Completed
Pull Request — update/grunt-to-gulp (#3647)
by
unknown
09:33
created

class.jetpack.php (15 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
/*
4
Options:
5
jetpack_options (array)
6
	An array of options.
7
	@see Jetpack_Options::get_option_names()
8
9
jetpack_register (string)
10
	Temporary verification secrets.
11
12
jetpack_activated (int)
13
	1: the plugin was activated normally
14
	2: the plugin was activated on this site because of a network-wide activation
15
	3: the plugin was auto-installed
16
	4: the plugin was manually disconnected (but is still installed)
17
18
jetpack_active_modules (array)
19
	Array of active module slugs.
20
21
jetpack_do_activate (bool)
22
	Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
23
*/
24
25
class Jetpack {
26
	public $xmlrpc_server = null;
27
28
	private $xmlrpc_verification = null;
29
30
	public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
31
32
	/**
33
	 * @var array The handles of styles that are concatenated into jetpack.css
34
	 */
35
	public $concatenated_style_handles = array(
36
		'jetpack-carousel',
37
		'grunion.css',
38
		'the-neverending-homepage',
39
		'jetpack_likes',
40
		'jetpack_related-posts',
41
		'sharedaddy',
42
		'jetpack-slideshow',
43
		'presentations',
44
		'jetpack-subscriptions',
45
		'tiled-gallery',
46
		'widget-conditions',
47
		'jetpack_display_posts_widget',
48
		'gravatar-profile-widget',
49
		'widget-grid-and-list',
50
		'jetpack-widgets',
51
		'goodreads-widget',
52
		'jetpack_social_media_icons_widget',
53
	);
54
55
	public $plugins_to_deactivate = array(
56
		'stats'               => array( 'stats/stats.php', 'WordPress.com Stats' ),
57
		'shortlinks'          => array( 'stats/stats.php', 'WordPress.com Stats' ),
58
		'sharedaddy'          => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
59
		'twitter-widget'      => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
60
		'after-the-deadline'  => array( 'after-the-deadline/after-the-deadline.php', 'After The Deadline' ),
61
		'contact-form'        => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
62
		'contact-form'        => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
63
		'custom-css'          => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
64
		'random-redirect'     => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
65
		'videopress'          => array( 'video/video.php', 'VideoPress' ),
66
		'widget-visibility'   => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
67
		'widget-visibility'   => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
68
		'sharedaddy'          => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
69
		'omnisearch'          => array( 'jetpack-omnisearch/omnisearch.php', 'Jetpack Omnisearch' ),
70
		'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
71
		'latex'               => array( 'wp-latex/wp-latex.php', 'WP LaTeX' )
72
	);
73
74
	public $capability_translations = array(
75
		'administrator' => 'manage_options',
76
		'editor'        => 'edit_others_posts',
77
		'author'        => 'publish_posts',
78
		'contributor'   => 'edit_posts',
79
		'subscriber'    => 'read',
80
	);
81
82
	/**
83
	 * Map of modules that have conflicts with plugins and should not be auto-activated
84
	 * if the plugins are active.  Used by filter_default_modules
85
	 *
86
	 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
87
	 * change `module-slug` and add this to your plugin:
88
	 *
89
	 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
90
	 * function my_jetpack_get_default_modules( $modules ) {
91
	 *     return array_diff( $modules, array( 'module-slug' ) );
92
	 * }
93
	 *
94
	 * @var array
95
	 */
96
	private $conflicting_plugins = array(
97
		'comments'          => array(
98
			'Intense Debate'                       => 'intensedebate/intensedebate.php',
99
			'Disqus'                               => 'disqus-comment-system/disqus.php',
100
			'Livefyre'                             => 'livefyre-comments/livefyre.php',
101
			'Comments Evolved for WordPress'       => 'gplus-comments/comments-evolved.php',
102
			'Google+ Comments'                     => 'google-plus-comments/google-plus-comments.php',
103
			'WP-SpamShield Anti-Spam'              => 'wp-spamshield/wp-spamshield.php',
104
		),
105
		'contact-form'      => array(
106
			'Contact Form 7'                       => 'contact-form-7/wp-contact-form-7.php',
107
			'Gravity Forms'                        => 'gravityforms/gravityforms.php',
108
			'Contact Form Plugin'                  => 'contact-form-plugin/contact_form.php',
109
			'Easy Contact Forms'                   => 'easy-contact-forms/easy-contact-forms.php',
110
			'Fast Secure Contact Form'             => 'si-contact-form/si-contact-form.php',
111
		),
112
		'minileven'         => array(
113
			'WPtouch'                              => 'wptouch/wptouch.php',
114
		),
115
		'latex'             => array(
116
			'LaTeX for WordPress'                  => 'latex/latex.php',
117
			'Youngwhans Simple Latex'              => 'youngwhans-simple-latex/yw-latex.php',
118
			'Easy WP LaTeX'                        => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
119
			'MathJax-LaTeX'                        => 'mathjax-latex/mathjax-latex.php',
120
			'Enable Latex'                         => 'enable-latex/enable-latex.php',
121
			'WP QuickLaTeX'                        => 'wp-quicklatex/wp-quicklatex.php',
122
		),
123
		'protect'           => array(
124
			'Limit Login Attempts'                 => 'limit-login-attempts/limit-login-attempts.php',
125
			'Captcha'                              => 'captcha/captcha.php',
126
			'Brute Force Login Protection'         => 'brute-force-login-protection/brute-force-login-protection.php',
127
			'Login Security Solution'              => 'login-security-solution/login-security-solution.php',
128
			'WPSecureOps Brute Force Protect'      => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
129
			'BulletProof Security'                 => 'bulletproof-security/bulletproof-security.php',
130
			'SiteGuard WP Plugin'                  => 'siteguard/siteguard.php',
131
			'Security-protection'                  => 'security-protection/security-protection.php',
132
			'Login Security'                       => 'login-security/login-security.php',
133
			'Botnet Attack Blocker'                => 'botnet-attack-blocker/botnet-attack-blocker.php',
134
			'Wordfence Security'                   => 'wordfence/wordfence.php',
135
			'All In One WP Security & Firewall'    => 'all-in-one-wp-security-and-firewall/wp-security.php',
136
			'iThemes Security'                     => 'better-wp-security/better-wp-security.php',
137
		),
138
		'random-redirect'   => array(
139
			'Random Redirect 2'                    => 'random-redirect-2/random-redirect.php',
140
		),
141
		'related-posts'     => array(
142
			'YARPP'                                => 'yet-another-related-posts-plugin/yarpp.php',
143
			'WordPress Related Posts'              => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
144
			'nrelate Related Content'              => 'nrelate-related-content/nrelate-related.php',
145
			'Contextual Related Posts'             => 'contextual-related-posts/contextual-related-posts.php',
146
			'Related Posts for WordPress'          => 'microkids-related-posts/microkids-related-posts.php',
147
			'outbrain'                             => 'outbrain/outbrain.php',
148
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
149
			'Sexybookmarks'                        => 'sexybookmarks/shareaholic.php',
150
		),
151
		'sharedaddy'        => array(
152
			'AddThis'                              => 'addthis/addthis_social_widget.php',
153
			'Add To Any'                           => 'add-to-any/add-to-any.php',
154
			'ShareThis'                            => 'share-this/sharethis.php',
155
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
156
		),
157
		'verification-tools' => array(
158
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
159
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
160
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
161
		),
162
		'widget-visibility' => array(
163
			'Widget Logic'                         => 'widget-logic/widget_logic.php',
164
			'Dynamic Widgets'                      => 'dynamic-widgets/dynamic-widgets.php',
165
		),
166
		'sitemaps' => array(
167
			'Google XML Sitemaps'                  => 'google-sitemap-generator/sitemap.php',
168
			'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
169
			'Google XML Sitemaps for qTranslate'   => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
170
			'XML Sitemap & Google News feeds'      => 'xml-sitemap-feed/xml-sitemap.php',
171
			'Google Sitemap by BestWebSoft'        => 'google-sitemap-plugin/google-sitemap-plugin.php',
172
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
173
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
174
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
175
			'Sitemap'                              => 'sitemap/sitemap.php',
176
			'Simple Wp Sitemap'                    => 'simple-wp-sitemap/simple-wp-sitemap.php',
177
			'Simple Sitemap'                       => 'simple-sitemap/simple-sitemap.php',
178
			'XML Sitemaps'                         => 'xml-sitemaps/xml-sitemaps.php',
179
			'MSM Sitemaps'                         => 'msm-sitemap/msm-sitemap.php',
180
		),
181
	);
182
183
	/**
184
	 * Plugins for which we turn off our Facebook OG Tags implementation.
185
	 *
186
	 * Note: WordPress SEO by Yoast and WordPress SEO Premium by Yoast automatically deactivate
187
	 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
188
	 *
189
	 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
190
	 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
191
	 */
192
	private $open_graph_conflicting_plugins = array(
193
		'2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
194
		                                                         // 2 Click Social Media Buttons
195
		'add-link-to-facebook/add-link-to-facebook.php',         // Add Link to Facebook
196
		'add-meta-tags/add-meta-tags.php',                       // Add Meta Tags
197
		'easy-facebook-share-thumbnails/esft.php',               // Easy Facebook Share Thumbnail
198
		'facebook/facebook.php',                                 // Facebook (official plugin)
199
		'facebook-awd/AWD_facebook.php',                         // Facebook AWD All in one
200
		'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
201
		                                                         // Facebook Featured Image & OG Meta Tags
202
		'facebook-meta-tags/facebook-metatags.php',              // Facebook Meta Tags
203
		'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
204
		                                                         // Facebook Open Graph Meta Tags for WordPress
205
		'facebook-revised-open-graph-meta-tag/index.php',        // Facebook Revised Open Graph Meta Tag
206
		'facebook-thumb-fixer/_facebook-thumb-fixer.php',        // Facebook Thumb Fixer
207
		'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
208
		                                                         // Fedmich's Facebook Open Graph Meta
209
		'header-footer/plugin.php',                              // Header and Footer
210
		'network-publisher/networkpub.php',                      // Network Publisher
211
		'nextgen-facebook/nextgen-facebook.php',                 // NextGEN Facebook OG
212
		'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
213
		                                                         // NextScripts SNAP
214
		'opengraph/opengraph.php',                               // Open Graph
215
		'open-graph-protocol-framework/open-graph-protocol-framework.php',
216
		                                                         // Open Graph Protocol Framework
217
		'seo-facebook-comments/seofacebook.php',                 // SEO Facebook Comments
218
		'seo-ultimate/seo-ultimate.php',                         // SEO Ultimate
219
		'sexybookmarks/sexy-bookmarks.php',                      // Shareaholic
220
		'shareaholic/sexy-bookmarks.php',                        // Shareaholic
221
		'sharepress/sharepress.php',                             // SharePress
222
		'simple-facebook-connect/sfc.php',                       // Simple Facebook Connect
223
		'social-discussions/social-discussions.php',             // Social Discussions
224
		'social-sharing-toolkit/social_sharing_toolkit.php',     // Social Sharing Toolkit
225
		'socialize/socialize.php',                               // Socialize
226
		'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
227
		                                                         // Tweet, Like, Google +1 and Share
228
		'wordbooker/wordbooker.php',                             // Wordbooker
229
		'wpsso/wpsso.php',                                       // WordPress Social Sharing Optimization
230
		'wp-caregiver/wp-caregiver.php',                         // WP Caregiver
231
		'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
232
		                                                         // WP Facebook Like Send & Open Graph Meta
233
		'wp-facebook-open-graph-protocol/wp-facebook-ogp.php',   // WP Facebook Open Graph protocol
234
		'wp-ogp/wp-ogp.php',                                     // WP-OGP
235
		'zoltonorg-social-plugin/zosp.php',                      // Zolton.org Social Plugin
236
		'wp-fb-share-like-button/wp_fb_share-like_widget.php'    // WP Facebook Like Button
237
	);
238
239
	/**
240
	 * Plugins for which we turn off our Twitter Cards Tags implementation.
241
	 */
242
	private $twitter_cards_conflicting_plugins = array(
243
	//	'twitter/twitter.php',                       // The official one handles this on its own.
244
	//	                                             // https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
245
		'eewee-twitter-card/index.php',              // Eewee Twitter Card
246
		'ig-twitter-cards/ig-twitter-cards.php',     // IG:Twitter Cards
247
		'jm-twitter-cards/jm-twitter-cards.php',     // JM Twitter Cards
248
		'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
249
		                                             // Pure Web Brilliant's Social Graph Twitter Cards Extension
250
		'twitter-cards/twitter-cards.php',           // Twitter Cards
251
		'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
252
		'wp-twitter-cards/twitter_cards.php',        // WP Twitter Cards
253
	);
254
255
	/**
256
	 * Message to display in admin_notice
257
	 * @var string
258
	 */
259
	public $message = '';
260
261
	/**
262
	 * Error to display in admin_notice
263
	 * @var string
264
	 */
265
	public $error = '';
266
267
	/**
268
	 * Modules that need more privacy description.
269
	 * @var string
270
	 */
271
	public $privacy_checks = '';
272
273
	/**
274
	 * Stats to record once the page loads
275
	 *
276
	 * @var array
277
	 */
278
	public $stats = array();
279
280
	/**
281
	 * Allows us to build a temporary security report
282
	 *
283
	 * @var array
284
	 */
285
	static $security_report = array();
286
287
	/**
288
	 * Jetpack_Sync object
289
	 */
290
	public $sync;
291
292
	/**
293
	 * Verified data for JSON authorization request
294
	 */
295
	public $json_api_authorization_request = array();
296
297
	/**
298
	 * Holds the singleton instance of this class
299
	 * @since 2.3.3
300
	 * @var Jetpack
301
	 */
302
	static $instance = false;
303
304
	/**
305
	 * Singleton
306
	 * @static
307
	 */
308
	public static function init() {
309
		if ( ! self::$instance ) {
310
			if ( did_action( 'plugins_loaded' ) )
311
				self::plugin_textdomain();
312
			else
313
				add_action( 'plugins_loaded', array( __CLASS__, 'plugin_textdomain' ), 99 );
314
315
			self::$instance = new Jetpack;
316
317
			self::$instance->plugin_upgrade();
318
319
			add_action( 'init', array( __CLASS__, 'perform_security_reporting' ) );
320
321
		}
322
323
		return self::$instance;
324
	}
325
326
	/**
327
	 * Must never be called statically
328
	 */
329
	function plugin_upgrade() {
330
		// Upgrade: 1.1 -> 1.2
331
		if ( get_option( 'jetpack_id' ) ) {
332
			// Move individual jetpack options to single array of options
333
			$options = array();
334
			foreach ( Jetpack_Options::get_option_names() as $option ) {
335
				if ( false !== $value = get_option( "jetpack_$option" ) ) {
336
					$options[$option] = $value;
337
				}
338
			}
339
340
			if ( $options ) {
341
				Jetpack_Options::update_options( $options );
342
343
				foreach ( array_keys( $options ) as $option ) {
344
					delete_option( "jetpack_$option" );
345
				}
346
			}
347
348
			// Add missing version and old_version options
349 View Code Duplication
			if ( ! $version = Jetpack_Options::get_option( 'version' ) ) {
350
				$version = $old_version = '1.1:' . time();
351
				/**
352
				 * Fires on update, before bumping version numbers up to a new version.
353
				 *
354
				 * @since 3.4.0
355
				 *
356
				 * @param string $version Jetpack version number.
357
				 * @param bool false Does an old version exist. Default is false.
358
				 */
359
				do_action( 'updating_jetpack_version', $version, false );
360
				Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
361
			}
362
		}
363
364
		// Upgrade from a single user token to a user_id-indexed array and a master_user ID
365
		if ( ! Jetpack_Options::get_option( 'user_tokens' ) ) {
366
			if ( $user_token = Jetpack_Options::get_option( 'user_token' ) ) {
367
				$token_parts = explode( '.', $user_token );
368
				if ( isset( $token_parts[2] ) ) {
369
					$master_user = $token_parts[2];
370
					$user_tokens = array( $master_user => $user_token );
371
					Jetpack_Options::update_options( compact( 'master_user', 'user_tokens' ) );
372
					Jetpack_Options::delete_option( 'user_token' );
373
				} else {
374
					// @todo: is this even possible?
375
					trigger_error( sprintf( 'Jetpack::plugin_upgrade found no user_id in user_token "%s"', $user_token ), E_USER_WARNING );
376
				}
377
			}
378
		}
379
380
		// Clean up legacy G+ Authorship data.
381
		if ( get_option( 'gplus_authors' ) ) {
382
			delete_option( 'gplus_authors' );
383
			delete_option( 'hide_gplus' );
384
			delete_metadata( 'post', 0, 'gplus_authorship_disabled', null, true );
385
		}
386
387
		if ( ! get_option( 'jetpack_private_options' ) ) {
388
			$jetpack_options = get_option( 'jetpack_options', array() );
389
			foreach( Jetpack_Options::get_option_names( 'private' ) as $option_name ) {
390
				if ( isset( $jetpack_options[ $option_name ] ) ) {
391
					Jetpack_Options::update_option( $option_name, $jetpack_options[ $option_name ] );
392
					unset( $jetpack_options[ $option_name ] );
393
				}
394
			}
395
			update_option( 'jetpack_options', $jetpack_options );
396
		}
397
398
		if ( Jetpack::is_active() ) {
399
			list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
400
			if ( JETPACK__VERSION != $version ) {
401
402
				// Check which active modules actually exist and remove others from active_modules list
403
				$unfiltered_modules = Jetpack::get_active_modules();
404
				$modules = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
405
				if ( array_diff( $unfiltered_modules, $modules ) ) {
406
					Jetpack_Options::update_option( 'active_modules', $modules );
407
				}
408
409
				add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
410
				/**
411
				 * Fires when synchronizing all registered options and constants.
412
				 *
413
				 * @since 3.3.0
414
				 */
415
				do_action( 'jetpack_sync_all_registered_options' );
416
			}
417
418
			//if Jetpack is connected check if jetpack_unique_connection exists and if not then set it
419
			$jetpack_unique_connection = get_option( 'jetpack_unique_connection' );
420
			$is_unique_connection = $jetpack_unique_connection && array_key_exists( 'version', $jetpack_unique_connection );
421
			if ( ! $is_unique_connection ) {
422
				$jetpack_unique_connection = array(
423
					'connected'     => 1,
424
					'disconnected'  => -1,
425
					'version'       => '3.6.1'
426
				);
427
				update_option( 'jetpack_unique_connection', $jetpack_unique_connection );
428
			}
429
		}
430
431
		if ( get_option( 'jetpack_json_api_full_management' ) ) {
432
			delete_option( 'jetpack_json_api_full_management' );
433
			self::activate_manage();
434
		}
435
436
	}
437
438
	static function activate_manage( ) {
439
440
		if ( did_action( 'init' ) || current_filter() == 'init' ) {
441
			self::activate_module( 'manage', false, false );
442
		} else if ( !  has_action( 'init' , array( __CLASS__, 'activate_manage' ) ) ) {
443
			add_action( 'init', array( __CLASS__, 'activate_manage' ) );
444
		}
445
446
	}
447
448
	/**
449
	 * Constructor.  Initializes WordPress hooks
450
	 */
451
	private function __construct() {
452
		/*
453
		 * Check for and alert any deprecated hooks
454
		 */
455
		add_action( 'init', array( $this, 'deprecated_hooks' ) );
456
457
		/*
458
		 * Do things that should run even in the network admin
459
		 * here, before we potentially fail out.
460
		 */
461
		add_filter( 'jetpack_require_lib_dir', array( $this, 'require_lib_dir' ) );
462
463
		/**
464
		 * We need sync object even in Multisite mode
465
		 */
466
		$this->sync = new Jetpack_Sync;
467
468
		/**
469
		 * Trigger a wp_version sync when updating WP versions
470
		 **/
471
		add_action( 'upgrader_process_complete', array( 'Jetpack', 'update_get_wp_version' ), 10, 2 );
472
		$this->sync->mock_option( 'wp_version', array( 'Jetpack', 'get_wp_version' ) );
473
474
		add_action( 'init', array( $this, 'sync_update_data') );
475
		add_action( 'init', array( $this, 'sync_theme_data' ) );
476
477
		/*
478
		 * Load things that should only be in Network Admin.
479
		 *
480
		 * For now blow away everything else until a more full
481
		 * understanding of what is needed at the network level is
482
		 * available
483
		 */
484
		if( is_multisite() ) {
485
			Jetpack_Network::init();
486
487
			// Only sync this info if we are on a multi site
488
			// @since  3.7
489
			$this->sync->mock_option( 'network_name', array( 'Jetpack', 'network_name' ) );
490
			$this->sync->mock_option( 'network_allow_new_registrations', array( 'Jetpack', 'network_allow_new_registrations' ) );
491
			$this->sync->mock_option( 'network_add_new_users', array( 'Jetpack', 'network_add_new_users' ) );
492
			$this->sync->mock_option( 'network_site_upload_space', array( 'Jetpack', 'network_site_upload_space' ) );
493
			$this->sync->mock_option( 'network_upload_file_types', array( 'Jetpack', 'network_upload_file_types' ) );
494
			$this->sync->mock_option( 'network_enable_administration_menus', array( 'Jetpack', 'network_enable_administration_menus' ) );
