
2928
		/**
2929
		 * Fires before default modules are activated.
2930
		 *
2931
		 * @since 1.9.0
2932
		 *
2933
		 * @param string $min_version Minimum version number required to use modules.
2934
		 * @param string $max_version Maximum version number required to use modules.
2935
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2936
		 */
2937
		do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2938
2939
		// Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2940
		if ( $send_state_messages ) {
2941
			self::restate();
2942
			self::catch_errors( true );
2943
		}
2944
2945
		$active = self::get_active_modules();
2946
2947
		foreach ( $modules as $module ) {
2948
			if ( did_action( "jetpack_module_loaded_$module" ) ) {
2949
				$active[] = $module;
2950
				self::update_active_modules( $active );
2951
				continue;
2952
			}
2953
2954
			if ( $send_state_messages && in_array( $module, $active ) ) {
2955
				$module_info = self::get_module( $module );
2956 View Code Duplication
				if ( ! $module_info['deactivate'] ) {
2957
					$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2958
					if ( $active_state = self::state( $state ) ) {
2959
						$active_state = explode( ',', $active_state );
2960
					} else {
2961
						$active_state = array();
2962
					}
2963
					$active_state[] = $module;
2964
					self::state( $state, implode( ',', $active_state ) );
2965
				}
2966
				continue;
2967
			}
2968
2969
			$file = self::get_module_path( $module );
2970
			if ( ! file_exists( $file ) ) {
2971
				continue;
2972
			}
2973
2974
			// we'll override this later if the plugin can be included without fatal error
2975
			if ( $redirect ) {
2976
				wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
2977
			}
2978
2979
			if ( $send_state_messages ) {
2980
				self::state( 'error', 'module_activation_failed' );
2981
				self::state( 'module', $module );
2982
			}
2983
2984
			ob_start();
2985
			require_once $file;
2986
2987
			$active[] = $module;
2988
2989 View Code Duplication
			if ( $send_state_messages ) {
2990
2991
				$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2992
				if ( $active_state = self::state( $state ) ) {
2993
					$active_state = explode( ',', $active_state );
2994
				} else {
2995
					$active_state = array();
2996
				}
2997
				$active_state[] = $module;
2998
				self::state( $state, implode( ',', $active_state ) );
2999
			}
3000
3001
			self::update_active_modules( $active );
3002
3003
			ob_end_clean();
3004
		}
3005
3006
		if ( $send_state_messages ) {
3007
			self::state( 'error', false );
0 ignored issues
show
false is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
3008
			self::state( 'module', false );
0 ignored issues
show
false is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
3009
		}
3010
3011
		self::catch_errors( false );
3012
		/**
3013
		 * Fires when default modules are activated.
3014
		 *
3015
		 * @since 1.9.0
3016
		 *
3017
		 * @param string $min_version Minimum version number required to use modules.
3018
		 * @param string $max_version Maximum version number required to use modules.
3019
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
3020
		 */
3021
		do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
3022
	}
3023
3024
	public static function activate_module( $module, $exit = true, $redirect = true ) {
3025
		/**
3026
		 * Fires before a module is activated.
3027
		 *
3028
		 * @since 2.6.0
3029
		 *
3030
		 * @param string $module Module slug.
3031
		 * @param bool $exit Should we exit after the module has been activated. Default to true.
3032
		 * @param bool $redirect Should the user be redirected after module activation? Default to true.
3033
		 */
3034
		do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
3035
3036
		$jetpack = self::init();
3037
3038
		if ( ! strlen( $module ) ) {
3039
			return false;
3040
		}
3041
3042
		if ( ! self::is_module( $module ) ) {
3043
			return false;
3044
		}
3045
3046
		// If it's already active, then don't do it again
3047
		$active = self::get_active_modules();
3048
		foreach ( $active as $act ) {
3049
			if ( $act == $module ) {
3050
				return true;
3051
			}
3052
		}
3053
3054
		$module_data = self::get_module( $module );
3055
3056
		$is_development_mode = ( new Status() )->is_development_mode();
3057
		if ( ! self::is_active() ) {
3058
			if ( ! $is_development_mode && ! self::is_onboarding() ) {
3059
				return false;
3060
			}
3061
3062
			// If we're not connected but in development mode, make sure the module doesn't require a connection
3063
			if ( $is_development_mode && $module_data['requires_connection'] ) {
3064
				return false;
3065
			}
3066
		}
3067
3068
		// Check and see if the old plugin is active
3069
		if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
3070
			// Deactivate the old plugin
3071
			if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
3072
				// If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
3073
				// We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
3074
				self::state( 'deactivated_plugins', $module );
3075
				wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
3076
				exit;
3077
			}
3078
		}
3079
3080
		// Protect won't work with mis-configured IPs
3081
		if ( 'protect' === $module ) {
3082
			include_once JETPACK__PLUGIN_DIR . 'modules/protect/shared-functions.php';
3083
			if ( ! jetpack_protect_get_ip() ) {
3084
				self::state( 'message', 'protect_misconfigured_ip' );
3085
				return false;
3086
			}
3087
		}
3088
3089
		if ( ! Jetpack_Plan::supports( $module ) ) {
3090
			return false;
3091
		}
3092
3093
		// Check the file for fatal errors, a la wp-admin/plugins.php::activate
3094
		self::state( 'module', $module );
3095
		self::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
3096
3097
		self::catch_errors( true );
3098
		ob_start();
3099
		require self::get_module_path( $module );
3100
		/** This action is documented in class.jetpack.php */
3101
		do_action( 'jetpack_activate_module', $module );
3102
		$active[] = $module;
3103
		self::update_active_modules( $active );
3104
3105
		self::state( 'error', false ); // the override
0 ignored issues
show
false is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
3106
		ob_end_clean();
3107
		self::catch_errors( false );
3108
3109
		if ( $redirect ) {
3110
			wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
3111
		}
3112
		if ( $exit ) {
3113
			exit;
3114
		}
3115
		return true;
3116
	}
3117
3118
	function activate_module_actions( $module ) {
3119
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
3120
	}
3121
3122
	public static function deactivate_module( $module ) {
3123
		/**
3124
		 * Fires when a module is deactivated.
3125
		 *
3126
		 * @since 1.9.0
3127
		 *
3128
		 * @param string $module Module slug.
3129
		 */
3130
		do_action( 'jetpack_pre_deactivate_module', $module );
3131
3132
		$jetpack = self::init();
0 ignored issues
show
$jetpack is not used, you could remove the assignment.

This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.

$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

Both the $myVar assignment in line 1 and the $higher assignment in line 2 are dead. The first because $myVar is never used and the second because $higher is always overwritten for every possible time line.

Loading history...
3133
3134
		$active = self::get_active_modules();
3135
		$new    = array_filter( array_diff( $active, (array) $module ) );
3136
3137
		return self::update_active_modules( $new );
3138
	}
3139
3140
	public static function enable_module_configurable( $module ) {
3141
		$module = self::get_module_slug( $module );
3142
		add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
3143
	}
3144
3145
	/**
3146
	 * Composes a module configure URL. It uses Jetpack settings search as default value
3147
	 * It is possible to redefine resulting URL by using "jetpack_module_configuration_url_$module" filter
3148
	 *
3149
	 * @param string $module Module slug
3150
	 * @return string $url module configuration URL
3151
	 */
3152
	public static function module_configuration_url( $module ) {
3153
		$module      = self::get_module_slug( $module );
3154
		$default_url = self::admin_url() . "#/settings?term=$module";
3155
		/**
3156
		 * Allows to modify configure_url of specific module to be able to redirect to some custom location.
3157
		 *
3158
		 * @since 6.9.0
3159
		 *
3160
		 * @param string $default_url Default url, which redirects to jetpack settings page.
3161
		 */
3162
		$url = apply_filters( 'jetpack_module_configuration_url_' . $module, $default_url );
3163
3164
		return $url;
3165
	}
3166
3167
	/* Installation */
3168
	public static function bail_on_activation( $message, $deactivate = true ) {
3169
		?>
3170
<!doctype html>
3171
<html>
3172
<head>
3173
<meta charset="<?php bloginfo( 'charset' ); ?>">
3174
<style>
3175
* {
3176
	text-align: center;
3177
	margin: 0;
3178
	padding: 0;
3179
	font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
3180
}
3181
p {
3182
	margin-top: 1em;
3183
	font-size: 18px;
3184
}
3185
</style>
3186
<body>
3187
<p><?php echo esc_html( $message ); ?></p>
3188
</body>
3189
</html>
3190
		<?php
3191
		if ( $deactivate ) {
3192
			$plugins = get_option( 'active_plugins' );
3193
			$jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
3194
			$update  = false;
3195
			foreach ( $plugins as $i => $plugin ) {
3196
				if ( $plugin === $jetpack ) {
3197
					$plugins[ $i ] = false;
3198
					$update        = true;
3199
				}
3200
			}
3201
3202
			if ( $update ) {
3203
				update_option( 'active_plugins', array_filter( $plugins ) );
3204
			}
3205
		}
3206
		exit;
3207
	}
3208
3209
	/**
3210
	 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
3211
	 *
3212
	 * @static
3213
	 */
3214
	public static function plugin_activation( $network_wide ) {
3215
		Jetpack_Options::update_option( 'activated', 1 );
3216
3217
		if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
3218
			self::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
3219
		}
3220
3221
		if ( $network_wide ) {
3222
			self::state( 'network_nag', true );
0 ignored issues
show
true is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
3223
		}
3224
3225
		// For firing one-off events (notices) immediately after activation
3226
		set_transient( 'activated_jetpack', true, .1 * MINUTE_IN_SECONDS );
3227
3228
		update_option( 'jetpack_activation_source', self::get_activation_source( wp_get_referer() ) );
3229
3230
		Health::on_jetpack_activated();
3231
3232
		self::plugin_initialize();
3233
	}
3234
3235
	public static function get_activation_source( $referer_url ) {
3236
3237
		if ( defined( 'WP_CLI' ) && WP_CLI ) {
3238
			return array( 'wp-cli', null );
3239
		}
3240
3241
		$referer = wp_parse_url( $referer_url );
3242
3243
		$source_type  = 'unknown';
3244
		$source_query = null;
3245
3246
		if ( ! is_array( $referer ) ) {
3247
			return array( $source_type, $source_query );
3248
		}
3249
3250
		$plugins_path         = wp_parse_url( admin_url( 'plugins.php' ), PHP_URL_PATH );
3251
		$plugins_install_path = wp_parse_url( admin_url( 'plugin-install.php' ), PHP_URL_PATH );// /wp-admin/plugin-install.php
3252
3253
		if ( isset( $referer['query'] ) ) {
3254
			parse_str( $referer['query'], $query_parts );
3255
		} else {
3256
			$query_parts = array();
3257
		}
3258
3259
		if ( $plugins_path === $referer['path'] ) {
3260
			$source_type = 'list';
3261
		} elseif ( $plugins_install_path === $referer['path'] ) {
3262
			$tab = isset( $query_parts['tab'] ) ? $query_parts['tab'] : 'featured';
3263
			switch ( $tab ) {
3264
				case 'popular':
3265
					$source_type = 'popular';
3266
					break;
3267
				case 'recommended':
3268
					$source_type = 'recommended';
3269
					break;
3270
				case 'favorites':
3271
					$source_type = 'favorites';
3272
					break;
3273
				case 'search':
3274
					$source_type  = 'search-' . ( isset( $query_parts['type'] ) ? $query_parts['type'] : 'term' );
3275
					$source_query = isset( $query_parts['s'] ) ? $query_parts['s'] : null;
3276
					break;
3277
				default:
3278
					$source_type = 'featured';
3279
			}
3280
		}
3281
3282
		return array( $source_type, $source_query );
3283
	}
3284
3285
	/**
3286
	 * Runs before bumping version numbers up to a new version
3287
	 *
3288
	 * @param  string $version    Version:timestamp
3289
	 * @param  string $old_version Old Version:timestamp or false if not set yet.
3290
	 * @return null              [description]
3291
	 */
3292
	public static function do_version_bump( $version, $old_version ) {
3293
		if ( ! $old_version ) { // For new sites
3294
			// There used to be stuff here, but this seems like it might  be useful to someone in the future...
3295
		}
3296
	}
3297
3298
	/**
3299
	 * Sets the internal version number and activation state.
3300
	 *
3301
	 * @static
3302
	 */
3303
	public static function plugin_initialize() {
3304
		if ( ! Jetpack_Options::get_option( 'activated' ) ) {
3305
			Jetpack_Options::update_option( 'activated', 2 );
3306
		}
3307
3308 View Code Duplication
		if ( ! Jetpack_Options::get_option( 'version' ) ) {
3309
			$version = $old_version = JETPACK__VERSION . ':' . time();
3310
			/** This action is documented in class.jetpack.php */
3311
			do_action( 'updating_jetpack_version', $version, false );
3312
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
3313
		}
3314
3315
		self::load_modules();
3316
3317
		Jetpack_Options::delete_option( 'do_activate' );
3318
		Jetpack_Options::delete_option( 'dismissed_connection_banner' );
3319
	}
3320
3321
	/**
3322
	 * Removes all connection options
3323
	 *
3324
	 * @static
3325
	 */
3326
	public static function plugin_deactivation() {
3327
		require_once ABSPATH . '/wp-admin/includes/plugin.php';
3328
		if ( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
3329
			Jetpack_Network::init()->deactivate();
3330
		} else {
3331
			self::disconnect( false );
3332
			// Jetpack_Heartbeat::init()->deactivate();
3333
		}
3334
	}
3335
3336
	/**
3337
	 * Disconnects from the Jetpack servers.
3338
	 * Forgets all connection details and tells the Jetpack servers to do the same.
3339
	 *
3340
	 * @static
3341
	 */
3342
	public static function disconnect( $update_activated_state = true ) {
3343
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
3344
		$connection = self::connection();
3345
		$connection->clean_nonces( true );
3346
3347
		// If the site is in an IDC because sync is not allowed,
3348
		// let's make sure to not disconnect the production site.
3349
		if ( ! self::validate_sync_error_idc_option() ) {
3350
			$tracking = new Tracking();
3351
			$tracking->record_user_event( 'disconnect_site', array() );
3352
3353
			$connection->disconnect_site_wpcom();
3354
		}
3355
3356
		$connection->delete_all_connection_tokens();
3357
		Jetpack_IDC::clear_all_idc_options();
3358
3359
		if ( $update_activated_state ) {
3360
			Jetpack_Options::update_option( 'activated', 4 );
3361
		}
3362
3363
		if ( $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' ) ) {
3364
			// Check then record unique disconnection if site has never been disconnected previously
3365
			if ( - 1 == $jetpack_unique_connection['disconnected'] ) {
3366
				$jetpack_unique_connection['disconnected'] = 1;
3367
			} else {
3368
				if ( 0 == $jetpack_unique_connection['disconnected'] ) {
3369
					// track unique disconnect
3370
					$jetpack = self::init();
3371
3372
					$jetpack->stat( 'connections', 'unique-disconnect' );
3373
					$jetpack->do_stats( 'server_side' );
3374
				}
3375
				// increment number of times disconnected
3376
				$jetpack_unique_connection['disconnected'] += 1;
3377
			}
3378
3379
			Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
3380
		}
3381
3382
		// Delete all the sync related data. Since it could be taking up space.
3383
		Sender::get_instance()->uninstall();
3384
3385
		// Disable the Heartbeat cron
3386
		Jetpack_Heartbeat::init()->deactivate();
3387
	}
3388
3389
	/**
3390
	 * Unlinks the current user from the linked WordPress.com user.
3391
	 *
3392
	 * @deprecated since 7.7
3393
	 * @see Automattic\Jetpack\Connection\Manager::disconnect_user()
3394
	 *
3395
	 * @param Integer $user_id the user identifier.
0 ignored issues
show
Should the type for parameter $user_id not be integer|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
3396
	 * @return Boolean Whether the disconnection of the user was successful.
3397
	 */
3398
	public static function unlink_user( $user_id = null ) {
3399
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::disconnect_user' );
3400
		return Connection_Manager::disconnect_user( $user_id );
3401
	}
3402
3403
	/**
3404
	 * Attempts Jetpack registration.  If it fail, a state flag is set: @see ::admin_page_load()
3405
	 */
3406
	public static function try_registration() {
3407
		$terms_of_service = new Terms_Of_Service();
3408
		// The user has agreed to the TOS at some point by now.
3409
		$terms_of_service->agree();
3410
3411
		// Let's get some testing in beta versions and such.
3412
		if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
3413
			// Before attempting to connect, let's make sure that the domains are viable.
3414
			$domains_to_check = array_unique(
3415
				array(
3416
					'siteurl' => wp_parse_url( get_site_url(), PHP_URL_HOST ),
3417
					'homeurl' => wp_parse_url( get_home_url(), PHP_URL_HOST ),
3418
				)
3419
			);
3420
			foreach ( $domains_to_check as $domain ) {
3421
				$result = self::connection()->is_usable_domain( $domain );
3422
				if ( is_wp_error( $result ) ) {
3423
					return $result;
3424
				}
3425
			}
3426
		}
3427
3428
		$result = self::register();
3429
3430
		// If there was an error with registration and the site was not registered, record this so we can show a message.
3431
		if ( ! $result || is_wp_error( $result ) ) {
3432
			return $result;
3433
		} else {
3434
			return true;
3435
		}
3436
	}
3437
3438
	/**
3439
	 * Tracking an internal event log. Try not to put too much chaff in here.
3440
	 *
3441
	 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
3442
	 */
3443
	public static function log( $code, $data = null ) {
3444
		// only grab the latest 200 entries
3445
		$log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
3446
3447
		// Append our event to the log
3448
		$log_entry = array(
3449
			'time'    => time(),
3450
			'user_id' => get_current_user_id(),
3451
			'blog_id' => Jetpack_Options::get_option( 'id' ),
3452
			'code'    => $code,
3453
		);
3454
		// Don't bother storing it unless we've got some.
3455
		if ( ! is_null( $data ) ) {
3456
			$log_entry['data'] = $data;
3457
		}
3458
		$log[] = $log_entry;
3459
3460
		// Try add_option first, to make sure it's not autoloaded.
3461
		// @todo: Add an add_option method to Jetpack_Options
3462
		if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
3463
			Jetpack_Options::update_option( 'log', $log );
3464
		}
3465
3466
		/**
3467
		 * Fires when Jetpack logs an internal event.
3468
		 *
3469
		 * @since 3.0.0
3470
		 *
3471
		 * @param array $log_entry {
3472
		 *  Array of details about the log entry.
3473
		 *
3474
		 *  @param string time Time of the event.
3475
		 *  @param int user_id ID of the user who trigerred the event.
3476
		 *  @param int blog_id Jetpack Blog ID.
3477
		 *  @param string code Unique name for the event.
3478
		 *  @param string data Data about the event.
3479
		 * }
3480
		 */
3481
		do_action( 'jetpack_log_entry', $log_entry );
3482
	}
3483
3484
	/**
3485
	 * Get the internal event log.
3486
	 *
3487
	 * @param $event (string) - only return the specific log events
3488
	 * @param $num   (int)    - get specific number of latest results, limited to 200
3489
	 *
3490
	 * @return array of log events || WP_Error for invalid params
3491
	 */
3492
	public static function get_log( $event = false, $num = false ) {
3493
		if ( $event && ! is_string( $event ) ) {
3494
			return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
0 ignored issues
show
The call to WP_Error::__construct() has too many arguments starting with __('First param must be ...g or empty', 'jetpack').

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3495
		}
3496
3497
		if ( $num && ! is_numeric( $num ) ) {
3498
			return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
0 ignored issues
show
The call to WP_Error::__construct() has too many arguments starting with __('Second param must be...c or empty', 'jetpack').

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3499
		}
3500
3501
		$entire_log = Jetpack_Options::get_option( 'log', array() );
3502
3503
		// If nothing set - act as it did before, otherwise let's start customizing the output
3504
		if ( ! $num && ! $event ) {
3505
			return $entire_log;
3506
		} else {
3507
			$entire_log = array_reverse( $entire_log );
3508
		}
3509
3510
		$custom_log_output = array();
3511
3512
		if ( $event ) {
3513
			foreach ( $entire_log as $log_event ) {
3514
				if ( $event == $log_event['code'] ) {
3515
					$custom_log_output[] = $log_event;
3516
				}
3517
			}
3518
		} else {
3519
			$custom_log_output = $entire_log;
3520
		}
3521
3522
		if ( $num ) {
3523
			$custom_log_output = array_slice( $custom_log_output, 0, $num );
3524
		}
3525
3526
		return $custom_log_output;
3527
	}
3528
3529
	/**
3530
	 * Log modification of important settings.
3531
	 */
3532
	public static function log_settings_change( $option, $old_value, $value ) {
3533
		switch ( $option ) {
3534
			case 'jetpack_sync_non_public_post_stati':
3535
				self::log( $option, $value );
3536
				break;
3537
		}
3538
	}
3539
3540
	/**
3541
	 * Return stat data for WPCOM sync
3542
	 */
3543
	public static function get_stat_data( $encode = true, $extended = true ) {
3544
		$data = Jetpack_Heartbeat::generate_stats_array();
3545
3546
		if ( $extended ) {
3547
			$additional_data = self::get_additional_stat_data();
3548
			$data            = array_merge( $data, $additional_data );
3549
		}
3550
3551
		if ( $encode ) {
3552
			return json_encode( $data );
3553
		}
3554
3555
		return $data;
3556
	}
3557
3558
	/**
3559
	 * Get additional stat data to sync to WPCOM
3560
	 */
3561
	public static function get_additional_stat_data( $prefix = '' ) {
3562
		$return[ "{$prefix}themes" ]        = self::get_parsed_theme_data();
0 ignored issues
show
Coding Style Comprehensibility introduced by
$return was never initialized. Although not strictly required by PHP, it is generally a good practice to add $return = array(); before regardless.

Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code.

Let’s take a look at an example:

foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}

As you can see in this example, the array $myArray is initialized the first time when the foreach loop is entered. You can also see that the value of the bar key is only written conditionally; thus, its value might result from a previous iteration.

This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.

Loading history...
3563
		$return[ "{$prefix}plugins-extra" ] = self::get_parsed_plugin_data();
3564
		$return[ "{$prefix}users" ]         = (int) self::get_site_user_count();
3565
		$return[ "{$prefix}site-count" ]    = 0;
3566
3567
		if ( function_exists( 'get_blog_count' ) ) {
3568
			$return[ "{$prefix}site-count" ] = get_blog_count();
3569
		}
3570
		return $return;
3571
	}
3572
3573
	private static function get_site_user_count() {
3574
		global $wpdb;
3575
3576
		if ( function_exists( 'wp_is_large_network' ) ) {
3577
			if ( wp_is_large_network( 'users' ) ) {
3578
				return -1; // Not a real value but should tell us that we are dealing with a large network.
3579
			}
3580
		}
3581
		if ( false === ( $user_count = get_transient( 'jetpack_site_user_count' ) ) ) {
3582
			// It wasn't there, so regenerate the data and save the transient
3583
			$user_count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities'" );
3584
			set_transient( 'jetpack_site_user_count', $user_count, DAY_IN_SECONDS );
3585
		}
3586
		return $user_count;
3587
	}
3588
3589
	/* Admin Pages */
3590
3591
	function admin_init() {
3592
		// If the plugin is not connected, display a connect message.
3593
		if (
3594
			// the plugin was auto-activated and needs its candy
3595
			Jetpack_Options::get_option_and_ensure_autoload( 'do_activate', '0' )
3596
		||
3597
			// the plugin is active, but was never activated.  Probably came from a site-wide network activation
3598
			! Jetpack_Options::get_option( 'activated' )
3599
		) {
3600
			self::plugin_initialize();
3601
		}
3602
3603
		$is_development_mode = ( new Status() )->is_development_mode();
3604
		if ( ! self::is_active() && ! $is_development_mode ) {
3605
			Jetpack_Connection_Banner::init();
3606
		} elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3607
			// Upgrade: 1.1 -> 1.1.1
3608
			// Check and see if host can verify the Jetpack servers' SSL certificate
3609
			$args       = array();
3610
			$connection = self::connection();
3611
			Client::_wp_remote_request(
3612
				Connection_Utils::fix_url_for_bad_hosts( $connection->api_url( 'test' ) ),
3613
				$args,
3614
				true
3615
			);
3616
		}
3617
3618
		if ( current_user_can( 'manage_options' ) && 'AUTO' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3619
			add_action( 'jetpack_notices', array( $this, 'alert_auto_ssl_fail' ) );
3620
		}
3621
3622
		add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3623
		add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3624
		add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3625
3626
		if ( self::is_active() || $is_development_mode ) {
3627
			// Artificially throw errors in certain whitelisted cases during plugin activation
3628
			add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3629
		}
3630
3631
		// Add custom column in wp-admin/users.php to show whether user is linked.
3632
		add_filter( 'manage_users_columns', array( $this, 'jetpack_icon_user_connected' ) );
3633
		add_action( 'manage_users_custom_column', array( $this, 'jetpack_show_user_connected_icon' ), 10, 3 );
3634
		add_action( 'admin_print_styles', array( $this, 'jetpack_user_col_style' ) );
3635
	}
3636
3637
	function admin_body_class( $admin_body_class = '' ) {
3638
		$classes = explode( ' ', trim( $admin_body_class ) );
3639
3640
		$classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3641
3642
		$admin_body_class = implode( ' ', array_unique( $classes ) );
3643
		return " $admin_body_class ";
3644
	}
3645
3646
	static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3647
		return $admin_body_class . ' jetpack-pagestyles ';
3648
	}
3649
3650
	/**
3651
	 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3652
	 * This function artificially throws errors for such cases (whitelisted).
3653
	 *
3654
	 * @param string $plugin The activated plugin.
3655
	 */
3656
	function throw_error_on_activate_plugin( $plugin ) {
3657
		$active_modules = self::get_active_modules();
3658
3659
		// The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3660
		if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3661
			$throw = false;
3662
3663
			// Try and make sure it really was the stats plugin
3664
			if ( ! class_exists( 'ReflectionFunction' ) ) {
3665
				if ( 'stats.php' == basename( $plugin ) ) {
3666
					$throw = true;
3667
				}
3668
			} else {
3669
				$reflection = new ReflectionFunction( 'stats_get_api_key' );
3670
				if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3671
					$throw = true;
3672
				}
3673
			}
3674
3675
			if ( $throw ) {
3676
				trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3677
			}
3678
		}
3679
	}
3680
3681
	function intercept_plugin_error_scrape_init() {
3682
		add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3683
	}
3684
3685
	function intercept_plugin_error_scrape( $action, $result ) {
3686
		if ( ! $result ) {
3687
			return;
3688
		}
3689
3690
		foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3691
			if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3692
				self::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3693
			}
3694
		}
3695
	}
3696
3697
	/**
3698
	 * Register the remote file upload request handlers, if needed.
3699
	 *
3700
	 * @access public
3701
	 */
3702
	public function add_remote_request_handlers() {
3703
		// Remote file uploads are allowed only via AJAX requests.
3704
		if ( ! is_admin() || ! Constants::get_constant( 'DOING_AJAX' ) ) {
3705
			return;
3706
		}
3707
3708
		// Remote file uploads are allowed only for a set of specific AJAX actions.
3709
		$remote_request_actions = array(
3710
			'jetpack_upload_file',
3711
			'jetpack_update_file',
3712
		);
3713
3714
		// phpcs:ignore WordPress.Security.NonceVerification
3715
		if ( ! isset( $_POST['action'] ) || ! in_array( $_POST['action'], $remote_request_actions, true ) ) {
3716
			return;
3717
		}
3718
3719
		// Require Jetpack authentication for the remote file upload AJAX requests.
3720
		if ( ! $this->connection_manager ) {
3721
			$this->connection_manager = new Connection_Manager();
3722
		}
3723
3724
		$this->connection_manager->require_jetpack_authentication();
3725
3726
		// Register the remote file upload AJAX handlers.
3727
		foreach ( $remote_request_actions as $action ) {
3728
			add_action( "wp_ajax_nopriv_{$action}", array( $this, 'remote_request_handlers' ) );
3729
		}
3730
	}
3731
3732
	/**
3733
	 * Handler for Jetpack remote file uploads.
3734
	 *
3735
	 * @access public
3736
	 */
3737
	public function remote_request_handlers() {
3738
		$action = current_filter();
0 ignored issues
show
$action is not used, you could remove the assignment.

This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.

$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

Both the $myVar assignment in line 1 and the $higher assignment in line 2 are dead. The first because $myVar is never used and the second because $higher is always overwritten for every possible time line.

Loading history...
3739
3740
		switch ( current_filter() ) {
3741
			case 'wp_ajax_nopriv_jetpack_upload_file':
3742
				$response = $this->upload_handler();
3743
				break;
3744
3745
			case 'wp_ajax_nopriv_jetpack_update_file':
3746
				$response = $this->upload_handler( true );
3747
				break;
3748
			default:
3749
				$response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 'unknown_handler'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3750
				break;
3751
		}
3752
3753
		if ( ! $response ) {
3754
			$response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 'unknown_error'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3755
		}
3756
3757
		if ( is_wp_error( $response ) ) {
3758
			$status_code       = $response->get_error_data();
0 ignored issues
show
The method get_error_data() does not seem to exist on object<Jetpack_Error>.

This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.

This is most likely a typographical error or the method has been renamed.

Loading history...
3759
			$error             = $response->get_error_code();
0 ignored issues
show
The method get_error_code() does not seem to exist on object<Jetpack_Error>.

This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.

This is most likely a typographical error or the method has been renamed.

Loading history...
3760
			$error_description = $response->get_error_message();
0 ignored issues
show
The method get_error_message() does not seem to exist on object<Jetpack_Error>.

This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.

This is most likely a typographical error or the method has been renamed.

Loading history...
3761
3762
			if ( ! is_int( $status_code ) ) {
3763
				$status_code = 400;
3764
			}
3765
3766
			status_header( $status_code );
3767
			die( json_encode( (object) compact( 'error', 'error_description' ) ) );
3768
		}
3769
3770
		status_header( 200 );
3771
		if ( true === $response ) {
3772
			exit;
3773
		}
3774
3775
		die( json_encode( (object) $response ) );
3776
	}
3777
3778
	/**
3779
	 * Uploads a file gotten from the global $_FILES.
3780
	 * If `$update_media_item` is true and `post_id` is defined
3781
	 * the attachment file of the media item (gotten through of the post_id)
3782
	 * will be updated instead of add a new one.
3783
	 *
3784
	 * @param  boolean $update_media_item - update media attachment
3785
	 * @return array - An array describing the uploadind files process
3786
	 */
3787
	function upload_handler( $update_media_item = false ) {
3788
		if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3789
			return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 405.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3790
		}
3791
3792
		$user = wp_authenticate( '', '' );
3793
		if ( ! $user || is_wp_error( $user ) ) {
3794
			return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 403.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3795
		}
3796
3797
		wp_set_current_user( $user->ID );
3798
3799
		if ( ! current_user_can( 'upload_files' ) ) {
3800
			return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 'cannot_upload_files'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3801
		}
3802
3803
		if ( empty( $_FILES ) ) {
3804
			return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 'no_files_uploaded'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3805
		}
3806
3807
		foreach ( array_keys( $_FILES ) as $files_key ) {
3808
			if ( ! isset( $_POST[ "_jetpack_file_hmac_{$files_key}" ] ) ) {
3809
				return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 'missing_hmac'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3810
			}
3811
		}
3812
3813
		$media_keys = array_keys( $_FILES['media'] );
3814
3815
		$token = Jetpack_Data::get_access_token( get_current_user_id() );
0 ignored issues
show
Deprecated Code introduced by
The method Jetpack_Data::get_access_token() has been deprecated with message: 7.5 Use Connection_Manager instead.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
3816
		if ( ! $token || is_wp_error( $token ) ) {
3817
			return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 'unknown_token'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3818
		}
3819
3820
		$uploaded_files = array();
3821
		$global_post    = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3822
		unset( $GLOBALS['post'] );
3823
		foreach ( $_FILES['media']['name'] as $index => $name ) {
3824
			$file = array();
3825
			foreach ( $media_keys as $media_key ) {
3826
				$file[ $media_key ] = $_FILES['media'][ $media_key ][ $index ];
3827
			}
3828
3829
			list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][ $index ] );
3830
3831
			$hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3832
			if ( $hmac_provided !== $hmac_file ) {
3833
				$uploaded_files[ $index ] = (object) array(
3834
					'error'             => 'invalid_hmac',
3835
					'error_description' => 'The corresponding HMAC for this file does not match',
3836
				);
3837
				continue;
3838
			}
3839
3840
			$_FILES['.jetpack.upload.'] = $file;
3841
			$post_id                    = isset( $_POST['post_id'][ $index ] ) ? absint( $_POST['post_id'][ $index ] ) : 0;
3842
			if ( ! current_user_can( 'edit_post', $post_id ) ) {
3843
				$post_id = 0;
3844
			}
3845
3846
			if ( $update_media_item ) {
3847
				if ( ! isset( $post_id ) || $post_id === 0 ) {
3848
					return new Jetpack_Error( 'invalid_input', 'Media ID must be defined.', 400 );
0 ignored issues
show
The call to Jetpack_Error::__construct() has too many arguments starting with 'invalid_input'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
3849
				}
3850
3851
				$media_array = $_FILES['media'];
3852
3853
				$file_array['name']     = $media_array['name'][0];
0 ignored issues
show
Coding Style Comprehensibility introduced by
$file_array was never initialized. Although not strictly required by PHP, it is generally a good practice to add $file_array = array(); before regardless.

Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code.

Let’s take a look at an example:

foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}

As you can see in this example, the array $myArray is initialized the first time when the foreach loop is entered. You can also see that the value of the bar key is only written conditionally; thus, its value might result from a previous iteration.

This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.

Loading history...
3854
				$file_array['type']     = $media_array['type'][0];
3855
				$file_array['tmp_name'] = $media_array['tmp_name'][0];
3856
				$file_array['error']    = $media_array['error'][0];
3857
				$file_array['size']     = $media_array['size'][0];
3858
3859
				$edited_media_item = Jetpack_Media::edit_media_file( $post_id, $file_array );
3860
3861
				if ( is_wp_error( $edited_media_item ) ) {
3862
					return $edited_media_item;
3863
				}
3864
3865
				$response = (object) array(
3866
					'id'   => (string) $post_id,
3867
					'file' => (string) $edited_media_item->post_title,
3868
					'url'  => (string) wp_get_attachment_url( $post_id ),
3869
					'type' => (string) $edited_media_item->post_mime_type,
3870
					'meta' => (array) wp_get_attachment_metadata( $post_id ),
3871
				);
3872
3873
				return (array) array( $response );
3874
			}
3875
3876
			$attachment_id = media_handle_upload(
3877
				'.jetpack.upload.',
3878
				$post_id,
3879
				array(),
3880
				array(
3881
					'action' => 'jetpack_upload_file',
3882
				)
3883
			);
3884
3885
			if ( ! $attachment_id ) {
3886
				$uploaded_files[ $index ] = (object) array(
3887
					'error'             => 'unknown',
3888
					'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site',
3889
				);
3890
			} elseif ( is_wp_error( $attachment_id ) ) {
3891
				$uploaded_files[ $index ] = (object) array(
3892
					'error'             => 'attachment_' . $attachment_id->get_error_code(),
3893
					'error_description' => $attachment_id->get_error_message(),
3894
				);
3895
			} else {
3896
				$attachment               = get_post( $attachment_id );
3897
				$uploaded_files[ $index ] = (object) array(
3898
					'id'   => (string) $attachment_id,
3899
					'file' => $attachment->post_title,
3900
					'url'  => wp_get_attachment_url( $attachment_id ),
3901
					'type' => $attachment->post_mime_type,
3902
					'meta' => wp_get_attachment_metadata( $attachment_id ),
3903
				);
3904
				// Zip files uploads are not supported unless they are done for installation purposed
3905
				// lets delete them in case something goes wrong in this whole process
3906
				if ( 'application/zip' === $attachment->post_mime_type ) {
3907
					// Schedule a cleanup for 2 hours from now in case of failed install.
3908
					wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $attachment_id ) );
3909
				}
3910
			}
3911
		}
3912
		if ( ! is_null( $global_post ) ) {
3913
			$GLOBALS['post'] = $global_post;
3914
		}
3915
3916
		return $uploaded_files;
3917
	}
3918
3919
	/**
3920
	 * Add help to the Jetpack page
3921
	 *
3922
	 * @since Jetpack (1.2.3)
3923
	 * @return false if not the Jetpack page
3924
	 */
3925
	function admin_help() {
3926
		$current_screen = get_current_screen();
3927
3928
		// Overview
3929
		$current_screen->add_help_tab(
3930
			array(
3931
				'id'      => 'home',
3932
				'title'   => __( 'Home', 'jetpack' ),
3933
				'content' =>
3934
					'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3935
					'<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3936
					'<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3937
			)
3938
		);
3939
3940
		// Screen Content
3941
		if ( current_user_can( 'manage_options' ) ) {
3942
			$current_screen->add_help_tab(
3943
				array(
3944
					'id'      => 'settings',
3945
					'title'   => __( 'Settings', 'jetpack' ),
3946
					'content' =>
3947
						'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3948
						'<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3949
						'<ol>' .
3950
							'<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.', 'jetpack' ) . '</li>' .
3951
							'<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.', 'jetpack' ) . '</li>' .
3952
						'</ol>' .
3953
						'<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>',
3954
				)
3955
			);
3956
		}
3957
3958
		// Help Sidebar
3959
		$current_screen->set_help_sidebar(
3960
			'<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3961
			'<p><a href="https://jetpack.com/faq/" target="_blank">' . __( 'Jetpack FAQ', 'jetpack' ) . '</a></p>' .
3962
			'<p><a href="https://jetpack.com/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3963
			'<p><a href="' . self::admin_url( array( 'page' => 'jetpack-debugger' ) ) . '">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3964
		);
3965
	}
3966
3967
	function admin_menu_css() {
3968
		wp_enqueue_style( 'jetpack-icons' );
3969
	}
3970
3971
	function admin_menu_order() {
3972
		return true;
3973
	}
3974
3975 View Code Duplication
	function jetpack_menu_order( $menu_order ) {
3976
		$jp_menu_order = array();
3977
3978
		foreach ( $menu_order as $index => $item ) {
3979
			if ( $item != 'jetpack' ) {
3980
				$jp_menu_order[] = $item;
3981
			}
3982
3983
			if ( $index == 0 ) {
3984
				$jp_menu_order[] = 'jetpack';
3985
			}
3986
		}
3987
3988
		return $jp_menu_order;
3989
	}
3990
3991
	function admin_banner_styles() {
3992
		$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3993
3994 View Code Duplication
		if ( ! wp_style_is( 'jetpack-dops-style' ) ) {
3995
			wp_register_style(
3996
				'jetpack-dops-style',
3997
				plugins_url( '_inc/build/admin.css', JETPACK__PLUGIN_FILE ),
3998
				array(),
3999
				JETPACK__VERSION
4000
			);
4001
		}
4002
4003
		wp_enqueue_style(
4004
			'jetpack',
4005
			plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ),
4006
			array( 'jetpack-dops-style' ),
4007
			JETPACK__VERSION . '-20121016'
4008
		);
4009
		wp_style_add_data( 'jetpack', 'rtl', 'replace' );
4010
		wp_style_add_data( 'jetpack', 'suffix', $min );
4011
	}
4012
4013
	function plugin_action_links( $actions ) {
4014
4015
		$jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', self::admin_url( 'page=jetpack' ), 'Jetpack' ) );
4016
4017
		if ( current_user_can( 'jetpack_manage_modules' ) && ( self::is_active() || ( new Status() )->is_development_mode() ) ) {
4018
			return array_merge(
4019
				$jetpack_home,
4020
				array( 'settings' => sprintf( '<a href="%s">%s</a>', self::admin_url( 'page=jetpack#/settings' ), __( 'Settings', 'jetpack' ) ) ),
4021
				array( 'support' => sprintf( '<a href="%s">%s</a>', self::admin_url( 'page=jetpack-debugger ' ), __( 'Support', 'jetpack' ) ) ),
4022
				$actions
4023
			);
4024
		}
4025
4026
		return array_merge( $jetpack_home, $actions );
4027
	}
4028
4029
	/**
4030
	 * Filters the login URL to include the registration flow in case the user isn't logged in.
4031
	 *
4032
	 * @param string $login_url The wp-login URL.
4033
	 * @param string $redirect  URL to redirect users after logging in.
4034
	 * @since Jetpack 8.4
4035
	 * @return string
4036
	 */
4037
	public function login_url( $login_url, $redirect ) {
4038
		parse_str( wp_parse_url( $redirect, PHP_URL_QUERY ), $redirect_parts );
4039
		if ( ! empty( $redirect_parts[ self::$jetpack_redirect_login ] ) ) {
4040
			$login_url = add_query_arg( self::$jetpack_redirect_login, 'true', $login_url );
4041
		}
4042
		return $login_url;
4043
	}
4044
4045
	/**
4046
	 * Redirects non-authenticated users to authenticate with Calypso if redirect flag is set.
4047
	 *
4048
	 * @since Jetpack 8.4
4049
	 */
4050
	public function login_init() {
4051
		// phpcs:ignore WordPress.Security.NonceVerification
4052
		if ( ! empty( $_GET[ self::$jetpack_redirect_login ] ) ) {
4053
			add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
4054
			wp_safe_redirect(
4055
				add_query_arg(
4056
					array(
4057
						'forceInstall' => 1,
4058
						'url'          => rawurlencode( get_site_url() ),
4059
					),
4060
					// @todo provide way to go to specific calypso env.
4061
					self::get_calypso_host() . 'jetpack/connect'
4062
				)
4063
			);
4064
			exit;
4065
		}
4066
	}
4067
4068
	/*
4069
	 * Registration flow:
4070
	 * 1 - ::admin_page_load() action=register
4071
	 * 2 - ::try_registration()
4072
	 * 3 - ::register()
4073
	 *     - Creates jetpack_register option containing two secrets and a timestamp
4074
	 *     - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
4075
	 *       siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
4076
	 *     - That request to jetpack.wordpress.com does not immediately respond.  It first makes a request BACK to this site's
4077
	 *       xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
4078
	 *     - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
4079
	 *     - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
4080
	 *       jetpack_id, jetpack_secret, jetpack_public
4081
	 *     - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
4082
	 * 4 - redirect to https://wordpress.com/start/jetpack-connect
4083
	 * 5 - user logs in with WP.com account
4084
	 * 6 - remote request to this site's xmlrpc.php with action remoteAuthorize, Jetpack_XMLRPC_Server->remote_authorize
4085
	 *		- Manager::authorize()
4086
	 *		- Manager::get_token()
4087
	 *		- GET https://jetpack.wordpress.com/jetpack.token/1/ with
4088
	 *        client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
4089
	 *			- which responds with access_token, token_type, scope
4090
	 *		- Manager::authorize() stores jetpack_options: user_token => access_token.$user_id
4091
	 *		- Jetpack::activate_default_modules()
4092
	 *     		- Deactivates deprecated plugins
4093
	 *     		- Activates all default modules
4094
	 *		- Responds with either error, or 'connected' for new connection, or 'linked' for additional linked users
4095
	 * 7 - For a new connection, user selects a Jetpack plan on wordpress.com
4096
	 * 8 - User is redirected back to wp-admin/index.php?page=jetpack with state:message=authorized
4097
	 *     Done!
4098
	 */
4099
4100
	/**
4101
	 * Handles the page load events for the Jetpack admin page
4102
	 */
4103
	function admin_page_load() {
4104
		$error = false;
4105
4106
		// Make sure we have the right body class to hook stylings for subpages off of.
4107
		add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ), 20 );
4108
4109
		if ( ! empty( $_GET['jetpack_restate'] ) ) {
4110
			// Should only be used in intermediate redirects to preserve state across redirects
4111
			self::restate();
4112
		}
4113
4114
		if ( isset( $_GET['connect_url_redirect'] ) ) {
4115
			// @todo: Add validation against a known whitelist
4116
			$from = ! empty( $_GET['from'] ) ? $_GET['from'] : 'iframe';
4117
			// User clicked in the iframe to link their accounts
4118
			if ( ! self::is_user_connected() ) {
4119
				$redirect = ! empty( $_GET['redirect_after_auth'] ) ? $_GET['redirect_after_auth'] : false;
4120
4121
				add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
4122
				$connect_url = $this->build_connect_url( true, $redirect, $from );
4123
				remove_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
4124
4125
				if ( isset( $_GET['notes_iframe'] ) ) {
4126
					$connect_url .= '&notes_iframe';
4127
				}
4128
				wp_redirect( $connect_url );
4129
				exit;
4130
			} else {
4131
				if ( ! isset( $_GET['calypso_env'] ) ) {
4132
					self::state( 'message', 'already_authorized' );
4133
					wp_safe_redirect( self::admin_url() );
4134
					exit;
4135
				} else {
4136
					$connect_url  = $this->build_connect_url( true, false, $from );
4137
					$connect_url .= '&already_authorized=true';
4138
					wp_redirect( $connect_url );
4139
					exit;
4140
				}
4141
			}
4142
		}
4143
4144
		if ( isset( $_GET['action'] ) ) {
4145
			switch ( $_GET['action'] ) {
4146
				case 'authorize':
4147
					if ( self::is_active() && self::is_user_connected() ) {
4148
						self::state( 'message', 'already_authorized' );
4149
						wp_safe_redirect( self::admin_url() );
4150
						exit;
4151
					}
4152
					self::log( 'authorize' );
4153
					$client_server = new Jetpack_Client_Server();
4154
					$client_server->client_authorize();
4155
					exit;
4156
				case 'register':
4157
					if ( ! current_user_can( 'jetpack_connect' ) ) {
4158
						$error = 'cheatin';
4159
						break;
4160
					}
4161
					check_admin_referer( 'jetpack-register' );
4162
					self::log( 'register' );
4163
					self::maybe_set_version_option();
4164
					$registered = self::try_registration();
4165 View Code Duplication
					if ( is_wp_error( $registered ) ) {
4166
						$error = $registered->get_error_code();
0 ignored issues
show
The method get_error_code() does not seem to exist on object<WP_Error>.