495
496
			if( is_network_admin() ) {
497
				// Sync network site data if it is updated or not.
498
				add_action( 'update_wpmu_options', array( $this, 'update_jetpack_network_settings' ) );
499
				return; // End here to prevent single site actions from firing
500
			}
501
		}
502
503
504
		$theme_slug = get_option( 'stylesheet' );
505
506
507
		// Modules should do Jetpack_Sync::sync_options( __FILE__, $option, ... ); instead
508
		// We access the "internal" method here only because the Jetpack object isn't instantiated yet
509
		$this->sync->options(
510
			JETPACK__PLUGIN_DIR . 'jetpack.php',
511
			'home',
512
			'siteurl',
513
			'blogname',
514
			'gmt_offset',
515
			'timezone_string',
516
			'security_report',
517
			'stylesheet',
518
			"theme_mods_{$theme_slug}",
519
			'jetpack_sync_non_public_post_stati',
520
			'jetpack_options',
521
			'site_icon', // (int) - ID of core's Site Icon attachment ID
522
			'default_post_format',
523
			'default_category',
524
			'large_size_w',
525
			'large_size_h',
526
			'thumbnail_size_w',
527
			'thumbnail_size_h',
528
			'medium_size_w',
529
			'medium_size_h',
530
			'thumbnail_crop',
531
			'image_default_link_type'
532
		);
533
534
		foreach( Jetpack_Options::get_option_names( 'non-compact' ) as $option ) {
535
			$this->sync->options( __FILE__, 'jetpack_' . $option );
536
		}
537
538
		/**
539
		 * Sometimes you want to sync data to .com without adding options to .org sites.
540
		 * The mock option allows you to do just that.
541
		 */
542
		$this->sync->mock_option( 'is_main_network',   array( $this, 'is_main_network_option' ) );
543
		$this->sync->mock_option( 'is_multi_site', array( $this, 'is_multisite' ) );
544
		$this->sync->mock_option( 'main_network_site', array( $this, 'jetpack_main_network_site_option' ) );
545
		$this->sync->mock_option( 'single_user_site', array( 'Jetpack', 'is_single_user_site' ) );
546
		$this->sync->mock_option( 'stat_data', array( $this, 'get_stat_data' ) );
547
548
		$this->sync->mock_option( 'has_file_system_write_access', array( 'Jetpack', 'file_system_write_access' ) );
549
		$this->sync->mock_option( 'is_version_controlled', array( 'Jetpack', 'is_version_controlled' ) );
550
		$this->sync->mock_option( 'max_upload_size', 'wp_max_upload_size' );
551
		$this->sync->mock_option( 'content_width', array( 'Jetpack', 'get_content_width' ) );
552
553
		/**
554
		 * Trigger an update to the main_network_site when we update the blogname of a site.
555
		 *
556
		 */
557
		add_action( 'update_option_siteurl', array( $this, 'update_jetpack_main_network_site_option' ) );
558
559
		add_action( 'update_option', array( $this, 'log_settings_change' ), 10, 3 );
560
561
		// Update the settings everytime the we register a new user to the site or we delete a user.
562
		add_action( 'user_register', array( $this, 'is_single_user_site_invalidate' ) );
563
		add_action( 'deleted_user', array( $this, 'is_single_user_site_invalidate' ) );
564
565
		// Unlink user before deleting the user from .com
566
		add_action( 'deleted_user', array( $this, 'unlink_user' ), 10, 1 );
567
		add_action( 'remove_user_from_blog', array( $this, 'unlink_user' ), 10, 1 );
568
569
		if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) {
570
			@ini_set( 'display_errors', false ); // Display errors can cause the XML to be not well formed.
571
572
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-xmlrpc-server.php';
573
			$this->xmlrpc_server = new Jetpack_XMLRPC_Server();
574
575
			$this->require_jetpack_authentication();
576
577
			if ( Jetpack::is_active() ) {
578
				// Hack to preserve $HTTP_RAW_POST_DATA
579
				add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
580
581
				$signed = $this->verify_xml_rpc_signature();
582
				if ( $signed && ! is_wp_error( $signed ) ) {
583
					// The actual API methods.
584
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) );
585
				} else {
586
					add_filter( 'xmlrpc_methods', '__return_empty_array' );
587
				}
588
			} else {
589
				// The bootstrap API methods.
590
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) );
591
			}
592
593
			// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on.
594
			add_filter( 'pre_option_enable_xmlrpc', '__return_true' );
595
		} elseif ( is_admin() && isset( $_POST['action'] ) && 'jetpack_upload_file' == $_POST['action'] ) {
596
			$this->require_jetpack_authentication();
597
			$this->add_remote_request_handlers();
598
		} else {
599
			if ( Jetpack::is_active() ) {
600
				add_action( 'login_form_jetpack_json_api_authorization', array( &$this, 'login_form_json_api_authorization' ) );
601
				add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) );
602
			}
603
		}
604
605
		if ( Jetpack::is_active() ) {
606
			Jetpack_Heartbeat::init();
607
		}
608
609
		add_action( 'jetpack_clean_nonces', array( 'Jetpack', 'clean_nonces' ) );
610
		if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) {
611
			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
612
		}
613
614
		add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ) );
615
616
		add_action( 'admin_init', array( $this, 'admin_init' ) );
617
		add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
618
619
		add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
620
621
		add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
622
		// Filter the dashboard meta box order to swap the new one in in place of the old one.
623
		add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
624
625
		add_action( 'wp_ajax_jetpack-sync-reindex-trigger', array( $this, 'sync_reindex_trigger' ) );
626
		add_action( 'wp_ajax_jetpack-sync-reindex-status', array( $this, 'sync_reindex_status' ) );
627
628
		// Jump Start AJAX callback function
629
		add_action( 'wp_ajax_jetpack_jumpstart_ajax',  array( $this, 'jetpack_jumpstart_ajax_callback' ) );
630
		add_action( 'update_option', array( $this, 'jumpstart_has_updated_module_option' ) );
631
632
		// Identity Crisis AJAX callback function
633
		add_action( 'wp_ajax_jetpack_resolve_identity_crisis', array( $this, 'resolve_identity_crisis_ajax_callback' ) );
634
635
		// JITM AJAX callback function
636
		add_action( 'wp_ajax_jitm_ajax',  array( $this, 'jetpack_jitm_ajax_callback' ) );
637
638
		add_action( 'wp_ajax_jetpack_admin_ajax',          array( $this, 'jetpack_admin_ajax_callback' ) );
639
		add_action( 'wp_ajax_jetpack_admin_ajax_refresh',  array( $this, 'jetpack_admin_ajax_refresh_data' ) );
640
641
		add_action( 'wp_loaded', array( $this, 'register_assets' ) );
642
		add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) );
643
		add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) );
644
		add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) );
645
646
		add_action( 'jetpack_activate_module', array( $this, 'activate_module_actions' ) );
647
648
		add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 );
649
650
		add_action( 'jetpack_notices', array( $this, 'show_development_mode_notice' ) );
651
652
		/**
653
		 * These actions run checks to load additional files.
654
		 * They check for external files or plugins, so they need to run as late as possible.
655
		 */
656
		add_action( 'wp_head', array( $this, 'check_open_graph' ),       1 );
657
		add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ),     999 );
658
		add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
659
660
		add_filter( 'plugins_url',      array( 'Jetpack', 'maybe_min_asset' ),     1, 3 );
661
		add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
662
663
		add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
664
665
		add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
666
		add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
667
668
		// A filter to control all just in time messages
669
		add_filter( 'jetpack_just_in_time_msgs', '__return_true' );
670
671
		/**
672
		 * This is the hack to concatinate all css files into one.
673
		 * For description and reasoning see the implode_frontend_css method
674
		 *
675
		 * Super late priority so we catch all the registered styles
676
		 */
677
		if( !is_admin() ) {
678
			add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
679
			add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
680
		}
681
682
		// Sync Core Icon: Detect changes in Core's Site Icon and make it syncable.
683
		add_action( 'add_option_site_icon',    array( $this, 'jetpack_sync_core_icon' ) );
684
		add_action( 'update_option_site_icon', array( $this, 'jetpack_sync_core_icon' ) );
685
		add_action( 'delete_option_site_icon', array( $this, 'jetpack_sync_core_icon' ) );
686
		add_action( 'jetpack_heartbeat',       array( $this, 'jetpack_sync_core_icon' ) );
687
688
	}
689
690
	/*
691
	 * Make sure any site icon added to core can get
692
	 * synced back to dotcom, so we can display it there.
693
	 */
694
	function jetpack_sync_core_icon() {
695
		if ( function_exists( 'get_site_icon_url' ) ) {
696
			$url = get_site_icon_url();
697
		} else {
698
			return;
699
		}
700
701
		require_once( JETPACK__PLUGIN_DIR . 'modules/site-icon/site-icon-functions.php' );
702
		// If there's a core icon, maybe update the option.  If not, fall back to Jetpack's.
703
		if ( ! empty( $url ) && $url !== jetpack_site_icon_url() ) {
704
			// This is the option that is synced with dotcom
705
			Jetpack_Options::update_option( 'site_icon_url', $url );
706
		} else if ( empty( $url ) && did_action( 'delete_option_site_icon' ) ) {
707
			Jetpack_Options::delete_option( 'site_icon_url' );
708
		}
709
	}
710
711
	function jetpack_admin_ajax_callback() {
712
		// Check for nonce
713 View Code Duplication
		if ( ! isset( $_REQUEST['adminNonce'] ) || ! wp_verify_nonce( $_REQUEST['adminNonce'], 'jetpack-admin-nonce' ) || ! current_user_can( 'jetpack_manage_modules' ) ) {
714
			wp_die( 'permissions check failed' );
715
		}
716
717
		if ( isset( $_REQUEST['toggleModule'] ) && 'nux-toggle-module' == $_REQUEST['toggleModule'] ) {
718
			$slug = $_REQUEST['thisModuleSlug'];
719
720
			if ( ! in_array( $slug, Jetpack::get_available_modules() ) ) {
721
				wp_die( 'That is not a Jetpack module slug' );
722
			}
723
724
			if ( Jetpack::is_module_active( $slug ) ) {
725
				Jetpack::deactivate_module( $slug );
726
			} else {
727
				Jetpack::activate_module( $slug, false, false );
728
			}
729
730
			$modules = Jetpack_Admin::init()->get_modules();
731
			echo json_encode( $modules[ $slug ] );
732
733
			exit;
734
		}
735
736
		wp_die();
737
	}
738
739
	/*
740
	 * Sometimes we need to refresh the data,
741
	 * especially if the page is visited via a 'history'
742
	 * event like back/forward
743
	 */
744
	function jetpack_admin_ajax_refresh_data() {
745
		// Check for nonce
746 View Code Duplication
		if ( ! isset( $_REQUEST['adminNonce'] ) || ! wp_verify_nonce( $_REQUEST['adminNonce'], 'jetpack-admin-nonce' ) ) {
747
			wp_die( 'permissions check failed' );
748
		}
749
750
		if ( isset( $_REQUEST['refreshData'] ) && 'refresh' == $_REQUEST['refreshData'] ) {
751
			$modules = Jetpack_Admin::init()->get_modules();
752
			echo json_encode( $modules );
753
			exit;
754
		}
755
756
		wp_die();
757
	}
758
759
	/**
760
	 * The callback for the Jump Start ajax requests.
761
	 */
762
	function jetpack_jumpstart_ajax_callback() {
763
		// Check for nonce
764
		if ( ! isset( $_REQUEST['jumpstartNonce'] ) || ! wp_verify_nonce( $_REQUEST['jumpstartNonce'], 'jetpack-jumpstart-nonce' ) )
765
			wp_die( 'permissions check failed' );
766
767
		if ( isset( $_REQUEST['jumpStartActivate'] ) && 'jump-start-activate' == $_REQUEST['jumpStartActivate'] ) {
768
			// Update the jumpstart option
769
			if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
770
				Jetpack_Options::update_option( 'jumpstart', 'jumpstart_activated' );
771
			}
772
773
			// Loops through the requested "Jump Start" modules, and activates them.
774
			// Custom 'no_message' state, so that no message will be shown on reload.
775
			$modules = $_REQUEST['jumpstartModSlug'];
776
			$module_slugs = array();
777
			foreach( $modules as $module => $value ) {
778
				$module_slugs[] = $value['module_slug'];
779
			}
780
781
			// Check for possible conflicting plugins
782
			$module_slugs_filtered = $this->filter_default_modules( $module_slugs );
783
784
			foreach ( $module_slugs_filtered as $module_slug ) {
785
				Jetpack::log( 'activate', $module_slug );
786
				Jetpack::activate_module( $module_slug, false, false );
787
				Jetpack::state( 'message', 'no_message' );
788
			}
789
790
			// Set the default sharing buttons and set to display on posts if none have been set.
791
			$sharing_services = get_option( 'sharing-services' );
792
			$sharing_options  = get_option( 'sharing-options' );
793
			if ( empty( $sharing_services['visible'] ) ) {
794
				// Default buttons to set
795
				$visible = array(
796
					'twitter',
797
					'facebook',
798
					'google-plus-1',
799
				);
800
				$hidden = array();
801
802
				// Set some sharing settings
803
				$sharing = new Sharing_Service();
804
				$sharing_options['global'] = array(
805
					'button_style'  => 'icon',
806
					'sharing_label' => $sharing->default_sharing_label,
807
					'open_links'    => 'same',
808
					'show'          => array( 'post' ),
809
					'custom'        => isset( $sharing_options['global']['custom'] ) ? $sharing_options['global']['custom'] : array()
810
				);
811
812
				update_option( 'sharing-options', $sharing_options );
813
814
				// Send a success response so that we can display an error message.
815
				$success = update_option( 'sharing-services', array( 'visible' => $visible, 'hidden' => $hidden ) );
816
				echo json_encode( $success );
817
				exit;
818
			}
819
820
		} elseif ( isset( $_REQUEST['disableJumpStart'] ) && true == $_REQUEST['disableJumpStart'] ) {
821
			// If dismissed, flag the jumpstart option as such.
822
			// Send a success response so that we can display an error message.
823
			if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
824
				$success = Jetpack_Options::update_option( 'jumpstart', 'jumpstart_dismissed' );
825
				echo json_encode( $success );
826
				exit;
827
			}
828
829
		} elseif ( isset( $_REQUEST['jumpStartDeactivate'] ) && 'jump-start-deactivate' == $_REQUEST['jumpStartDeactivate'] ) {
830
831
			// FOR TESTING ONLY
832
			// @todo remove
833
			$modules = (array) $_REQUEST['jumpstartModSlug'];
834
			foreach( $modules as $module => $value ) {
835
				if ( !in_array( $value['module_slug'], Jetpack::get_default_modules() ) ) {
836
					Jetpack::log( 'deactivate', $value['module_slug'] );
837
					Jetpack::deactivate_module( $value['module_slug'] );
838
					Jetpack::state( 'message', 'no_message' );
839
				} else {
840
					Jetpack::log( 'activate', $value['module_slug'] );
841
					Jetpack::activate_module( $value['module_slug'], false, false );
842
					Jetpack::state( 'message', 'no_message' );
843
				}
844
			}
845
846
			Jetpack_Options::update_option( 'jumpstart', 'new_connection' );
847
			echo "reload the page";
848
		}
849
850
		wp_die();
851
	}
852
853
	/**
854
	 * The callback for the JITM ajax requests.
855
	 */
856
	function jetpack_jitm_ajax_callback() {
857
		// Check for nonce
858
		if ( ! isset( $_REQUEST['jitmNonce'] ) || ! wp_verify_nonce( $_REQUEST['jitmNonce'], 'jetpack-jitm-nonce' ) ) {
859
			wp_die( 'Module activation failed due to lack of appropriate permissions' );
860
		}
861
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'activate' == $_REQUEST['jitmActionToTake'] ) {
862
			$module_slug = $_REQUEST['jitmModule'];
863
			Jetpack::log( 'activate', $module_slug );
864
			Jetpack::activate_module( $module_slug, false, false );
865
			Jetpack::state( 'message', 'no_message' );
866
867
			//A Jetpack module is being activated through a JITM, track it
868
			$this->stat( 'jitm', $module_slug.'-activated-' . JETPACK__VERSION );
869
			$this->do_stats( 'server_side' );
870
871
			wp_send_json_success();
872
		}
873
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'dismiss' == $_REQUEST['jitmActionToTake'] ) {
874
			// get the hide_jitm options array
875
			$jetpack_hide_jitm = Jetpack_Options::get_option( 'hide_jitm' );
876
			$module_slug = $_REQUEST['jitmModule'];
877
878
			if( ! $jetpack_hide_jitm ) {
879
				$jetpack_hide_jitm = array(
880
					$module_slug => 'hide'
881
				);
882
			} else {
883
				$jetpack_hide_jitm[$module_slug] = 'hide';
884
			}
885
886
			Jetpack_Options::update_option( 'hide_jitm', $jetpack_hide_jitm );
887
888
			//jitm is being dismissed forever, track it
889
			$this->stat( 'jitm', $module_slug.'-dismissed-' . JETPACK__VERSION );
890
			$this->do_stats( 'server_side' );
891
892
			wp_send_json_success();
893
		}
894 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'launch' == $_REQUEST['jitmActionToTake'] ) {
895
			$module_slug = $_REQUEST['jitmModule'];
896
897
			// User went to WordPress.com, track this
898
			$this->stat( 'jitm', $module_slug.'-wordpress-tools-' . JETPACK__VERSION );
899
			$this->do_stats( 'server_side' );
900
901
			wp_send_json_success();
902
		}
903 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'viewed' == $_REQUEST['jitmActionToTake'] ) {
904
			$track = $_REQUEST['jitmModule'];
905
906
			// User is viewing JITM, track it.
907
			$this->stat( 'jitm', $track . '-viewed-' . JETPACK__VERSION );
908
			$this->do_stats( 'server_side' );
909
910
			wp_send_json_success();
911
		}
912
	}
913
914
	/**
915
	 * If there are any stats that need to be pushed, but haven't been, push them now.
916
	 */
917
	function __destruct() {
918
		if ( ! empty( $this->stats ) ) {
919
			$this->do_stats( 'server_side' );
920
		}
921
	}
922
923
	function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
924
		switch( $cap ) {
925
			case 'jetpack_connect' :
926
			case 'jetpack_reconnect' :
927
				if ( Jetpack::is_development_mode() ) {
928
					$caps = array( 'do_not_allow' );
929
					break;
930
				}
931
				/**
932
				 * Pass through. If it's not development mode, these should match disconnect.
933
				 * Let users disconnect if it's development mode, just in case things glitch.
934
				 */
935
			case 'jetpack_disconnect' :
936
				/**
937
				 * In multisite, can individual site admins manage their own connection?
938
				 *
939
				 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
940
				 */
941
				if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
942
					if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
943
						/**
944
						 * We need to update the option name -- it's terribly unclear which
945
						 * direction the override goes.
946
						 *
947
						 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
948
						 */
949
						$caps = array( 'do_not_allow' );
950
						break;
951
					}
952
				}
953
954
				$caps = array( 'manage_options' );
955
				break;
956
			case 'jetpack_manage_modules' :
957
			case 'jetpack_activate_modules' :
958
			case 'jetpack_deactivate_modules' :
959
				$caps = array( 'manage_options' );
960
				break;
961
			case 'jetpack_configure_modules' :
962
				$caps = array( 'manage_options' );
963
				break;
964
			case 'jetpack_network_admin_page':
965
			case 'jetpack_network_settings_page':
966
				$caps = array( 'manage_network_plugins' );
967
				break;
968
			case 'jetpack_network_sites_page':
969
				$caps = array( 'manage_sites' );
970
				break;
971
			case 'jetpack_admin_page' :
972
				if ( Jetpack::is_development_mode() ) {
973
					$caps = array( 'manage_options' );
974
					break;
975
				}
976
977
				// Don't ever show to subscribers, but allow access to the page if they're trying to unlink.
978
				if ( ! current_user_can( 'edit_posts' ) ) {
979
					if ( isset( $_GET['redirect'] ) && 'sub-unlink' == $_GET['redirect'] ) {
980
						// We need this in order to unlink the user.
981
						$this->admin_page_load();
982
					}
983
					if ( ! wp_verify_nonce( 'jetpack-unlink' ) ) {
984
						$caps = array( 'do_not_allow' );
985
						break;
986
					}
987
				}
988
989
				if ( ! self::is_active() && ! current_user_can( 'jetpack_connect' ) ) {
990
					$caps = array( 'do_not_allow' );
991
					break;
992
				}
993
				/**
994
				 * Pass through. If it's not development mode, these should match the admin page.
995
				 * Let users disconnect if it's development mode, just in case things glitch.
996
				 */
997
			case 'jetpack_connect_user' :
998
				if ( Jetpack::is_development_mode() ) {
999
					$caps = array( 'do_not_allow' );
1000
					break;
1001
				}
1002
				$caps = array( 'read' );
1003
				break;
1004
		}
1005
		return $caps;
1006
	}
1007
1008
	function require_jetpack_authentication() {
1009
		// Don't let anyone authenticate
1010
		$_COOKIE = array();
1011
		remove_all_filters( 'authenticate' );
1012
1013
		/**
1014
		 * For the moment, remove Limit Login Attempts if its xmlrpc for Jetpack.
1015
		 * If Limit Login Attempts is installed as a mu-plugin, it can occasionally
1016
		 * generate false-positives.
1017
		 */
1018
		remove_filter( 'wp_login_failed', 'limit_login_failed' );
1019
1020
		if ( Jetpack::is_active() ) {
1021
			// Allow Jetpack authentication
1022
			add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 );
1023
		}
1024
	}
1025
1026
	/**
1027
	 * Load language files
1028
	 */
1029
	public static function plugin_textdomain() {
1030
		// Note to self, the third argument must not be hardcoded, to account for relocated folders.
1031
		load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
1032
	}
1033
1034
	/**
1035
	 * Register assets for use in various modules and the Jetpack admin page.
1036
	 *
1037
	 * @uses wp_script_is, wp_register_script, plugins_url
1038
	 * @action wp_loaded
1039
	 * @return null
1040
	 */
1041
	public function register_assets() {
1042
		if ( ! wp_script_is( 'spin', 'registered' ) ) {
1043
			wp_register_script( 'spin', plugins_url( '_inc/spin.js', JETPACK__PLUGIN_FILE ), false, '1.3' );
1044
		}
1045
1046
		if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
1047
			wp_register_script( 'jquery.spin', plugins_url( '_inc/jquery.spin.js', JETPACK__PLUGIN_FILE ) , array( 'jquery', 'spin' ), '1.3' );
1048
		}
1049
1050 View Code Duplication
		if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
1051
			wp_register_script( 'jetpack-gallery-settings', plugins_url( '_inc/gallery-settings.js', JETPACK__PLUGIN_FILE ), array( 'media-views' ), '20121225' );
1052
		}
1053
1054
		/**
1055
		 * As jetpack_register_genericons is by default fired off a hook,
1056
		 * the hook may have already fired by this point.
1057
		 * So, let's just trigger it manually.
1058
		 */
1059
		require_once( JETPACK__PLUGIN_DIR . '_inc/genericons.php' );
1060
		jetpack_register_genericons();
1061
1062 View Code Duplication
		if ( ! wp_style_is( 'jetpack-icons', 'registered' ) )
1063
			wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
1064
	}
1065
1066
	/**
1067
	 * Device Pixels support
1068
	 * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers.
1069
	 */
1070
	function devicepx() {
1071
		if ( Jetpack::is_active() ) {
1072
			wp_enqueue_script( 'devicepx', set_url_scheme( 'http://s0.wp.com/wp-content/js/devicepx-jetpack.js' ), array(), gmdate( 'oW' ), true );
1073
		}
1074
	}
1075
1076
	/*
1077
	 * Returns the location of Jetpack's lib directory. This filter is applied
1078
	 * in require_lib().
1079
	 *
1080
	 * @filter require_lib_dir
1081
	 */
1082
	function require_lib_dir() {
1083
		return JETPACK__PLUGIN_DIR . '_inc/lib';
1084
	}
1085
1086
	/**
1087
	 * Return the network_site_url so that .com knows what network this site is a part of.
1088
	 * @param  bool $option
1089
	 * @return string
1090
	 */
1091
	public function jetpack_main_network_site_option( $option ) {
1092
		return network_site_url();
1093
	}
1094
	/**
1095
	 * Network Name.
1096
	 */
1097
	static function network_name( $option = null ) {
1098
		global $current_site;
1099
		return $current_site->site_name;
1100
	}
1101
	/**
1102
	 * Does the network allow new user and site registrations.
1103
	 * @return string
1104
	 */
1105
	static function network_allow_new_registrations( $option = null ) {
1106
		return ( in_array( get_site_option( 'registration' ), array('none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration') : 'none' );
1107
	}
1108
	/**
1109
	 * Does the network allow admins to add new users.
1110
	 * @return boolian
1111
	 */
1112
	static function network_add_new_users( $option = null ) {
1113
		return (bool) get_site_option( 'add_new_users' );
1114
	}
1115
	/**
1116
	 * File upload psace left per site in MB.
1117
	 *  -1 means NO LIMIT.
1118
	 * @return number
1119
	 */
1120
	static function network_site_upload_space( $option = null ) {
1121
		// value in MB
1122
		return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
1123
	}
1124
1125
	/**
1126
	 * Network allowed file types.
1127
	 * @return string
1128
	 */
1129
	static function network_upload_file_types( $option = null ) {
1130
		return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
1131
	}
1132
1133
	/**
1134
	 * Maximum file upload size set by the network.
1135
	 * @return number
1136
	 */
1137
	static function network_max_upload_file_size( $option = null ) {
1138
		// value in KB
1139
		return get_site_option( 'fileupload_maxk', 300 );
1140
	}
1141
1142
	/**
1143
	 * Lets us know if a site allows admins to manage the network.
1144
	 * @return array
1145
	 */
1146
	static function network_enable_administration_menus( $option = null ) {
1147
		return get_site_option( 'menu_items' );
1148
	}
1149
1150
	/**
1151
	 * Return whether we are dealing with a multi network setup or not.
1152
	 * The reason we are type casting this is because we want to avoid the situation where
1153
	 * the result is false since when is_main_network_option return false it cases
1154
	 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
1155
	 * database which could be set to anything as opposed to what this function returns.
1156
	 * @param  bool  $option
1157
	 *
1158
	 * @return boolean
1159
	 */
1160
	public function is_main_network_option( $option ) {
1161
		// return '1' or ''
1162
		return (string) (bool) Jetpack::is_multi_network();
1163
	}
1164
1165
	/**
1166
	 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
1167
	 *
1168
	 * @param  string  $option
1169
	 * @return boolean
1170
	 */
1171
	public function is_multisite( $option ) {
1172
		return (string) (bool) is_multisite();
1173
	}
1174
1175
	/**
1176
	 * Implemented since there is no core is multi network function
1177
	 * Right now there is no way to tell if we which network is the dominant network on the system
1178
	 *
1179
	 * @since  3.3
1180
	 * @return boolean
1181
	 */
1182
	public static function is_multi_network() {
1183
		global  $wpdb;
1184
1185
		// if we don't have a multi site setup no need to do any more
1186
		if ( ! is_multisite() ) {
1187
			return false;
1188
		}
1189
1190
		$num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
1191
		if ( $num_sites > 1 ) {
1192
			return true;
1193
		} else {
1194
			return false;
1195
		}
1196
	}
1197
1198
	/**
1199
	 * Trigger an update to the main_network_site when we update the siteurl of a site.
1200
	 * @return null
1201
	 */
1202
	function update_jetpack_main_network_site_option() {
1203
		// do_action( 'add_option_$option', '$option', '$value-of-the-option' );
1204
		/**
1205
		 * Fires when the site URL is updated.
1206
		 * Determines if the site is the main site of a Mulitiste network.
1207
		 *
1208
		 * @since 3.3.0
1209
		 *
1210
		 * @param string jetpack_main_network_site.
1211
		 * @param string network_site_url() Site URL for the "main" site of the current Multisite network.
1212
		 */
1213
		do_action( 'add_option_jetpack_main_network_site', 'jetpack_main_network_site', network_site_url() );
1214
		/**
1215
		 * Fires when the site URL is updated.
1216
		 * Determines if the is part of a multi network.
1217
		 *
1218
		 * @since 3.3.0
1219
		 *
1220
		 * @param string jetpack_is_main_network.
1221
		 * @param bool Jetpack::is_multi_network() Is the site part of a multi network.
1222
		 */
1223
		do_action( 'add_option_jetpack_is_main_network', 'jetpack_is_main_network', (string) (bool) Jetpack::is_multi_network() );
1224
		/**
1225
		 * Fires when the site URL is updated.
1226
		 * Determines if the site is part of a multisite network.
1227
		 *
1228
		 * @since 3.4.0
1229
		 *
1230
		 * @param string jetpack_is_multi_site.
1231
		 * @param bool is_multisite() Is the site part of a mutlisite network.
1232
		 */
1233
		do_action( 'add_option_jetpack_is_multi_site', 'jetpack_is_multi_site', (string) (bool) is_multisite() );
1234
	}
1235
	/**
1236
	 * Triggered after a user updates the network settings via Network Settings Admin Page
1237
	 *
1238
	 */
1239
	function update_jetpack_network_settings() {
1240
		// Only sync this info for the main network site.
1241
		do_action( 'add_option_jetpack_network_name', 'jetpack_network_name', Jetpack::network_name() );
1242
		do_action( 'add_option_jetpack_network_allow_new_registrations', 'jetpack_network_allow_new_registrations', Jetpack::network_allow_new_registrations() );
1243
		do_action( 'add_option_jetpack_network_add_new_users', 'jetpack_network_add_new_users', Jetpack::network_add_new_users() );
1244
		do_action( 'add_option_jetpack_network_site_upload_space', 'jetpack_network_site_upload_space', Jetpack::network_site_upload_space() );
1245
		do_action( 'add_option_jetpack_network_upload_file_types', 'jetpack_network_upload_file_types', Jetpack::network_upload_file_types() );
1246
		do_action( 'add_option_jetpack_network_enable_administration_menus', 'jetpack_network_enable_administration_menus', Jetpack::network_enable_administration_menus() );
1247
1248
	}
1249
1250
	/**
1251
	 * Get back if the current site is single user site.
1252
	 *
1253
	 * @return bool
1254
	 */
1255
	public static function is_single_user_site() {
1256
1257
		$user_query = new WP_User_Query( array(
1258
			'blog_id' => get_current_blog_id(),
1259
			'fields'  => 'ID',
1260
			'number' => 2
1261
		) );
1262
		return 1 === (int) $user_query->get_total();
1263
	}
1264
1265
	/**
1266
	 * Returns true if the site has file write access false otherwise.
1267
	 * @return string ( '1' | '0' )
1268
	 **/
1269
	public static function file_system_write_access() {
1270
		if ( ! function_exists( 'get_filesystem_method' ) ) {
1271
			require_once( ABSPATH . 'wp-admin/includes/file.php' );
1272
		}
1273
1274
		require_once( ABSPATH . 'wp-admin/includes/template.php' );
1275
1276
		$filesystem_method = get_filesystem_method();
1277
		if ( $filesystem_method === 'direct' ) {
1278
			return 1;
1279
		}
1280
1281
		ob_start();
1282
		$filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1283
		ob_end_clean();
1284
		if ( $filesystem_credentials_are_stored ) {
1285
			return 1;
1286
		}
1287
		return 0;
1288
	}
1289
1290
	/**
1291
	 * Finds out if a site is using a version control system.
1292
	 * @return string ( '1' | '0' )
1293
	 **/
1294
	public static function is_version_controlled() {
1295
1296
		if ( !class_exists( 'WP_Automatic_Updater' ) ) {
1297
			require_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
1298
		}
1299
		$updater = new WP_Automatic_Updater();
1300
		$is_version_controlled = strval( $updater->is_vcs_checkout( $context = ABSPATH ) );
1301
		// transients should not be empty
1302
		if ( empty( $is_version_controlled ) ) {
1303
			$is_version_controlled = '0';
1304
		}
1305
		return $is_version_controlled;
1306
	}
1307
1308
	/**
1309
	 * Determines whether the current theme supports featured images or not.
1310
	 * @return string ( '1' | '0' )
1311
	 */
1312
	public static function featured_images_enabled() {
1313
		return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1314
	}
1315
1316
	/*
1317
	 * Sync back wp_version
1318
	 */
1319
	public static function get_wp_version() {
1320
		global $wp_version;
1321
		return $wp_version;
1322
	}
1323
1324
	/**
1325
	 * Keeps wp_version in sync with .com when WordPress core updates
1326
	 **/
1327
	public static function update_get_wp_version( $update, $meta_data ) {
1328
		if ( 'update' === $meta_data['action'] && 'core' === $meta_data['type'] ) {
1329
			/** This action is documented in wp-includes/option.php */
1330
			/**
1331
			 * This triggers the sync for the jetpack version
1332
			 * See Jetpack_Sync options method for more info.
1333
			 */
1334
			do_action( 'add_option_jetpack_wp_version', 'jetpack_wp_version', (string) Jetpack::get_wp_version() );
1335
		}
1336
	}
1337
1338
	/**
1339
	 * Triggers a sync of update counts and update details
1340
	 */
1341
	function sync_update_data() {
1342
		// Anytime WordPress saves update data, we'll want to sync update data
1343
		add_action( 'set_site_transient_update_plugins', array( 'Jetpack', 'refresh_update_data' ) );
1344
		add_action( 'set_site_transient_update_themes', array( 'Jetpack', 'refresh_update_data' ) );
1345
		add_action( 'set_site_transient_update_core', array( 'Jetpack', 'refresh_update_data' ) );
1346
		// Anytime a connection to jetpack is made, sync the update data
1347
		add_action( 'jetpack_site_registered', array( 'Jetpack', 'refresh_update_data' ) );
1348
		// Anytime the Jetpack Version changes, sync the the update data
1349
		add_action( 'updating_jetpack_version', array( 'Jetpack', 'refresh_update_data' ) );
1350
1351
		if ( current_user_can( 'update_core' ) && current_user_can( 'update_plugins' ) && current_user_can( 'update_themes' ) ) {
1352
			$this->sync->mock_option( 'updates', array( 'Jetpack', 'get_updates' ) );
1353
		}
1354
1355
		$this->sync->mock_option( 'update_details', array( 'Jetpack', 'get_update_details' ) );
1356
	}
1357
1358
	/**
1359
	 * Triggers a sync of information specific to the current theme.
1360
	 */
1361
	function sync_theme_data() {
1362
		add_action( 'switch_theme', array( 'Jetpack', 'refresh_theme_data' ) );
1363
		$this->sync->mock_option( 'featured_images_enabled', array( 'Jetpack', 'featured_images_enabled' ) );
1364
	}
1365
1366
	/**
1367
	 * jetpack_updates is saved in the following schema:
1368
	 *
1369
	 * array (
1370
	 *      'plugins'                       => (int) Number of plugin updates available.
1371
	 *      'themes'                        => (int) Number of theme updates available.
1372
	 *      'wordpress'                     => (int) Number of WordPress core updates available.
1373
	 *      'translations'                  => (int) Number of translation updates available.
1374
	 *      'total'                         => (int) Total of all available updates.
1375
	 *      'wp_update_version'             => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1376
	 * )
1377
	 * @return array
1378
	 */
1379
	public static function get_updates() {
1380
		$update_data = wp_get_update_data();
1381
1382
		// Stores the individual update counts as well as the total count.
1383
		if ( isset( $update_data['counts'] ) ) {
1384
			$updates = $update_data['counts'];
1385
		}
1386
1387
		// If we need to update WordPress core, let's find the latest version number.
1388 View Code Duplication
		if ( ! empty( $updates['wordpress'] ) ) {
1389
			$cur = get_preferred_from_update_core();
1390
			if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1391
				$updates['wp_update_version'] = $cur->current;
1392
			}
1393
		}
1394
		return isset( $updates ) ? $updates : array();
1395
	}
1396
1397
	public static function get_update_details() {
1398
		$update_details = array(
1399
			'update_core' => get_site_transient( 'update_core' ),
1400
			'update_plugins' => get_site_transient( 'update_plugins' ),
1401
			'update_themes' => get_site_transient( 'update_themes' ),
1402
		);
1403
		return $update_details;
1404
	}
1405
1406
	public static function refresh_update_data() {
1407
		if ( current_user_can( 'update_core' ) && current_user_can( 'update_plugins' ) && current_user_can( 'update_themes' ) ) {
1408
			/**
1409
			 * Fires whenever the amount of updates needed for a site changes.
1410
			 * Syncs an array that includes the number of theme, plugin, and core updates available, as well as the latest core version available.
1411
			 *
1412
			 * @since 3.7.0
1413
			 *
1414
			 * @param string jetpack_updates
1415
			 * @param array Update counts calculated by Jetpack::get_updates
1416
			 */
1417
			do_action( 'add_option_jetpack_updates', 'jetpack_updates', Jetpack::get_updates() );
1418
		}
1419
		/**
1420
		 * Fires whenever the amount of updates needed for a site changes.
1421
		 * Syncs an array of core, theme, and plugin data, and which of each is out of date
1422
		 *
1423
		 * @since 3.7.0
1424
		 *
1425
		 * @param string jetpack_update_details
1426
		 * @param array Update details calculated by Jetpack::get_update_details
1427
		 */
1428
		do_action( 'add_option_jetpack_update_details', 'jetpack_update_details', Jetpack::get_update_details() );
1429
	}
1430
1431
	public static function refresh_theme_data() {
1432
		/**
1433
		 * Fires whenever a theme change is made.
1434
		 *
1435
		 * @since 3.8.1
1436
		 *
1437
		 * @param string featured_images_enabled
1438
		 * @param boolean Whether featured images are enabled or not
1439
		 */
1440
		do_action( 'add_option_jetpack_featured_images_enabled', 'jetpack_featured_images_enabled', Jetpack::featured_images_enabled() );
1441
	}
1442
1443
	/**
1444
	 * Invalides the transient as well as triggers the update of the mock option.
1445
	 *
1446
	 * @return null
1447
	 */
1448
	function is_single_user_site_invalidate() {
1449
		/**
1450
		 * Fires when a user is added or removed from a site.
1451
		 * Determines if the site is a single user site.
1452
		 *
1453
		 * @since 3.4.0
1454
		 *
1455
		 * @param string jetpack_single_user_site.
1456
		 * @param bool Jetpack::is_single_user_site() Is the current site a single user site.
1457
		 */
1458
		do_action( 'update_option_jetpack_single_user_site', 'jetpack_single_user_site', (bool) Jetpack::is_single_user_site() );
1459
	}
1460
1461
	/**
1462
	 * Is Jetpack active?
1463
	 */
1464
	public static function is_active() {
1465
		return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1466
	}
1467
1468
	/**
1469
	 * Is Jetpack in development (offline) mode?
1470
	 */
1471
	public static function is_development_mode() {
1472
		$development_mode = false;
1473
1474
		if ( defined( 'JETPACK_DEV_DEBUG' ) ) {
1475
			$development_mode = JETPACK_DEV_DEBUG;
1476
		}
1477
1478
		elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1479
			$development_mode = true;
1480
		}
1481
		/**
1482
		 * Filters Jetpack's development mode.
1483
		 *
1484
		 * @see http://jetpack.me/support/development-mode/
1485
		 *
1486
		 * @since 2.2.1
1487
		 *
1488
		 * @param bool $development_mode Is Jetpack's development mode active.
1489
		 */
1490
		return apply_filters( 'jetpack_development_mode', $development_mode );
1491
	}
1492
1493
	/**
1494
	* Get Jetpack development mode notice text and notice class.
1495
	*
1496
	* Mirrors the checks made in Jetpack::is_development_mode
1497
	*
1498
	*/
1499
	public static function show_development_mode_notice() {
1500
		if ( Jetpack::is_development_mode() ) {
1501
			if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1502
				$notice = sprintf(
1503
					/* translators: %s is a URL */
1504
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the JETPACK_DEV_DEBUG constant being defined in wp-config.php or elsewhere.', 'jetpack' ),
1505
					'http://jetpack.me/support/development-mode/'
1506
				);
1507
			} elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1508
				$notice = sprintf(
1509
					/* translators: %s is a URL */
1510
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via site URL lacking a dot (e.g. http://localhost).', 'jetpack' ),
1511
					'http://jetpack.me/support/development-mode/'
1512
				);
1513
			} else {
1514
				$notice = sprintf(
1515
					/* translators: %s is a URL */
1516
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the jetpack_development_mode filter.', 'jetpack' ),
1517
					'http://jetpack.me/support/development-mode/'
1518
				);
1519
			}
1520
1521
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1522
		}
1523
1524
		// Throw up a notice if using a development version and as for feedback.
1525
		if ( Jetpack::is_development_version() ) {
1526
			/* translators: %s is a URL */
1527
			$notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.me/contact-support/beta-group/' );
1528
1529
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1530
		}
1531
		// Throw up a notice if using staging mode
1532
		if ( Jetpack::is_staging_site() ) {
1533
			/* translators: %s is a URL */
1534
			$notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', jetpack ), 'https://jetpack.me/support/staging-sites/' );
1535
1536
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1537
		}
1538
	}
1539
1540
	/**
1541
	 * Whether Jetpack's version maps to a public release, or a development version.
1542
	 */
1543
	public static function is_development_version() {
1544
		return ! preg_match( '/^\d+(\.\d+)+$/', JETPACK__VERSION );
1545
	}
1546
1547
	/**
1548
	 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1549
	 */
1550
	public static function is_user_connected( $user_id = false ) {
1551
		$user_id = false === $user_id ? get_current_user_id() : absint( $user_id );
1552
		if ( ! $user_id ) {
1553
			return false;
1554
		}
1555
		return (bool) Jetpack_Data::get_access_token( $user_id );
1556
	}
1557
1558
	/**
1559
	 * Get the wpcom user data of the current|specified connected user.
1560
	 */
1561 View Code Duplication
	public static function get_connected_user_data( $user_id = null ) {
1562
		if ( ! $user_id ) {
1563
			$user_id = get_current_user_id();
1564
		}
1565
		Jetpack::load_xml_rpc_client();
1566
		$xml = new Jetpack_IXR_Client( array(
1567
			'user_id' => $user_id,
1568
		) );
1569
		$xml->query( 'wpcom.getUser' );
1570
		if ( ! $xml->isError() ) {
1571
			return $xml->getResponse();
1572
		}
1573
		return false;
1574
	}
1575
1576
	/**
1577
	 * Get the wpcom email of the current|specified connected user.
1578
	 */
1579 View Code Duplication
	public static function get_connected_user_email( $user_id = null ) {
1580
		if ( ! $user_id ) {
1581
			$user_id = get_current_user_id();
1582
		}
1583
		Jetpack::load_xml_rpc_client();
1584
		$xml = new Jetpack_IXR_Client( array(
1585
			'user_id' => $user_id,
1586
		) );
1587
		$xml->query( 'wpcom.getUserEmail' );
1588
		if ( ! $xml->isError() ) {
1589
			return $xml->getResponse();
1590
		}
1591
		return false;
1592
	}
1593
1594
	/**
1595
	 * Get the wpcom email of the master user.
1596
	 */
1597
	public static function get_master_user_email() {
1598
		$master_user_id = Jetpack_Options::get_option( 'master_user' );
1599
		if ( $master_user_id ) {
1600
			return self::get_connected_user_email( $master_user_id );
1601
		}
1602
		return '';
1603
	}
1604
1605
	function current_user_is_connection_owner() {
1606
		$user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1607
		return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && get_current_user_id() === $user_token->external_user_id;
1608
	}
1609
1610
	/**
1611
	 * Add any extra oEmbed providers that we know about and use on wpcom for feature parity.
1612
	 */
1613
	function extra_oembed_providers() {
1614
		// Cloudup: https://dev.cloudup.com/#oembed
1615
		wp_oembed_add_provider( 'https://cloudup.com/*' , 'https://cloudup.com/oembed' );
1616
		wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' );
1617
		wp_oembed_add_provider( '#https?://(www\.)?gfycat\.com/.*#i', 'https://api.gfycat.com/v1/oembed', true );
1618
		wp_oembed_add_provider( '#https?://[^.]+\.(wistia\.com|wi\.st)/(medias|embed)/.*#', 'https://fast.wistia.com/oembed', true );
1619
		wp_oembed_add_provider( '#https?://sketchfab\.com/.*#i', 'https://sketchfab.com/oembed', true );
1620
	}
1621
1622
	/**
1623
	 * Synchronize connected user role changes
1624
	 */
1625
	function user_role_change( $user_id ) {
1626
		if ( Jetpack::is_active() && Jetpack::is_user_connected( $user_id ) ) {
1627
			$current_user_id = get_current_user_id();
1628
			wp_set_current_user( $user_id );
1629
			$role = $this->translate_current_user_to_role();
1630
			$signed_role = $this->sign_role( $role );
1631
			wp_set_current_user( $current_user_id );
1632
1633
			$master_token   = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1634
			$master_user_id = absint( $master_token->external_user_id );
1635
1636
			if ( ! $master_user_id )
1637
				return; // this shouldn't happen
1638
1639
			Jetpack::xmlrpc_async_call( 'jetpack.updateRole', $user_id, $signed_role );
1640
			//@todo retry on failure
1641
1642
			//try to choose a new master if we're demoting the current one
1643
			if ( $user_id == $master_user_id && 'administrator' != $role ) {
1644
				$query = new WP_User_Query(
1645
					array(
1646
						'fields'  => array( 'id' ),
1647
						'role'    => 'administrator',
1648
						'orderby' => 'id',
1649
						'exclude' => array( $master_user_id ),
1650
					)
1651
				);
1652
				$new_master = false;
1653
				foreach ( $query->results as $result ) {
1654
					$uid = absint( $result->id );
1655
					if ( $uid && Jetpack::is_user_connected( $uid ) ) {
1656
						$new_master = $uid;
1657
						break;
1658
					}
1659
				}
1660
1661
				if ( $new_master ) {
1662
					Jetpack_Options::update_option( 'master_user', $new_master );
1663
				}