This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.

This is most likely a typographical error or the method has been renamed.

Loading history...
4167
						self::state( 'error', $error );
4168
						self::state( 'error', $registered->get_error_message() );
0 ignored issues
show
The method get_error_message() does not seem to exist on object<WP_Error>.

This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.

This is most likely a typographical error or the method has been renamed.

Loading history...
4169
4170
						/**
4171
						 * Jetpack registration Error.
4172
						 *
4173
						 * @since 7.5.0
4174
						 *
4175
						 * @param string|int $error The error code.
4176
						 * @param \WP_Error $registered The error object.
4177
						 */
4178
						do_action( 'jetpack_connection_register_fail', $error, $registered );
4179
						break;
4180
					}
4181
4182
					$from     = isset( $_GET['from'] ) ? $_GET['from'] : false;
4183
					$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : false;
4184
4185
					/**
4186
					 * Jetpack registration Success.
4187
					 *
4188
					 * @since 7.5.0
4189
					 *
4190
					 * @param string $from 'from' GET parameter;
4191
					 */
4192
					do_action( 'jetpack_connection_register_success', $from );
4193
4194
					$url = $this->build_connect_url( true, $redirect, $from );
4195
4196
					if ( ! empty( $_GET['onboarding'] ) ) {
4197
						$url = add_query_arg( 'onboarding', $_GET['onboarding'], $url );
4198
					}
4199
4200
					if ( ! empty( $_GET['auth_approved'] ) && 'true' === $_GET['auth_approved'] ) {
4201
						$url = add_query_arg( 'auth_approved', 'true', $url );
4202
					}
4203
4204
					wp_redirect( $url );
4205
					exit;
4206
				case 'activate':
4207
					if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
4208
						$error = 'cheatin';
4209
						break;
4210
					}
4211
4212
					$module = stripslashes( $_GET['module'] );
4213
					check_admin_referer( "jetpack_activate-$module" );
4214
					self::log( 'activate', $module );
4215
					if ( ! self::activate_module( $module ) ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression self::activate_module($module) of type boolean|null is loosely compared to false; this is ambiguous if the boolean can be false. You might want to explicitly use !== null instead.

If an expression can have both false, and null as possible values. It is generally a good practice to always use strict comparison to clearly distinguish between those two values.

$a = canBeFalseAndNull();

// Instead of
if ( ! $a) { }

// Better use one of the explicit versions:
if ($a !== null) { }
if ($a !== false) { }
if ($a !== null && $a !== false) { }
Loading history...
4216
						self::state( 'error', sprintf( __( 'Could not activate %s', 'jetpack' ), $module ) );
4217
					}
4218
					// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
4219
					wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
4220
					exit;
4221
				case 'activate_default_modules':
4222
					check_admin_referer( 'activate_default_modules' );
4223
					self::log( 'activate_default_modules' );
4224
					self::restate();
4225
					$min_version   = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
4226
					$max_version   = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
4227
					$other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
4228
					self::activate_default_modules( $min_version, $max_version, $other_modules );
4229
					wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
4230
					exit;
4231
				case 'disconnect':
4232
					if ( ! current_user_can( 'jetpack_disconnect' ) ) {
4233
						$error = 'cheatin';
4234
						break;
4235
					}
4236
4237
					check_admin_referer( 'jetpack-disconnect' );
4238
					self::log( 'disconnect' );
4239
					self::disconnect();
4240
					wp_safe_redirect( self::admin_url( 'disconnected=true' ) );
4241
					exit;
4242
				case 'reconnect':
4243
					if ( ! current_user_can( 'jetpack_reconnect' ) ) {
4244
						$error = 'cheatin';
4245
						break;
4246
					}
4247
4248
					check_admin_referer( 'jetpack-reconnect' );
4249
					self::log( 'reconnect' );
4250
					$this->disconnect();
4251
					wp_redirect( $this->build_connect_url( true, false, 'reconnect' ) );
4252
					exit;
4253 View Code Duplication
				case 'deactivate':
4254
					if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
4255
						$error = 'cheatin';
4256
						break;
4257
					}
4258
4259
					$modules = stripslashes( $_GET['module'] );
4260
					check_admin_referer( "jetpack_deactivate-$modules" );
4261
					foreach ( explode( ',', $modules ) as $module ) {
4262
						self::log( 'deactivate', $module );
4263
						self::deactivate_module( $module );
4264
						self::state( 'message', 'module_deactivated' );
4265
					}
4266
					self::state( 'module', $modules );
4267
					wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
4268
					exit;
4269
				case 'unlink':
4270
					$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
4271
					check_admin_referer( 'jetpack-unlink' );
4272
					self::log( 'unlink' );
4273
					Connection_Manager::disconnect_user();
4274
					self::state( 'message', 'unlinked' );
4275
					if ( 'sub-unlink' == $redirect ) {
4276
						wp_safe_redirect( admin_url() );
4277
					} else {
4278
						wp_safe_redirect( self::admin_url( array( 'page' => $redirect ) ) );
4279
					}
4280
					exit;
4281
				case 'onboard':
4282
					if ( ! current_user_can( 'manage_options' ) ) {
4283
						wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
4284
					} else {
4285
						self::create_onboarding_token();
4286
						$url = $this->build_connect_url( true );
4287
4288
						if ( false !== ( $token = Jetpack_Options::get_option( 'onboarding' ) ) ) {
4289
							$url = add_query_arg( 'onboarding', $token, $url );
4290
						}
4291
4292
						$calypso_env = $this->get_calypso_env();
4293
						if ( ! empty( $calypso_env ) ) {
4294
							$url = add_query_arg( 'calypso_env', $calypso_env, $url );
4295
						}
4296
4297
						wp_redirect( $url );
4298
						exit;
4299
					}
4300
					exit;
4301
				default:
4302
					/**
4303
					 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
4304
					 *
4305
					 * @since 2.6.0
4306
					 *
4307
					 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
4308
					 */
4309
					do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
4310
			}
4311
		}
4312
4313
		if ( ! $error = $error ? $error : self::state( 'error' ) ) {
4314
			self::activate_new_modules( true );
4315
		}
4316
4317
		$message_code = self::state( 'message' );
4318
		if ( self::state( 'optin-manage' ) ) {
4319
			$activated_manage = $message_code;
4320
			$message_code     = 'jetpack-manage';
4321
		}
4322
4323
		switch ( $message_code ) {
4324
			case 'jetpack-manage':
4325
				$this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>';
4326
				if ( $activated_manage ) {
0 ignored issues
show
The variable $activated_manage does not seem to be defined for all execution paths leading up to this point.

If you define a variable conditionally, it can happen that it is not defined for all execution paths.

Let’s take a look at an example:

function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}

In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.

Available Fixes

  1. Check for existence of the variable explicitly:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        if (isset($x)) { // Make sure it's always set.
            echo $x;
        }
    }
    
  2. Define a default value for the variable:

    function myFunction($a) {
        $x = ''; // Set a default which gets overridden for certain paths.
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        echo $x;
    }
    
  3. Add a value for the missing path:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
    
            // We add support for the missing case.
            default:
                $x = '';
                break;
        }
    
        echo $x;
    }
    
Loading history...
4327
					$this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack' ) . '</strong>';
4328
				}
4329
				break;
4330
4331
		}
4332
4333
		$deactivated_plugins = self::state( 'deactivated_plugins' );
4334
4335
		if ( ! empty( $deactivated_plugins ) ) {
4336
			$deactivated_plugins = explode( ',', $deactivated_plugins );
4337
			$deactivated_titles  = array();
4338
			foreach ( $deactivated_plugins as $deactivated_plugin ) {
4339
				if ( ! isset( $this->plugins_to_deactivate[ $deactivated_plugin ] ) ) {
4340
					continue;
4341
				}
4342
4343
				$deactivated_titles[] = '<strong>' . str_replace( ' ', '&nbsp;', $this->plugins_to_deactivate[ $deactivated_plugin ][1] ) . '</strong>';
4344
			}
4345
4346
			if ( $deactivated_titles ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $deactivated_titles of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
4347
				if ( $this->message ) {
4348
					$this->message .= "<br /><br />\n";
4349
				}
4350
4351
				$this->message .= wp_sprintf(
4352
					_n(
4353
						'Jetpack contains the most recent version of the old %l plugin.',
4354
						'Jetpack contains the most recent versions of the old %l plugins.',
4355
						count( $deactivated_titles ),
4356
						'jetpack'
4357
					),
4358
					$deactivated_titles
4359
				);
4360
4361
				$this->message .= "<br />\n";
4362
4363
				$this->message .= _n(
4364
					'The old version has been deactivated and can be removed from your site.',
4365
					'The old versions have been deactivated and can be removed from your site.',
4366
					count( $deactivated_titles ),
4367
					'jetpack'
4368
				);
4369
			}
4370
		}
4371
4372
		$this->privacy_checks = self::state( 'privacy_checks' );
4373
4374
		if ( $this->message || $this->error || $this->privacy_checks ) {
4375
			add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
4376
		}
4377
4378
		add_filter( 'jetpack_short_module_description', 'wptexturize' );
4379
	}
4380
4381
	function admin_notices() {
4382
4383
		if ( $this->error ) {
4384
			?>
4385
<div id="message" class="jetpack-message jetpack-err">
4386
	<div class="squeezer">
4387
		<h2>
4388
			<?php
4389
			echo wp_kses(
4390
				$this->error,
4391
				array(
4392
					'a'      => array( 'href' => array() ),
4393
					'small'  => true,
4394
					'code'   => true,
4395
					'strong' => true,
4396
					'br'     => true,
4397
					'b'      => true,
4398
				)
4399
			);
4400
			?>
4401
			</h2>
4402
			<?php	if ( $desc = self::state( 'error_description' ) ) : ?>
4403
		<p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
4404
<?php	endif; ?>
4405
	</div>
4406
</div>
4407
			<?php
4408
		}
4409
4410
		if ( $this->message ) {
4411
			?>
4412
<div id="message" class="jetpack-message">
4413
	<div class="squeezer">
4414
		<h2>
4415
			<?php
4416
			echo wp_kses(
4417
				$this->message,
4418
				array(
4419
					'strong' => array(),
4420
					'a'      => array( 'href' => true ),
4421
					'br'     => true,
4422
				)
4423
			);
4424
			?>
4425
			</h2>
4426
	</div>
4427
</div>
4428
			<?php
4429
		}
4430
4431
		if ( $this->privacy_checks ) :
4432
			$module_names = $module_slugs = array();
4433
4434
			$privacy_checks = explode( ',', $this->privacy_checks );
4435
			$privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
4436
			foreach ( $privacy_checks as $module_slug ) {
4437
				$module = self::get_module( $module_slug );
4438
				if ( ! $module ) {
4439
					continue;
4440
				}
4441
4442
				$module_slugs[] = $module_slug;
4443
				$module_names[] = "<strong>{$module['name']}</strong>";
4444
			}
4445
4446
			$module_slugs = join( ',', $module_slugs );
4447
			?>
4448
<div id="message" class="jetpack-message jetpack-err">
4449
	<div class="squeezer">
4450
		<h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
4451
		<p>
4452
			<?php
4453
			echo wp_kses(
4454
				wptexturize(
4455
					wp_sprintf(
4456
						_nx(
4457
							"Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
4458
							"Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
4459
							count( $privacy_checks ),
4460
							'%l = list of Jetpack module/feature names',
4461
							'jetpack'
4462
						),
4463
						$module_names
4464
					)
4465
				),
4466
				array( 'strong' => true )
4467
			);
4468
4469
			echo "\n<br />\n";
4470
4471
			echo wp_kses(
4472
				sprintf(
4473
					_nx(
4474
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
4475
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
4476
						count( $privacy_checks ),
4477
						'%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
4478
						'jetpack'
4479
					),
4480
					wp_nonce_url(
4481
						self::admin_url(
4482
							array(
4483
								'page'   => 'jetpack',
4484
								'action' => 'deactivate',
4485
								'module' => urlencode( $module_slugs ),
4486
							)
4487
						),
4488
						"jetpack_deactivate-$module_slugs"
4489
					),
4490
					esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
4491
				),
4492
				array(
4493
					'a' => array(
4494
						'href'  => true,
4495
						'title' => true,
4496
					),
4497
				)
4498
			);
4499
			?>
4500
		</p>
4501
	</div>
4502
</div>
4503
			<?php
4504
endif;
4505
	}
4506
4507
	/**
4508
	 * We can't always respond to a signed XML-RPC request with a
4509
	 * helpful error message. In some circumstances, doing so could
4510
	 * leak information.
4511
	 *
4512
	 * Instead, track that the error occurred via a Jetpack_Option,
4513
	 * and send that data back in the heartbeat.
4514
	 * All this does is increment a number, but it's enough to find
4515
	 * trends.
4516
	 *
4517
	 * @param WP_Error $xmlrpc_error The error produced during
4518
	 *                               signature validation.
4519
	 */
4520
	function track_xmlrpc_error( $xmlrpc_error ) {
4521
		$code = is_wp_error( $xmlrpc_error )
4522
			? $xmlrpc_error->get_error_code()
0 ignored issues
show
The method get_error_code() does not seem to exist on object<WP_Error>.

This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.

This is most likely a typographical error or the method has been renamed.