1664
				// else disconnect..?
1665
			}
1666
		}
1667
	}
1668
1669
	/**
1670
	 * Loads the currently active modules.
1671
	 */
1672
	public static function load_modules() {
1673
		if ( ! self::is_active() && !self::is_development_mode() ) {
1674
			if ( ! is_multisite() || ! get_site_option( 'jetpack_protect_active' ) ) {
1675
				return;
1676
			}
1677
		}
1678
1679
		$version = Jetpack_Options::get_option( 'version' );
1680 View Code Duplication
		if ( ! $version ) {
1681
			$version = $old_version = JETPACK__VERSION . ':' . time();
1682
			/** This action is documented in class.jetpack.php */
1683
			do_action( 'updating_jetpack_version', $version, false );
1684
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1685
		}
1686
		list( $version ) = explode( ':', $version );
1687
1688
		$modules = array_filter( Jetpack::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1689
1690
		$modules_data = array();
1691
1692
		// Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1693
		if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1694
			$updated_modules = array();
1695
			foreach ( $modules as $module ) {
1696
				$modules_data[ $module ] = Jetpack::get_module( $module );
1697
				if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1698
					continue;
1699
				}
1700
1701
				if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1702
					continue;
1703
				}
1704
1705
				$updated_modules[] = $module;
1706
			}
1707
1708
			$modules = array_diff( $modules, $updated_modules );
1709
		}
1710
1711
		$is_development_mode = Jetpack::is_development_mode();
1712
1713
		foreach ( $modules as $index => $module ) {
1714
			// If we're in dev mode, disable modules requiring a connection
1715
			if ( $is_development_mode ) {
1716
				// Prime the pump if we need to
1717
				if ( empty( $modules_data[ $module ] ) ) {
1718
					$modules_data[ $module ] = Jetpack::get_module( $module );
1719
				}
1720
				// If the module requires a connection, but we're in local mode, don't include it.
1721
				if ( $modules_data[ $module ]['requires_connection'] ) {
1722
					continue;
1723
				}
1724
			}
1725
1726
			if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1727
				continue;
1728
			}
1729
1730
			if ( ! @include( Jetpack::get_module_path( $module ) ) ) {
1731
				unset( $modules[ $index ] );
1732
				Jetpack_Options::update_option( 'active_modules', array_values( $modules ) );
1733
				continue;
1734
			}
1735
1736
			/**
1737
			 * Fires when a specific module is loaded.
1738
			 * The dynamic part of the hook, $module, is the module slug.
1739
			 *
1740
			 * @since 1.1.0
1741
			 */
1742
			do_action( 'jetpack_module_loaded_' . $module );
1743
		}
1744
1745
		/**
1746
		 * Fires when all the modules are loaded.
1747
		 *
1748
		 * @since 1.1.0
1749
		 */
1750
		do_action( 'jetpack_modules_loaded' );
1751
1752
		// Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1753
		if ( Jetpack::is_active() || Jetpack::is_development_mode() )
1754
			require_once( JETPACK__PLUGIN_DIR . 'modules/module-extras.php' );
1755
	}
1756
1757
	/**
1758
	 * Check if Jetpack's REST API compat file should be included
1759
	 * @action plugins_loaded
1760
	 * @return null
1761
	 */
1762
	public function check_rest_api_compat() {
1763
		/**
1764
		 * Filters the list of REST API compat files to be included.
1765
		 *
1766
		 * @since 2.2.5
1767
		 *
1768
		 * @param array $args Array of REST API compat files to include.
1769
		 */
1770
		$_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1771
1772
		if ( function_exists( 'bbpress' ) )
1773
			$_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php';
1774
1775
		foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include )
1776
			require_once $_jetpack_rest_api_compat_include;
1777
	}
1778
1779
	/**
1780
	 * Gets all plugins currently active in values, regardless of whether they're
1781
	 * traditionally activated or network activated.
1782
	 *
1783
	 * @todo Store the result in core's object cache maybe?
1784
	 */
1785
	public static function get_active_plugins() {
1786
		$active_plugins = (array) get_option( 'active_plugins', array() );
1787
1788
		if ( is_multisite() ) {
1789
			// Due to legacy code, active_sitewide_plugins stores them in the keys,
1790
			// whereas active_plugins stores them in the values.
1791
			$network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
1792
			if ( $network_plugins ) {
1793
				$active_plugins = array_merge( $active_plugins, $network_plugins );
1794
			}
1795
		}
1796
1797
		sort( $active_plugins );
1798
1799
		return array_unique( $active_plugins );
1800
	}
1801
1802
	/**
1803
	 * Gets and parses additional plugin data to send with the heartbeat data
1804
	 *
1805
	 * @since 3.8.1
1806
	 *
1807
	 * @return array Array of plugin data
1808
	 */
1809
	public static function get_parsed_plugin_data() {
1810
		if ( ! function_exists( 'get_plugins' ) ) {
1811
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1812
		}
1813
		$all_plugins    = get_plugins();
1814
		$active_plugins = Jetpack::get_active_plugins();
1815
1816
		$plugins = array();
1817
		foreach ( $all_plugins as $path => $plugin_data ) {
1818
			$plugins[ $path ] = array(
1819
					'is_active' => in_array( $path, $active_plugins ),
1820
					'file'      => $path,
1821
					'name'      => $plugin_data['Name'],
1822
					'version'   => $plugin_data['Version'],
1823
					'author'    => $plugin_data['Author'],
1824
			);
1825
		}
1826
1827
		return $plugins;
1828
	}
1829
1830
	/**
1831
	 * Gets and parses theme data to send with the heartbeat data
1832
	 *
1833
	 * @since 3.8.1
1834
	 *
1835
	 * @return array Array of theme data
1836
	 */
1837
	public static function get_parsed_theme_data() {
1838
		$all_themes = wp_get_themes( array( 'allowed' => true ) );
1839
		$header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
1840
1841
		$themes = array();
1842
		foreach ( $all_themes as $slug => $theme_data ) {
1843
			$theme_headers = array();
1844
			foreach ( $header_keys as $header_key ) {
1845
				$theme_headers[ $header_key ] = $theme_data->get( $header_key );
1846
			}
1847
1848
			$themes[ $slug ] = array(
1849
					'is_active_theme' => $slug == wp_get_theme()->get_template(),
1850
					'slug' => $slug,
1851
					'theme_root' => $theme_data->get_theme_root_uri(),
1852
					'parent' => $theme_data->parent(),
1853
					'headers' => $theme_headers
1854
			);
1855
		}
1856
1857
		return $themes;
1858
	}
1859
1860
	/**
1861
	 * Checks whether a specific plugin is active.
1862
	 *
1863
	 * We don't want to store these in a static variable, in case
1864
	 * there are switch_to_blog() calls involved.
1865
	 */
1866
	public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
1867
		return in_array( $plugin, self::get_active_plugins() );
1868
	}
1869
1870
	/**
1871
	 * Check if Jetpack's Open Graph tags should be used.
1872
	 * If certain plugins are active, Jetpack's og tags are suppressed.
1873
	 *
1874
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1875
	 * @action plugins_loaded
1876
	 * @return null
1877
	 */
1878
	public function check_open_graph() {
1879
		if ( in_array( 'publicize', Jetpack::get_active_modules() ) || in_array( 'sharedaddy', Jetpack::get_active_modules() ) ) {
1880
			add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
1881
		}
1882
1883
		$active_plugins = self::get_active_plugins();
1884
1885
		if ( ! empty( $active_plugins ) ) {
1886
			foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
1887
				if ( in_array( $plugin, $active_plugins ) ) {
1888
					add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
1889
					break;
1890
				}
1891
			}
1892
		}
1893
1894
		/**
1895
		 * Allow the addition of Open Graph Meta Tags to all pages.
1896
		 *
1897
		 * @since 2.0.3
1898
		 *
1899
		 * @param bool false Should Open Graph Meta tags be added. Default to false.
1900
		 */
1901
		if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
1902
			require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
1903
		}
1904
	}
1905
1906
	/**
1907
	 * Check if Jetpack's Twitter tags should be used.
1908
	 * If certain plugins are active, Jetpack's twitter tags are suppressed.
1909
	 *
1910
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1911
	 * @action plugins_loaded
1912
	 * @return null
1913
	 */
1914
	public function check_twitter_tags() {
1915
1916
		$active_plugins = self::get_active_plugins();
1917
1918
		if ( ! empty( $active_plugins ) ) {
1919
			foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
1920
				if ( in_array( $plugin, $active_plugins ) ) {
1921
					add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
1922
					break;
1923
				}
1924
			}
1925
		}
1926
1927
		/**
1928
		 * Allow Twitter Card Meta tags to be disabled.
1929
		 *
1930
		 * @since 2.6.0
1931
		 *
1932
		 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
1933
		 */
1934
		if ( apply_filters( 'jetpack_disable_twitter_cards', true ) ) {
1935
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
1936
		}
1937
	}
1938
1939
1940
1941
1942
	/*
1943
	 *
1944
	 * Jetpack Security Reports
1945
	 *
1946
	 * Allowed types: login_form, backup, file_scanning, spam
1947
	 *
1948
	 * Args for login_form and spam: 'blocked'=>(int)(optional), 'status'=>(string)(ok, warning, error), 'message'=>(optional, disregarded if status is ok, allowed tags: a, em, strong)
1949
	 *
1950
	 * Args for backup and file_scanning: 'last'=>(timestamp)(optional), 'next'=>(timestamp)(optional), 'status'=>(string)(ok, warning, error), 'message'=>(optional, disregarded if status is ok, allowed tags: a, em, strong)
1951
	 *
1952
	 *
1953
	 * Example code to submit a security report:
1954
	 *
1955
	 *  function akismet_submit_jetpack_security_report() {
1956
	 *  	Jetpack::submit_security_report( 'spam', __FILE__, $args = array( 'blocked' => 138284, status => 'ok' ) );
1957
	 *  }
1958
	 *  add_action( 'jetpack_security_report', 'akismet_submit_jetpack_security_report' );
1959
	 *
1960
	 */
1961
1962
1963
	/**
1964
	 * Calls for security report submissions.
1965
	 *
1966
	 * @return null
1967
	 */
1968
	public static function perform_security_reporting() {
1969
		$no_check_needed = get_site_transient( 'security_report_performed_recently' );
1970
1971
		if ( $no_check_needed ) {
1972
			return;
1973
		}
1974
1975
		/**
1976
		 * Fires before a security report is created.
1977
		 *
1978
		 * @since 3.4.0
1979
		 */
1980
		do_action( 'jetpack_security_report' );
1981
1982
		Jetpack_Options::update_option( 'security_report', self::$security_report );
1983
		set_site_transient( 'security_report_performed_recently', 1, 15 * MINUTE_IN_SECONDS );
1984
	}
1985
1986
	/**
1987
	 * Allows plugins to submit security reports.
1988
 	 *
1989
	 * @param string  $type         Report type (login_form, backup, file_scanning, spam)
1990
	 * @param string  $plugin_file  Plugin __FILE__, so that we can pull plugin data
1991
	 * @param array   $args         See definitions above
1992
	 */
1993
	public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
1994
1995
		if( !doing_action( 'jetpack_security_report' ) ) {
1996
			return new WP_Error( 'not_collecting_report', 'Not currently collecting security reports.  Please use the jetpack_security_report hook.' );
1997
		}
1998
1999
		if( !is_string( $type ) || !is_string( $plugin_file ) ) {
2000
			return new WP_Error( 'invalid_security_report', 'Invalid Security Report' );
2001
		}
2002
2003
		if( !function_exists( 'get_plugin_data' ) ) {
2004
			include( ABSPATH . 'wp-admin/includes/plugin.php' );
2005
		}
2006
2007
		//Get rid of any non-allowed args
2008
		$args = array_intersect_key( $args, array_flip( array( 'blocked', 'last', 'next', 'status', 'message' ) ) );
2009
2010
		$plugin = get_plugin_data( $plugin_file );
2011
2012
		if ( !$plugin['Name'] ) {
2013
			return new WP_Error( 'security_report_missing_plugin_name', 'Invalid Plugin File Provided' );
2014
		}
2015
2016
		// Sanitize everything to make sure we're not syncing something wonky
2017
		$type = sanitize_key( $type );
2018
2019
		$args['plugin'] = $plugin;
2020
2021
		// Cast blocked, last and next as integers.
2022
		// Last and next should be in unix timestamp format
2023
		if ( isset( $args['blocked'] ) ) {
2024
			$args['blocked'] = (int) $args['blocked'];
2025
		}
2026
		if ( isset( $args['last'] ) ) {
2027
			$args['last'] = (int) $args['last'];
2028
		}
2029
		if ( isset( $args['next'] ) ) {
2030
			$args['next'] = (int) $args['next'];
2031
		}
2032
		if ( !in_array( $args['status'], array( 'ok', 'warning', 'error' ) ) ) {
2033
			$args['status'] = 'ok';
2034
		}
2035
		if ( isset( $args['message'] ) ) {
2036
2037
			if( $args['status'] == 'ok' ) {
2038
				unset( $args['message'] );
2039
			}
2040
2041
			$allowed_html = array(
2042
			    'a' => array(
2043
			        'href' => array(),
2044
			        'title' => array()
2045
			    ),
2046
			    'em' => array(),
2047
			    'strong' => array(),
2048
			);
2049
2050
			$args['message'] = wp_kses( $args['message'], $allowed_html );
2051
		}
2052
2053
		$plugin_name = $plugin[ 'Name' ];
2054
2055
		self::$security_report[ $type ][ $plugin_name ] = $args;
2056
	}
2057
2058
	/**
2059
	 * Collects a new report if needed, then returns it.
2060
	 */
2061
	public function get_security_report() {
2062
		self::perform_security_reporting();
2063
		return Jetpack_Options::get_option( 'security_report' );
2064
	}
2065
2066
2067
/* Jetpack Options API */
2068
2069
	public static function get_option_names( $type = 'compact' ) {
2070
		return Jetpack_Options::get_option_names( $type );
2071
	}
2072
2073
	/**
2074
	 * Returns the requested option.  Looks in jetpack_options or jetpack_$name as appropriate.
2075
 	 *
2076
	 * @param string $name    Option name
2077
	 * @param mixed  $default (optional)
2078
	 */
2079
	public static function get_option( $name, $default = false ) {
2080
		return Jetpack_Options::get_option( $name, $default );
2081
	}
2082
2083
	/**
2084
	* Stores two secrets and a timestamp so WordPress.com can make a request back and verify an action
2085
	* Does some extra verification so urls (such as those to public-api, register, etc) can't just be crafted
2086
	* $name must be a registered option name.
2087
	*/
2088
	public static function create_nonce( $name ) {
2089
		$secret = wp_generate_password( 32, false ) . ':' . wp_generate_password( 32, false ) . ':' . ( time() + 600 );
2090
2091
		Jetpack_Options::update_option( $name, $secret );
2092
		@list( $secret_1, $secret_2, $eol ) = explode( ':', Jetpack_Options::get_option( $name ) );
2093
		if ( empty( $secret_1 ) || empty( $secret_2 ) || $eol < time() )
2094
			return new Jetpack_Error( 'missing_secrets' );
2095
2096
		return array(
2097
			'secret_1' => $secret_1,
2098
			'secret_2' => $secret_2,
2099
			'eol'      => $eol,
2100
		);
2101
	}
2102
2103
	/**
2104
	 * Updates the single given option.  Updates jetpack_options or jetpack_$name as appropriate.
2105
 	 *
2106
	 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
2107
	 * @param string $name  Option name
2108
	 * @param mixed  $value Option value
2109
	 */
2110
	public static function update_option( $name, $value ) {
2111
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
2112
		return Jetpack_Options::update_option( $name, $value );
2113
	}
2114
2115
	/**
2116
	 * Updates the multiple given options.  Updates jetpack_options and/or jetpack_$name as appropriate.
2117
 	 *
2118
	 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
2119
	 * @param array $array array( option name => option value, ... )
2120
	 */
2121
	public static function update_options( $array ) {
2122
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
2123
		return Jetpack_Options::update_options( $array );
2124
	}
2125
2126
	/**
2127
	 * Deletes the given option.  May be passed multiple option names as an array.
2128
	 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
2129
	 *
2130
	 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
2131
	 * @param string|array $names
2132
	 */
2133
	public static function delete_option( $names ) {
2134
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
2135
		return Jetpack_Options::delete_option( $names );
2136
	}
2137
2138
	/**
2139
	 * Enters a user token into the user_tokens option
2140
	 *
2141
	 * @param int $user_id
2142
	 * @param string $token
2143
	 * return bool
2144
	 */
2145
	public static function update_user_token( $user_id, $token, $is_master_user ) {
2146
		// not designed for concurrent updates
2147
		$user_tokens = Jetpack_Options::get_option( 'user_tokens' );
2148
		if ( ! is_array( $user_tokens ) )
2149
			$user_tokens = array();
2150
		$user_tokens[$user_id] = $token;
2151
		if ( $is_master_user ) {
2152
			$master_user = $user_id;
2153
			$options     = compact( 'user_tokens', 'master_user' );
2154
		} else {
2155
			$options = compact( 'user_tokens' );
2156
		}
2157
		return Jetpack_Options::update_options( $options );
2158
	}
2159
2160
	/**
2161
	 * Returns an array of all PHP files in the specified absolute path.
2162
	 * Equivalent to glob( "$absolute_path/*.php" ).
2163
	 *
2164
	 * @param string $absolute_path The absolute path of the directory to search.
2165
	 * @return array Array of absolute paths to the PHP files.
2166
	 */
2167
	public static function glob_php( $absolute_path ) {
2168
		if ( function_exists( 'glob' ) ) {
2169
			return glob( "$absolute_path/*.php" );
2170
		}
2171
2172
		$absolute_path = untrailingslashit( $absolute_path );
2173
		$files = array();
2174
		if ( ! $dir = @opendir( $absolute_path ) ) {
2175
			return $files;
2176
		}
2177
2178
		while ( false !== $file = readdir( $dir ) ) {
2179
			if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
2180
				continue;
2181
			}
2182
2183
			$file = "$absolute_path/$file";
2184
2185
			if ( ! is_file( $file ) ) {
2186
				continue;
2187
			}
2188
2189
			$files[] = $file;
2190
		}
2191
2192
		closedir( $dir );
2193
2194
		return $files;
2195
	}
2196
2197
	public static function activate_new_modules( $redirect = false ) {
2198
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
2199
			return;
2200
		}
2201
2202
		$jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
2203 View Code Duplication
		if ( ! $jetpack_old_version ) {
2204
			$jetpack_old_version = $version = $old_version = '1.1:' . time();
2205
			/** This action is documented in class.jetpack.php */
2206
			do_action( 'updating_jetpack_version', $version, false );
2207
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2208
		}
2209
2210
		list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
2211
2212
		if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
2213
			return;
2214
		}
2215
2216
		$active_modules     = Jetpack::get_active_modules();
2217
		$reactivate_modules = array();
2218
		foreach ( $active_modules as $active_module ) {
2219
			$module = Jetpack::get_module( $active_module );
2220
			if ( ! isset( $module['changed'] ) ) {
2221
				continue;
2222
			}
2223
2224
			if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
2225
				continue;
2226
			}
2227
2228
			$reactivate_modules[] = $active_module;
2229
			Jetpack::deactivate_module( $active_module );
2230
		}
2231
2232
		$new_version = JETPACK__VERSION . ':' . time();
2233
		/** This action is documented in class.jetpack.php */
2234
		do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
2235
		Jetpack_Options::update_options(
2236
			array(
2237
				'version'     => $new_version,
2238
				'old_version' => $jetpack_old_version,
2239
			)
2240
		);
2241
2242
		Jetpack::state( 'message', 'modules_activated' );
2243
		Jetpack::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules );
2244
2245
		if ( $redirect ) {
2246
			$page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
2247
			if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
2248
				$page = $_GET['page'];
2249
			}
2250
2251
			wp_safe_redirect( Jetpack::admin_url( 'page=' . $page ) );
2252
			exit;
2253
		}
2254
	}
2255
2256
	/**
2257
	 * List available Jetpack modules. Simply lists .php files in /modules/.
2258
	 * Make sure to tuck away module "library" files in a sub-directory.
2259
	 */
2260
	public static function get_available_modules( $min_version = false, $max_version = false ) {
2261
		static $modules = null;
2262
2263
		if ( ! isset( $modules ) ) {
2264
			$available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
2265
			// Use the cache if we're on the front-end and it's available...
2266
			if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
2267
				$modules = $available_modules_option[ JETPACK__VERSION ];
2268
			} else {
2269
				$files = Jetpack::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
2270
2271
				$modules = array();
2272
2273
				foreach ( $files as $file ) {
2274
					if ( ! $headers = Jetpack::get_module( $file ) ) {
2275
						continue;
2276
					}
2277
2278
					$modules[ Jetpack::get_module_slug( $file ) ] = $headers['introduced'];
2279
				}
2280
2281
				Jetpack_Options::update_option( 'available_modules', array(
2282
					JETPACK__VERSION => $modules,
2283
				) );
2284
			}
2285
		}
2286
2287
		/**
2288
		 * Filters the array of modules available to be activated.
2289
		 *
2290
		 * @since 2.4.0
2291
		 *
2292
		 * @param array $modules Array of available modules.
2293
		 * @param string $min_version Minimum version number required to use modules.
2294
		 * @param string $max_version Maximum version number required to use modules.
2295
		 */
2296
		$mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2297
2298
		if ( ! $min_version && ! $max_version ) {
2299
			return array_keys( $mods );
2300
		}
2301
2302
		$r = array();
2303
		foreach ( $mods as $slug => $introduced ) {
2304
			if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2305
				continue;
2306
			}
2307
2308
			if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2309
				continue;
2310
			}
2311
2312
			$r[] = $slug;
2313
		}
2314
2315
		return $r;
2316
	}
2317
2318
	/**
2319
	 * Default modules loaded on activation.
2320
	 */
2321
	public static function get_default_modules( $min_version = false, $max_version = false ) {
2322
		$return = array();
2323
2324
		foreach ( Jetpack::get_available_modules( $min_version, $max_version ) as $module ) {
2325
			$module_data = Jetpack::get_module( $module );
2326
2327
			switch ( strtolower( $module_data['auto_activate'] ) ) {
2328
				case 'yes' :
2329
					$return[] = $module;
2330
					break;
2331
				case 'public' :
2332
					if ( Jetpack_Options::get_option( 'public' ) ) {
2333
						$return[] = $module;
2334
					}
2335
					break;
2336
				case 'no' :
2337
				default :
0 ignored issues
show
There must be no space before the colon in a DEFAULT statement

As per the PSR-2 coding standard, there must not be a space in front of the colon in the default statement.

switch ($expr) {
    default : //wrong
        doSomething();
        break;
}

switch ($expr) {
    default: //right
        doSomething();
        break;
}

To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.

Loading history...
2338
					break;
2339
			}
2340
		}
2341
		/**
2342
		 * Filters the array of default modules.
2343
		 *
2344
		 * @since 2.5.0
2345
		 *
2346
		 * @param array $return Array of default modules.
2347
		 * @param string $min_version Minimum version number required to use modules.
2348
		 * @param string $max_version Maximum version number required to use modules.
2349
		 */
2350
		return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2351
	}
2352
2353
	/**
2354
	 * Checks activated modules during auto-activation to determine
2355
	 * if any of those modules are being deprecated.  If so, close
2356
	 * them out, and add any replacement modules.
2357
	 *
2358
	 * Runs at priority 99 by default.
2359
	 *
2360
	 * This is run late, so that it can still activate a module if
2361
	 * the new module is a replacement for another that the user
2362
	 * currently has active, even if something at the normal priority
2363
	 * would kibosh everything.
2364
	 *
2365
	 * @since 2.6
2366
	 * @uses jetpack_get_default_modules filter
2367
	 * @param array $modules
2368
	 * @return array
2369
	 */
2370
	function handle_deprecated_modules( $modules ) {
2371
		$deprecated_modules = array(
2372
			'debug'            => null,  // Closed out and moved to ./class.jetpack-debugger.php
2373
			'wpcc'             => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2374
			'gplus-authorship' => null,  // Closed out in 3.2 -- Google dropped support.
2375
		);
2376
2377
		// Don't activate SSO if they never completed activating WPCC.
2378
		if ( Jetpack::is_module_active( 'wpcc' ) ) {
2379
			$wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2380
			if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2381
				$deprecated_modules['wpcc'] = null;
2382
			}
2383
		}
2384
2385
		foreach ( $deprecated_modules as $module => $replacement ) {
2386
			if ( Jetpack::is_module_active( $module ) ) {
2387
				self::deactivate_module( $module );
2388
				if ( $replacement ) {
2389
					$modules[] = $replacement;
2390
				}
2391
			}
2392
		}
2393
2394
		return array_unique( $modules );
2395
	}
2396
2397
	/**
2398
	 * Checks activated plugins during auto-activation to determine
2399
	 * if any of those plugins are in the list with a corresponding module
2400
	 * that is not compatible with the plugin. The module will not be allowed
2401
	 * to auto-activate.
2402
	 *
2403
	 * @since 2.6
2404
	 * @uses jetpack_get_default_modules filter
2405
	 * @param array $modules
2406
	 * @return array
2407
	 */
2408
	function filter_default_modules( $modules ) {
2409
2410
		$active_plugins = self::get_active_plugins();
2411
2412
		if ( ! empty( $active_plugins ) ) {
2413
2414
			// For each module we'd like to auto-activate...
2415
			foreach ( $modules as $key => $module ) {
2416
				// If there are potential conflicts for it...
2417
				if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2418
					// For each potential conflict...
2419
					foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2420
						// If that conflicting plugin is active...
2421
						if ( in_array( $plugin, $active_plugins ) ) {
2422
							// Remove that item from being auto-activated.
2423
							unset( $modules[ $key ] );
2424
						}
2425
					}
2426
				}
2427
			}
2428
		}
2429
2430
		return $modules;
2431
	}
2432
2433
	/**
2434
	 * Extract a module's slug from its full path.
2435
	 */
2436
	public static function get_module_slug( $file ) {
2437
		return str_replace( '.php', '', basename( $file ) );
2438
	}
2439
2440
	/**
2441
	 * Generate a module's path from its slug.
2442
	 */
2443
	public static function get_module_path( $slug ) {
2444
		return JETPACK__PLUGIN_DIR . "modules/$slug.php";
2445
	}
2446
2447
	/**
2448
	 * Load module data from module file. Headers differ from WordPress
2449
	 * plugin headers to avoid them being identified as standalone
2450
	 * plugins on the WordPress plugins page.
2451
	 */
2452
	public static function get_module( $module ) {
2453
		$headers = array(
2454
			'name'                      => 'Module Name',
2455
			'description'               => 'Module Description',
2456
			'jumpstart_desc'            => 'Jumpstart Description',
2457
			'sort'                      => 'Sort Order',
2458
			'recommendation_order'      => 'Recommendation Order',
2459
			'introduced'                => 'First Introduced',
2460
			'changed'                   => 'Major Changes In',
2461
			'deactivate'                => 'Deactivate',
2462
			'free'                      => 'Free',
2463
			'requires_connection'       => 'Requires Connection',
2464
			'auto_activate'             => 'Auto Activate',
2465
			'module_tags'               => 'Module Tags',
2466
			'feature'                   => 'Feature',
2467
			'additional_search_queries' => 'Additional Search Queries',
2468
		);
2469
2470
		$file = Jetpack::get_module_path( Jetpack::get_module_slug( $module ) );
2471
2472
		$mod = Jetpack::get_file_data( $file, $headers );
2473
		if ( empty( $mod['name'] ) ) {
2474
			return false;
2475
		}
2476
2477
		$mod['sort']                    = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2478
		$mod['recommendation_order']    = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2479
		$mod['deactivate']              = empty( $mod['deactivate'] );
2480
		$mod['free']                    = empty( $mod['free'] );
2481
		$mod['requires_connection']     = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2482
2483
		if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2484
			$mod['auto_activate'] = 'No';
2485
		} else {
2486
			$mod['auto_activate'] = (string) $mod['auto_activate'];
2487
		}
2488
2489
		if ( $mod['module_tags'] ) {
2490
			$mod['module_tags'] = explode( ',', $mod['module_tags'] );
2491
			$mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2492
			$mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2493
		} else {
2494
			$mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2495
		}
2496
2497
		if ( $mod['feature'] ) {
2498
			$mod['feature'] = explode( ',', $mod['feature'] );
2499
			$mod['feature'] = array_map( 'trim', $mod['feature'] );
2500
		} else {
2501
			$mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2502
		}
2503
2504
		/**
2505
		 * Filters the feature array on a module.
2506
		 *
2507
		 * This filter allows you to control where each module is filtered: Recommended,
2508
		 * Jumpstart, and the default "Other" listing.
2509
		 *
2510
		 * @since 3.5.0
2511
		 *
2512
		 * @param array   $mod['feature'] The areas to feature this module:
2513
		 *     'Jumpstart' adds to the "Jumpstart" option to activate many modules at once.
2514
		 *     'Recommended' shows on the main Jetpack admin screen.
2515
		 *     'Other' should be the default if no other value is in the array.
2516
		 * @param string  $module The slug of the module, e.g. sharedaddy.
2517
		 * @param array   $mod All the currently assembled module data.
2518
		 */
2519
		$mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2520
2521
		/**
2522
		 * Filter the returned data about a module.
2523
		 *
2524
		 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2525
		 * so please be careful.
2526
		 *
2527
		 * @since 3.6.0
2528
		 *
2529
		 * @param array   $mod    The details of the requested module.
2530
		 * @param string  $module The slug of the module, e.g. sharedaddy
2531
		 * @param string  $file   The path to the module source file.
2532
		 */
2533
		return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2534
	}
2535
2536
	/**
2537
	 * Like core's get_file_data implementation, but caches the result.
2538
	 */
2539
	public static function get_file_data( $file, $headers ) {
2540
		//Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2541
		$file_name = basename( $file );
2542
		$file_data_option = Jetpack_Options::get_option( 'file_data', array() );
2543
		$key              = md5( $file_name . serialize( $headers ) );
2544
		$refresh_cache    = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2545
2546
		// If we don't need to refresh the cache, and already have the value, short-circuit!
2547
		if ( ! $refresh_cache && isset( $file_data_option[ JETPACK__VERSION ][ $key ] ) ) {
2548
			return $file_data_option[ JETPACK__VERSION ][ $key ];
2549
		}
2550
2551
		$data = get_file_data( $file, $headers );
2552
2553
		// Strip out any old Jetpack versions that are cluttering the option.
2554
		$file_data_option = array_intersect_key( (array) $file_data_option, array( JETPACK__VERSION => null ) );
2555
		$file_data_option[ JETPACK__VERSION ][ $key ] = $data;
2556
		Jetpack_Options::update_option( 'file_data', $file_data_option );
2557
2558
		return $data;
2559
	}
2560
2561
	/**
2562
	 * Return translated module tag.
2563
	 *
2564
	 * @param string $tag Tag as it appears in each module heading.
2565
	 *
2566
	 * @return mixed
2567
	 */
2568
	public static function translate_module_tag( $tag ) {
2569
		return jetpack_get_module_i18n_tag( $tag );
2570
	}
2571
2572
	/**
2573
	 * Return module name translation. Uses matching string created in modules/module-headings.php.
2574
	 *
2575
	 * @since 3.9.2
2576
	 *
2577
	 * @param array $modules
2578
	 *
2579
	 * @return string|void
2580
	 */
2581
	public static function get_translated_modules( $modules ) {
2582
		foreach ( $modules as $index => $module ) {
2583
			$i18n_module = jetpack_get_module_i18n( $module['module'] );
2584
			if ( isset( $module['name'] ) ) {
2585
				$modules[ $index ]['name'] = $i18n_module['name'];
2586
			}
2587
			if ( isset( $module['description'] ) ) {
2588
				$modules[ $index ]['description'] = $i18n_module['description'];
2589
				$modules[ $index ]['short_description'] = $i18n_module['description'];
2590
			}
2591
		}
2592
		return $modules;
2593
	}
2594
2595
	/**
2596
	 * Get a list of activated modules as an array of module slugs.
2597
	 */
2598
	public static function get_active_modules() {
2599
		$active = Jetpack_Options::get_option( 'active_modules' );
2600
		if ( ! is_array( $active ) )
2601
			$active = array();
2602
		if ( is_admin() && ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) ) {
2603
			$active[] = 'vaultpress';
2604
		} else {
2605
			$active = array_diff( $active, array( 'vaultpress' ) );
2606
		}
2607
2608
		//If protect is active on the main site of a multisite, it should be active on all sites.
2609
		if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2610
			$active[] = 'protect';
2611
		}
2612
2613
		return array_unique( $active );
2614
	}
2615
2616
	/**
2617
	 * Check whether or not a Jetpack module is active.
2618
	 *
2619
	 * @param string $module The slug of a Jetpack module.
2620
	 * @return bool
2621
	 *
2622
	 * @static
2623
	 */
2624
	public static function is_module_active( $module ) {
2625
		return in_array( $module, self::get_active_modules() );
2626
	}
2627
2628
	public static function is_module( $module ) {
2629
		return ! empty( $module ) && ! validate_file( $module, Jetpack::get_available_modules() );
2630
	}
2631
2632
	/**
2633
	 * Catches PHP errors.  Must be used in conjunction with output buffering.
2634
	 *
2635
	 * @param bool $catch True to start catching, False to stop.
2636
	 *
2637
	 * @static
2638
	 */
2639
	public static function catch_errors( $catch ) {
2640
		static $display_errors, $error_reporting;
2641
2642
		if ( $catch ) {
2643
			$display_errors  = @ini_set( 'display_errors', 1 );
2644
			$error_reporting = @error_reporting( E_ALL );
2645
			add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2646
		} else {
2647
			@ini_set( 'display_errors', $display_errors );
2648
			@error_reporting( $error_reporting );
2649
			remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2650
		}
2651
	}
2652
2653
	/**
2654
	 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2655
	 */
2656
	public static function catch_errors_on_shutdown() {
2657
		Jetpack::state( 'php_errors', ob_get_clean() );
2658
	}
2659
2660
	public static function activate_default_modules( $min_version = false, $max_version = false, $other_modules = array() ) {
2661
		$jetpack = Jetpack::init();
2662
2663
		$modules = Jetpack::get_default_modules( $min_version, $max_version );
2664
		$modules = array_merge( $other_modules, $modules );
2665
2666
		// Look for standalone plugins and disable if active.
2667
2668
		$to_deactivate = array();
2669
		foreach ( $modules as $module ) {
2670
			if ( isset( $jetpack->plugins_to_deactivate[$module] ) ) {
2671
				$to_deactivate[$module] = $jetpack->plugins_to_deactivate[$module];
2672
			}
2673
		}
2674
2675
		$deactivated = array();
2676
		foreach ( $to_deactivate as $module => $deactivate_me ) {
2677
			list( $probable_file, $probable_title ) = $deactivate_me;
2678
			if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2679
				$deactivated[] = $module;
2680
			}
2681
		}
2682
2683
		if ( $deactivated ) {
2684
			Jetpack::state( 'deactivated_plugins', join( ',', $deactivated ) );
2685
2686
			$url = add_query_arg(
2687
				array(
2688
					'action'   => 'activate_default_modules',
2689
					'_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2690
				),
2691
				add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), Jetpack::admin_url( 'page=jetpack' ) )
2692
			);
2693
			wp_safe_redirect( $url );
2694
			exit;
2695
		}
2696
2697
		/**
2698
		 * Fires before default modules are activated.
2699
		 *
2700
		 * @since 1.9.0
2701
		 *
2702
		 * @param string $min_version Minimum version number required to use modules.
2703
		 * @param string $max_version Maximum version number required to use modules.
2704
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2705
		 */
2706
		do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2707
2708
		// Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2709
		Jetpack::restate();
2710
		Jetpack::catch_errors( true );
2711
2712
		$active = Jetpack::get_active_modules();
2713
2714
		foreach ( $modules as $module ) {
2715
			if ( did_action( "jetpack_module_loaded_$module" ) ) {
2716
				$active[] = $module;
2717
				Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2718
				continue;
2719
			}
2720
2721
			if ( in_array( $module, $active ) ) {
2722
				$module_info = Jetpack::get_module( $module );
2723
				if ( ! $module_info['deactivate'] ) {
2724
					$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2725 View Code Duplication
					if ( $active_state = Jetpack::state( $state ) ) {
2726
						$active_state = explode( ',', $active_state );
2727
					} else {
2728
						$active_state = array();
2729
					}
2730
					$active_state[] = $module;
2731
					Jetpack::state( $state, implode( ',', $active_state ) );
2732
				}
2733
				continue;
2734
			}
2735
2736
			$file = Jetpack::get_module_path( $module );
2737
			if ( ! file_exists( $file ) ) {
2738
				continue;
2739
			}
2740
2741
			// we'll override this later if the plugin can be included without fatal error
2742
			wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2743
			Jetpack::state( 'error', 'module_activation_failed' );
2744
			Jetpack::state( 'module', $module );
2745
			ob_start();
2746
			require $file;
2747
			/**
2748
			 * Fires when a specific module is activated.
2749
			 *
2750
			 * @since 1.9.0
2751
			 *
2752
			 * @param string $module Module slug.
2753
			 */
2754
			do_action( 'jetpack_activate_module', $module );
2755
			$active[] = $module;
2756
			$state    = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2757 View Code Duplication
			if ( $active_state = Jetpack::state( $state ) ) {
2758
				$active_state = explode( ',', $active_state );
2759
			} else {
2760
				$active_state = array();
2761
			}
2762
			$active_state[] = $module;
2763
			Jetpack::state( $state, implode( ',', $active_state ) );
2764
			Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2765
			ob_end_clean();
2766
		}
2767
		Jetpack::state( 'error', false );
2768
		Jetpack::state( 'module', false );
2769
		Jetpack::catch_errors( false );
2770
		/**
2771
		 * Fires when default modules are activated.
2772
		 *
2773
		 * @since 1.9.0
2774
		 *
2775
		 * @param string $min_version Minimum version number required to use modules.
2776
		 * @param string $max_version Maximum version number required to use modules.
2777
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2778
		 */
2779
		do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
2780
	}
2781
2782
	public static function activate_module( $module, $exit = true, $redirect = true ) {
2783
		/**
2784
		 * Fires before a module is activated.
2785
		 *
2786
		 * @since 2.6.0
2787
		 *
2788
		 * @param string $module Module slug.
2789
		 * @param bool $exit Should we exit after the module has been activated. Default to true.
2790
		 * @param bool $redirect Should the user be redirected after module activation? Default to true.
2791
		 */
2792
		do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
2793
2794
		$jetpack = Jetpack::init();
2795
2796
		if ( ! strlen( $module ) )
2797
			return false;
2798
2799
		if ( ! Jetpack::is_module( $module ) )
2800
			return false;
2801
2802
		// If it's already active, then don't do it again
2803
		$active = Jetpack::get_active_modules();
2804
		foreach ( $active as $act ) {
2805
			if ( $act == $module )
2806
				return true;
2807
		}
2808
2809
		$module_data = Jetpack::get_module( $module );
2810
2811
		if ( ! Jetpack::is_active() ) {
2812
			if ( !Jetpack::is_development_mode() )
2813
				return false;
2814
2815
			// If we're not connected but in development mode, make sure the module doesn't require a connection
2816
			if ( Jetpack::is_development_mode() && $module_data['requires_connection'] )
2817
				return false;
2818
		}
2819
2820
		// Check and see if the old plugin is active
2821
		if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2822
			// Deactivate the old plugin
2823
			if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
2824
				// If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
2825
				// We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
2826
				Jetpack::state( 'deactivated_plugins', $module );
2827
				wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
2828
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method activate_module() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
2829
			}
2830
		}
2831
2832
		// Check the file for fatal errors, a la wp-admin/plugins.php::activate
2833
		Jetpack::state( 'module', $module );
2834
		Jetpack::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
2835
2836
		Jetpack::catch_errors( true );
2837
		ob_start();
2838
		require Jetpack::get_module_path( $module );
2839
		/** This action is documented in class.jetpack.php */
2840
		do_action( 'jetpack_activate_module', $module );
2841
		$active[] = $module;
2842
		Jetpack_Options::update_option( 'active_modules', array_unique( $active ) );
2843
		Jetpack::state( 'error', false ); // the override
2844
		Jetpack::state( 'message', 'module_activated' );
2845
		Jetpack::state( 'module', $module );
2846
		ob_end_clean();
2847
		Jetpack::catch_errors( false );
2848
2849
		// A flag for Jump Start so it's not shown again. Only set if it hasn't been yet.
2850 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2851
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2852
2853
			//Jump start is being dismissed send data to MC Stats
2854
			$jetpack->stat( 'jumpstart', 'manual,'.$module );
2855
2856
			$jetpack->do_stats( 'server_side' );
2857
		}
2858
2859
		if ( $redirect ) {
2860
			wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2861
		}
2862
		if ( $exit ) {
2863
			exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method activate_module() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
2864
		}
2865
	}
2866
2867
	function activate_module_actions( $module ) {
2868
		/**
2869
		 * Fires when a module is activated.
2870
		 * The dynamic part of the filter, $module, is the module slug.
2871
		 *
2872
		 * @since 1.9.0
2873
		 *
2874
		 * @param string $module Module slug.
2875
		 */
2876
		do_action( "jetpack_activate_module_$module", $module );
2877
2878
		$this->sync->sync_all_module_options( $module );
2879
	}
2880
2881
	public static function deactivate_module( $module ) {
2882
		/**
2883
		 * Fires when a module is deactivated.
2884
		 *
2885
		 * @since 1.9.0
2886
		 *
2887
		 * @param string $module Module slug.
2888
		 */
2889
		do_action( 'jetpack_pre_deactivate_module', $module );
2890
2891
		$jetpack = Jetpack::init();
2892
2893
		$active = Jetpack::get_active_modules();
2894
		$new    = array_filter( array_diff( $active, (array) $module ) );
2895
2896
		/**
2897
		 * Fires when a module is deactivated.
2898
		 * The dynamic part of the filter, $module, is the module slug.
2899
		 *
2900
		 * @since 1.9.0
2901
		 *
2902
		 * @param string $module Module slug.
2903
		 */
2904
		do_action( "jetpack_deactivate_module_$module", $module );
2905
2906
		// A flag for Jump Start so it's not shown again.
2907 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2908
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2909
2910
			//Jump start is being dismissed send data to MC Stats
2911
			$jetpack->stat( 'jumpstart', 'manual,deactivated-'.$module );
2912
2913
			$jetpack->do_stats( 'server_side' );
2914
		}
2915
2916
		return Jetpack_Options::update_option( 'active_modules', array_unique( $new ) );
2917
	}
2918
2919
	public static function enable_module_configurable( $module ) {
2920
		$module = Jetpack::get_module_slug( $module );
2921
		add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
2922
	}
2923
2924
	public static function module_configuration_url( $module ) {
2925
		$module = Jetpack::get_module_slug( $module );
2926
		return Jetpack::admin_url( array( 'page' => 'jetpack', 'configure' => $module ) );
2927
	}
2928
2929
	public static function module_configuration_load( $module, $method ) {
2930
		$module = Jetpack::get_module_slug( $module );
2931
		add_action( 'jetpack_module_configuration_load_' . $module, $method );
2932
	}
2933
2934
	public static function module_configuration_head( $module, $method ) {
2935
		$module = Jetpack::get_module_slug( $module );
2936
		add_action( 'jetpack_module_configuration_head_' . $module, $method );
2937
	}
2938
2939
	public static function module_configuration_screen( $module, $method ) {
2940
		$module = Jetpack::get_module_slug( $module );
2941
		add_action( 'jetpack_module_configuration_screen_' . $module, $method );
2942
	}
2943
2944
	public static function module_configuration_activation_screen( $module, $method ) {
2945
		$module = Jetpack::get_module_slug( $module );
2946
		add_action( 'display_activate_module_setting_' . $module, $method );
2947
	}
2948
2949
/* Installation */
2950
2951
	public static function bail_on_activation( $message, $deactivate = true ) {
2952
?>
2953
<!doctype html>
2954
<html>
2955
<head>
2956
<meta charset="<?php bloginfo( 'charset' ); ?>">
2957
<style>
2958
* {
2959
	text-align: center;
2960
	margin: 0;
2961
	padding: 0;
2962
	font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
2963
}
2964
p {
2965
	margin-top: 1em;
2966
	font-size: 18px;
2967
}
2968
</style>
2969
<body>
2970
<p><?php echo esc_html( $message ); ?></p>
2971
</body>
2972
</html>
2973
<?php
2974
		if ( $deactivate ) {
2975
			$plugins = get_option( 'active_plugins' );
2976
			$jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
2977
			$update  = false;
2978
			foreach ( $plugins as $i => $plugin ) {
2979
				if ( $plugin === $jetpack ) {
2980
					$plugins[$i] = false;
2981
					$update = true;
2982
				}
2983
			}
2984
2985
			if ( $update ) {
2986
				update_option( 'active_plugins', array_filter( $plugins ) );
2987
			}
2988
		}
2989
		exit;
2990
	}
2991
2992
	/**
2993
	 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
2994
	 * @static
2995
	 */
2996
	public static function plugin_activation( $network_wide ) {
2997
		Jetpack_Options::update_option( 'activated', 1 );
2998
2999
		if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
3000
			Jetpack::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
3001
		}
3002
3003
		if ( $network_wide )
3004
			Jetpack::state( 'network_nag', true );
3005
3006
		Jetpack::plugin_initialize();
3007
	}
3008
	/**
3009
	 * Runs before bumping version numbers up to a new version
3010
	 * @param  (string) $version    Version:timestamp
3011
	 * @param  (string) $old_version Old Version:timestamp or false if not set yet.
3012
	 * @return null              [description]
3013
	 */
3014
	public static function do_version_bump( $version, $old_version ) {
3015
3016
		if ( ! $old_version ) { // For new sites
3017
			// Setting up jetpack manage
3018
			Jetpack::activate_manage();
3019
		}
3020
	}
3021
3022
	/**
3023
	 * Sets the internal version number and activation state.
3024
	 * @static
3025
	 */
3026
	public static function plugin_initialize() {
3027
		if ( ! Jetpack_Options::get_option( 'activated' ) ) {
3028
			Jetpack_Options::update_option( 'activated', 2 );
3029
		}
3030
3031 View Code Duplication
		if ( ! Jetpack_Options::get_option( 'version' ) ) {
3032
			$version = $old_version = JETPACK__VERSION . ':' . time();
3033
			/** This action is documented in class.jetpack.php */
3034
			do_action( 'updating_jetpack_version', $version, false );
3035
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
3036
		}
3037
3038
		Jetpack::load_modules();
3039
3040
		Jetpack_Options::delete_option( 'do_activate' );
3041
	}
3042
3043
	/**
3044
	 * Removes all connection options
3045
	 * @static
3046
	 */
3047
	public static function plugin_deactivation( ) {
3048
		require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
3049
		if( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
3050
			Jetpack_Network::init()->deactivate();
3051
		} else {
3052
			Jetpack::disconnect( false );
3053
			//Jetpack_Heartbeat::init()->deactivate();
3054
		}
3055
	}
3056
3057
	/**
3058
	 * Disconnects from the Jetpack servers.
3059
	 * Forgets all connection details and tells the Jetpack servers to do the same.
3060
	 * @static
3061
	 */
3062
	public static function disconnect( $update_activated_state = true ) {
3063
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
3064
		Jetpack::clean_nonces( true );
3065
3066
		Jetpack::load_xml_rpc_client();
3067
		$xml = new Jetpack_IXR_Client();
3068
		$xml->query( 'jetpack.deregister' );
3069
3070
		Jetpack_Options::delete_option(
3071
			array(
3072
				'register',
3073
				'blog_token',
3074
				'user_token',
3075
				'user_tokens',
3076
				'master_user',
3077
				'time_diff',
3078
				'fallback_no_verify_ssl_certs',
3079
			)
3080
		);
3081
3082
		if ( $update_activated_state ) {
3083
			Jetpack_Options::update_option( 'activated', 4 );
3084
		}
3085
3086
		$jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' );
3087
		// Check then record unique disconnection if site has never been disconnected previously
3088
		if ( -1 == $jetpack_unique_connection['disconnected'] ) {
3089
			$jetpack_unique_connection['disconnected'] = 1;
3090
		}
3091
		else {
3092
			if ( 0 == $jetpack_unique_connection['disconnected'] ) {
3093
				//track unique disconnect
3094
				$jetpack = Jetpack::init();
3095
3096
				$jetpack->stat( 'connections', 'unique-disconnect' );
3097
				$jetpack->do_stats( 'server_side' );
3098
			}
3099
			// increment number of times disconnected
3100
			$jetpack_unique_connection['disconnected'] += 1;
3101
		}
3102
3103
		Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
3104
3105
		// Disable the Heartbeat cron
3106
		Jetpack_Heartbeat::init()->deactivate();
3107
	}
3108
3109
	/**
3110
	 * Unlinks the current user from the linked WordPress.com user
3111
	 */
3112
	public static function unlink_user( $user_id = null ) {
3113
		if ( ! $tokens = Jetpack_Options::get_option( 'user_tokens' ) )
3114
			return false;
3115
3116
		$user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id );
3117
3118
		if ( Jetpack_Options::get_option( 'master_user' ) == $user_id )
3119
			return false;
3120
3121
		if ( ! isset( $tokens[ $user_id ] ) )
3122
			return false;
3123
3124
		Jetpack::load_xml_rpc_client();
3125
		$xml = new Jetpack_IXR_Client( compact( 'user_id' ) );
3126
		$xml->query( 'jetpack.unlink_user', $user_id );
3127
3128
		unset( $tokens[ $user_id ] );
3129
3130
		Jetpack_Options::update_option( 'user_tokens', $tokens );
3131
3132
		return true;
3133
	}
3134
3135
	/**
3136
	 * Attempts Jetpack registration.  If it fail, a state flag is set: @see ::admin_page_load()
3137
	 */
3138
	public static function try_registration() {
3139
		// Let's get some testing in beta versions and such.
3140
		if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
3141
			// Before attempting to connect, let's make sure that the domains are viable.
3142
			$domains_to_check = array_unique( array(
3143
				'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),
3144
				'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),
3145
			) );
3146
			foreach ( $domains_to_check as $domain ) {
3147
				$result = Jetpack_Data::is_usable_domain( $domain );
3148
				if ( is_wp_error( $result ) ) {
3149
					return $result;
3150
				}
3151
			}
3152
		}
3153
3154
		$result = Jetpack::register();
3155
3156
		// If there was an error with registration and the site was not registered, record this so we can show a message.
3157
		if ( ! $result || is_wp_error( $result ) ) {
3158
			return $result;
3159
		} else {
3160
			return true;
3161
		}
3162
	}
3163
3164
	/**
3165
	 * Tracking an internal event log. Try not to put too much chaff in here.
3166
	 *
3167
	 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
3168
	 */
3169
	public static function log( $code, $data = null ) {
3170
		// only grab the latest 200 entries
3171
		$log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
3172
3173
		// Append our event to the log
3174
		$log_entry = array(
3175
			'time'    => time(),
3176
			'user_id' => get_current_user_id(),
3177
			'blog_id' => Jetpack_Options::get_option( 'id' ),
3178
			'code'    => $code,
3179
		);
3180
		// Don't bother storing it unless we've got some.
3181
		if ( ! is_null( $data ) ) {
3182
			$log_entry['data'] = $data;
3183
		}
3184
		$log[] = $log_entry;
3185
3186
		// Try add_option first, to make sure it's not autoloaded.
3187
		// @todo: Add an add_option method to Jetpack_Options
3188
		if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
3189
			Jetpack_Options::update_option( 'log', $log );
3190
		}
3191
3192
		/**
3193
		 * Fires when Jetpack logs an internal event.
3194
		 *
3195
		 * @since 3.0.0
3196
		 *
3197
		 * @param array $log_entry {
3198
		 *	Array of details about the log entry.
3199
		 *
3200
		 *	@param string time Time of the event.
3201
		 *	@param int user_id ID of the user who trigerred the event.
3202
		 *	@param int blog_id Jetpack Blog ID.
3203
		 *	@param string code Unique name for the event.
3204
		 *	@param string data Data about the event.
3205
		 * }
3206
		 */
3207
		do_action( 'jetpack_log_entry', $log_entry );
3208
	}
3209
3210
	/**
3211
	 * Get the internal event log.
3212
	 *
3213
	 * @param $event (string) - only return the specific log events
3214
	 * @param $num   (int)    - get specific number of latest results, limited to 200
3215
	 *
3216
	 * @return array of log events || WP_Error for invalid params
3217
	 */
3218
	public static function get_log( $event = false, $num = false ) {
3219
		if ( $event && ! is_string( $event ) ) {
3220
			return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
3221
		}
3222
3223
		if ( $num && ! is_numeric( $num ) ) {
3224
			return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
3225
		}
3226
3227
		$entire_log = Jetpack_Options::get_option( 'log', array() );
3228
3229
		// If nothing set - act as it did before, otherwise let's start customizing the output
3230
		if ( ! $num && ! $event ) {
3231
			return $entire_log;
3232
		} else {
3233
			$entire_log = array_reverse( $entire_log );
3234
		}
3235
3236
		$custom_log_output = array();
3237
3238
		if ( $event ) {
3239
			foreach ( $entire_log as $log_event ) {
3240
				if ( $event == $log_event[ 'code' ] ) {
3241
					$custom_log_output[] = $log_event;
3242
				}
3243
			}
3244
		} else {
3245
			$custom_log_output = $entire_log;
3246
		}
3247
3248
		if ( $num ) {
3249
			$custom_log_output = array_slice( $custom_log_output, 0, $num );
3250
		}
3251
3252
		return $custom_log_output;
3253
	}
3254
3255
	/**
3256
	 * Log modification of important settings.
3257
	 */
3258
	public static function log_settings_change( $option, $old_value, $value ) {
3259
		switch( $option ) {
3260
			case 'jetpack_sync_non_public_post_stati':
3261
				self::log( $option, $value );
3262
				break;
3263
		}
3264
	}
3265
3266
	/**
3267
	 * Return stat data for WPCOM sync
3268
	 */
3269
	function get_stat_data() {
3270
		$heartbeat_data = Jetpack_Heartbeat::generate_stats_array();
3271
		$additional_data = $this->get_additional_stat_data();
3272
3273
		return json_encode( array_merge( $heartbeat_data, $additional_data ) );
3274
	}
3275
3276
	/**
3277
	 * Get additional stat data to sync to WPCOM
3278
	 */
3279
	function get_additional_stat_data( $prefix = '' ) {
3280
		$return["{$prefix}themes"]         = Jetpack::get_parsed_theme_data();
3281
		$return["{$prefix}plugins-extra"]  = Jetpack::get_parsed_plugin_data();
3282
		$return["{$prefix}users"]          = count_users();
3283
		$return["{$prefix}site-count"]     = 0;
3284
		if ( function_exists( 'get_blog_count' ) ) {
3285
			$return["{$prefix}site-count"] = get_blog_count();
3286
		}
3287
		return $return;
3288
	}
3289
3290
	/* Admin Pages */
3291
3292
	function admin_init() {
3293
		// If the plugin is not connected, display a connect message.
3294
		if (
3295
			// the plugin was auto-activated and needs its candy
3296
			Jetpack_Options::get_option( 'do_activate' )
3297
		||
3298
			// the plugin is active, but was never activated.  Probably came from a site-wide network activation
3299
			! Jetpack_Options::get_option( 'activated' )
3300
		) {
3301
			Jetpack::plugin_initialize();
3302
		}
3303
3304
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
3305
			if ( 4 != Jetpack_Options::get_option( 'activated' ) ) {
3306
				// Show connect notice on dashboard and plugins pages
3307
				add_action( 'load-index.php', array( $this, 'prepare_connect_notice' ) );
3308
				add_action( 'load-plugins.php', array( $this, 'prepare_connect_notice' ) );
3309
			}
3310
		} elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3311
			// Upgrade: 1.1 -> 1.1.1
3312
			// Check and see if host can verify the Jetpack servers' SSL certificate
3313
			$args = array();
3314
			Jetpack_Client::_wp_remote_request(
3315
				Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'test' ) ),
3316
				$args,
3317
				true
3318
			);
3319
		} else {
3320
			// Show the notice on the Dashboard only for now
3321
3322
			add_action( 'load-index.php', array( $this, 'prepare_manage_jetpack_notice' ) );
3323
3324
			// Identity crisis notices
3325
			add_action( 'jetpack_notices', array( $this, 'alert_identity_crisis' ) );
3326
		}
3327
3328
		// If the plugin has just been disconnected from WP.com, show the survey notice
3329
		if ( isset( $_GET['disconnected'] ) && 'true' === $_GET['disconnected'] ) {
3330
			add_action( 'jetpack_notices', array( $this, 'disconnect_survey_notice' ) );
3331
		}
3332
3333
		if ( current_user_can( 'manage_options' ) && 'ALWAYS' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3334
			add_action( 'admin_notices', array( $this, 'alert_required_ssl_fail' ) );
3335
		}
3336
3337
		add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3338
		add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3339
		add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3340
3341
		if ( Jetpack::is_active() || Jetpack::is_development_mode() ) {
3342
			// Artificially throw errors in certain whitelisted cases during plugin activation
3343
			add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3344
3345
			// Kick off synchronization of user role when it changes
3346
			add_action( 'set_user_role', array( $this, 'user_role_change' ) );
3347
		}
3348
3349
		// Jetpack Manage Activation Screen from .com
3350
		Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
3351
	}
3352
3353
	function admin_body_class( $admin_body_class = '' ) {
3354
		$classes = explode( ' ', trim( $admin_body_class ) );
3355
3356
		$classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3357
3358
		$admin_body_class = implode( ' ', array_unique( $classes ) );
3359
		return " $admin_body_class ";
3360
	}
3361
3362
	static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3363
		return $admin_body_class . ' jetpack-pagestyles ';
3364
	}
3365
3366
	function prepare_connect_notice() {
3367
		add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) );
3368
3369
		add_action( 'admin_notices', array( $this, 'admin_connect_notice' ) );
3370
3371
		if ( Jetpack::state( 'network_nag' ) )
3372
			add_action( 'network_admin_notices', array( $this, 'network_connect_notice' ) );
3373
	}
3374
	/**
3375
	 * Call this function if you want the Big Jetpack Manage Notice to show up.
3376
	 *
3377
	 * @return null
3378
	 */
3379
	function prepare_manage_jetpack_notice() {
3380
3381
		add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) );
3382
		add_action( 'admin_notices', array( $this, 'admin_jetpack_manage_notice' ) );
3383
	}
3384
3385
	function manage_activate_screen() {
3386
		include ( JETPACK__PLUGIN_DIR . 'modules/manage/activate-admin.php' );
3387
	}
3388
	/**
3389
	 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3390
	 * This function artificially throws errors for such cases (whitelisted).
3391
	 *
3392
	 * @param string $plugin The activated plugin.
3393
	 */
3394
	function throw_error_on_activate_plugin( $plugin ) {
3395
		$active_modules = Jetpack::get_active_modules();
3396
3397
		// The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3398
		if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3399
			$throw = false;
3400
3401
			// Try and make sure it really was the stats plugin
3402
			if ( ! class_exists( 'ReflectionFunction' ) ) {
3403
				if ( 'stats.php' == basename( $plugin ) ) {
3404
					$throw = true;
3405
				}
3406
			} else {
3407
				$reflection = new ReflectionFunction( 'stats_get_api_key' );
3408
				if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3409
					$throw = true;
3410
				}
3411
			}
3412
3413
			if ( $throw ) {
3414
				trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3415
			}
3416
		}
3417
	}
3418
3419
	function intercept_plugin_error_scrape_init() {
3420
		add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3421
	}
3422
3423
	function intercept_plugin_error_scrape( $action, $result ) {
3424
		if ( ! $result ) {
3425
			return;
3426
		}
3427
3428
		foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3429
			if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3430
				Jetpack::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3431
			}
3432
		}
3433
	}
3434
3435
	function add_remote_request_handlers() {
3436
		add_action( 'wp_ajax_nopriv_jetpack_upload_file', array( $this, 'remote_request_handlers' ) );
3437
	}
3438
3439
	function remote_request_handlers() {
3440
		switch ( current_filter() ) {
3441
		case 'wp_ajax_nopriv_jetpack_upload_file' :
3442
			$response = $this->upload_handler();
3443
			break;
3444
		default :
0 ignored issues
show
There must be no space before the colon in a DEFAULT statement