Loading history...
4523
			: 'should-not-happen';
4524
4525
		$xmlrpc_errors = Jetpack_Options::get_option( 'xmlrpc_errors', array() );
4526
		if ( isset( $xmlrpc_errors[ $code ] ) && $xmlrpc_errors[ $code ] ) {
4527
			// No need to update the option if we already have
4528
			// this code stored.
4529
			return;
4530
		}
4531
		$xmlrpc_errors[ $code ] = true;
4532
4533
		Jetpack_Options::update_option( 'xmlrpc_errors', $xmlrpc_errors, false );
0 ignored issues
show
false is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
4534
	}
4535
4536
	/**
4537
	 * Record a stat for later output.  This will only currently output in the admin_footer.
4538
	 */
4539
	function stat( $group, $detail ) {
4540
		if ( ! isset( $this->stats[ $group ] ) ) {
4541
			$this->stats[ $group ] = array();
4542
		}
4543
		$this->stats[ $group ][] = $detail;
4544
	}
4545
4546
	/**
4547
	 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
4548
	 */
4549
	function do_stats( $method = '' ) {
4550
		if ( is_array( $this->stats ) && count( $this->stats ) ) {
4551
			foreach ( $this->stats as $group => $stats ) {
4552
				if ( is_array( $stats ) && count( $stats ) ) {
4553
					$args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
4554
					if ( 'server_side' === $method ) {
4555
						self::do_server_side_stat( $args );
4556
					} else {
4557
						echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
4558
					}
4559
				}
4560
				unset( $this->stats[ $group ] );
4561
			}
4562
		}
4563
	}
4564
4565
	/**
4566
	 * Runs stats code for a one-off, server-side.
4567
	 *
4568
	 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
4569
	 *
4570
	 * @return bool If it worked.
4571
	 */
4572
	static function do_server_side_stat( $args ) {
4573
		$response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
4574
		if ( is_wp_error( $response ) ) {
4575
			return false;
4576
		}
4577
4578
		if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
4579
			return false;
4580
		}
4581
4582
		return true;
4583
	}
4584
4585
	/**
4586
	 * Builds the stats url.
4587
	 *
4588
	 * @param $args array|string The arguments to append to the URL.
4589
	 *
4590
	 * @return string The URL to be pinged.
4591
	 */
4592
	static function build_stats_url( $args ) {
4593
		$defaults = array(
4594
			'v'    => 'wpcom2',
4595
			'rand' => md5( mt_rand( 0, 999 ) . time() ),
4596
		);
4597
		$args     = wp_parse_args( $args, $defaults );
4598
		/**
4599
		 * Filter the URL used as the Stats tracking pixel.
4600
		 *
4601
		 * @since 2.3.2
4602
		 *
4603
		 * @param string $url Base URL used as the Stats tracking pixel.
4604
		 */
4605
		$base_url = apply_filters(
4606
			'jetpack_stats_base_url',
4607
			'https://pixel.wp.com/g.gif'
4608
		);
4609
		$url      = add_query_arg( $args, $base_url );
4610
		return $url;
4611
	}
4612
4613
	/**
4614
	 * Get the role of the current user.
4615
	 *
4616
	 * @deprecated 7.6 Use Automattic\Jetpack\Roles::translate_current_user_to_role() instead.
4617
	 *
4618
	 * @access public
4619
	 * @static
4620
	 *
4621
	 * @return string|boolean Current user's role, false if not enough capabilities for any of the roles.
4622
	 */
4623
	public static function translate_current_user_to_role() {
4624
		_deprecated_function( __METHOD__, 'jetpack-7.6.0' );
4625
4626
		$roles = new Roles();
4627
		return $roles->translate_current_user_to_role();
4628
	}
4629
4630
	/**
4631
	 * Get the role of a particular user.
4632
	 *
4633
	 * @deprecated 7.6 Use Automattic\Jetpack\Roles::translate_user_to_role() instead.
4634
	 *
4635
	 * @access public
4636
	 * @static
4637
	 *
4638
	 * @param \WP_User $user User object.
4639
	 * @return string|boolean User's role, false if not enough capabilities for any of the roles.
4640
	 */
4641
	public static function translate_user_to_role( $user ) {
4642
		_deprecated_function( __METHOD__, 'jetpack-7.6.0' );
4643
4644
		$roles = new Roles();
4645
		return $roles->translate_user_to_role( $user );
4646
	}
4647
4648
	/**
4649
	 * Get the minimum capability for a role.
4650
	 *
4651
	 * @deprecated 7.6 Use Automattic\Jetpack\Roles::translate_role_to_cap() instead.
4652
	 *
4653
	 * @access public
4654
	 * @static
4655
	 *
4656
	 * @param string $role Role name.
4657
	 * @return string|boolean Capability, false if role isn't mapped to any capabilities.
4658
	 */
4659
	public static function translate_role_to_cap( $role ) {
4660
		_deprecated_function( __METHOD__, 'jetpack-7.6.0' );
4661
4662
		$roles = new Roles();
4663
		return $roles->translate_role_to_cap( $role );
4664
	}
4665
4666
	/**
4667
	 * Sign a user role with the master access token.
4668
	 * If not specified, will default to the current user.
4669
	 *
4670
	 * @deprecated since 7.7
4671
	 * @see Automattic\Jetpack\Connection\Manager::sign_role()
4672
	 *
4673
	 * @access public
4674
	 * @static
4675
	 *
4676
	 * @param string $role    User role.
4677
	 * @param int    $user_id ID of the user.
0 ignored issues
show
Should the type for parameter $user_id not be integer|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
4678
	 * @return string Signed user role.
4679
	 */
4680
	public static function sign_role( $role, $user_id = null ) {
4681
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::sign_role' );
4682
		return self::connection()->sign_role( $role, $user_id );
4683
	}
4684
4685
	/**
4686
	 * Builds a URL to the Jetpack connection auth page
4687
	 *
4688
	 * @since 3.9.5
4689
	 *
4690
	 * @param bool        $raw If true, URL will not be escaped.
4691
	 * @param bool|string $redirect If true, will redirect back to Jetpack wp-admin landing page after connection.
4692
	 *                              If string, will be a custom redirect.
4693
	 * @param bool|string $from If not false, adds 'from=$from' param to the connect URL.
4694
	 * @param bool        $register If true, will generate a register URL regardless of the existing token, since 4.9.0
4695
	 *
4696
	 * @return string Connect URL
4697
	 */
4698
	function build_connect_url( $raw = false, $redirect = false, $from = false, $register = false ) {
4699
		$site_id    = Jetpack_Options::get_option( 'id' );
4700
		$blog_token = Jetpack_Data::get_access_token();
0 ignored issues
show
Deprecated Code introduced by
The method Jetpack_Data::get_access_token() has been deprecated with message: 7.5 Use Connection_Manager instead.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
4701
4702
		if ( $register || ! $blog_token || ! $site_id ) {
4703
			$url = self::nonce_url_no_esc( self::admin_url( 'action=register' ), 'jetpack-register' );
4704
4705
			if ( ! empty( $redirect ) ) {
4706
				$url = add_query_arg(
4707
					'redirect',
4708
					urlencode( wp_validate_redirect( esc_url_raw( $redirect ) ) ),
4709
					$url
4710
				);
4711
			}
4712
4713
			if ( is_network_admin() ) {
4714
				$url = add_query_arg( 'is_multisite', network_admin_url( 'admin.php?page=jetpack-settings' ), $url );
4715
			}
4716
4717
			$calypso_env = self::get_calypso_env();
4718
4719
			if ( ! empty( $calypso_env ) ) {
4720
				$url = add_query_arg( 'calypso_env', $calypso_env, $url );
4721
			}
4722
		} else {
4723
4724
			// Let's check the existing blog token to see if we need to re-register. We only check once per minute
4725
			// because otherwise this logic can get us in to a loop.
4726
			$last_connect_url_check = intval( Jetpack_Options::get_raw_option( 'jetpack_last_connect_url_check' ) );
4727
			if ( ! $last_connect_url_check || ( time() - $last_connect_url_check ) > MINUTE_IN_SECONDS ) {
4728
				Jetpack_Options::update_raw_option( 'jetpack_last_connect_url_check', time() );
4729
4730
				$response = Client::wpcom_json_api_request_as_blog(
4731
					sprintf( '/sites/%d', $site_id ) . '?force=wpcom',
4732
					'1.1'
4733
				);
4734
4735
				if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
4736
4737
					// Generating a register URL instead to refresh the existing token
4738
					return $this->build_connect_url( $raw, $redirect, $from, true );
4739
				}
4740
			}
4741
4742
			$url = $this->build_authorize_url( $redirect );
0 ignored issues
show
It seems like $redirect defined by parameter $redirect on line 4698 can also be of type string; however, Jetpack::build_authorize_url() does only seem to accept boolean, maybe add an additional type check?

This check looks at variables that have been passed in as parameters and are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
4743
		}
4744
4745
		if ( $from ) {
4746
			$url = add_query_arg( 'from', $from, $url );
4747
		}
4748
4749
		$url = $raw ? esc_url_raw( $url ) : esc_url( $url );
4750
		/**
4751
		 * Filter the URL used when connecting a user to a WordPress.com account.
4752
		 *
4753
		 * @since 8.1.0
4754
		 *
4755
		 * @param string $url Connection URL.
4756
		 * @param bool   $raw If true, URL will not be escaped.
4757
		 */
4758
		return apply_filters( 'jetpack_build_connection_url', $url, $raw );
4759
	}
4760
4761
	public static function build_authorize_url( $redirect = false, $iframe = false ) {
4762
4763
		add_filter( 'jetpack_connect_request_body', array( __CLASS__, 'filter_connect_request_body' ) );
4764
		add_filter( 'jetpack_connect_redirect_url', array( __CLASS__, 'filter_connect_redirect_url' ) );
4765
		add_filter( 'jetpack_connect_processing_url', array( __CLASS__, 'filter_connect_processing_url' ) );
4766
4767
		if ( $iframe ) {
4768
			add_filter( 'jetpack_use_iframe_authorization_flow', '__return_true' );
4769
		}
4770
4771
		$c8n = self::connection();
4772
		$url = $c8n->get_authorization_url( wp_get_current_user(), $redirect );
0 ignored issues
show
$redirect is of type boolean, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
4773
4774
		remove_filter( 'jetpack_connect_request_body', array( __CLASS__, 'filter_connect_request_body' ) );
4775
		remove_filter( 'jetpack_connect_redirect_url', array( __CLASS__, 'filter_connect_redirect_url' ) );
4776
		remove_filter( 'jetpack_connect_processing_url', array( __CLASS__, 'filter_connect_processing_url' ) );
4777
4778
		if ( $iframe ) {
4779
			remove_filter( 'jetpack_use_iframe_authorization_flow', '__return_true' );
4780
		}
4781
4782
		return $url;
4783
	}
4784
4785
	/**
4786
	 * Filters the connection URL parameter array.
4787
	 *
4788
	 * @param Array $args default URL parameters used by the package.
4789
	 * @return Array the modified URL arguments array.
4790
	 */
4791
	public static function filter_connect_request_body( $args ) {
4792
		if (
4793
			Constants::is_defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' )
4794
			&& include_once Constants::get_constant( 'JETPACK__GLOTPRESS_LOCALES_PATH' )
4795
		) {
4796
			$gp_locale = GP_Locales::by_field( 'wp_locale', get_locale() );
4797
			$args['locale'] = isset( $gp_locale ) && isset( $gp_locale->slug )
4798
				? $gp_locale->slug
4799
				: '';
4800
		}
4801
4802
		$tracking        = new Tracking();
4803
		$tracks_identity = $tracking->tracks_get_identity( $args['state'] );
4804
4805
		$args = array_merge(
4806
			$args,
4807
			array(
4808
				'_ui' => $tracks_identity['_ui'],
4809
				'_ut' => $tracks_identity['_ut'],
4810
			)
4811
		);
4812
4813
		$calypso_env = self::get_calypso_env();
4814
4815
		if ( ! empty( $calypso_env ) ) {
4816
			$args['calypso_env'] = $calypso_env;
4817
		}
4818
4819
		return $args;
4820
	}
4821
4822
	/**
4823
	 * Filters the URL that will process the connection data. It can be different from the URL
4824
	 * that we send the user to after everything is done.
4825
	 *
4826
	 * @param String $processing_url the default redirect URL used by the package.
4827
	 * @return String the modified URL.
4828
	 */
4829
	public static function filter_connect_processing_url( $processing_url ) {
4830
		$processing_url = admin_url( 'admin.php?page=jetpack' ); // Making PHPCS happy.
4831
		return $processing_url;
4832
	}
4833
4834
	/**
4835
	 * Filters the redirection URL that is used for connect requests. The redirect
4836
	 * URL should return the user back to the Jetpack console.
4837
	 *
4838
	 * @param String $redirect the default redirect URL used by the package.
4839
	 * @return String the modified URL.
4840
	 */
4841
	public static function filter_connect_redirect_url( $redirect ) {
4842
		$jetpack_admin_page = esc_url_raw( admin_url( 'admin.php?page=jetpack' ) );
4843
		$redirect           = $redirect
4844
			? wp_validate_redirect( esc_url_raw( $redirect ), $jetpack_admin_page )
4845
			: $jetpack_admin_page;
4846
4847
		if ( isset( $_REQUEST['is_multisite'] ) ) {
4848
			$redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4849
		}
4850
4851
		return $redirect;
4852
	}
4853
4854
	/**
4855
	 * This action fires at the beginning of the Manager::authorize method.
4856
	 */
4857
	public static function authorize_starting() {
4858
		$jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' );
4859
		// Checking if site has been active/connected previously before recording unique connection.
4860
		if ( ! $jetpack_unique_connection ) {
4861
			// jetpack_unique_connection option has never been set.
4862
			$jetpack_unique_connection = array(
4863
				'connected'    => 0,
4864
				'disconnected' => 0,
4865
				'version'      => '3.6.1',
4866
			);
4867
4868
			update_option( 'jetpack_unique_connection', $jetpack_unique_connection );
4869
4870
			// Track unique connection.
4871
			$jetpack = self::init();
4872
4873
			$jetpack->stat( 'connections', 'unique-connection' );
4874
			$jetpack->do_stats( 'server_side' );
4875
		}
4876
4877
		// Increment number of times connected.
4878
		$jetpack_unique_connection['connected'] += 1;
4879
		Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
4880
	}
4881
4882
	/**
4883
	 * This action fires at the end of the Manager::authorize method when a secondary user is
4884
	 * linked.
4885
	 */
4886
	public static function authorize_ending_linked() {
4887
		// Don't activate anything since we are just connecting a user.
4888
		self::state( 'message', 'linked' );
4889
	}
4890
4891
	/**
4892
	 * This action fires at the end of the Manager::authorize method when the master user is
4893
	 * authorized.
4894
	 *
4895
	 * @param array $data The request data.
4896
	 */
4897
	public static function authorize_ending_authorized( $data ) {
4898
		// If this site has been through the Jetpack Onboarding flow, delete the onboarding token.
4899
		self::invalidate_onboarding_token();
4900
4901
		// If redirect_uri is SSO, ensure SSO module is enabled.
4902
		parse_str( wp_parse_url( $data['redirect_uri'], PHP_URL_QUERY ), $redirect_options );
4903
4904
		/** This filter is documented in class.jetpack-cli.php */
4905
		$jetpack_start_enable_sso = apply_filters( 'jetpack_start_enable_sso', true );
4906
4907
		$activate_sso = (
4908
			isset( $redirect_options['action'] ) &&
4909
			'jetpack-sso' === $redirect_options['action'] &&
4910
			$jetpack_start_enable_sso
4911
		);
4912
4913
		$do_redirect_on_error = ( 'client' === $data['auth_type'] );
4914
4915
		self::handle_post_authorization_actions( $activate_sso, $do_redirect_on_error );
4916
	}
4917
4918
	/**
4919
	 * Get our assumed site creation date.
4920
	 * Calculated based on the earlier date of either:
4921
	 * - Earliest admin user registration date.
4922
	 * - Earliest date of post of any post type.
4923
	 *
4924
	 * @since 7.2.0
4925
	 * @deprecated since 7.8.0
4926
	 *
4927
	 * @return string Assumed site creation date and time.
4928
	 */
4929
	public static function get_assumed_site_creation_date() {
4930
		_deprecated_function( __METHOD__, 'jetpack-7.8', 'Automattic\\Jetpack\\Connection\\Manager' );
4931
		return self::connection()->get_assumed_site_creation_date();
4932
	}
4933
4934 View Code Duplication
	public static function apply_activation_source_to_args( &$args ) {
4935
		list( $activation_source_name, $activation_source_keyword ) = get_option( 'jetpack_activation_source' );
4936
4937
		if ( $activation_source_name ) {
4938
			$args['_as'] = urlencode( $activation_source_name );
4939
		}
4940
4941
		if ( $activation_source_keyword ) {
4942
			$args['_ak'] = urlencode( $activation_source_keyword );
4943
		}
4944
	}
4945
4946
	function build_reconnect_url( $raw = false ) {
4947
		$url = wp_nonce_url( self::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4948
		return $raw ? $url : esc_url( $url );
4949
	}
4950
4951
	public static function admin_url( $args = null ) {
4952
		$args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4953
		$url  = add_query_arg( $args, admin_url( 'admin.php' ) );
4954
		return $url;
4955
	}
4956
4957
	public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4958
		$actionurl = str_replace( '&amp;', '&', $actionurl );
4959
		return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4960
	}
4961
4962
	function dismiss_jetpack_notice() {
4963
4964
		if ( ! isset( $_GET['jetpack-notice'] ) ) {
4965
			return;
4966
		}
4967
4968
		switch ( $_GET['jetpack-notice'] ) {
4969
			case 'dismiss':
4970
				if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4971
4972
					require_once ABSPATH . 'wp-admin/includes/plugin.php';
4973
					deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4974
					wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4975
				}
4976
				break;
4977
		}
4978
	}
4979
4980
	public static function sort_modules( $a, $b ) {
4981
		if ( $a['sort'] == $b['sort'] ) {
4982
			return 0;
4983
		}
4984
4985
		return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4986
	}
4987
4988
	function ajax_recheck_ssl() {
4989
		check_ajax_referer( 'recheck-ssl', 'ajax-nonce' );
4990
		$result = self::permit_ssl( true );
4991
		wp_send_json(
4992
			array(
4993
				'enabled' => $result,
4994
				'message' => get_transient( 'jetpack_https_test_message' ),
4995
			)
4996
		);
4997
	}
4998
4999
	/* Client API */
5000
5001
	/**
5002
	 * Returns the requested Jetpack API URL
5003
	 *
5004
	 * @deprecated since 7.7
5005
	 * @return string
5006
	 */
5007
	public static function api_url( $relative_url ) {
5008
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::api_url' );
5009
		$connection = self::connection();
5010
		return $connection->api_url( $relative_url );
5011
	}
5012
5013
	/**
5014
	 * @deprecated 8.0 Use Automattic\Jetpack\Connection\Utils::fix_url_for_bad_hosts() instead.
5015
	 *
5016
	 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
5017
	 */
5018
	public static function fix_url_for_bad_hosts( $url ) {
5019
		_deprecated_function( __METHOD__, 'jetpack-8.0', 'Automattic\\Jetpack\\Connection\\Utils::fix_url_for_bad_hosts' );
5020
		return Connection_Utils::fix_url_for_bad_hosts( $url );
5021
	}
5022
5023
	public static function verify_onboarding_token( $token_data, $token, $request_data ) {
5024
		// Default to a blog token.
5025
		$token_type = 'blog';
5026
5027
		// Let's see if this is onboarding. In such case, use user token type and the provided user id.
5028
		if ( isset( $request_data ) || ! empty( $_GET['onboarding'] ) ) {
5029
			if ( ! empty( $_GET['onboarding'] ) ) {
5030
				$jpo = $_GET;
5031
			} else {
5032
				$jpo = json_decode( $request_data, true );
5033
			}
5034
5035
			$jpo_token = ! empty( $jpo['onboarding']['token'] ) ? $jpo['onboarding']['token'] : null;
5036
			$jpo_user  = ! empty( $jpo['onboarding']['jpUser'] ) ? $jpo['onboarding']['jpUser'] : null;
5037
5038
			if (
5039
				isset( $jpo_user )
5040
				&& isset( $jpo_token )
5041
				&& is_email( $jpo_user )
5042
				&& ctype_alnum( $jpo_token )
5043
				&& isset( $_GET['rest_route'] )
5044
				&& self::validate_onboarding_token_action(
5045
					$jpo_token,
5046
					$_GET['rest_route']
5047
				)
5048
			) {
5049
				$jp_user = get_user_by( 'email', $jpo_user );
5050
				if ( is_a( $jp_user, 'WP_User' ) ) {
5051
					wp_set_current_user( $jp_user->ID );
5052
					$user_can = is_multisite()
5053
						? current_user_can_for_blog( get_current_blog_id(), 'manage_options' )
5054
						: current_user_can( 'manage_options' );
5055
					if ( $user_can ) {
5056
						$token_type              = 'user';
5057
						$token->external_user_id = $jp_user->ID;
5058
					}
5059
				}
5060
			}
5061
5062
			$token_data['type']    = $token_type;
5063
			$token_data['user_id'] = $token->external_user_id;
5064
		}
5065
5066
		return $token_data;
5067
	}
5068
5069
	/**
5070
	 * Create a random secret for validating onboarding payload
5071
	 *
5072
	 * @return string Secret token
5073
	 */
5074
	public static function create_onboarding_token() {
5075
		if ( false === ( $token = Jetpack_Options::get_option( 'onboarding' ) ) ) {
5076
			$token = wp_generate_password( 32, false );
5077
			Jetpack_Options::update_option( 'onboarding', $token );
5078
		}
5079
5080
		return $token;
5081
	}
5082
5083
	/**
5084
	 * Remove the onboarding token
5085
	 *
5086
	 * @return bool True on success, false on failure
5087
	 */
5088
	public static function invalidate_onboarding_token() {
5089
		return Jetpack_Options::delete_option( 'onboarding' );
5090
	}
5091
5092
	/**
5093
	 * Validate an onboarding token for a specific action
5094
	 *
5095
	 * @return boolean True if token/action pair is accepted, false if not
5096
	 */
5097
	public static function validate_onboarding_token_action( $token, $action ) {
5098
		// Compare tokens, bail if tokens do not match
5099
		if ( ! hash_equals( $token, Jetpack_Options::get_option( 'onboarding' ) ) ) {
5100
			return false;
5101
		}
5102
5103
		// List of valid actions we can take
5104
		$valid_actions = array(
5105
			'/jetpack/v4/settings',
5106
		);
5107
5108
		// Whitelist the action
5109
		if ( ! in_array( $action, $valid_actions ) ) {
5110
			return false;
5111
		}
5112
5113
		return true;
5114
	}
5115
5116
	/**
5117
	 * Checks to see if the URL is using SSL to connect with Jetpack
5118
	 *
5119
	 * @since 2.3.3
5120
	 * @return boolean
5121
	 */
5122
	public static function permit_ssl( $force_recheck = false ) {
5123
		// Do some fancy tests to see if ssl is being supported
5124
		if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
5125
			$message = '';
5126
			if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
5127
				$ssl = 0;
5128
			} else {
5129
				switch ( JETPACK_CLIENT__HTTPS ) {
5130
					case 'NEVER':
5131
						$ssl     = 0;
5132
						$message = __( 'JETPACK_CLIENT__HTTPS is set to NEVER', 'jetpack' );
5133
						break;
5134
					case 'ALWAYS':
5135
					case 'AUTO':
5136
					default:
5137
						$ssl = 1;
5138
						break;
5139
				}
5140
5141
				// If it's not 'NEVER', test to see
5142
				if ( $ssl ) {
5143
					if ( ! wp_http_supports( array( 'ssl' => true ) ) ) {
5144
						$ssl     = 0;
5145
						$message = __( 'WordPress reports no SSL support', 'jetpack' );
5146
					} else {
5147
						$response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
5148
						if ( is_wp_error( $response ) ) {
5149
							$ssl     = 0;
5150
							$message = __( 'WordPress reports no SSL support', 'jetpack' );
5151
						} elseif ( 'OK' !== wp_remote_retrieve_body( $response ) ) {
5152
							$ssl     = 0;
5153
							$message = __( 'Response was not OK: ', 'jetpack' ) . wp_remote_retrieve_body( $response );
5154
						}
5155
					}
5156
				}
5157
			}
5158
			set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
5159
			set_transient( 'jetpack_https_test_message', $message, DAY_IN_SECONDS );
5160
		}
5161
5162
		return (bool) $ssl;
5163
	}
5164
5165
	/*
5166
	 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'AUTO' but SSL isn't working.
5167
	 */
5168
	public function alert_auto_ssl_fail() {
5169
		if ( ! current_user_can( 'manage_options' ) ) {
5170
			return;
5171
		}
5172
5173
		$ajax_nonce = wp_create_nonce( 'recheck-ssl' );
5174
		?>
5175
5176
		<div id="jetpack-ssl-warning" class="error jp-identity-crisis">
5177
			<div class="jp-banner__content">
5178
				<h2><?php _e( 'Outbound HTTPS not working', 'jetpack' ); ?></h2>
5179
				<p><?php _e( 'Your site could not connect to WordPress.com via HTTPS. This could be due to any number of reasons, including faulty SSL certificates, misconfigured or missing SSL libraries, or network issues.', 'jetpack' ); ?></p>
5180
				<p>
5181
					<?php _e( 'Jetpack will re-test for HTTPS support once a day, but you can click here to try again immediately: ', 'jetpack' ); ?>
5182
					<a href="#" id="jetpack-recheck-ssl-button"><?php _e( 'Try again', 'jetpack' ); ?></a>
5183
					<span id="jetpack-recheck-ssl-output"><?php echo get_transient( 'jetpack_https_test_message' ); ?></span>
5184
				</p>
5185
				<p>
5186
					<?php
5187
					printf(
5188
						__( 'For more help, try our <a href="%1$s">connection debugger</a> or <a href="%2$s" target="_blank">troubleshooting tips</a>.', 'jetpack' ),
5189
						esc_url( self::admin_url( array( 'page' => 'jetpack-debugger' ) ) ),
5190
						esc_url( 'https://jetpack.com/support/getting-started-with-jetpack/troubleshooting-tips/' )
5191
					);
5192
					?>
5193
				</p>
5194
			</div>
5195
		</div>
5196
		<style>
5197
			#jetpack-recheck-ssl-output { margin-left: 5px; color: red; }
5198
		</style>
5199
		<script type="text/javascript">
5200
			jQuery( document ).ready( function( $ ) {
5201
				$( '#jetpack-recheck-ssl-button' ).click( function( e ) {
5202
					var $this = $( this );
5203
					$this.html( <?php echo json_encode( __( 'Checking', 'jetpack' ) ); ?> );
5204
					$( '#jetpack-recheck-ssl-output' ).html( '' );
5205
					e.preventDefault();
5206
					var data = { action: 'jetpack-recheck-ssl', 'ajax-nonce': '<?php echo $ajax_nonce; ?>' };
5207
					$.post( ajaxurl, data )
5208
					  .done( function( response ) {
5209
						  if ( response.enabled ) {
5210
							  $( '#jetpack-ssl-warning' ).hide();
5211
						  } else {
5212
							  this.html( <?php echo json_encode( __( 'Try again', 'jetpack' ) ); ?> );
5213
							  $( '#jetpack-recheck-ssl-output' ).html( 'SSL Failed: ' + response.message );
5214
						  }
5215
					  }.bind( $this ) );
5216
				} );
5217
			} );
5218
		</script>
5219
5220
		<?php
5221
	}
5222
5223
	/**
5224
	 * Returns the Jetpack XML-RPC API
5225
	 *
5226
	 * @deprecated 8.0 Use Connection_Manager instead.
5227
	 * @return string
5228
	 */
5229
	public static function xmlrpc_api_url() {
5230
		_deprecated_function( __METHOD__, 'jetpack-8.0', 'Automattic\\Jetpack\\Connection\\Manager::xmlrpc_api_url()' );
5231
		return self::connection()->xmlrpc_api_url();
5232
	}
5233
5234
	/**
5235
	 * Returns the connection manager object.
5236
	 *
5237
	 * @return Automattic\Jetpack\Connection\Manager
5238
	 */
5239
	public static function connection() {
5240
		$jetpack = static::init();
5241
5242
		// If the connection manager hasn't been instantiated, do that now.
5243
		if ( ! $jetpack->connection_manager ) {
5244
			$jetpack->connection_manager = new Connection_Manager();
5245
		}
5246
5247
		return $jetpack->connection_manager;
5248
	}
5249
5250
	/**
5251
	 * Creates two secret tokens and the end of life timestamp for them.
5252
	 *
5253
	 * Note these tokens are unique per call, NOT static per site for connecting.
5254
	 *
5255
	 * @since 2.6
5256
	 * @param String  $action  The action name.
5257
	 * @param Integer $user_id The user identifier.
0 ignored issues
show
Should the type for parameter $user_id not be false|integer?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
5258
	 * @param Integer $exp     Expiration time in seconds.
5259
	 * @return array
5260
	 */
5261
	public static function generate_secrets( $action, $user_id = false, $exp = 600 ) {
5262
		return self::connection()->generate_secrets( $action, $user_id, $exp );
5263
	}
5264
5265
	public static function get_secrets( $action, $user_id ) {
5266
		$secrets = self::connection()->get_secrets( $action, $user_id );
5267
5268
		if ( Connection_Manager::SECRETS_MISSING === $secrets ) {
5269
			return new WP_Error( 'verify_secrets_missing', 'Verification secrets not found' );
0 ignored issues
show
The call to WP_Error::__construct() has too many arguments starting with 'verify_secrets_missing'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
5270
		}
5271
5272
		if ( Connection_Manager::SECRETS_EXPIRED === $secrets ) {
5273
			return new WP_Error( 'verify_secrets_expired', 'Verification took too long' );
0 ignored issues
show
The call to WP_Error::__construct() has too many arguments starting with 'verify_secrets_expired'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
5274
		}
5275
5276
		return $secrets;
5277
	}
5278
5279
	/**
5280
	 * @deprecated 7.5 Use Connection_Manager instead.
5281
	 *
5282
	 * @param $action
5283
	 * @param $user_id
5284
	 */
5285
	public static function delete_secrets( $action, $user_id ) {
5286
		return self::connection()->delete_secrets( $action, $user_id );
5287
	}
5288
5289
	/**
5290
	 * Builds the timeout limit for queries talking with the wpcom servers.
5291
	 *
5292
	 * Based on local php max_execution_time in php.ini
5293
	 *
5294
	 * @since 2.6
5295
	 * @return int
5296
	 * @deprecated
5297
	 **/
5298
	public function get_remote_query_timeout_limit() {
5299
		_deprecated_function( __METHOD__, 'jetpack-5.4' );
5300
		return self::get_max_execution_time();
5301
	}
5302
5303
	/**
5304
	 * Builds the timeout limit for queries talking with the wpcom servers.
5305
	 *
5306
	 * Based on local php max_execution_time in php.ini
5307
	 *
5308
	 * @since 5.4
5309
	 * @return int
5310
	 **/
5311
	public static function get_max_execution_time() {
5312
		$timeout = (int) ini_get( 'max_execution_time' );
5313
5314
		// Ensure exec time set in php.ini
5315
		if ( ! $timeout ) {
5316
			$timeout = 30;
5317
		}
5318
		return $timeout;
5319
	}
5320
5321
	/**
5322
	 * Sets a minimum request timeout, and returns the current timeout
5323
	 *
5324
	 * @since 5.4
5325
	 **/
5326 View Code Duplication
	public static function set_min_time_limit( $min_timeout ) {
5327
		$timeout = self::get_max_execution_time();
5328
		if ( $timeout < $min_timeout ) {
5329
			$timeout = $min_timeout;
5330
			set_time_limit( $timeout );
5331
		}
5332
		return $timeout;
5333
	}
5334
5335
	/**
5336
	 * Takes the response from the Jetpack register new site endpoint and
5337
	 * verifies it worked properly.
5338
	 *
5339
	 * @since 2.6
5340
	 * @deprecated since 7.7.0
5341
	 * @see Automattic\Jetpack\Connection\Manager::validate_remote_register_response()
5342
	 **/
5343
	public function validate_remote_register_response() {
5344
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::validate_remote_register_response' );
5345
	}
5346
5347
	/**
5348
	 * @return bool|WP_Error
5349
	 */
5350
	public static function register() {
5351
		$tracking = new Tracking();
5352
		$tracking->record_user_event( 'jpc_register_begin' );
5353
5354
		add_filter( 'jetpack_register_request_body', array( __CLASS__, 'filter_register_request_body' ) );
5355
5356
		$connection   = self::connection();
5357
		$registration = $connection->register();
5358
5359
		remove_filter( 'jetpack_register_request_body', array( __CLASS__, 'filter_register_request_body' ) );
5360
5361
		if ( ! $registration || is_wp_error( $registration ) ) {
5362
			return $registration;
5363
		}
5364
5365
		return true;
5366
	}
5367
5368
	/**
5369
	 * Filters the registration request body to include tracking properties.
5370
	 *
5371
	 * @param Array $properties
5372
	 * @return Array amended properties.
5373
	 */
5374 View Code Duplication
	public static function filter_register_request_body( $properties ) {
5375
		$tracking        = new Tracking();
5376
		$tracks_identity = $tracking->tracks_get_identity( get_current_user_id() );
5377
5378
		return array_merge(
5379
			$properties,
5380
			array(
5381
				'_ui' => $tracks_identity['_ui'],
5382
				'_ut' => $tracks_identity['_ut'],
5383
			)
5384
		);
5385
	}
5386
5387
	/**
5388
	 * Filters the token request body to include tracking properties.
5389
	 *
5390
	 * @param Array $properties
5391
	 * @return Array amended properties.
5392
	 */
5393 View Code Duplication
	public static function filter_token_request_body( $properties ) {
5394
		$tracking        = new Tracking();
5395
		$tracks_identity = $tracking->tracks_get_identity( get_current_user_id() );
5396
5397
		return array_merge(
5398
			$properties,
5399
			array(
5400
				'_ui' => $tracks_identity['_ui'],
5401
				'_ut' => $tracks_identity['_ut'],
5402
			)
5403
		);
5404
	}
5405
5406
	/**
5407
	 * If the db version is showing something other that what we've got now, bump it to current.
5408
	 *
5409
	 * @return bool: True if the option was incorrect and updated, false if nothing happened.
0 ignored issues
show
The doc-type bool: could not be parsed: Unknown type name "bool:" at position 0. (view supported doc-types)

This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types.

Loading history...
5410
	 */
5411
	public static function maybe_set_version_option() {
5412
		list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
5413
		if ( JETPACK__VERSION != $version ) {
5414
			Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
5415
5416
			if ( version_compare( JETPACK__VERSION, $version, '>' ) ) {
5417
				/** This action is documented in class.jetpack.php */
5418
				do_action( 'updating_jetpack_version', JETPACK__VERSION, $version );
5419
			}
5420
5421
			return true;
5422
		}
5423
		return false;
5424
	}
5425
5426
	/* Client Server API */
5427
5428
	/**
5429
	 * Loads the Jetpack XML-RPC client.
5430
	 * No longer necessary, as the XML-RPC client will be automagically loaded.
5431
	 *
5432
	 * @deprecated since 7.7.0
5433
	 */
5434
	public static function load_xml_rpc_client() {
5435
		_deprecated_function( __METHOD__, 'jetpack-7.7' );
5436
	}
5437
5438
	/**
5439
	 * Resets the saved authentication state in between testing requests.
5440
	 */
5441
	public function reset_saved_auth_state() {
5442
		$this->rest_authentication_status = null;
5443
5444
		if ( ! $this->connection_manager ) {
5445
			$this->connection_manager = new Connection_Manager();
5446
		}
5447
5448
		$this->connection_manager->reset_saved_auth_state();
5449
	}
5450
5451
	/**
5452
	 * Verifies the signature of the current request.
5453
	 *
5454
	 * @deprecated since 7.7.0
5455
	 * @see Automattic\Jetpack\Connection\Manager::verify_xml_rpc_signature()
5456
	 *
5457
	 * @return false|array
5458
	 */
5459
	public function verify_xml_rpc_signature() {
5460
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::verify_xml_rpc_signature' );
5461
		return self::connection()->verify_xml_rpc_signature();
5462
	}
5463
5464
	/**
5465
	 * Verifies the signature of the current request.
5466
	 *
5467
	 * This function has side effects and should not be used. Instead,
5468
	 * use the memoized version `->verify_xml_rpc_signature()`.
5469
	 *
5470
	 * @deprecated since 7.7.0
5471
	 * @see Automattic\Jetpack\Connection\Manager::internal_verify_xml_rpc_signature()
5472
	 * @internal
5473
	 */
5474
	private function internal_verify_xml_rpc_signature() {
5475
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::internal_verify_xml_rpc_signature' );
5476
	}
5477
5478
	/**
5479
	 * Authenticates XML-RPC and other requests from the Jetpack Server.
5480
	 *
5481
	 * @deprecated since 7.7.0
5482
	 * @see Automattic\Jetpack\Connection\Manager::authenticate_jetpack()
5483
	 *
5484
	 * @param \WP_User|mixed $user     User object if authenticated.
5485
	 * @param string         $username Username.
5486
	 * @param string         $password Password string.
5487
	 * @return \WP_User|mixed Authenticated user or error.
5488
	 */
5489 View Code Duplication
	public function authenticate_jetpack( $user, $username, $password ) {
5490
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::authenticate_jetpack' );
5491
5492
		if ( ! $this->connection_manager ) {
5493
			$this->connection_manager = new Connection_Manager();
5494
		}
5495
5496
		return $this->connection_manager->authenticate_jetpack( $user, $username, $password );
5497
	}
5498
5499
	// Authenticates requests from Jetpack server to WP REST API endpoints.
5500
	// Uses the existing XMLRPC request signing implementation.
5501
	function wp_rest_authenticate( $user ) {
5502
		if ( ! empty( $user ) ) {
5503
			// Another authentication method is in effect.
5504
			return $user;
5505
		}
5506
5507
		if ( ! isset( $_GET['_for'] ) || $_GET['_for'] !== 'jetpack' ) {
5508
			// Nothing to do for this authentication method.
5509
			return null;
5510
		}
5511
5512
		if ( ! isset( $_GET['token'] ) && ! isset( $_GET['signature'] ) ) {
5513
			// Nothing to do for this authentication method.
5514
			return null;
5515
		}
5516
5517
		// Ensure that we always have the request body available.  At this
5518
		// point, the WP REST API code to determine the request body has not
5519
		// run yet.  That code may try to read from 'php://input' later, but
5520
		// this can only be done once per request in PHP versions prior to 5.6.
5521
		// So we will go ahead and perform this read now if needed, and save
5522
		// the request body where both the Jetpack signature verification code
5523
		// and the WP REST API code can see it.
5524
		if ( ! isset( $GLOBALS['HTTP_RAW_POST_DATA'] ) ) {
5525
			$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents( 'php://input' );
5526
		}
5527
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5528
5529
		// Only support specific request parameters that have been tested and
5530
		// are known to work with signature verification.  A different method
5531
		// can be passed to the WP REST API via the '?_method=' parameter if
5532
		// needed.
5533
		if ( $_SERVER['REQUEST_METHOD'] !== 'GET' && $_SERVER['REQUEST_METHOD'] !== 'POST' ) {
5534
			$this->rest_authentication_status = new WP_Error(
5535
				'rest_invalid_request',
0 ignored issues
show
The call to WP_Error::__construct() has too many arguments starting with 'rest_invalid_request'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
5536
				__( 'This request method is not supported.', 'jetpack' ),
5537
				array( 'status' => 400 )
5538
			);
5539
			return null;
5540
		}
5541
		if ( $_SERVER['REQUEST_METHOD'] !== 'POST' && ! empty( $this->HTTP_RAW_POST_DATA ) ) {
5542
			$this->rest_authentication_status = new WP_Error(
5543
				'rest_invalid_request',
0 ignored issues
show
The call to WP_Error::__construct() has too many arguments starting with 'rest_invalid_request'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
5544
				__( 'This request method does not support body parameters.', 'jetpack' ),
5545
				array( 'status' => 400 )
5546
			);
5547
			return null;
5548
		}
5549
5550
		if ( ! $this->connection_manager ) {
5551
			$this->connection_manager = new Connection_Manager();
5552
		}
5553
5554
		$verified = $this->connection_manager->verify_xml_rpc_signature();
5555
5556
		if (
5557
			$verified &&
5558
			isset( $verified['type'] ) &&
5559
			'user' === $verified['type'] &&
5560
			! empty( $verified['user_id'] )
5561
		) {
5562
			// Authentication successful.
5563
			$this->rest_authentication_status = true;
5564
			return $verified['user_id'];
5565
		}
5566
5567
		// Something else went wrong.  Probably a signature error.
5568
		$this->rest_authentication_status = new WP_Error(
5569
			'rest_invalid_signature',
0 ignored issues
show
The call to WP_Error::__construct() has too many arguments starting with 'rest_invalid_signature'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
5570
			__( 'The request is not signed correctly.', 'jetpack' ),
5571
			array( 'status' => 400 )
5572
		);
5573
		return null;
5574
	}
5575
5576
	/**
5577
	 * Report authentication status to the WP REST API.
5578
	 *
5579
	 * @param  WP_Error|mixed $result Error from another authentication handler, null if we should handle it, or another value if not
0 ignored issues
show
There is no parameter named $result. Was it maybe removed?

This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.

Consider the following example. The parameter $italy is not defined by the method finale(...).

/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}

The most likely cause is that the parameter was removed, but the annotation was not.

Loading history...
5580
	 * @return WP_Error|boolean|null {@see WP_JSON_Server::check_authentication}
5581
	 */
5582
	public function wp_rest_authentication_errors( $value ) {
5583
		if ( $value !== null ) {
5584
			return $value;
5585
		}
5586
		return $this->rest_authentication_status;
5587
	}
5588
5589
	/**
5590
	 * Add our nonce to this request.
5591
	 *
5592
	 * @deprecated since 7.7.0
5593
	 * @see Automattic\Jetpack\Connection\Manager::add_nonce()
5594
	 *
5595
	 * @param int    $timestamp Timestamp of the request.
5596
	 * @param string $nonce     Nonce string.
5597
	 */
5598 View Code Duplication
	public function add_nonce( $timestamp, $nonce ) {
5599
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::add_nonce' );
5600
5601
		if ( ! $this->connection_manager ) {
5602
			$this->connection_manager = new Connection_Manager();
5603
		}
5604
5605
		return $this->connection_manager->add_nonce( $timestamp, $nonce );
5606
	}
5607
5608
	/**
5609
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
5610
	 * Capture it here so we can verify the signature later.
5611
	 *
5612
	 * @deprecated since 7.7.0
5613
	 * @see Automattic\Jetpack\Connection\Manager::xmlrpc_methods()
5614
	 *
5615
	 * @param array $methods XMLRPC methods.
5616
	 * @return array XMLRPC methods, with the $HTTP_RAW_POST_DATA one.
5617
	 */
5618 View Code Duplication
	public function xmlrpc_methods( $methods ) {
5619
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::xmlrpc_methods' );
5620
5621
		if ( ! $this->connection_manager ) {
5622
			$this->connection_manager = new Connection_Manager();
5623
		}
5624
5625
		return $this->connection_manager->xmlrpc_methods( $methods );
5626
	}
5627
5628
	/**
5629
	 * Register additional public XMLRPC methods.
5630
	 *
5631
	 * @deprecated since 7.7.0
5632
	 * @see Automattic\Jetpack\Connection\Manager::public_xmlrpc_methods()
5633
	 *
5634
	 * @param array $methods Public XMLRPC methods.
5635
	 * @return array Public XMLRPC methods, with the getOptions one.
5636
	 */
5637 View Code Duplication
	public function public_xmlrpc_methods( $methods ) {
5638
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::public_xmlrpc_methods' );
5639
5640
		if ( ! $this->connection_manager ) {
5641
			$this->connection_manager = new Connection_Manager();
5642
		}
5643
5644
		return $this->connection_manager->public_xmlrpc_methods( $methods );
5645
	}
5646
5647
	/**
5648
	 * Handles a getOptions XMLRPC method call.
5649
	 *
5650
	 * @deprecated since 7.7.0
5651
	 * @see Automattic\Jetpack\Connection\Manager::jetpack_getOptions()
5652
	 *
5653
	 * @param array $args method call arguments.
5654
	 * @return array an amended XMLRPC server options array.
5655
	 */
5656 View Code Duplication
	public function jetpack_getOptions( $args ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.MethodNameInvalid
5657
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::jetpack_getOptions' );
5658
5659
		if ( ! $this->connection_manager ) {
5660
			$this->connection_manager = new Connection_Manager();
5661
		}
5662
5663
		return $this->connection_manager->jetpack_getOptions( $args );
0 ignored issues
show
The method jetpack_getOptions() does not exist on Automattic\Jetpack\Connection\Manager. Did you maybe mean jetpack_get_options()?

This check marks calls to methods that do not seem to exist on an object.