As per the PSR-2 coding standard, there must not be a space in front of the colon in the default statement.

switch ($expr) {
    default : //wrong
        doSomething();
        break;
}

switch ($expr) {
    default: //right
        doSomething();
        break;
}

To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.

Loading history...
3445
			$response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
3446
			break;
3447
		}
3448
3449
		if ( ! $response ) {
3450
			$response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
3451
		}
3452
3453
		if ( is_wp_error( $response ) ) {
3454
			$status_code       = $response->get_error_data();
3455
			$error             = $response->get_error_code();
3456
			$error_description = $response->get_error_message();
3457
3458
			if ( ! is_int( $status_code ) ) {
3459
				$status_code = 400;
3460
			}
3461
3462
			status_header( $status_code );
3463
			die( json_encode( (object) compact( 'error', 'error_description' ) ) );
3464
		}
3465
3466
		status_header( 200 );
3467
		if ( true === $response ) {
3468
			exit;
3469
		}
3470
3471
		die( json_encode( (object) $response ) );
3472
	}
3473
3474
	function upload_handler() {
3475
		if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3476
			return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
3477
		}
3478
3479
		$user = wp_authenticate( '', '' );
3480
		if ( ! $user || is_wp_error( $user ) ) {
3481
			return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
3482
		}
3483
3484
		wp_set_current_user( $user->ID );
3485
3486
		if ( ! current_user_can( 'upload_files' ) ) {
3487
			return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
3488
		}
3489
3490
		if ( empty( $_FILES ) ) {
3491
			return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
3492
		}
3493
3494
		foreach ( array_keys( $_FILES ) as $files_key ) {
3495
			if ( ! isset( $_POST["_jetpack_file_hmac_{$files_key}"] ) ) {
3496
				return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
3497
			}
3498
		}
3499
3500
		$media_keys = array_keys( $_FILES['media'] );
3501
3502
		$token = Jetpack_Data::get_access_token( get_current_user_id() );
3503
		if ( ! $token || is_wp_error( $token ) ) {
3504
			return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
3505
		}
3506
3507
		$uploaded_files = array();
3508
		$global_post    = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3509
		unset( $GLOBALS['post'] );
3510
		foreach ( $_FILES['media']['name'] as $index => $name ) {
3511
			$file = array();
3512
			foreach ( $media_keys as $media_key ) {
3513
				$file[$media_key] = $_FILES['media'][$media_key][$index];
3514
			}
3515
3516
			list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][$index] );
3517
3518
			$hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3519
			if ( $hmac_provided !== $hmac_file ) {
3520
				$uploaded_files[$index] = (object) array( 'error' => 'invalid_hmac', 'error_description' => 'The corresponding HMAC for this file does not match' );
3521
				continue;
3522
			}
3523
3524
			$_FILES['.jetpack.upload.'] = $file;
3525
			$post_id = isset( $_POST['post_id'][$index] ) ? absint( $_POST['post_id'][$index] ) : 0;
3526
			if ( ! current_user_can( 'edit_post', $post_id ) ) {
3527
				$post_id = 0;
3528
			}
3529
			$attachment_id = media_handle_upload(
3530
				'.jetpack.upload.',
3531
				$post_id,
3532
				array(),
3533
				array(
3534
					'action' => 'jetpack_upload_file',
3535
				)
3536
			);
3537
3538
			if ( ! $attachment_id ) {
3539
				$uploaded_files[$index] = (object) array( 'error' => 'unknown', 'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site' );
3540
			} elseif ( is_wp_error( $attachment_id ) ) {
3541
				$uploaded_files[$index] = (object) array( 'error' => 'attachment_' . $attachment_id->get_error_code(), 'error_description' => $attachment_id->get_error_message() );
3542
			} else {
3543
				$attachment = get_post( $attachment_id );
3544
				$uploaded_files[$index] = (object) array(
3545
					'id'   => (string) $attachment_id,
3546
					'file' => $attachment->post_title,
3547
					'url'  => wp_get_attachment_url( $attachment_id ),
3548
					'type' => $attachment->post_mime_type,
3549
					'meta' => wp_get_attachment_metadata( $attachment_id ),
3550
				);
3551
			}
3552
		}
3553
		if ( ! is_null( $global_post ) ) {
3554
			$GLOBALS['post'] = $global_post;
3555
		}
3556
3557
		return $uploaded_files;
3558
	}
3559
3560
	/**
3561
	 * Add help to the Jetpack page
3562
	 *
3563
	 * @since Jetpack (1.2.3)
3564
	 * @return false if not the Jetpack page
3565
	 */
3566
	function admin_help() {
3567
		$current_screen = get_current_screen();
3568
3569
		// Overview
3570
		$current_screen->add_help_tab(
3571
			array(
3572
				'id'		=> 'home',
3573
				'title'		=> __( 'Home', 'jetpack' ),
3574
				'content'	=>
3575
					'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3576
					'<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3577
					'<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3578
			)
3579
		);
3580
3581
		// Screen Content
3582
		if ( current_user_can( 'manage_options' ) ) {
3583
			$current_screen->add_help_tab(
3584
				array(
3585
					'id'		=> 'settings',
3586
					'title'		=> __( 'Settings', 'jetpack' ),
3587
					'content'	=>
3588
						'<p><strong>' . __( 'Jetpack by WordPress.com',                                              'jetpack' ) . '</strong></p>' .
3589
						'<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3590
						'<ol>' .
3591
							'<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.',														'jetpack' ) . '</li>' .
3592
							'<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.',	'jetpack' ) . '</li>' .
3593
						'</ol>' .
3594
						'<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>'
3595
				)
3596
			);
3597
		}
3598
3599
		// Help Sidebar
3600
		$current_screen->set_help_sidebar(
3601
			'<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3602
			'<p><a href="http://jetpack.me/faq/" target="_blank">'     . __( 'Jetpack FAQ',     'jetpack' ) . '</a></p>' .
3603
			'<p><a href="http://jetpack.me/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3604
			'<p><a href="' . Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) .'">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3605
		);
3606
	}
3607
3608
	function admin_menu_css() {
3609
		wp_enqueue_style( 'jetpack-icons' );
3610
	}
3611
3612
	function admin_menu_order() {
3613
		return true;
3614
	}
3615
3616 View Code Duplication
	function jetpack_menu_order( $menu_order ) {
3617
		$jp_menu_order = array();
3618
3619
		foreach ( $menu_order as $index => $item ) {
3620
			if ( $item != 'jetpack' ) {
3621
				$jp_menu_order[] = $item;
3622
			}
3623
3624
			if ( $index == 0 ) {
3625
				$jp_menu_order[] = 'jetpack';
3626
			}
3627
		}
3628
3629
		return $jp_menu_order;
3630
	}
3631
3632
	function admin_head() {
3633 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) )
3634
			/** This action is documented in class.jetpack-admin-page.php */
3635
			do_action( 'jetpack_module_configuration_head_' . $_GET['configure'] );
3636
	}
3637
3638
	function admin_banner_styles() {
3639
		$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3640
3641
		wp_enqueue_style( 'jetpack', plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION . '-20121016' );
3642
		wp_style_add_data( 'jetpack', 'rtl', 'replace' );
3643
		wp_style_add_data( 'jetpack', 'suffix', $min );
3644
	}
3645
3646
	function admin_scripts() {
3647
		wp_enqueue_script( 'jetpack-js', plugins_url( '_inc/jp.js', JETPACK__PLUGIN_FILE ), array( 'jquery', 'wp-util' ), JETPACK__VERSION . '-20121111' );
3648
		wp_localize_script(
3649
			'jetpack-js',
3650
			'jetpackL10n',
3651
			array(
3652
				'ays_disconnect' => "This will deactivate all Jetpack modules.\nAre you sure you want to disconnect?",
3653
				'ays_unlink'     => "This will prevent user-specific modules such as Publicize, Notifications and Post By Email from working.\nAre you sure you want to unlink?",
3654
				'ays_dismiss'    => "This will deactivate Jetpack.\nAre you sure you want to deactivate Jetpack?",
3655
			)
3656
		);
3657
		add_action( 'admin_footer', array( $this, 'do_stats' ) );
3658
	}
3659
3660
	function plugin_action_links( $actions ) {
3661
3662
		$jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack' ), __( 'Jetpack', 'jetpack' ) ) );
3663
3664
		if( current_user_can( 'jetpack_manage_modules' ) && ( Jetpack::is_active() || Jetpack::is_development_mode() ) ) {
3665
			return array_merge(
3666
				$jetpack_home,
3667
				array( 'settings' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack_modules' ), __( 'Settings', 'jetpack' ) ) ),
3668
				array( 'support' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack-debugger '), __( 'Support', 'jetpack' ) ) ),
3669
				$actions
3670
				);
3671
			}
3672
3673
		return array_merge( $jetpack_home, $actions );
3674
	}
3675
3676
	function admin_connect_notice() {
3677
		// Don't show the connect notice anywhere but the plugins.php after activating
3678
		$current = get_current_screen();
3679
		if ( 'plugins' !== $current->parent_base )
3680
			return;
3681
3682
		if ( ! current_user_can( 'jetpack_connect' ) )
3683
			return;
3684
3685
		$dismiss_and_deactivate_url = wp_nonce_url( Jetpack::admin_url( '?page=jetpack&jetpack-notice=dismiss' ), 'jetpack-deactivate' );
3686
		?>
3687
		<div id="message" class="updated jetpack-message jp-banner" style="display:block !important;">
3688
			<a class="jp-banner__dismiss" href="<?php echo esc_url( $dismiss_and_deactivate_url ); ?>" title="<?php esc_attr_e( 'Dismiss this notice and deactivate Jetpack.', 'jetpack' ); ?>"></a>
3689
			<?php if ( in_array( Jetpack_Options::get_option( 'activated' ) , array( 1, 2, 3 ) ) ) : ?>
3690
				<div class="jp-banner__content is-connection">
3691
					<h2><?php _e( 'Your Jetpack is almost ready!', 'jetpack' ); ?></h2>
3692
					<p><?php _e( 'Connect now to enable features like Stats, Likes, and Social Sharing.', 'jetpack' ); ?></p>
3693
				</div>
3694
				<div class="jp-banner__action-container is-connection">
3695
						<a href="<?php echo $this->build_connect_url() ?>" class="jp-banner__button" id="wpcom-connect"><?php _e( 'Connect to WordPress.com', 'jetpack' ); ?></a>
3696
				</div>
3697 View Code Duplication
			<?php else : ?>
3698
				<div class="jp-banner__content">
3699
					<h2><?php _e( 'Jetpack is installed!', 'jetpack' ) ?></h2>
3700
					<p><?php _e( 'It\'s ready to bring awesome, WordPress.com cloud-powered features to your site.', 'jetpack' ) ?></p>
3701
				</div>
3702
				<div class="jp-banner__action-container">
3703
					<a href="<?php echo Jetpack::admin_url() ?>" class="jp-banner__button" id="wpcom-connect"><?php _e( 'Learn More', 'jetpack' ); ?></a>
3704
				</div>
3705
			<?php endif; ?>
3706
		</div>
3707
3708
		<?php
3709
	}
3710
3711
	/**
3712
	 * This is the first banner
3713
	 * It should be visible only to user that can update the option
3714
	 * Are not connected
3715
	 *
3716
	 * @return null
3717
	 */
3718
	function admin_jetpack_manage_notice() {
3719
		$screen = get_current_screen();
3720
3721
		// Don't show the connect notice on the jetpack settings page.
3722
		if ( ! in_array( $screen->base, array( 'dashboard' ) ) || $screen->is_network || $screen->action )
3723
			return;
3724
3725
		// Only show it if don't have the managment option set.
3726
		// And not dismissed it already.
3727
		if ( ! $this->can_display_jetpack_manage_notice() || Jetpack_Options::get_option( 'dismissed_manage_banner' ) ) {
3728
			return;
3729
		}
3730
3731
		$opt_out_url = $this->opt_out_jetpack_manage_url();
3732
		$opt_in_url  = $this->opt_in_jetpack_manage_url();
3733
		/**
3734
		 * I think it would be great to have different wordsing depending on where you are
3735
		 * for example if we show the notice on dashboard and a different one if we show it on Plugins screen
3736
		 * etc..
3737
		 */
3738
3739
		?>
3740
		<div id="message" class="updated jetpack-message jp-banner is-opt-in" style="display:block !important;">
3741
			<a class="jp-banner__dismiss" href="<?php echo esc_url( $opt_out_url ); ?>" title="<?php esc_attr_e( 'Dismiss this notice for now.', 'jetpack' ); ?>"></a>
3742
			<div class="jp-banner__content">
3743
				<h2><?php esc_html_e( 'New in Jetpack: Centralized Site Management', 'jetpack' ); ?></h2>
3744
				<p><?php printf( __( 'Manage multiple sites from one dashboard at wordpress.com/sites. Enabling allows all existing, connected Administrators to modify your site from WordPress.com. <a href="%s" target="_blank">Learn More</a>.', 'jetpack' ), 'http://jetpack.me/support/site-management' ); ?></p>
3745
			</div>
3746
			<div class="jp-banner__action-container is-opt-in">
3747
				<a href="<?php echo esc_url( $opt_in_url ); ?>" class="jp-banner__button" id="wpcom-connect"><?php _e( 'Activate now', 'jetpack' ); ?></a>
3748
			</div>
3749
		</div>
3750
		<?php
3751
	}
3752
3753
	/**
3754
	 * Returns the url that the user clicks to remove the notice for the big banner
3755
	 * @return (string)
3756
	 */
3757
	function opt_out_jetpack_manage_url() {
3758
		$referer = '&_wp_http_referer=' . add_query_arg( '_wp_http_referer', null );
3759
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-out' . $referer ), 'jetpack_manage_banner_opt_out' );
3760
	}
3761
	/**
3762
	 * Returns the url that the user clicks to opt in to Jetpack Manage
3763
	 * @return (string)
3764
	 */
3765
	function opt_in_jetpack_manage_url() {
3766
		return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-in' ), 'jetpack_manage_banner_opt_in' );
3767
	}
3768
3769
	function opt_in_jetpack_manage_notice() {
3770
		?>
3771
		<div class="wrap">
3772
			<div id="message" class="jetpack-message is-opt-in">
3773
				<?php echo sprintf( __( '<p><a href="%1$s" title="Opt in to WordPress.com Site Management" >Activate Site Management</a> to manage multiple sites from our centralized dashboard at wordpress.com/sites. <a href="%2$s" target="_blank">Learn more</a>.</p><a href="%1$s" class="jp-button">Activate Now</a>', 'jetpack' ), $this->opt_in_jetpack_manage_url(), 'http://jetpack.me/support/site-management' ); ?>
3774
			</div>
3775
		</div>
3776
		<?php
3777
3778
	}
3779
	/**
3780
	 * Determines whether to show the notice of not true = display notice
3781
	 * @return (bool)
3782
	 */
3783
	function can_display_jetpack_manage_notice() {
3784
		// never display the notice to users that can't do anything about it anyways
3785
		if( ! current_user_can( 'jetpack_manage_modules' ) )
3786
			return false;
3787
3788
		// don't display if we are in development more
3789
		if( Jetpack::is_development_mode() ) {
3790
			return false;
3791
		}
3792
		// don't display if the site is private
3793
		if(  ! Jetpack_Options::get_option( 'public' ) )
3794
			return false;
3795
3796
		/**
3797
		 * Should the Jetpack Remote Site Management notice be displayed.
3798
		 *
3799
		 * @since 3.3.0
3800
		 *
3801
		 * @param bool ! self::is_module_active( 'manage' ) Is the Manage module inactive.
3802
		 */
3803
		return apply_filters( 'can_display_jetpack_manage_notice', ! self::is_module_active( 'manage' ) );
3804
	}
3805
3806
	function network_connect_notice() {
3807
		?>
3808
		<div id="message" class="updated jetpack-message">
3809
			<div class="squeezer">
3810
				<h2><?php _e( '<strong>Jetpack is activated!</strong> Each site on your network must be connected individually by an admin on that site.', 'jetpack' ) ?></h2>
3811
			</div>
3812
		</div>
3813
		<?php
3814
	}
3815
3816
	public static function jetpack_comment_notice() {
3817
		if ( in_array( 'comments', Jetpack::get_active_modules() ) ) {
3818
			return '';
3819
		}
3820
3821
		$jetpack_old_version = explode( ':', Jetpack_Options::get_option( 'old_version' ) );
3822
		$jetpack_new_version = explode( ':', Jetpack_Options::get_option( 'version' ) );
3823
3824
		if ( $jetpack_old_version ) {
3825
			if ( version_compare( $jetpack_old_version[0], '1.4', '>=' ) ) {
3826
				return '';
3827
			}
3828
		}
3829
3830
		if ( $jetpack_new_version ) {
3831
			if ( version_compare( $jetpack_new_version[0], '1.4-something', '<' ) ) {
3832
				return '';
3833
			}
3834
		}
3835
3836
		return '<br /><br />' . sprintf(
3837
			__( 'Jetpack now includes Comments, which enables your visitors to use their WordPress.com, Twitter, or Facebook accounts when commenting on your site. To activate Comments, <a href="%s">%s</a>.', 'jetpack' ),
3838
			wp_nonce_url(
3839
				Jetpack::admin_url(
3840
					array(
3841
						'page'   => 'jetpack',
3842
						'action' => 'activate',
3843
						'module' => 'comments',
3844
					)
3845
				),
3846
				'jetpack_activate-comments'
3847
			),
3848
			__( 'click here', 'jetpack' )
3849
		);
3850
	}
3851
3852
	/**
3853
	 * Show the survey link when the user has just disconnected Jetpack.
3854
	 */
3855
	function disconnect_survey_notice() {
3856
		?>
3857
		<div class="wrap">
3858
			<div id="message" class="jetpack-message stay-visible">
3859
				<div class="squeezer">
3860
					<h2>
3861
						<?php _e( 'You have successfully disconnected Jetpack.', 'jetpack' ); ?>
3862
						<br />
3863
						<?php echo sprintf(
3864
							__( 'Would you tell us why? Just <a href="%1$s" target="%2$s">answering two simple questions</a> would help us improve Jetpack.', 'jetpack' ),
3865
							'https://jetpack.me/survey-disconnected/',
3866
							'_blank'
3867
						); ?>
3868
					</h2>
3869
				</div>
3870
			</div>
3871
		</div>
3872
		<?php
3873
	}
3874
3875
	/*
3876
	 * Registration flow:
3877
	 * 1 - ::admin_page_load() action=register
3878
	 * 2 - ::try_registration()
3879
	 * 3 - ::register()
3880
	 *     - Creates jetpack_register option containing two secrets and a timestamp
3881
	 *     - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
3882
	 *       siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
3883
	 *     - That request to jetpack.wordpress.com does not immediately respond.  It first makes a request BACK to this site's
3884
	 *       xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
3885
	 *     - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
3886
	 *     - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
3887
	 *       jetpack_id, jetpack_secret, jetpack_public
3888
	 *     - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
3889
	 * 4 - redirect to https://jetpack.wordpress.com/jetpack.authorize/1/
3890
	 * 5 - user logs in with WP.com account
3891
	 * 6 - redirect to this site's wp-admin/index.php?page=jetpack&action=authorize with
3892
	 *     code <-- OAuth2 style authorization code
3893
	 * 7 - ::admin_page_load() action=authorize
3894
	 * 8 - Jetpack_Client_Server::authorize()
3895
	 * 9 - Jetpack_Client_Server::get_token()
3896
	 * 10- GET https://jetpack.wordpress.com/jetpack.token/1/ with
3897
	 *     client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
3898
	 * 11- which responds with
3899
	 *     access_token, token_type, scope
3900
	 * 12- Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id
3901
	 * 13- Jetpack::activate_default_modules()
3902
	 *     Deactivates deprecated plugins
3903
	 *     Activates all default modules
3904
	 *     Catches errors: redirects to wp-admin/index.php?page=jetpack state:error=something
3905
	 * 14- redirect to this site's wp-admin/index.php?page=jetpack with state:message=authorized
3906
	 *     Done!
3907
	 */
3908
3909
	/**
3910
	 * Handles the page load events for the Jetpack admin page
3911
	 */
3912
	function admin_page_load() {
3913
		$error = false;
3914
3915
		// Make sure we have the right body class to hook stylings for subpages off of.
3916
		add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ) );
3917
3918
		if ( ! empty( $_GET['jetpack_restate'] ) ) {
3919
			// Should only be used in intermediate redirects to preserve state across redirects
3920
			Jetpack::restate();
3921
		}
3922
3923
		if ( isset( $_GET['connect_url_redirect'] ) ) {
3924
			// User clicked in the iframe to link their accounts
3925
			if ( ! Jetpack::is_user_connected() ) {
3926
				$connect_url = $this->build_connect_url( true );
3927
				if ( isset( $_GET['notes_iframe'] ) )
3928
					$connect_url .= '&notes_iframe';
3929
				wp_redirect( $connect_url );
3930
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3931
			} else {
3932
				Jetpack::state( 'message', 'already_authorized' );
3933
				wp_safe_redirect( Jetpack::admin_url() );
3934
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3935
			}
3936
		}
3937
3938
3939
		if ( isset( $_GET['action'] ) ) {
3940
			switch ( $_GET['action'] ) {
3941
			case 'authorize' :
3942
				if ( Jetpack::is_active() && Jetpack::is_user_connected() ) {
3943
					Jetpack::state( 'message', 'already_authorized' );
3944
					wp_safe_redirect( Jetpack::admin_url() );
3945
					exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3946
				}
3947
				Jetpack::log( 'authorize' );
3948
				$client_server = new Jetpack_Client_Server;
3949
				$client_server->authorize();
3950
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3951
			case 'register' :
3952
				if ( ! current_user_can( 'jetpack_connect' ) ) {
3953
					$error = 'cheatin';
3954
					break;
3955
				}
3956
				check_admin_referer( 'jetpack-register' );
3957
				Jetpack::log( 'register' );
3958
				Jetpack::maybe_set_version_option();
3959
				$registered = Jetpack::try_registration();
3960
				if ( is_wp_error( $registered ) ) {
3961
					$error = $registered->get_error_code();
3962
					Jetpack::state( 'error_description', $registered->get_error_message() );
3963
					break;
3964
				}
3965
3966
				wp_redirect( $this->build_connect_url( true ) );
3967
				exit;
3968
			case 'activate' :
3969
				if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
3970
					$error = 'cheatin';
3971
					break;
3972
				}
3973
3974
				$module = stripslashes( $_GET['module'] );
3975
				check_admin_referer( "jetpack_activate-$module" );
3976
				Jetpack::log( 'activate', $module );
3977
				Jetpack::activate_module( $module );
3978
				// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
3979
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3980
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3981
			case 'activate_default_modules' :
3982
				check_admin_referer( 'activate_default_modules' );
3983
				Jetpack::log( 'activate_default_modules' );
3984
				Jetpack::restate();
3985
				$min_version   = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
3986
				$max_version   = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
3987
				$other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
3988
				Jetpack::activate_default_modules( $min_version, $max_version, $other_modules );
3989
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3990
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
3991
			case 'disconnect' :
3992
				if ( ! current_user_can( 'jetpack_disconnect' ) ) {
3993
					$error = 'cheatin';
3994
					break;
3995
				}
3996
3997
				check_admin_referer( 'jetpack-disconnect' );
3998
				Jetpack::log( 'disconnect' );
3999
				Jetpack::disconnect();
4000
				wp_safe_redirect( Jetpack::admin_url( 'disconnected=true' ) );
4001
				exit;
4002
			case 'reconnect' :
4003
				if ( ! current_user_can( 'jetpack_reconnect' ) ) {
4004
					$error = 'cheatin';
4005
					break;
4006
				}
4007
4008
				check_admin_referer( 'jetpack-reconnect' );
4009
				Jetpack::log( 'reconnect' );
4010
				$this->disconnect();
4011
				wp_redirect( $this->build_connect_url( true ) );
4012
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4013 View Code Duplication
			case 'deactivate' :
4014
				if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
4015
					$error = 'cheatin';
4016
					break;
4017
				}
4018
4019
				$modules = stripslashes( $_GET['module'] );
4020
				check_admin_referer( "jetpack_deactivate-$modules" );
4021
				foreach ( explode( ',', $modules ) as $module ) {
4022
					Jetpack::log( 'deactivate', $module );
4023
					Jetpack::deactivate_module( $module );
4024
					Jetpack::state( 'message', 'module_deactivated' );
4025
				}
4026
				Jetpack::state( 'module', $modules );
4027
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4028
				exit;
0 ignored issues
show
Coding Style Compatibility introduced by
The method admin_page_load() contains an exit expression.