This is most likely the result of a method being renamed without all references to it being renamed likewise.

Loading history...
5664
	}
5665
5666
	/**
5667
	 * Adds Jetpack-specific options to the output of the XMLRPC options method.
5668
	 *
5669
	 * @deprecated since 7.7.0
5670
	 * @see Automattic\Jetpack\Connection\Manager::xmlrpc_options()
5671
	 *
5672
	 * @param array $options Standard Core options.
5673
	 * @return array Amended options.
5674
	 */
5675 View Code Duplication
	public function xmlrpc_options( $options ) {
5676
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::xmlrpc_options' );
5677
5678
		if ( ! $this->connection_manager ) {
5679
			$this->connection_manager = new Connection_Manager();
5680
		}
5681
5682
		return $this->connection_manager->xmlrpc_options( $options );
5683
	}
5684
5685
	/**
5686
	 * Cleans nonces that were saved when calling ::add_nonce.
5687
	 *
5688
	 * @deprecated since 7.7.0
5689
	 * @see Automattic\Jetpack\Connection\Manager::clean_nonces()
5690
	 *
5691
	 * @param bool $all whether to clean even non-expired nonces.
5692
	 */
5693
	public static function clean_nonces( $all = false ) {
5694
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::clean_nonces' );
5695
		return self::connection()->clean_nonces( $all );
5696
	}
5697
5698
	/**
5699
	 * State is passed via cookies from one request to the next, but never to subsequent requests.
5700
	 * SET: state( $key, $value );
5701
	 * GET: $value = state( $key );
5702
	 *
5703
	 * @param string $key
0 ignored issues
show
Should the type for parameter $key not be string|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
5704
	 * @param string $value
0 ignored issues
show
Should the type for parameter $value not be string|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
5705
	 * @param bool   $restate private
5706
	 */
5707
	public static function state( $key = null, $value = null, $restate = false ) {
5708
		static $state = array();
5709
		static $path, $domain;
5710
		if ( ! isset( $path ) ) {
5711
			require_once ABSPATH . 'wp-admin/includes/plugin.php';
5712
			$admin_url = self::admin_url();
5713
			$bits      = wp_parse_url( $admin_url );
5714
5715
			if ( is_array( $bits ) ) {
5716
				$path   = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
5717
				$domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
5718
			} else {
5719
				$path = $domain = null;
5720
			}
5721
		}
5722
5723
		// Extract state from cookies and delete cookies
5724
		if ( isset( $_COOKIE['jetpackState'] ) && is_array( $_COOKIE['jetpackState'] ) ) {
5725
			$yum = $_COOKIE['jetpackState'];
5726
			unset( $_COOKIE['jetpackState'] );
5727
			foreach ( $yum as $k => $v ) {
5728
				if ( strlen( $v ) ) {
5729
					$state[ $k ] = $v;
5730
				}
5731
				setcookie( "jetpackState[$k]", false, 0, $path, $domain );
5732
			}
5733
		}
5734
5735
		if ( $restate ) {
5736
			foreach ( $state as $k => $v ) {
5737
				setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
5738
			}
5739
			return;
5740
		}
5741
5742
		// Get a state variable
5743
		if ( isset( $key ) && ! isset( $value ) ) {
5744
			if ( array_key_exists( $key, $state ) ) {
5745
				return $state[ $key ];
5746
			}
5747
			return null;
5748
		}
5749
5750
		// Set a state variable
5751
		if ( isset( $key ) && isset( $value ) ) {
5752
			if ( is_array( $value ) && isset( $value[0] ) ) {
5753
				$value = $value[0];
5754
			}
5755
			$state[ $key ] = $value;
5756
			if ( ! headers_sent() ) {
5757
				setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5758
			}
5759
		}
5760
	}
5761
5762
	public static function restate() {
5763
		self::state( null, null, true );
5764
	}
5765
5766
	public static function check_privacy( $file ) {
5767
		static $is_site_publicly_accessible = null;
5768
5769
		if ( is_null( $is_site_publicly_accessible ) ) {
5770
			$is_site_publicly_accessible = false;
5771
5772
			$rpc = new Jetpack_IXR_Client();
5773
5774
			$success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5775
			if ( $success ) {
5776
				$response = $rpc->getResponse();
5777
				if ( $response ) {
5778
					$is_site_publicly_accessible = true;
5779
				}
5780
			}
5781
5782
			Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5783
		}
5784
5785
		if ( $is_site_publicly_accessible ) {
5786
			return;
5787
		}
5788
5789
		$module_slug = self::get_module_slug( $file );
5790
5791
		$privacy_checks = self::state( 'privacy_checks' );
5792
		if ( ! $privacy_checks ) {
5793
			$privacy_checks = $module_slug;
5794
		} else {
5795
			$privacy_checks .= ",$module_slug";
5796
		}
5797
5798
		self::state( 'privacy_checks', $privacy_checks );
5799
	}
5800
5801
	/**
5802
	 * Helper method for multicall XMLRPC.
5803
	 *
5804
	 * @param ...$args Args for the async_call.
5805
	 */
5806
	public static function xmlrpc_async_call( ...$args ) {
5807
		global $blog_id;
5808
		static $clients = array();
5809
5810
		$client_blog_id = is_multisite() ? $blog_id : 0;
5811
5812
		if ( ! isset( $clients[ $client_blog_id ] ) ) {
5813
			$clients[ $client_blog_id ] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER ) );
5814
			if ( function_exists( 'ignore_user_abort' ) ) {
5815
				ignore_user_abort( true );
5816
			}
5817
			add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5818
		}
5819
5820
		if ( ! empty( $args[0] ) ) {
5821
			call_user_func_array( array( $clients[ $client_blog_id ], 'addCall' ), $args );
5822
		} elseif ( is_multisite() ) {
5823
			foreach ( $clients as $client_blog_id => $client ) {
5824
				if ( ! $client_blog_id || empty( $client->calls ) ) {
5825
					continue;
5826
				}
5827
5828
				$switch_success = switch_to_blog( $client_blog_id, true );
5829
				if ( ! $switch_success ) {
5830
					continue;
5831
				}
5832
5833
				flush();
5834
				$client->query();
5835
5836
				restore_current_blog();
5837
			}
5838
		} else {
5839
			if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5840
				flush();
5841
				$clients[0]->query();
5842
			}
5843
		}
5844
	}
5845
5846
	public static function staticize_subdomain( $url ) {
5847
5848
		// Extract hostname from URL
5849
		$host = wp_parse_url( $url, PHP_URL_HOST );
5850
5851
		// Explode hostname on '.'
5852
		$exploded_host = explode( '.', $host );
5853
5854
		// Retrieve the name and TLD
5855
		if ( count( $exploded_host ) > 1 ) {
5856
			$name = $exploded_host[ count( $exploded_host ) - 2 ];
5857
			$tld  = $exploded_host[ count( $exploded_host ) - 1 ];
5858
			// Rebuild domain excluding subdomains
5859
			$domain = $name . '.' . $tld;
5860
		} else {
5861
			$domain = $host;
5862
		}
5863
		// Array of Automattic domains
5864
		$domain_whitelist = array( 'wordpress.com', 'wp.com' );
5865
5866
		// Return $url if not an Automattic domain
5867
		if ( ! in_array( $domain, $domain_whitelist ) ) {
5868
			return $url;
5869
		}
5870
5871
		if ( is_ssl() ) {
5872
			return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5873
		}
5874
5875
		srand( crc32( basename( $url ) ) );
5876
		$static_counter = rand( 0, 2 );
5877
		srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5878
5879
		return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5880
	}
5881
5882
	/* JSON API Authorization */
5883
5884
	/**
5885
	 * Handles the login action for Authorizing the JSON API
5886
	 */
5887
	function login_form_json_api_authorization() {
5888
		$this->verify_json_api_authorization_request();
5889
5890
		add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5891
5892
		add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5893
		add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5894
		add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5895
	}
5896
5897
	// Make sure the login form is POSTed to the signed URL so we can reverify the request
5898
	function post_login_form_to_signed_url( $url, $path, $scheme ) {
5899
		if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5900
			return $url;
5901
		}
5902
5903
		$parsed_url = wp_parse_url( $url );
5904
		$url        = strtok( $url, '?' );
5905
		$url        = "$url?{$_SERVER['QUERY_STRING']}";
5906
		if ( ! empty( $parsed_url['query'] ) ) {
5907
			$url .= "&{$parsed_url['query']}";
5908
		}
5909
5910
		return $url;
5911
	}
5912
5913
	// Make sure the POSTed request is handled by the same action
5914
	function preserve_action_in_login_form_for_json_api_authorization() {
5915
		echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
5916
		echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
5917
	}
5918
5919
	// If someone logs in to approve API access, store the Access Code in usermeta
5920
	function store_json_api_authorization_token( $user_login, $user ) {
5921
		add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
5922
		add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
5923
		$token = wp_generate_password( 32, false );
5924
		update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
5925
	}
5926
5927
	// Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
5928
	function allow_wpcom_public_api_domain( $domains ) {
5929
		$domains[] = 'public-api.wordpress.com';
5930
		return $domains;
5931
	}
5932
5933
	static function is_redirect_encoded( $redirect_url ) {
5934
		return preg_match( '/https?%3A%2F%2F/i', $redirect_url ) > 0;
5935
	}
5936
5937
	// Add all wordpress.com environments to the safe redirect whitelist
5938
	function allow_wpcom_environments( $domains ) {
5939
		$domains[] = 'wordpress.com';
5940
		$domains[] = 'wpcalypso.wordpress.com';
5941
		$domains[] = 'horizon.wordpress.com';
5942
		$domains[] = 'calypso.localhost';
5943
		return $domains;
5944
	}
5945
5946
	// Add the Access Code details to the public-api.wordpress.com redirect
5947
	function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
5948
		return add_query_arg(
5949
			urlencode_deep(
5950
				array(
5951
					'jetpack-code'    => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
5952
					'jetpack-user-id' => (int) $user->ID,
5953
					'jetpack-state'   => $this->json_api_authorization_request['state'],
5954
				)
5955
			),
5956
			$redirect_to
5957
		);
5958
	}
5959
5960
5961
	/**
5962
	 * Verifies the request by checking the signature
5963
	 *
5964
	 * @since 4.6.0 Method was updated to use `$_REQUEST` instead of `$_GET` and `$_POST`. Method also updated to allow
5965
	 * passing in an `$environment` argument that overrides `$_REQUEST`. This was useful for integrating with SSO.
5966
	 *
5967
	 * @param null|array $environment
5968
	 */
5969
	function verify_json_api_authorization_request( $environment = null ) {
5970
		$environment = is_null( $environment )
5971
			? $_REQUEST
5972
			: $environment;
5973
5974
		list( $envToken, $envVersion, $envUserId ) = explode( ':', $environment['token'] );
0 ignored issues
show
The assignment to $envVersion is unused. Consider omitting it like so list($first,,$third).

This checks looks for assignemnts to variables using the list(...) function, where not all assigned variables are subsequently used.

Consider the following code example.

<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;

Only the variables $a and $c are used. There was no need to assign $b.

Instead, the list call could have been.

list($a,, $c) = returnThreeValues();
Loading history...
5975
		$token                                     = Jetpack_Data::get_access_token( $envUserId, $envToken );
0 ignored issues
show
Deprecated Code introduced by
The method Jetpack_Data::get_access_token() has been deprecated with message: 7.5 Use Connection_Manager instead.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
5976
		if ( ! $token || empty( $token->secret ) ) {
5977
			wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.', 'jetpack' ) );
5978
		}
5979
5980
		$die_error = __( 'Someone may be trying to trick you into giving them access to your site.  Or it could be you just encountered a bug :).  Either way, please close this window.', 'jetpack' );
5981
5982
		// Host has encoded the request URL, probably as a result of a bad http => https redirect
5983
		if ( self::is_redirect_encoded( $_GET['redirect_to'] ) ) {
5984
			/**
5985
			 * Jetpack authorisation request Error.
5986
			 *
5987
			 * @since 7.5.0
5988
			 */
5989
			do_action( 'jetpack_verify_api_authorization_request_error_double_encode' );
5990
			$die_error = sprintf(
5991
				/* translators: %s is a URL */
5992
				__( 'Your site is incorrectly double-encoding redirects from http to https. This is preventing Jetpack from authenticating your connection. Please visit our <a href="%s">support page</a> for details about how to resolve this.', 'jetpack' ),
5993
				'https://jetpack.com/support/double-encoding/'
5994
			);
5995
		}
5996
5997
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5998
5999
		if ( isset( $environment['jetpack_json_api_original_query'] ) ) {
6000
			$signature = $jetpack_signature->sign_request(
6001
				$environment['token'],
6002
				$environment['timestamp'],
6003
				$environment['nonce'],
6004
				'',
6005
				'GET',
6006
				$environment['jetpack_json_api_original_query'],
6007
				null,
6008
				true
6009
			);
6010
		} else {
6011
			$signature = $jetpack_signature->sign_current_request(
6012
				array(
6013
					'body'   => null,
6014
					'method' => 'GET',
6015
				)
6016
			);
6017
		}
6018
6019
		if ( ! $signature ) {
6020
			wp_die( $die_error );
6021
		} elseif ( is_wp_error( $signature ) ) {
6022
			wp_die( $die_error );
6023
		} elseif ( ! hash_equals( $signature, $environment['signature'] ) ) {
6024
			if ( is_ssl() ) {
6025
				// If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
6026
				$signature = $jetpack_signature->sign_current_request(
6027
					array(
6028
						'scheme' => 'http',
6029
						'body'   => null,
6030
						'method' => 'GET',
6031
					)
6032
				);
6033
				if ( ! $signature || is_wp_error( $signature ) || ! hash_equals( $signature, $environment['signature'] ) ) {
6034
					wp_die( $die_error );
6035
				}
6036
			} else {
6037
				wp_die( $die_error );
6038
			}
6039
		}
6040
6041
		$timestamp = (int) $environment['timestamp'];
6042
		$nonce     = stripslashes( (string) $environment['nonce'] );
6043
6044
		if ( ! $this->connection_manager ) {
6045
			$this->connection_manager = new Connection_Manager();
6046
		}
6047
6048
		if ( ! $this->connection_manager->add_nonce( $timestamp, $nonce ) ) {
6049
			// De-nonce the nonce, at least for 5 minutes.
6050
			// We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
6051
			$old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
6052
			if ( $old_nonce_time < time() - 300 ) {
6053
				wp_die( __( 'The authorization process expired.  Please go back and try again.', 'jetpack' ) );
6054
			}
6055
		}
6056
6057
		$data         = json_decode( base64_decode( stripslashes( $environment['data'] ) ) );
6058
		$data_filters = array(
6059
			'state'        => 'opaque',
6060
			'client_id'    => 'int',
6061
			'client_title' => 'string',
6062
			'client_image' => 'url',
6063
		);
6064
6065
		foreach ( $data_filters as $key => $sanitation ) {
6066
			if ( ! isset( $data->$key ) ) {
6067
				wp_die( $die_error );
6068
			}
6069
6070
			switch ( $sanitation ) {
6071
				case 'int':
6072
					$this->json_api_authorization_request[ $key ] = (int) $data->$key;
6073
					break;
6074
				case 'opaque':
6075
					$this->json_api_authorization_request[ $key ] = (string) $data->$key;
6076
					break;
6077
				case 'string':
6078
					$this->json_api_authorization_request[ $key ] = wp_kses( (string) $data->$key, array() );
6079
					break;
6080
				case 'url':
6081
					$this->json_api_authorization_request[ $key ] = esc_url_raw( (string) $data->$key );
6082
					break;
6083
			}
6084
		}
6085
6086
		if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
6087
			wp_die( $die_error );
6088
		}
6089
	}
6090
6091
	function login_message_json_api_authorization( $message ) {
6092
		return '<p class="message">' . sprintf(
6093
			esc_html__( '%s wants to access your site&#8217;s data.  Log in to authorize that access.', 'jetpack' ),
6094
			'<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
6095
		) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
6096
	}
6097
6098
	/**
6099
	 * Get $content_width, but with a <s>twist</s> filter.
6100
	 */
6101
	public static function get_content_width() {
6102
		$content_width = ( isset( $GLOBALS['content_width'] ) && is_numeric( $GLOBALS['content_width'] ) )
6103
			? $GLOBALS['content_width']
6104
			: false;
6105
		/**
6106
		 * Filter the Content Width value.
6107
		 *
6108
		 * @since 2.2.3
6109
		 *
6110
		 * @param string $content_width Content Width value.
6111
		 */
6112
		return apply_filters( 'jetpack_content_width', $content_width );
6113
	}
6114
6115
	/**
6116
	 * Pings the WordPress.com Mirror Site for the specified options.
6117
	 *
6118
	 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
6119
	 *
6120
	 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
6121
	 */
6122
	public function get_cloud_site_options( $option_names ) {
6123
		$option_names = array_filter( (array) $option_names, 'is_string' );
6124
6125
		$xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER ) );
6126
		$xml->query( 'jetpack.fetchSiteOptions', $option_names );
6127
		if ( $xml->isError() ) {
6128
			return array(
6129
				'error_code' => $xml->getErrorCode(),
6130
				'error_msg'  => $xml->getErrorMessage(),
6131
			);
6132
		}
6133
		$cloud_site_options = $xml->getResponse();
6134
6135
		return $cloud_site_options;
6136
	}
6137
6138
	/**
6139
	 * Checks if the site is currently in an identity crisis.
6140
	 *
6141
	 * @return array|bool Array of options that are in a crisis, or false if everything is OK.
6142
	 */
6143
	public static function check_identity_crisis() {
6144
		if ( ! self::is_active() || ( new Status() )->is_development_mode() || ! self::validate_sync_error_idc_option() ) {
6145
			return false;
6146
		}
6147
6148
		return Jetpack_Options::get_option( 'sync_error_idc' );
6149
	}
6150
6151
	/**
6152
	 * Checks whether the home and siteurl specifically are whitelisted
6153
	 * Written so that we don't have re-check $key and $value params every time
6154
	 * we want to check if this site is whitelisted, for example in footer.php
6155
	 *
6156
	 * @since  3.8.0
6157
	 * @return bool True = already whitelisted False = not whitelisted
6158
	 */
6159
	public static function is_staging_site() {
6160
		_deprecated_function( 'Jetpack::is_staging_site', 'jetpack-8.1', '/Automattic/Jetpack/Status->is_staging_site' );
6161
		return ( new Status() )->is_staging_site();
6162
	}
6163
6164
	/**
6165
	 * Checks whether the sync_error_idc option is valid or not, and if not, will do cleanup.
6166
	 *
6167
	 * @since 4.4.0
6168
	 * @since 5.4.0 Do not call get_sync_error_idc_option() unless site is in IDC
6169
	 *
6170
	 * @return bool
6171
	 */
6172
	public static function validate_sync_error_idc_option() {
6173
		$is_valid = false;
6174
6175
		$idc_allowed = get_transient( 'jetpack_idc_allowed' );
6176
		if ( false === $idc_allowed ) {
6177
			$response = wp_remote_get( 'https://jetpack.com/is-idc-allowed/' );
6178
			if ( 200 === (int) wp_remote_retrieve_response_code( $response ) ) {
6179
				$json               = json_decode( wp_remote_retrieve_body( $response ) );
6180
				$idc_allowed        = isset( $json, $json->result ) && $json->result ? '1' : '0';
6181
				$transient_duration = HOUR_IN_SECONDS;
6182
			} else {
6183
				// If the request failed for some reason, then assume IDC is allowed and set shorter transient.
6184
				$idc_allowed        = '1';
6185
				$transient_duration = 5 * MINUTE_IN_SECONDS;
6186
			}
6187
6188
			set_transient( 'jetpack_idc_allowed', $idc_allowed, $transient_duration );
6189
		}
6190
6191
		// Is the site opted in and does the stored sync_error_idc option match what we now generate?
6192
		$sync_error = Jetpack_Options::get_option( 'sync_error_idc' );
6193
		if ( $idc_allowed && $sync_error && self::sync_idc_optin() ) {
6194
			$local_options = self::get_sync_error_idc_option();
6195
			// Ensure all values are set.
6196
			if ( isset( $sync_error['home'] ) && isset ( $local_options['home'] ) && isset( $sync_error['siteurl'] ) && isset( $local_options['siteurl'] ) ) {
6197
				if ( $sync_error['home'] === $local_options['home'] && $sync_error['siteurl'] === $local_options['siteurl'] ) {
6198
					$is_valid = true;
6199
				}
6200
			}
6201
6202
		}
6203
6204
		/**
6205
		 * Filters whether the sync_error_idc option is valid.
6206
		 *
6207
		 * @since 4.4.0
6208
		 *
6209
		 * @param bool $is_valid If the sync_error_idc is valid or not.
6210
		 */
6211
		$is_valid = (bool) apply_filters( 'jetpack_sync_error_idc_validation', $is_valid );
6212
6213
		if ( ! $idc_allowed || ( ! $is_valid && $sync_error ) ) {
6214
			// Since the option exists, and did not validate, delete it
6215
			Jetpack_Options::delete_option( 'sync_error_idc' );
6216
		}
6217
6218
		return $is_valid;
6219
	}
6220
6221
	/**
6222
	 * Normalizes a url by doing three things:
6223
	 *  - Strips protocol
6224
	 *  - Strips www
6225
	 *  - Adds a trailing slash
6226
	 *
6227
	 * @since 4.4.0
6228
	 * @param string $url
6229
	 * @return WP_Error|string
6230
	 */
6231
	public static function normalize_url_protocol_agnostic( $url ) {
6232
		$parsed_url = wp_parse_url( trailingslashit( esc_url_raw( $url ) ) );
6233
		if ( ! $parsed_url || empty( $parsed_url['host'] ) || empty( $parsed_url['path'] ) ) {
6234
			return new WP_Error( 'cannot_parse_url', sprintf( esc_html__( 'Cannot parse URL %s', 'jetpack' ), $url ) );
0 ignored issues
show
The call to WP_Error::__construct() has too many arguments starting with 'cannot_parse_url'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
6235
		}
6236
6237
		// Strip www and protocols
6238
		$url = preg_replace( '/^www\./i', '', $parsed_url['host'] . $parsed_url['path'] );
6239
		return $url;
6240
	}
6241
6242
	/**
6243
	 * Gets the value that is to be saved in the jetpack_sync_error_idc option.
6244
	 *
6245
	 * @since 4.4.0
6246
	 * @since 5.4.0 Add transient since home/siteurl retrieved directly from DB
6247
	 *
6248
	 * @param array $response
6249
	 * @return array Array of the local urls, wpcom urls, and error code
6250
	 */
6251
	public static function get_sync_error_idc_option( $response = array() ) {
6252
		// Since the local options will hit the database directly, store the values
6253
		// in a transient to allow for autoloading and caching on subsequent views.
6254
		$local_options = get_transient( 'jetpack_idc_local' );
6255
		if ( false === $local_options ) {
6256
			$local_options = array(
6257
				'home'    => Functions::home_url(),
6258
				'siteurl' => Functions::site_url(),
6259
			);
6260
			set_transient( 'jetpack_idc_local', $local_options, MINUTE_IN_SECONDS );
6261
		}
6262
6263
		$options = array_merge( $local_options, $response );
6264
6265
		$returned_values = array();
6266
		foreach ( $options as $key => $option ) {
6267
			if ( 'error_code' === $key ) {
6268
				$returned_values[ $key ] = $option;
6269
				continue;
6270
			}
6271
6272
			if ( is_wp_error( $normalized_url = self::normalize_url_protocol_agnostic( $option ) ) ) {
6273
				continue;
6274
			}
6275
6276
			$returned_values[ $key ] = $normalized_url;
6277
		}
6278
6279
		set_transient( 'jetpack_idc_option', $returned_values, MINUTE_IN_SECONDS );
6280
6281
		return $returned_values;
6282
	}
6283
6284
	/**
6285
	 * Returns the value of the jetpack_sync_idc_optin filter, or constant.
6286
	 * If set to true, the site will be put into staging mode.
6287
	 *
6288
	 * @since 4.3.2
6289
	 * @return bool
6290
	 */
6291
	public static function sync_idc_optin() {
6292
		if ( Constants::is_defined( 'JETPACK_SYNC_IDC_OPTIN' ) ) {
6293
			$default = Constants::get_constant( 'JETPACK_SYNC_IDC_OPTIN' );
6294
		} else {
6295
			$default = ! Constants::is_defined( 'SUNRISE' ) && ! is_multisite();
6296
		}
6297
6298
		/**
6299
		 * Allows sites to opt in to IDC mitigation which blocks the site from syncing to WordPress.com when the home
6300
		 * URL or site URL do not match what WordPress.com expects. The default value is either false, or the value of
6301
		 * JETPACK_SYNC_IDC_OPTIN constant if set.
6302
		 *
6303
		 * @since 4.3.2
6304
		 *
6305
		 * @param bool $default Whether the site is opted in to IDC mitigation.
6306
		 */
6307
		return (bool) apply_filters( 'jetpack_sync_idc_optin', $default );
6308
	}
6309
6310
	/**
6311
	 * Maybe Use a .min.css stylesheet, maybe not.
6312
	 *
6313
	 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
6314
	 */
6315
	public static function maybe_min_asset( $url, $path, $plugin ) {
6316
		// Short out on things trying to find actual paths.
6317
		if ( ! $path || empty( $plugin ) ) {
6318
			return $url;
6319
		}
6320
6321
		$path = ltrim( $path, '/' );
6322
6323
		// Strip out the abspath.
6324
		$base = dirname( plugin_basename( $plugin ) );
6325
6326
		// Short out on non-Jetpack assets.
6327
		if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
6328
			return $url;
6329
		}
6330
6331
		// File name parsing.
6332
		$file              = "{$base}/{$path}";
6333
		$full_path         = JETPACK__PLUGIN_DIR . substr( $file, 8 );
6334
		$file_name         = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
6335
		$file_name_parts_r = array_reverse( explode( '.', $file_name ) );
6336
		$extension         = array_shift( $file_name_parts_r );
6337
6338
		if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
6339
			// Already pointing at the minified version.
6340
			if ( 'min' === $file_name_parts_r[0] ) {
6341
				return $url;
6342
			}
6343
6344
			$min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
6345
			if ( file_exists( $min_full_path ) ) {
6346
				$url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
6347
				// If it's a CSS file, stash it so we can set the .min suffix for rtl-ing.
6348
				if ( 'css' === $extension ) {
6349
					$key                      = str_replace( JETPACK__PLUGIN_DIR, 'jetpack/', $min_full_path );
6350
					self::$min_assets[ $key ] = $path;
6351
				}
6352
			}
6353
		}
6354
6355
		return $url;
6356
	}
6357
6358
	/**
6359
	 * If the asset is minified, let's flag .min as the suffix.
6360
	 *
6361
	 * Attached to `style_loader_src` filter.
6362
	 *
6363
	 * @param string $tag The tag that would link to the external asset.
0 ignored issues
show
There is no parameter named $tag. Was it maybe removed?