An exit expression should only be used in rare cases. For example, if you write a short command line script.

In most cases however, using an exit expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.

Loading history...
4029
			case 'unlink' :
4030
				$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
4031
				check_admin_referer( 'jetpack-unlink' );
4032
				Jetpack::log( 'unlink' );
4033
				$this->unlink_user();
4034
				Jetpack::state( 'message', 'unlinked' );
4035
				if ( 'sub-unlink' == $redirect ) {
4036
					wp_safe_redirect( admin_url() );
4037
				} else {
4038
					wp_safe_redirect( Jetpack::admin_url( array( 'page' => $redirect ) ) );
4039
				}
4040
				exit;
4041
			default:
4042
				/**
4043
				 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
4044
				 *
4045
				 * @since 2.6.0
4046
				 *
4047
				 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
4048
				 */
4049
				do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
4050
			}
4051
		}
4052
4053
		if ( ! $error = $error ? $error : Jetpack::state( 'error' ) ) {
4054
			self::activate_new_modules( true );
4055
		}
4056
4057
		switch ( $error ) {
4058
		case 'cheatin' :
4059
			$this->error = __( 'Cheatin&#8217; uh?', 'jetpack' );
4060
			break;
4061
		case 'access_denied' :
4062
			$this->error = __( 'You need to authorize the Jetpack connection between your site and WordPress.com to enable the awesome features.', 'jetpack' );
4063
			break;
4064
		case 'wrong_state' :
4065
			$this->error = __( 'Don&#8217;t cross the streams!  You need to stay logged in to your WordPress blog while you authorize Jetpack.', 'jetpack' );
4066
			break;
4067
		case 'invalid_client' :
4068
			// @todo re-register instead of deactivate/reactivate
4069
			$this->error = __( 'Return to sender.  Whoops! It looks like you got the wrong Jetpack in the mail; deactivate then reactivate the Jetpack plugin to get a new one.', 'jetpack' );
4070
			break;
4071
		case 'invalid_grant' :
4072
			$this->error = __( 'Wrong size.  Hm&#8230; it seems your Jetpack doesn&#8217;t quite fit.  Have you lost weight? Click &#8220;Connect to WordPress.com&#8221; again to get your Jetpack adjusted.', 'jetpack' );
4073
			break;
4074
		case 'site_inaccessible' :
4075
		case 'site_requires_authorization' :
4076
			$this->error = sprintf( __( 'Your website needs to be publicly accessible to use Jetpack: %s', 'jetpack' ), "<code>$error</code>" );
4077
			break;
4078
		case 'module_activation_failed' :
4079
			$module = Jetpack::state( 'module' );
4080
			if ( ! empty( $module ) && $mod = Jetpack::get_module( $module ) ) {
4081
				$this->error = sprintf( __( '%s could not be activated because it triggered a <strong>fatal error</strong>. Perhaps there is a conflict with another plugin you have installed?', 'jetpack' ), $mod['name'] );
4082
				if ( isset( $this->plugins_to_deactivate[$module] ) ) {
4083
					$this->error .= ' ' . sprintf( __( 'Do you still have the %s plugin installed?', 'jetpack' ), $this->plugins_to_deactivate[$module][1] );
4084
				}
4085
			} else {
4086
				$this->error = __( 'Module could not be activated because it triggered a <strong>fatal error</strong>. Perhaps there is a conflict with another plugin you have installed?', 'jetpack' );
4087
			}
4088
			if ( $php_errors = Jetpack::state( 'php_errors' ) ) {
4089
				$this->error .= "<br />\n";
4090
				$this->error .= $php_errors;
4091
			}
4092
			break;
4093
		case 'master_user_required' :
4094
			$module = Jetpack::state( 'module' );
4095
			$module_name = '';
4096
			if ( ! empty( $module ) && $mod = Jetpack::get_module( $module ) ) {
4097
				$module_name = $mod['name'];
4098
			}
4099
4100
			$master_user = Jetpack_Options::get_option( 'master_user' );
4101
			$master_userdata = get_userdata( $master_user ) ;
4102
			if ( $master_userdata ) {
4103
				if ( ! in_array( $module, Jetpack::get_active_modules() ) ) {
4104
					$this->error = sprintf( __( '%s was not activated.' , 'jetpack' ), $module_name );
4105
				} else {
4106
					$this->error = sprintf( __( '%s was not deactivated.' , 'jetpack' ), $module_name );
4107
				}
4108
				$this->error .= '  ' . sprintf( __( 'This module can only be altered by %s, the user who initiated the Jetpack connection on this site.' , 'jetpack' ), esc_html( $master_userdata->display_name ) );
4109
4110
			} else {
4111
				$this->error = sprintf( __( 'Only the user who initiated the Jetpack connection on this site can toggle %s, but that user no longer exists. This should not happen.', 'jetpack' ), $module_name );
4112
			}
4113
			break;
4114
		case 'not_public' :
4115
			$this->error = __( '<strong>Your Jetpack has a glitch.</strong> Connecting this site with WordPress.com is not possible. This usually means your site is not publicly accessible (localhost).', 'jetpack' );
4116
			break;
4117
		case 'wpcom_408' :
4118
		case 'wpcom_5??' :
4119
		case 'wpcom_bad_response' :
4120
		case 'wpcom_outage' :
4121
			$this->error = __( 'WordPress.com is currently having problems and is unable to fuel up your Jetpack.  Please try again later.', 'jetpack' );
4122
			break;
4123
		case 'register_http_request_failed' :
4124
		case 'token_http_request_failed' :
4125
			$this->error = sprintf( __( 'Jetpack could not contact WordPress.com: %s.  This usually means something is incorrectly configured on your web host.', 'jetpack' ), "<code>$error</code>" );
4126
			break;
4127
		default :
0 ignored issues
show
There must be no space before the colon in a DEFAULT statement

As per the PSR-2 coding standard, there must not be a space in front of the colon in the default statement.

switch ($expr) {
    default : //wrong
        doSomething();
        break;
}

switch ($expr) {
    default: //right
        doSomething();
        break;
}

To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.