This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.

Consider the following example. The parameter $italy is not defined by the method finale(...).

/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}

The most likely cause is that the parameter was removed, but the annotation was not.

Loading history...
6364
	 * @param string $handle The registered handle of the script in question.
6365
	 * @param string $href The url of the asset in question.
0 ignored issues
show
There is no parameter named $href. Was it maybe removed?

This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.

Consider the following example. The parameter $italy is not defined by the method finale(...).

/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}

The most likely cause is that the parameter was removed, but the annotation was not.

Loading history...
6366
	 */
6367
	public static function set_suffix_on_min( $src, $handle ) {
6368
		if ( false === strpos( $src, '.min.css' ) ) {
6369
			return $src;
6370
		}
6371
6372
		if ( ! empty( self::$min_assets ) ) {
6373
			foreach ( self::$min_assets as $file => $path ) {
6374
				if ( false !== strpos( $src, $file ) ) {
6375
					wp_style_add_data( $handle, 'suffix', '.min' );
6376
					return $src;
6377
				}
6378
			}
6379
		}
6380
6381
		return $src;
6382
	}
6383
6384
	/**
6385
	 * Maybe inlines a stylesheet.
6386
	 *
6387
	 * If you'd like to inline a stylesheet instead of printing a link to it,
6388
	 * wp_style_add_data( 'handle', 'jetpack-inline', true );
6389
	 *
6390
	 * Attached to `style_loader_tag` filter.
6391
	 *
6392
	 * @param string $tag The tag that would link to the external asset.
6393
	 * @param string $handle The registered handle of the script in question.
6394
	 *
6395
	 * @return string
6396
	 */
6397
	public static function maybe_inline_style( $tag, $handle ) {
6398
		global $wp_styles;
6399
		$item = $wp_styles->registered[ $handle ];
6400
6401
		if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
6402
			return $tag;
6403
		}
6404
6405
		if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
6406
			$href = $matches[1];
6407
			// Strip off query string
6408
			if ( $pos = strpos( $href, '?' ) ) {
6409
				$href = substr( $href, 0, $pos );
6410
			}
6411
			// Strip off fragment
6412
			if ( $pos = strpos( $href, '#' ) ) {
6413
				$href = substr( $href, 0, $pos );
6414
			}
6415
		} else {
6416
			return $tag;
6417
		}
6418
6419
		$plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
6420
		if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
6421
			return $tag;
6422
		}
6423
6424
		// If this stylesheet has a RTL version, and the RTL version replaces normal...
6425
		if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
6426
			// And this isn't the pass that actually deals with the RTL version...
6427
			if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
6428
				// Short out, as the RTL version will deal with it in a moment.
6429
				return $tag;
6430
			}
6431
		}
6432
6433
		$file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
6434
		$css  = self::absolutize_css_urls( file_get_contents( $file ), $href );
6435
		if ( $css ) {
6436
			$tag = "<!-- Inline {$item->handle} -->\r\n";
6437
			if ( empty( $item->extra['after'] ) ) {
6438
				wp_add_inline_style( $handle, $css );
6439
			} else {
6440
				array_unshift( $item->extra['after'], $css );
6441
				wp_style_add_data( $handle, 'after', $item->extra['after'] );
6442
			}
6443
		}
6444
6445
		return $tag;
6446
	}
6447
6448
	/**
6449
	 * Loads a view file from the views
6450
	 *
6451
	 * Data passed in with the $data parameter will be available in the
6452
	 * template file as $data['value']
6453
	 *
6454
	 * @param string $template - Template file to load
6455
	 * @param array  $data - Any data to pass along to the template
6456
	 * @return boolean - If template file was found
6457
	 **/
6458
	public function load_view( $template, $data = array() ) {
6459
		$views_dir = JETPACK__PLUGIN_DIR . 'views/';
6460
6461
		if ( file_exists( $views_dir . $template ) ) {
6462
			require_once $views_dir . $template;
6463
			return true;
6464
		}
6465
6466
		error_log( "Jetpack: Unable to find view file $views_dir$template" );
6467
		return false;
6468
	}
6469
6470
	/**
6471
	 * Throws warnings for deprecated hooks to be removed from Jetpack
6472
	 */
6473
	public function deprecated_hooks() {
6474
		global $wp_filter;
6475
6476
		/*
6477
		 * Format:
6478
		 * deprecated_filter_name => replacement_name
6479
		 *
6480
		 * If there is no replacement, use null for replacement_name
6481
		 */
6482
		$deprecated_list = array(
6483
			'jetpack_bail_on_shortcode'                    => 'jetpack_shortcodes_to_include',
6484
			'wpl_sharing_2014_1'                           => null,
6485
			'jetpack-tools-to-include'                     => 'jetpack_tools_to_include',
6486
			'jetpack_identity_crisis_options_to_check'     => null,
6487
			'update_option_jetpack_single_user_site'       => null,
6488
			'audio_player_default_colors'                  => null,
6489
			'add_option_jetpack_featured_images_enabled'   => null,
6490
			'add_option_jetpack_update_details'            => null,
6491
			'add_option_jetpack_updates'                   => null,
6492
			'add_option_jetpack_network_name'              => null,
6493
			'add_option_jetpack_network_allow_new_registrations' => null,
6494
			'add_option_jetpack_network_add_new_users'     => null,
6495
			'add_option_jetpack_network_site_upload_space' => null,
6496
			'add_option_jetpack_network_upload_file_types' => null,
6497
			'add_option_jetpack_network_enable_administration_menus' => null,
6498
			'add_option_jetpack_is_multi_site'             => null,
6499
			'add_option_jetpack_is_main_network'           => null,
6500
			'add_option_jetpack_main_network_site'         => null,
6501
			'jetpack_sync_all_registered_options'          => null,
6502
			'jetpack_has_identity_crisis'                  => 'jetpack_sync_error_idc_validation',
6503
			'jetpack_is_post_mailable'                     => null,
6504
			'jetpack_seo_site_host'                        => null,
6505
			'jetpack_installed_plugin'                     => 'jetpack_plugin_installed',
6506
			'jetpack_holiday_snow_option_name'             => null,
6507
			'jetpack_holiday_chance_of_snow'               => null,
6508
			'jetpack_holiday_snow_js_url'                  => null,
6509
			'jetpack_is_holiday_snow_season'               => null,
6510
			'jetpack_holiday_snow_option_updated'          => null,
6511
			'jetpack_holiday_snowing'                      => null,
6512
			'jetpack_sso_auth_cookie_expirtation'          => 'jetpack_sso_auth_cookie_expiration',
6513
			'jetpack_cache_plans'                          => null,
6514
			'jetpack_updated_theme'                        => 'jetpack_updated_themes',
6515
			'jetpack_lazy_images_skip_image_with_atttributes' => 'jetpack_lazy_images_skip_image_with_attributes',
6516
			'jetpack_enable_site_verification'             => null,
6517
			'can_display_jetpack_manage_notice'            => null,
6518
			// Removed in Jetpack 7.3.0
6519
			'atd_load_scripts'                             => null,
6520
			'atd_http_post_timeout'                        => null,
6521
			'atd_http_post_error'                          => null,
6522
			'atd_service_domain'                           => null,
6523
			'jetpack_widget_authors_exclude'               => 'jetpack_widget_authors_params',
6524
			// Removed in Jetpack 7.9.0
6525
			'jetpack_pwa_manifest'                         => null,
6526
			'jetpack_pwa_background_color'                 => null,
6527
			// Removed in Jetpack 8.3.0.
6528
			'jetpack_check_mobile'                         => null,
6529
			'jetpack_mobile_stylesheet'                    => null,
6530
			'jetpack_mobile_template'                      => null,
6531
			'mobile_reject_mobile'                         => null,
6532
			'mobile_force_mobile'                          => null,
6533
			'mobile_app_promo_download'                    => null,
6534
			'mobile_setup'                                 => null,
6535
			'jetpack_mobile_footer_before'                 => null,
6536
			'wp_mobile_theme_footer'                       => null,
6537
			'minileven_credits'                            => null,
6538
			'jetpack_mobile_header_before'                 => null,
6539
			'jetpack_mobile_header_after'                  => null,
6540
			'jetpack_mobile_theme_menu'                    => null,
6541
			'minileven_show_featured_images'               => null,
6542
			'minileven_attachment_size'                    => null,
6543
		);
6544
6545
		// This is a silly loop depth. Better way?
6546
		foreach ( $deprecated_list as $hook => $hook_alt ) {
6547
			if ( has_action( $hook ) ) {
6548
				foreach ( $wp_filter[ $hook ] as $func => $values ) {
6549
					foreach ( $values as $hooked ) {
6550
						if ( is_callable( $hooked['function'] ) ) {
6551
							$function_name = 'an anonymous function';
6552
						} else {
6553
							$function_name = $hooked['function'];
6554
						}
6555
						_deprecated_function( $hook . ' used for ' . $function_name, null, $hook_alt );
6556
					}
6557
				}
6558
			}
6559
		}
6560
	}
6561
6562
	/**
6563
	 * Converts any url in a stylesheet, to the correct absolute url.
6564
	 *
6565
	 * Considerations:
6566
	 *  - Normal, relative URLs     `feh.png`
6567
	 *  - Data URLs                 `data:image/gif;base64,eh129ehiuehjdhsa==`
6568
	 *  - Schema-agnostic URLs      `//domain.com/feh.png`
6569
	 *  - Absolute URLs             `http://domain.com/feh.png`
6570
	 *  - Domain root relative URLs `/feh.png`
6571
	 *
6572
	 * @param $css string: The raw CSS -- should be read in directly from the file.
6573
	 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
6574
	 *
6575
	 * @return mixed|string
6576
	 */
6577
	public static function absolutize_css_urls( $css, $css_file_url ) {
6578
		$pattern = '#url\((?P<path>[^)]*)\)#i';
6579
		$css_dir = dirname( $css_file_url );
6580
		$p       = wp_parse_url( $css_dir );
6581
		$domain  = sprintf(
6582
			'%1$s//%2$s%3$s%4$s',
6583
			isset( $p['scheme'] ) ? "{$p['scheme']}:" : '',
6584
			isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
6585
			$p['host'],
6586
			isset( $p['port'] ) ? ":{$p['port']}" : ''
6587
		);
6588
6589
		if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
6590
			$find = $replace = array();
6591
			foreach ( $matches as $match ) {
6592
				$url = trim( $match['path'], "'\" \t" );
6593
6594
				// If this is a data url, we don't want to mess with it.
6595
				if ( 'data:' === substr( $url, 0, 5 ) ) {
6596
					continue;
6597
				}
6598
6599
				// If this is an absolute or protocol-agnostic url,
6600
				// we don't want to mess with it.
6601
				if ( preg_match( '#^(https?:)?//#i', $url ) ) {
6602
					continue;
6603
				}
6604
6605
				switch ( substr( $url, 0, 1 ) ) {
6606
					case '/':
6607
						$absolute = $domain . $url;
6608
						break;
6609
					default:
6610
						$absolute = $css_dir . '/' . $url;
6611
				}
6612
6613
				$find[]    = $match[0];
6614
				$replace[] = sprintf( 'url("%s")', $absolute );
6615
			}
6616
			$css = str_replace( $find, $replace, $css );
6617
		}
6618
6619
		return $css;
6620
	}
6621
6622
	/**
6623
	 * This methods removes all of the registered css files on the front end
6624
	 * from Jetpack in favor of using a single file. In effect "imploding"
6625
	 * all the files into one file.
6626
	 *
6627
	 * Pros:
6628
	 * - Uses only ONE css asset connection instead of 15
6629
	 * - Saves a minimum of 56k
6630
	 * - Reduces server load
6631
	 * - Reduces time to first painted byte
6632
	 *
6633
	 * Cons:
6634
	 * - Loads css for ALL modules. However all selectors are prefixed so it
6635
	 *      should not cause any issues with themes.
6636
	 * - Plugins/themes dequeuing styles no longer do anything. See
6637
	 *      jetpack_implode_frontend_css filter for a workaround
6638
	 *
6639
	 * For some situations developers may wish to disable css imploding and
6640
	 * instead operate in legacy mode where each file loads seperately and
6641
	 * can be edited individually or dequeued. This can be accomplished with
6642
	 * the following line:
6643
	 *
6644
	 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
6645
	 *
6646
	 * @since 3.2
6647
	 **/
6648
	public function implode_frontend_css( $travis_test = false ) {
6649
		$do_implode = true;
6650
		if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
6651
			$do_implode = false;
6652
		}
6653
6654
		// Do not implode CSS when the page loads via the AMP plugin.
6655
		if ( Jetpack_AMP_Support::is_amp_request() ) {
6656
			$do_implode = false;
6657
		}
6658
6659
		/**
6660
		 * Allow CSS to be concatenated into a single jetpack.css file.
6661
		 *
6662
		 * @since 3.2.0
6663
		 *
6664
		 * @param bool $do_implode Should CSS be concatenated? Default to true.
6665
		 */
6666
		$do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
6667
6668
		// Do not use the imploded file when default behavior was altered through the filter
6669
		if ( ! $do_implode ) {
6670
			return;
6671
		}
6672
6673
		// We do not want to use the imploded file in dev mode, or if not connected
6674
		if ( ( new Status() )->is_development_mode() || ! self::is_active() ) {
6675
			if ( ! $travis_test ) {
6676
				return;
6677
			}
6678
		}
6679
6680
		// Do not use the imploded file if sharing css was dequeued via the sharing settings screen
6681
		if ( get_option( 'sharedaddy_disable_resources' ) ) {
6682
			return;
6683
		}
6684
6685
		/*
6686
		 * Now we assume Jetpack is connected and able to serve the single
6687
		 * file.
6688
		 *
6689
		 * In the future there will be a check here to serve the file locally
6690
		 * or potentially from the Jetpack CDN
6691
		 *
6692
		 * For now:
6693
		 * - Enqueue a single imploded css file
6694
		 * - Zero out the style_loader_tag for the bundled ones
6695
		 * - Be happy, drink scotch
6696
		 */
6697
6698
		add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
6699
6700
		$version = self::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
6701
6702
		wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
6703
		wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
6704
	}
6705
6706
	function concat_remove_style_loader_tag( $tag, $handle ) {
6707
		if ( in_array( $handle, $this->concatenated_style_handles ) ) {
6708
			$tag = '';
6709
			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
6710
				$tag = '<!-- `' . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
6711
			}
6712
		}
6713
6714
		return $tag;
6715
	}
6716
6717
	/**
6718
	 * Add an async attribute to scripts that can be loaded asynchronously.
6719
	 * https://www.w3schools.com/tags/att_script_async.asp
6720
	 *
6721
	 * @since 7.7.0
6722
	 *
6723
	 * @param string $tag    The <script> tag for the enqueued script.
6724
	 * @param string $handle The script's registered handle.
6725
	 * @param string $src    The script's source URL.
6726
	 */
6727
	public function script_add_async( $tag, $handle, $src ) {
6728
		if ( in_array( $handle, $this->async_script_handles, true ) ) {
6729
			return preg_replace( '/^<script /i', '<script async ', $tag );
6730
		}
6731
6732
		return $tag;
6733
	}
6734
6735
	/*
6736
	 * Check the heartbeat data
6737
	 *
6738
	 * Organizes the heartbeat data by severity.  For example, if the site
6739
	 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
6740
	 *
6741
	 * Data will be added to "caution" array, if it either:
6742
	 *  - Out of date Jetpack version
6743
	 *  - Out of date WP version
6744
	 *  - Out of date PHP version
6745
	 *
6746
	 * $return array $filtered_data
6747
	 */
6748
	public static function jetpack_check_heartbeat_data() {
6749
		$raw_data = Jetpack_Heartbeat::generate_stats_array();
6750
6751
		$good    = array();
6752
		$caution = array();
6753
		$bad     = array();
6754
6755
		foreach ( $raw_data as $stat => $value ) {
6756
6757
			// Check jetpack version
6758
			if ( 'version' == $stat ) {
6759
				if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
6760
					$caution[ $stat ] = $value . ' - min supported is ' . JETPACK__VERSION;
6761
					continue;
6762
				}
6763
			}
6764
6765
			// Check WP version
6766
			if ( 'wp-version' == $stat ) {
6767
				if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
6768
					$caution[ $stat ] = $value . ' - min supported is ' . JETPACK__MINIMUM_WP_VERSION;
6769
					continue;
6770
				}
6771
			}
6772
6773
			// Check PHP version
6774
			if ( 'php-version' == $stat ) {
6775
				if ( version_compare( PHP_VERSION, JETPACK__MINIMUM_PHP_VERSION, '<' ) ) {
6776
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_PHP_VERSION;
6777
					continue;
6778
				}
6779
			}
6780
6781
			// Check ID crisis
6782
			if ( 'identitycrisis' == $stat ) {
6783
				if ( 'yes' == $value ) {
6784
					$bad[ $stat ] = $value;
6785
					continue;
6786
				}
6787
			}
6788
6789
			// The rest are good :)
6790
			$good[ $stat ] = $value;
6791
		}
6792
6793
		$filtered_data = array(
6794
			'good'    => $good,
6795
			'caution' => $caution,
6796
			'bad'     => $bad,
6797
		);
6798
6799
		return $filtered_data;
6800
	}
6801
6802
6803
	/*
6804
	 * This method is used to organize all options that can be reset
6805
	 * without disconnecting Jetpack.
6806
	 *
6807
	 * It is used in class.jetpack-cli.php to reset options
6808
	 *
6809
	 * @since 5.4.0 Logic moved to Jetpack_Options class. Method left in Jetpack class for backwards compat.
6810
	 *
6811
	 * @return array of options to delete.
6812
	 */
6813
	public static function get_jetpack_options_for_reset() {
6814
		return Jetpack_Options::get_options_for_reset();
6815
	}
6816
6817
	/*
6818
	 * Strip http:// or https:// from a url, replaces forward slash with ::,
6819
	 * so we can bring them directly to their site in calypso.
6820
	 *
6821
	 * @param string | url
6822
	 * @return string | url without the guff
6823
	 */
6824
	public static function build_raw_urls( $url ) {
6825
		$strip_http = '/.*?:\/\//i';
6826
		$url        = preg_replace( $strip_http, '', $url );
6827
		$url        = str_replace( '/', '::', $url );
6828
		return $url;
6829
	}
6830
6831
	/**
6832
	 * Stores and prints out domains to prefetch for page speed optimization.
6833
	 *
6834
	 * @param mixed $new_urls
6835
	 */
6836
	public static function dns_prefetch( $new_urls = null ) {
6837
		static $prefetch_urls = array();
6838
		if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6839
			echo "\r\n";
6840
			foreach ( $prefetch_urls as $this_prefetch_url ) {
6841
				printf( "<link rel='dns-prefetch' href='%s'/>\r\n", esc_attr( $this_prefetch_url ) );
6842
			}
6843
		} elseif ( ! empty( $new_urls ) ) {
6844
			if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6845
				add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6846
			}
6847
			foreach ( (array) $new_urls as $this_new_url ) {
6848
				$prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6849
			}
6850
			$prefetch_urls = array_unique( $prefetch_urls );
6851
		}
6852
	}
6853
6854
	public function wp_dashboard_setup() {
6855
		if ( self::is_active() ) {
6856
			add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6857
		}
6858
6859
		if ( has_action( 'jetpack_dashboard_widget' ) ) {
6860
			$jetpack_logo = new Jetpack_Logo();
6861
			$widget_title = sprintf(
6862
				wp_kses(
6863
					/* translators: Placeholder is a Jetpack logo. */
6864
					__( 'Stats <span>by %s</span>', 'jetpack' ),
6865
					array( 'span' => array() )
6866
				),
6867
				$jetpack_logo->get_jp_emblem( true )
6868
			);
6869
6870
			wp_add_dashboard_widget(
6871
				'jetpack_summary_widget',
6872
				$widget_title,
6873
				array( __CLASS__, 'dashboard_widget' )
6874
			);
6875
			wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6876
			wp_style_add_data( 'jetpack-dashboard-widget', 'rtl', 'replace' );
6877
6878
			// If we're inactive and not in development mode, sort our box to the top.
6879
			if ( ! self::is_active() && ! ( new Status() )->is_development_mode() ) {
6880
				global $wp_meta_boxes;
6881
6882
				$dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6883
				$ours      = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6884
6885
				$wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6886
			}
6887
		}
6888
	}
6889
6890
	/**
6891
	 * @param mixed $result Value for the user's option
0 ignored issues
show
There is no parameter named $result. Was it maybe removed?

This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.

Consider the following example. The parameter $italy is not defined by the method finale(...).

/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}

The most likely cause is that the parameter was removed, but the annotation was not.

Loading history...
6892
	 * @return mixed
6893
	 */
6894
	function get_user_option_meta_box_order_dashboard( $sorted ) {
6895
		if ( ! is_array( $sorted ) ) {
6896
			return $sorted;
6897
		}
6898
6899
		foreach ( $sorted as $box_context => $ids ) {
6900
			if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6901
				// If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6902
				continue;
6903
			}
6904
6905
			$ids_array = explode( ',', $ids );
6906
			$key       = array_search( 'dashboard_stats', $ids_array );
6907
6908
			if ( false !== $key ) {
6909
				// If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6910
				$ids_array[ $key ]      = 'jetpack_summary_widget';
6911
				$sorted[ $box_context ] = implode( ',', $ids_array );
6912
				// We've found it, stop searching, and just return.
6913
				break;
6914
			}
6915
		}
6916
6917
		return $sorted;
6918
	}
6919
6920
	public static function dashboard_widget() {
6921
		/**
6922
		 * Fires when the dashboard is loaded.
6923
		 *
6924
		 * @since 3.4.0
6925
		 */
6926
		do_action( 'jetpack_dashboard_widget' );
6927
	}
6928
6929
	public static function dashboard_widget_footer() {
6930
		?>
6931
		<footer>
6932
6933
		<div class="protect">
6934
			<h3><?php esc_html_e( 'Brute force attack protection', 'jetpack' ); ?></h3>
6935
			<?php if ( self::is_module_active( 'protect' ) ) : ?>
6936
				<p class="blocked-count">
6937
					<?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?>
6938
				</p>
6939
				<p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6940
			<?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! ( new Status() )->is_development_mode() ) : ?>
6941
				<a href="
6942
				<?php
6943
				echo esc_url(
6944
					wp_nonce_url(
6945
						self::admin_url(
6946
							array(
6947
								'action' => 'activate',
6948
								'module' => 'protect',
6949
							)
6950
						),
6951
						'jetpack_activate-protect'
6952
					)
6953
				);
6954
				?>
6955
							" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
6956
					<?php esc_html_e( 'Activate brute force attack protection', 'jetpack' ); ?>
6957
				</a>
6958
			<?php else : ?>
6959
				<?php esc_html_e( 'Brute force attack protection is inactive.', 'jetpack' ); ?>
6960
			<?php endif; ?>
6961
		</div>
6962
6963
		<div class="akismet">
6964
			<h3><?php esc_html_e( 'Anti-spam', 'jetpack' ); ?></h3>
6965
			<?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
6966
				<p class="blocked-count">
6967
					<?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?>
6968
				</p>
6969
				<p><?php echo esc_html_x( 'Blocked spam comments.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6970
			<?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
6971
				<a href="
6972
				<?php
6973
				echo esc_url(
6974
					wp_nonce_url(
6975
						add_query_arg(
6976
							array(
6977
								'action' => 'activate',
6978
								'plugin' => 'akismet/akismet.php',
6979
							),
6980
							admin_url( 'plugins.php' )
6981
						),
6982
						'activate-plugin_akismet/akismet.php'
6983
					)
6984
				);
6985
				?>
6986
							" class="button button-jetpack">
6987
					<?php esc_html_e( 'Activate Anti-spam', 'jetpack' ); ?>
6988
				</a>
6989
			<?php else : ?>
6990
				<p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Anti-spam can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
6991
			<?php endif; ?>
6992
		</div>
6993
6994
		</footer>
6995
		<?php
6996
	}
6997
6998
	/*
6999
	 * Adds a "blank" column in the user admin table to display indication of user connection.
7000
	 */
7001
	function jetpack_icon_user_connected( $columns ) {
7002
		$columns['user_jetpack'] = '';
7003
		return $columns;
7004
	}
7005
7006
	/*
7007
	 * Show Jetpack icon if the user is linked.
7008
	 */
7009
	function jetpack_show_user_connected_icon( $val, $col, $user_id ) {
7010
		if ( 'user_jetpack' == $col && self::is_user_connected( $user_id ) ) {
7011
			$jetpack_logo = new Jetpack_Logo();
7012
			$emblem_html  = sprintf(
7013
				'<a title="%1$s" class="jp-emblem-user-admin">%2$s</a>',
7014
				esc_attr__( 'This user is linked and ready to fly with Jetpack.', 'jetpack' ),
7015
				$jetpack_logo->get_jp_emblem()
7016
			);
7017
			return $emblem_html;
7018
		}
7019
7020
		return $val;
7021
	}
7022
7023
	/*
7024
	 * Style the Jetpack user column
7025
	 */
7026
	function jetpack_user_col_style() {
7027
		global $current_screen;
7028
		if ( ! empty( $current_screen->base ) && 'users' == $current_screen->base ) {
7029
			?>
7030
			<style>
7031
				.fixed .column-user_jetpack {
7032
					width: 21px;
7033
				}
7034
				.jp-emblem-user-admin svg {
7035
					width: 20px;
7036
					height: 20px;
7037
				}
7038
				.jp-emblem-user-admin path {
7039
					fill: #00BE28;
7040
				}
7041
			</style>
7042
			<?php
7043
		}
7044
	}
7045
7046
	/**
7047
	 * Checks if Akismet is active and working.
7048
	 *
7049
	 * We dropped support for Akismet 3.0 with Jetpack 6.1.1 while introducing a check for an Akismet valid key
7050
	 * that implied usage of methods present since more recent version.
7051
	 * See https://github.com/Automattic/jetpack/pull/9585
7052
	 *
7053
	 * @since  5.1.0
7054
	 *
7055
	 * @return bool True = Akismet available. False = Aksimet not available.
7056
	 */
7057
	public static function is_akismet_active() {
7058
		static $status = null;
7059
7060
		if ( ! is_null( $status ) ) {
7061
			return $status;
7062
		}
7063
7064
		// Check if a modern version of Akismet is active.
7065
		if ( ! method_exists( 'Akismet', 'http_post' ) ) {
7066
			$status = false;
7067
			return $status;
7068
		}
7069
7070
		// Make sure there is a key known to Akismet at all before verifying key.
7071
		$akismet_key = Akismet::get_api_key();
7072
		if ( ! $akismet_key ) {
7073
			$status = false;
7074
			return $status;
7075
		}
7076
7077
		// Possible values: valid, invalid, failure via Akismet. false if no status is cached.
7078
		$akismet_key_state = get_transient( 'jetpack_akismet_key_is_valid' );
7079
7080
		// Do not used the cache result in wp-admin or REST API requests if the key isn't valid, in case someone is actively renewing, etc.
7081
		$recheck = ( is_admin() || ( defined( 'REST_REQUEST' ) && REST_REQUEST ) ) && 'valid' !== $akismet_key_state;
7082
		// We cache the result of the Akismet key verification for ten minutes.
7083
		if ( ! $akismet_key_state || $recheck ) {
7084
			$akismet_key_state = Akismet::verify_key( $akismet_key );
7085
			set_transient( 'jetpack_akismet_key_is_valid', $akismet_key_state, 10 * MINUTE_IN_SECONDS );
7086
		}
7087
7088
		$status = 'valid' === $akismet_key_state;
7089
7090
		return $status;
7091
	}
7092
7093
	/**
7094
	 * @deprecated
7095
	 *
7096
	 * @see Automattic\Jetpack\Sync\Modules\Users::is_function_in_backtrace
7097
	 */
7098
	public static function is_function_in_backtrace() {
7099
		_deprecated_function( __METHOD__, 'jetpack-7.6.0' );
7100
	}
7101
7102
	/**
7103
	 * Given a minified path, and a non-minified path, will return
7104
	 * a minified or non-minified file URL based on whether SCRIPT_DEBUG is set and truthy.
7105
	 *
7106
	 * Both `$min_base` and `$non_min_base` are expected to be relative to the
7107
	 * root Jetpack directory.
7108
	 *
7109
	 * @since 5.6.0
7110
	 *
7111
	 * @param string $min_path
7112
	 * @param string $non_min_path
7113
	 * @return string The URL to the file
7114
	 */
7115
	public static function get_file_url_for_environment( $min_path, $non_min_path ) {
7116
		return Assets::get_file_url_for_environment( $min_path, $non_min_path );
7117
	}
7118
7119
	/**
7120
	 * Checks for whether Jetpack Backup & Scan is enabled.
7121
	 * Will return true if the state of Backup & Scan is anything except "unavailable".
7122
	 *
7123
	 * @return bool|int|mixed
7124
	 */
7125
	public static function is_rewind_enabled() {
7126
		if ( ! self::is_active() ) {
7127
			return false;
7128
		}
7129
7130
		$rewind_enabled = get_transient( 'jetpack_rewind_enabled' );
7131
		if ( false === $rewind_enabled ) {
7132
			jetpack_require_lib( 'class.core-rest-api-endpoints' );
7133
			$rewind_data    = (array) Jetpack_Core_Json_Api_Endpoints::rewind_data();
7134
			$rewind_enabled = ( ! is_wp_error( $rewind_data )
7135
				&& ! empty( $rewind_data['state'] )
7136
				&& 'active' === $rewind_data['state'] )
7137
				? 1
7138
				: 0;
7139
7140
			set_transient( 'jetpack_rewind_enabled', $rewind_enabled, 10 * MINUTE_IN_SECONDS );
7141
		}
7142
		return $rewind_enabled;
7143
	}
7144
7145
	/**
7146
	 * Return Calypso environment value; used for developing Jetpack and pairing
7147
	 * it with different Calypso enrionments, such as localhost.
7148
	 *
7149
	 * @since 7.4.0
7150
	 *
7151
	 * @return string Calypso environment
7152
	 */
7153
	public static function get_calypso_env() {
7154
		if ( isset( $_GET['calypso_env'] ) ) {
7155
			return sanitize_key( $_GET['calypso_env'] );
7156
		}
7157
7158
		if ( getenv( 'CALYPSO_ENV' ) ) {
7159
			return sanitize_key( getenv( 'CALYPSO_ENV' ) );
7160
		}
7161
7162
		if ( defined( 'CALYPSO_ENV' ) && CALYPSO_ENV ) {
7163
			return sanitize_key( CALYPSO_ENV );
7164
		}
7165
7166
		return '';
7167
	}
7168
7169
	/**
7170
	 * Returns the hostname with protocol for Calypso.
7171
	 * Used for developing Jetpack with Calypso.
7172
	 *
7173
	 * @since 8.4.0
7174
	 *
7175
	 * @return string Calypso host.
7176
	 */
7177
	public static function get_calypso_host() {
7178
		$calypso_env = self::get_calypso_env();
7179
		switch ( $calypso_env ) {
7180
			case 'development':
7181
				return 'http://calypso.localhost:3000/';
7182
			case 'wpcalypso':
7183
				return 'https://wpcalypso.wordpress.com/';
7184
			case 'horizon':
7185
				return 'https://horizon.wordpress.com/';
7186
			default:
7187
				return 'https://wordpress.com/';
7188
		}
7189
	}
7190
7191
	/**
7192
	 * Checks whether or not TOS has been agreed upon.
7193
	 * Will return true if a user has clicked to register, or is already connected.
7194
	 */
7195
	public static function jetpack_tos_agreed() {
7196
		_deprecated_function( 'Jetpack::jetpack_tos_agreed', 'Jetpack 7.9.0', '\Automattic\Jetpack\Terms_Of_Service->has_agreed' );
7197
7198
		$terms_of_service = new Terms_Of_Service();
7199
		return $terms_of_service->has_agreed();
7200
7201
	}
7202
7203
	/**
7204
	 * Handles activating default modules as well general cleanup for the new connection.
7205
	 *
7206
	 * @param boolean $activate_sso                 Whether to activate the SSO module when activating default modules.
7207
	 * @param boolean $redirect_on_activation_error Whether to redirect on activation error.
7208
	 * @param boolean $send_state_messages          Whether to send state messages.
7209
	 * @return void
7210
	 */
7211
	public static function handle_post_authorization_actions(
7212
		$activate_sso = false,
7213
		$redirect_on_activation_error = false,
7214
		$send_state_messages = true
7215
	) {
7216
		$other_modules = $activate_sso
7217
			? array( 'sso' )
7218
			: array();
7219
7220
		if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
7221
			self::delete_active_modules();
7222
7223
			self::activate_default_modules( 999, 1, array_merge( $active_modules, $other_modules ), $redirect_on_activation_error, $send_state_messages );
0 ignored issues
show
999 is of type integer, but the function expects a boolean.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
7224
		} else {
7225
			self::activate_default_modules( false, false, $other_modules, $redirect_on_activation_error, $send_state_messages );
7226
		}
7227
7228
		// Since this is a fresh connection, be sure to clear out IDC options
7229
		Jetpack_IDC::clear_all_idc_options();
7230
7231
		if ( $send_state_messages ) {
7232
			self::state( 'message', 'authorized' );
7233
		}
7234
	}
7235
7236
	/**
7237
	 * Returns a boolean for whether backups UI should be displayed or not.
7238
	 *
7239
	 * @return bool Should backups UI be displayed?
7240
	 */
7241
	public static function show_backups_ui() {
7242
		/**
7243
		 * Whether UI for backups should be displayed.
7244
		 *
7245
		 * @since 6.5.0
7246
		 *
7247
		 * @param bool $show_backups Should UI for backups be displayed? True by default.
7248
		 */
7249
		return self::is_plugin_active( 'vaultpress/vaultpress.php' ) || apply_filters( 'jetpack_show_backups', true );
7250
	}
7251
7252
	/*
7253
	 * Deprecated manage functions
7254
	 */
7255
	function prepare_manage_jetpack_notice() {
7256
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7257
	}
7258
	function manage_activate_screen() {
7259
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7260
	}
7261
	function admin_jetpack_manage_notice() {
7262
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7263
	}
7264
	function opt_out_jetpack_manage_url() {
7265
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7266
	}
7267
	function opt_in_jetpack_manage_url() {
7268
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7269
	}
7270
	function opt_in_jetpack_manage_notice() {
7271
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7272
	}
7273
	function can_display_jetpack_manage_notice() {
7274
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7275
	}
7276
7277
	/**
7278
	 * Clean leftoveruser meta.
7279
	 *
7280
	 * Delete Jetpack-related user meta when it is no longer needed.
7281
	 *
7282
	 * @since 7.3.0
7283
	 *
7284
	 * @param int $user_id User ID being updated.
7285
	 */
7286
	public static function user_meta_cleanup( $user_id ) {
7287
		$meta_keys = array(
7288
			// AtD removed from Jetpack 7.3
7289
			'AtD_options',
7290
			'AtD_check_when',
7291
			'AtD_guess_lang',
7292
			'AtD_ignored_phrases',
7293
		);
7294
7295
		foreach ( $meta_keys as $meta_key ) {
7296
			if ( get_user_meta( $user_id, $meta_key ) ) {
7297
				delete_user_meta( $user_id, $meta_key );
7298
			}
7299
		}
7300
	}
7301
7302
	/**
7303
	 * Checks if a Jetpack site is both active and not in development.
7304
	 *
7305
	 * This is a DRY function to avoid repeating `Jetpack::is_active && ! Automattic\Jetpack\Status->is_development_mode`.
7306
	 *
7307
	 * @return bool True if Jetpack is active and not in development.
7308
	 */
7309
	public static function is_active_and_not_development_mode() {
7310
		if ( ! self::is_active() || ( new Status() )->is_development_mode() ) {
7311
			return false;
7312
		}
7313
		return true;
7314
	}
7315
}
7316