Loading history...
4128
			if ( empty( $error ) ) {
4129
				break;
4130
			}
4131
			$error = trim( substr( strip_tags( $error ), 0, 20 ) );
4132
			// no break: fall through
4133
		case 'no_role' :
4134
		case 'no_cap' :
4135
		case 'no_code' :
4136
		case 'no_state' :
4137
		case 'invalid_state' :
4138
		case 'invalid_request' :
4139
		case 'invalid_scope' :
4140
		case 'unsupported_response_type' :
4141
		case 'invalid_token' :
4142
		case 'no_token' :
4143
		case 'missing_secrets' :
4144
		case 'home_missing' :
4145
		case 'siteurl_missing' :
4146
		case 'gmt_offset_missing' :
4147
		case 'site_name_missing' :
4148
		case 'secret_1_missing' :
4149
		case 'secret_2_missing' :
4150
		case 'site_lang_missing' :
4151
		case 'home_malformed' :
4152
		case 'siteurl_malformed' :
4153
		case 'gmt_offset_malformed' :
4154
		case 'timezone_string_malformed' :
4155
		case 'site_name_malformed' :
4156
		case 'secret_1_malformed' :
4157
		case 'secret_2_malformed' :
4158
		case 'site_lang_malformed' :
4159
		case 'secrets_mismatch' :
4160
		case 'verify_secret_1_missing' :
4161
		case 'verify_secret_1_malformed' :
4162
		case 'verify_secrets_missing' :
4163
		case 'verify_secrets_mismatch' :
4164
			$error = esc_html( $error );
4165
			$this->error = sprintf( __( '<strong>Your Jetpack has a glitch.</strong>  We&#8217;re sorry for the inconvenience. Please try again later, if the issue continues please contact support with this message: %s', 'jetpack' ), "<code>$error</code>" );
4166
			if ( ! Jetpack::is_active() ) {
4167
				$this->error .= '<br />';
4168
				$this->error .= sprintf( __( 'Try connecting again.', 'jetpack' ) );
4169
			}
4170
			break;
4171
		}
4172
4173
		$message_code = Jetpack::state( 'message' );
4174
4175
		$active_state = Jetpack::state( 'activated_modules' );
4176
		if ( ! empty( $active_state ) ) {
4177
			$available    = Jetpack::get_available_modules();
4178
			$active_state = explode( ',', $active_state );
4179
			$active_state = array_intersect( $active_state, $available );
4180
			if ( count( $active_state ) ) {
4181
				foreach ( $active_state as $mod ) {
4182
					$this->stat( 'module-activated', $mod );
4183
				}
4184
			} else {
4185
				$active_state = false;
4186
			}
4187
		}
4188
		if( Jetpack::state( 'optin-manage' ) ) {
4189
			$activated_manage = $message_code;
4190
			$message_code = 'jetpack-manage';
4191
4192
		}
4193
		switch ( $message_code ) {
4194
		case 'modules_activated' :
4195
			$this->message = sprintf(
4196
				__( 'Welcome to <strong>Jetpack %s</strong>!', 'jetpack' ),
4197
				JETPACK__VERSION
4198
			);
4199
4200
			if ( $active_state ) {
4201
				$titles = array();
4202 View Code Duplication
				foreach ( $active_state as $mod ) {
4203
					if ( $mod_headers = Jetpack::get_module( $mod ) ) {
4204
						$titles[] = '<strong>' . preg_replace( '/\s+(?![^<>]++>)/', '&nbsp;', $mod_headers['name'] ) . '</strong>';
4205
					}
4206
				}
4207
				if ( $titles ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $titles of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
4208
					$this->message .= '<br /><br />' . wp_sprintf( __( 'The following new modules have been activated: %l.', 'jetpack' ), $titles );
4209
				}
4210
			}
4211
4212
			if ( $reactive_state = Jetpack::state( 'reactivated_modules' ) ) {
4213
				$titles = array();
4214 View Code Duplication
				foreach ( explode( ',',  $reactive_state ) as $mod ) {
4215
					if ( $mod_headers = Jetpack::get_module( $mod ) ) {
4216
						$titles[] = '<strong>' . preg_replace( '/\s+(?![^<>]++>)/', '&nbsp;', $mod_headers['name'] ) . '</strong>';
4217
					}
4218
				}
4219
				if ( $titles ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $titles of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
4220
					$this->message .= '<br /><br />' . wp_sprintf( __( 'The following modules have been updated: %l.', 'jetpack' ), $titles );
4221
				}
4222
			}
4223
4224
			$this->message .= Jetpack::jetpack_comment_notice();
4225
			break;
4226
		case 'jetpack-manage':
4227
			$this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>';
4228
			if ( $activated_manage ) {
4229
				$this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack'  ) . '</strong>';
4230
			}
4231
			break;
4232
		case 'module_activated' :
4233
			if ( $module = Jetpack::get_module( Jetpack::state( 'module' ) ) ) {
4234
				$this->message = sprintf( __( '<strong>%s Activated!</strong> You can deactivate at any time by clicking the Deactivate link next to each module.', 'jetpack' ), $module['name'] );
4235
				$this->stat( 'module-activated', Jetpack::state( 'module' ) );
4236
			}
4237
			break;
4238
4239
		case 'module_deactivated' :
4240
			$modules = Jetpack::state( 'module' );
4241
			if ( ! $modules ) {
4242
				break;
4243
			}
4244
4245
			$module_names = array();
4246
			foreach ( explode( ',', $modules ) as $module_slug ) {
4247
				$module = Jetpack::get_module( $module_slug );
4248
				if ( $module ) {
4249
					$module_names[] = $module['name'];
4250
				}
4251
4252
				$this->stat( 'module-deactivated', $module_slug );
4253
			}
4254
4255
			if ( ! $module_names ) {
4256
				break;
4257
			}
4258
4259
			$this->message = wp_sprintf(
4260
				_nx(
4261
					'<strong>%l Deactivated!</strong> You can activate it again at any time using the activate link next to each module.',
4262
					'<strong>%l Deactivated!</strong> You can activate them again at any time using the activate links next to each module.',
4263
					count( $module_names ),
4264
					'%l = list of Jetpack module/feature names',
4265
					'jetpack'
4266
				),
4267
				$module_names
4268
			);
4269
			break;
4270
4271
		case 'module_configured' :
4272
			$this->message = __( '<strong>Module settings were saved.</strong> ', 'jetpack' );
4273
			break;
4274
4275
		case 'already_authorized' :
4276
			$this->message = __( '<strong>Your Jetpack is already connected.</strong> ', 'jetpack' );
4277
			break;
4278
4279
		case 'authorized' :
4280
			$this->message  = __( '<strong>You&#8217;re fueled up and ready to go, Jetpack is now active.</strong> ', 'jetpack' );
4281
			$this->message .= Jetpack::jetpack_comment_notice();
4282
			break;
4283
4284
		case 'linked' :
4285
			$this->message  = __( '<strong>You&#8217;re fueled up and ready to go.</strong> ', 'jetpack' );
4286
			$this->message .= Jetpack::jetpack_comment_notice();
4287
			break;
4288
4289
		case 'unlinked' :
4290
			$user = wp_get_current_user();
4291
			$this->message = sprintf( __( '<strong>You have unlinked your account (%s) from WordPress.com.</strong>', 'jetpack' ), $user->user_login );
4292
			break;
4293
4294
		case 'switch_master' :
4295
			global $current_user;
4296
			$is_master_user = $current_user->ID == Jetpack_Options::get_option( 'master_user' );
4297
			$master_userdata = get_userdata( Jetpack_Options::get_option( 'master_user' ) );
4298
			if ( $is_master_user ) {
4299
				$this->message = __( 'You have successfully set yourself as Jetpack’s primary user.', 'jetpack' );
4300
			} else {
4301
				$this->message = sprintf( _x( 'You have successfully set %s as Jetpack’s primary user.', '%s is a username', 'jetpack' ), $master_userdata->user_login );
4302
			}
4303
			break;
4304
		}
4305
4306
		$deactivated_plugins = Jetpack::state( 'deactivated_plugins' );
4307
4308
		if ( ! empty( $deactivated_plugins ) ) {
4309
			$deactivated_plugins = explode( ',', $deactivated_plugins );
4310
			$deactivated_titles  = array();
4311
			foreach ( $deactivated_plugins as $deactivated_plugin ) {
4312
				if ( ! isset( $this->plugins_to_deactivate[$deactivated_plugin] ) ) {
4313
					continue;
4314
				}
4315
4316
				$deactivated_titles[] = '<strong>' . str_replace( ' ', '&nbsp;', $this->plugins_to_deactivate[$deactivated_plugin][1] ) . '</strong>';
4317
			}
4318
4319
			if ( $deactivated_titles ) {
4320
				if ( $this->message ) {
4321
					$this->message .= "<br /><br />\n";
4322
				}
4323
4324
				$this->message .= wp_sprintf(
4325
					_n(
4326
						'Jetpack contains the most recent version of the old %l plugin.',
4327
						'Jetpack contains the most recent versions of the old %l plugins.',
4328
						count( $deactivated_titles ),
4329
						'jetpack'
4330
					),
4331
					$deactivated_titles
4332
				);
4333
4334
				$this->message .= "<br />\n";
4335
4336
				$this->message .= _n(
4337
					'The old version has been deactivated and can be removed from your site.',
4338
					'The old versions have been deactivated and can be removed from your site.',
4339
					count( $deactivated_titles ),
4340
					'jetpack'
4341
				);
4342
			}
4343
		}
4344
4345
		$this->privacy_checks = Jetpack::state( 'privacy_checks' );
4346
4347
		if ( $this->message || $this->error || $this->privacy_checks || $this->can_display_jetpack_manage_notice() ) {
4348
			add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
4349
		}
4350
4351 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) ) {
4352
			/**
4353
			 * Fires when a module configuration page is loaded.
4354
			 * The dynamic part of the hook is the configure parameter from the URL.
4355
			 *
4356
			 * @since 1.1.0
4357
			 */
4358
			do_action( 'jetpack_module_configuration_load_' . $_GET['configure'] );
4359
		}
4360
4361
		add_filter( 'jetpack_short_module_description', 'wptexturize' );
4362
	}
4363
4364
	function admin_notices() {
4365
4366
		if ( $this->error ) {
4367
?>
4368
<div id="message" class="jetpack-message jetpack-err">
4369
	<div class="squeezer">
4370
		<h2><?php echo wp_kses( $this->error, array( 'code' => true, 'strong' => true, 'br' => true, 'b' => true ) ); ?></h2>
4371
<?php	if ( $desc = Jetpack::state( 'error_description' ) ) : ?>
4372
		<p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
4373
<?php	endif; ?>
4374
	</div>
4375
</div>
4376
<?php
4377
		}
4378
4379
		if ( $this->message ) {
4380
?>
4381
<div id="message" class="jetpack-message">
4382
	<div class="squeezer">
4383
		<h2><?php echo wp_kses( $this->message, array( 'strong' => array(), 'a' => array( 'href' => true ), 'br' => true ) ); ?></h2>
4384
	</div>
4385
</div>
4386
<?php
4387
		}
4388
4389
		if ( $this->privacy_checks ) :
4390
			$module_names = $module_slugs = array();
4391
4392
			$privacy_checks = explode( ',', $this->privacy_checks );
4393
			$privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
4394
			foreach ( $privacy_checks as $module_slug ) {
4395
				$module = Jetpack::get_module( $module_slug );
4396
				if ( ! $module ) {
4397
					continue;
4398
				}
4399
4400
				$module_slugs[] = $module_slug;
4401
				$module_names[] = "<strong>{$module['name']}</strong>";
4402
			}
4403
4404
			$module_slugs = join( ',', $module_slugs );
4405
?>
4406
<div id="message" class="jetpack-message jetpack-err">
4407
	<div class="squeezer">
4408
		<h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
4409
		<p><?php
4410
			echo wp_kses(
4411
				wptexturize(
4412
					wp_sprintf(
4413
						_nx(
4414
							"Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
4415
							"Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
4416
							count( $privacy_checks ),
4417
							'%l = list of Jetpack module/feature names',
4418
							'jetpack'
4419
						),
4420
						$module_names
4421
					)
4422
				),
4423
				array( 'strong' => true )
4424
			);
4425
4426
			echo "\n<br />\n";
4427
4428
			echo wp_kses(
4429
				sprintf(
4430
					_nx(
4431
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
4432
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
4433
						count( $privacy_checks ),
4434
						'%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
4435
						'jetpack'
4436
					),
4437
					wp_nonce_url(
4438
						Jetpack::admin_url(
4439
							array(
4440
								'page'   => 'jetpack',
4441
								'action' => 'deactivate',
4442
								'module' => urlencode( $module_slugs ),
4443
							)
4444
						),
4445
						"jetpack_deactivate-$module_slugs"
4446
					),
4447
					esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
4448
				),
4449
				array( 'a' => array( 'href' => true, 'title' => true ) )
4450
			);
4451
		?></p>
4452
	</div>
4453
</div>
4454
<?php endif;
4455
	// only display the notice if the other stuff is not there
4456
	if( $this->can_display_jetpack_manage_notice() && !  $this->error && ! $this->message && ! $this->privacy_checks ) {
4457
		if( isset( $_GET['page'] ) && 'jetpack' != $_GET['page'] )
4458
			$this->opt_in_jetpack_manage_notice();
4459
		}
4460
	}
4461
4462
	/**
4463
	 * Record a stat for later output.  This will only currently output in the admin_footer.
4464
	 */
4465
	function stat( $group, $detail ) {
4466
		if ( ! isset( $this->stats[ $group ] ) )
4467
			$this->stats[ $group ] = array();
4468
		$this->stats[ $group ][] = $detail;
4469
	}
4470
4471
	/**
4472
	 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
4473
	 */
4474
	function do_stats( $method = '' ) {
4475
		if ( is_array( $this->stats ) && count( $this->stats ) ) {
4476
			foreach ( $this->stats as $group => $stats ) {
4477
				if ( is_array( $stats ) && count( $stats ) ) {
4478
					$args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
4479
					if ( 'server_side' === $method ) {
4480
						self::do_server_side_stat( $args );
4481
					} else {
4482
						echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
4483
					}
4484
				}
4485
				unset( $this->stats[ $group ] );
4486
			}
4487
		}
4488
	}
4489
4490
	/**
4491
	 * Runs stats code for a one-off, server-side.
4492
	 *
4493
	 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
4494
	 *
4495
	 * @return bool If it worked.
4496
	 */
4497
	static function do_server_side_stat( $args ) {
4498
		$response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
4499
		if ( is_wp_error( $response ) )
4500
			return false;
4501
4502
		if ( 200 !== wp_remote_retrieve_response_code( $response ) )
4503
			return false;
4504
4505
		return true;
4506
	}
4507
4508
	/**
4509
	 * Builds the stats url.
4510
	 *
4511
	 * @param $args array|string The arguments to append to the URL.
4512
	 *
4513
	 * @return string The URL to be pinged.
4514
	 */
4515
	static function build_stats_url( $args ) {
4516
		$defaults = array(
4517
			'v'    => 'wpcom2',
4518
			'rand' => md5( mt_rand( 0, 999 ) . time() ),
4519
		);
4520
		$args     = wp_parse_args( $args, $defaults );
4521
		/**
4522
		 * Filter the URL used as the Stats tracking pixel.
4523
		 *
4524
		 * @since 2.3.2
4525
		 *
4526
		 * @param string $url Base URL used as the Stats tracking pixel.
4527
		 */
4528
		$base_url = apply_filters(
4529
			'jetpack_stats_base_url',
4530
			set_url_scheme( 'http://pixel.wp.com/g.gif' )
4531
		);
4532
		$url      = add_query_arg( $args, $base_url );
4533
		return $url;
4534
	}
4535
4536
	function translate_current_user_to_role() {
4537
		foreach ( $this->capability_translations as $role => $cap ) {
4538
			if ( current_user_can( $role ) || current_user_can( $cap ) ) {
4539
				return $role;
4540
			}
4541
		}
4542
4543
		return false;
4544
	}
4545
4546
	function translate_role_to_cap( $role ) {
4547
		if ( ! isset( $this->capability_translations[$role] ) ) {
4548
			return false;
4549
		}
4550
4551
		return $this->capability_translations[$role];
4552
	}
4553
4554
	function sign_role( $role ) {
4555
		if ( ! $user_id = (int) get_current_user_id() ) {
4556
			return false;
4557
		}
4558
4559
		$token = Jetpack_Data::get_access_token();
4560
		if ( ! $token || is_wp_error( $token ) ) {
4561
			return false;
4562
		}
4563
4564
		return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret );
4565
	}
4566
4567
	function build_connect_url( $raw = false, $redirect = false ) {
4568
		if ( ! Jetpack_Options::get_option( 'blog_token' ) || ! Jetpack_Options::get_option( 'id' ) ) {
4569
			$url = Jetpack::nonce_url_no_esc( Jetpack::admin_url( 'action=register' ), 'jetpack-register' );
4570
			if( is_network_admin() ) {
4571
			    $url = add_query_arg( 'is_multisite', network_admin_url(
4572
			    'admin.php?page=jetpack-settings' ), $url );
4573
			}
4574
		} else {
4575
			$role = $this->translate_current_user_to_role();
4576
			$signed_role = $this->sign_role( $role );
4577
4578
			$user = wp_get_current_user();
4579
4580
			$redirect = $redirect ? esc_url_raw( $redirect ) : '';
4581
4582
			if( isset( $_REQUEST['is_multisite'] ) ) {
4583
				$redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4584
			}
4585
4586
			$args = urlencode_deep(
4587
				array(
4588
					'response_type' => 'code',
4589
					'client_id'     => Jetpack_Options::get_option( 'id' ),
4590
					'redirect_uri'  => add_query_arg(
4591
						array(
4592
							'action'   => 'authorize',
4593
							'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
4594
							'redirect' => $redirect ? urlencode( $redirect ) : false,
4595
						),
4596
						menu_page_url( 'jetpack', false )
4597
					),
4598
					'state'         => $user->ID,
4599
					'scope'         => $signed_role,
4600
					'user_email'    => $user->user_email,
4601
					'user_login'    => $user->user_login,
4602
					'is_active'     => Jetpack::is_active(),
4603
					'jp_version'    => JETPACK__VERSION,
4604
				)
4605
			);
4606
4607
			$url = add_query_arg( $args, Jetpack::api_url( 'authorize' ) );
4608
		}
4609
4610
		return $raw ? $url : esc_url( $url );
4611
	}
4612
4613
	function build_reconnect_url( $raw = false ) {
4614
		$url = wp_nonce_url( Jetpack::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4615
		return $raw ? $url : esc_url( $url );
4616
	}
4617
4618
	public static function admin_url( $args = null ) {
4619
		$args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4620
		$url = add_query_arg( $args, admin_url( 'admin.php' ) );
4621
		return $url;
4622
	}
4623
4624
	public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4625
		$actionurl = str_replace( '&amp;', '&', $actionurl );
4626
		return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4627
	}
4628
4629
	function dismiss_jetpack_notice() {
4630
4631
		if ( ! isset( $_GET['jetpack-notice'] ) ) {
4632
			return;
4633
		}
4634
4635
		switch( $_GET['jetpack-notice'] ) {
4636
			case 'dismiss':
4637
				if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4638
4639
					require_once ABSPATH . 'wp-admin/includes/plugin.php';
4640
					deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4641
					wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4642
				}
4643
				break;
4644 View Code Duplication
			case 'jetpack-manage-opt-out':
4645
4646
				if ( check_admin_referer( 'jetpack_manage_banner_opt_out' ) ) {
4647
					// Don't show the banner again
4648
4649
					Jetpack_Options::update_option( 'dismissed_manage_banner', true );
4650
					// redirect back to the page that had the notice
4651
					if ( wp_get_referer() ) {
4652
						wp_safe_redirect( wp_get_referer() );
4653
					} else {
4654
						// Take me to Jetpack
4655
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4656
					}
4657
				}
4658
				break;
4659 View Code Duplication
			case 'jetpack-protect-multisite-opt-out':
4660
4661
				if ( check_admin_referer( 'jetpack_protect_multisite_banner_opt_out' ) ) {
4662
					// Don't show the banner again
4663
4664
					update_site_option( 'jetpack_dismissed_protect_multisite_banner', true );
4665
					// redirect back to the page that had the notice
4666
					if ( wp_get_referer() ) {
4667
						wp_safe_redirect( wp_get_referer() );
4668
					} else {
4669
						// Take me to Jetpack
4670
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4671
					}
4672
				}
4673
				break;
4674
			case 'jetpack-manage-opt-in':
4675
				if ( check_admin_referer( 'jetpack_manage_banner_opt_in' ) ) {
4676
					// This makes sure that we are redirect to jetpack home so that we can see the Success Message.
4677
4678
					$redirection_url = Jetpack::admin_url();
4679
					remove_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4680
4681
					// Don't redirect form the Jetpack Setting Page
4682
					$referer_parsed = parse_url ( wp_get_referer() );
4683
					// check that we do have a wp_get_referer and the query paramater is set orderwise go to the Jetpack Home
4684
					if ( isset( $referer_parsed['query'] ) && false !== strpos( $referer_parsed['query'], 'page=jetpack_modules' ) ) {
4685
						// Take the user to Jetpack home except when on the setting page
4686
						$redirection_url = wp_get_referer();
4687
						add_action( 'jetpack_pre_activate_module',   array( Jetpack_Admin::init(), 'fix_redirect' ) );
4688
					}
4689
					// Also update the JSON API FULL MANAGEMENT Option
4690
					Jetpack::activate_module( 'manage', false, false );
4691
4692
					// Special Message when option in.
4693
					Jetpack::state( 'optin-manage', 'true' );
4694
					// Activate the Module if not activated already
4695
4696
					// Redirect properly
4697
					wp_safe_redirect( $redirection_url );
4698
4699
				}
4700
				break;
4701
		}
4702
	}
4703
4704
	function debugger_page() {
4705
		nocache_headers();
4706
		if ( ! current_user_can( 'manage_options' ) ) {
4707
			die( '-1' );
4708
		}
4709
		Jetpack_Debugger::jetpack_debug_display_handler();
4710
		exit;
4711
	}
4712
4713
	public static function admin_screen_configure_module( $module_id ) {
4714
4715
		// User that doesn't have 'jetpack_configure_modules' will never end up here since Jetpack Landing Page woun't let them.
4716
		if ( ! in_array( $module_id, Jetpack::get_active_modules() ) && current_user_can( 'manage_options' ) ) {
4717
			if ( has_action( 'display_activate_module_setting_' . $module_id ) ) {
4718
				/**
4719
				 * Fires to diplay a custom module activation screen.
4720
				 *
4721
				 * To add a module actionation screen use Jetpack::module_configuration_activation_screen method.
4722
				 * Example: Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
4723
				 *
4724
				 * @module manage
4725
				 *
4726
				 * @since 3.8.0
4727
				 *
4728
				 * @param int $module_id Module ID.
4729
				 */
4730
				do_action( 'display_activate_module_setting_' . $module_id );
4731
			} else {
4732
				self::display_activate_module_link( $module_id );
4733
			}
4734
4735
			return false;
4736
		} ?>
4737
4738
		<div id="jp-settings-screen" style="position: relative">
4739
			<h3>
4740
			<?php
4741
				$module = Jetpack::get_module( $module_id );
4742
				echo '<a href="' . Jetpack::admin_url( 'page=jetpack_modules' ) . '">' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</a> &rarr; ';
4743
				printf( __( 'Configure %s', 'jetpack' ), $module['name'] );
4744
			?>
4745
			</h3>
4746
			<?php
4747
				/**
4748
				 * Fires within the displayed message when a feature configuation is updated.
4749
				 *
4750
				 * @since 3.4.0
4751
				 *
4752
				 * @param int $module_id Module ID.
4753
				 */
4754
				do_action( 'jetpack_notices_update_settings', $module_id );
4755
				/**
4756
				 * Fires when a feature configuation screen is loaded.
4757
				 * The dynamic part of the hook, $module_id, is the module ID.
4758
				 *
4759
				 * @since 1.1.0
4760
				 */
4761
				do_action( 'jetpack_module_configuration_screen_' . $module_id );
4762
			?>
4763
		</div><?php
4764
	}
4765
4766
	/**
4767
	 * Display link to activate the module to see the settings screen.
4768
	 * @param  string $module_id
4769
	 * @return null
4770
	 */
4771
	public static function display_activate_module_link( $module_id ) {
4772
4773
		$info =  Jetpack::get_module( $module_id );
4774
		$extra = '';
4775
		$activate_url = wp_nonce_url(
4776
				Jetpack::admin_url(
4777
					array(
4778
						'page'   => 'jetpack',
4779
						'action' => 'activate',
4780
						'module' => $module_id,
4781
					)
4782
				),
4783
				"jetpack_activate-$module_id"
4784
			);
4785
4786
		?>
4787
4788
		<div class="wrap configure-module">
4789
			<div id="jp-settings-screen">
4790
				<?php
4791
				if ( $module_id == 'json-api' ) {
4792
4793
					$info['name'] = esc_html__( 'Activate Site Management and JSON API', 'jetpack' );
4794
4795
					$activate_url = Jetpack::init()->opt_in_jetpack_manage_url();
4796
4797
					$info['description'] = sprintf( __( 'Manage your multiple Jetpack sites from our centralized dashboard at wordpress.com/sites. <a href="%s" target="_blank">Learn more</a>.', 'jetpack' ), 'http://jetpack.me/support/site-management' );
4798
4799
					// $extra = __( 'To use Site Management, you need to first activate JSON API to allow remote management of your site. ', 'jetpack' );
4800
				} ?>
4801
4802
				<h3><?php echo esc_html( $info['name'] ); ?></h3>
4803
				<div class="narrow">
4804
					<p><?php echo  $info['description']; ?></p>
4805
					<?php if( $extra ) { ?>
4806
					<p><?php echo esc_html( $extra ); ?></p>
4807
					<?php } ?>
4808
					<p>
4809
						<?php
4810
						if( wp_get_referer() ) {
4811
							printf( __( '<a class="button-primary" href="%s">Activate Now</a> or <a href="%s" >return to previous page</a>.', 'jetpack' ) , $activate_url, wp_get_referer() );
4812
						} else {
4813
							printf( __( '<a class="button-primary" href="%s">Activate Now</a>', 'jetpack' ) , $activate_url  );
4814
						} ?>
4815
					</p>
4816
				</div>
4817
4818
			</div>
4819
		</div>
4820
4821
		<?php
4822
	}
4823
4824
	public static function sort_modules( $a, $b ) {
4825
		if ( $a['sort'] == $b['sort'] )
4826
			return 0;
4827
4828
		return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4829
	}
4830
4831 View Code Duplication
	function sync_reindex_trigger() {
4832
		if ( $this->current_user_is_connection_owner() && current_user_can( 'manage_options' ) ) {
4833
			echo json_encode( $this->sync->reindex_trigger() );
4834
		} else {
4835
			echo '{"status":"ERROR"}';
4836
		}
4837
		exit;
4838
	}
4839
4840 View Code Duplication
	function sync_reindex_status(){
4841
		if ( $this->current_user_is_connection_owner() && current_user_can( 'manage_options' ) ) {
4842
			echo json_encode( $this->sync->reindex_status() );
4843
		} else {
4844
			echo '{"status":"ERROR"}';
4845
		}
4846
		exit;
4847
	}
4848
4849
/* Client API */
4850
4851
	/**
4852
	 * Returns the requested Jetpack API URL
4853
	 *
4854
	 * @return string
4855
	 */
4856
	public static function api_url( $relative_url ) {
4857
		return trailingslashit( JETPACK__API_BASE . $relative_url  ) . JETPACK__API_VERSION . '/';
4858
	}
4859
4860
	/**
4861
	 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
4862
	 */
4863
	public static function fix_url_for_bad_hosts( $url ) {
4864
		if ( 0 !== strpos( $url, 'https://' ) ) {
4865
			return $url;
4866
		}
4867
4868
		switch ( JETPACK_CLIENT__HTTPS ) {
4869
			case 'ALWAYS' :
4870
				return $url;
4871
			case 'NEVER' :
4872
				return set_url_scheme( $url, 'http' );
4873
			// default : case 'AUTO' :
4874
		}
4875
4876
		// Yay! Your host is good!
4877
		if ( self::permit_ssl() && wp_http_supports( array( 'ssl' => true ) ) ) {
4878
			return $url;
4879
		}
4880
4881
		// Boo! Your host is bad and makes Jetpack cry!
4882
		return set_url_scheme( $url, 'http' );
4883
	}
4884
4885
	/**
4886
	 * Checks to see if the URL is using SSL to connect with Jetpack
4887
	 *
4888
	 * @since 2.3.3
4889
	 * @return boolean
4890
	 */
4891
	public static function permit_ssl( $force_recheck = false ) {
4892
		// Do some fancy tests to see if ssl is being supported
4893
		if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
4894
			if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
4895
				$ssl = 0;
4896
			} else {
4897
				switch ( JETPACK_CLIENT__HTTPS ) {
4898
					case 'NEVER':
4899
						$ssl = 0;
4900
						break;
4901
					case 'ALWAYS':
4902
					case 'AUTO':
4903
					default:
4904
						$ssl = 1;
4905
						break;
4906
				}
4907
4908
				// If it's not 'NEVER', test to see
4909
				if ( $ssl ) {
4910
					$response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
4911
					if ( is_wp_error( $response ) || ( 'OK' !== wp_remote_retrieve_body( $response ) ) ) {
4912
						$ssl = 0;
4913
					}
4914
				}
4915
			}
4916
			set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
4917
		}
4918
4919
		return (bool) $ssl;
4920
	}
4921
4922
	/*
4923
	 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'ALWAYS' but SSL isn't working.
4924
	 */
4925
	public function alert_required_ssl_fail() {
4926
		if ( ! current_user_can( 'manage_options' ) )
4927
			return;
4928
		?>
4929
4930
		<div id="message" class="error jetpack-message jp-identity-crisis">
4931
			<div class="jp-banner__content">
4932
				<h2><?php _e( 'Something is being cranky!', 'jetpack' ); ?></h2>
4933
				<p><?php _e( 'Your site is configured to only permit SSL connections to Jetpack, but SSL connections don\'t seem to be functional!', 'jetpack' ); ?></p>
4934
			</div>
4935
		</div>
4936
4937
		<?php
4938
	}
4939
4940
	/**
4941
	 * Returns the Jetpack XML-RPC API
4942
	 *
4943
	 * @return string
4944
	 */
4945
	public static function xmlrpc_api_url() {
4946
		$base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE );
4947
		return untrailingslashit( $base ) . '/xmlrpc.php';
4948
	}
4949
4950
	/**
4951
	 * Creates two secret tokens and the end of life timestamp for them.
4952
	 *
4953
	 * Note these tokens are unique per call, NOT static per site for connecting.
4954
	 *
4955
	 * @since 2.6
4956
	 * @return array
4957
	 */
4958
	public function generate_secrets() {
4959
	    $secrets = array(
4960
		wp_generate_password( 32, false ), // secret_1
4961
		wp_generate_password( 32, false ), // secret_2
4962
		( time() + 600 ), // eol ( End of Life )
4963
	    );
4964
4965
	    return $secrets;
4966
	}
4967
4968
	/**
4969
	 * Builds the timeout limit for queries talking with the wpcom servers.
4970
	 *
4971
	 * Based on local php max_execution_time in php.ini
4972
	 *
4973
	 * @since 2.6
4974
	 * @return int
4975
	 **/
4976
	public function get_remote_query_timeout_limit() {
4977
	    $timeout = (int) ini_get( 'max_execution_time' );
4978
	    if ( ! $timeout ) // Ensure exec time set in php.ini
4979
		$timeout = 30;
4980
	    return intval( $timeout / 2 );
4981
	}
4982
4983
4984
	/**
4985
	 * Takes the response from the Jetpack register new site endpoint and
4986
	 * verifies it worked properly.
4987
	 *
4988
	 * @since 2.6
4989
	 * @return true or Jetpack_Error
4990
	 **/
4991
	public function validate_remote_register_response( $response ) {
4992
	    	if ( is_wp_error( $response ) ) {
4993
			return new Jetpack_Error( 'register_http_request_failed', $response->get_error_message() );
4994
		}
4995
4996
		$code   = wp_remote_retrieve_response_code( $response );
4997
		$entity = wp_remote_retrieve_body( $response );
4998
		if ( $entity )
4999
			$json = json_decode( $entity );
5000
		else
5001
			$json = false;
5002
5003
		$code_type = intval( $code / 100 );
5004
		if ( 5 == $code_type ) {
5005
			return new Jetpack_Error( 'wpcom_5??', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
5006
		} elseif ( 408 == $code ) {
5007
			return new Jetpack_Error( 'wpcom_408', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
5008
		} elseif ( ! empty( $json->error ) ) {
5009
			$error_description = isset( $json->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $json->error_description ) : '';
5010
			return new Jetpack_Error( (string) $json->error, $error_description, $code );
5011
		} elseif ( 200 != $code ) {
5012
			return new Jetpack_Error( 'wpcom_bad_response', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
5013
		}
5014
5015
		// Jetpack ID error block
5016
		if ( empty( $json->jetpack_id ) ) {
5017
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ), $entity );
5018
		} elseif ( ! is_scalar( $json->jetpack_id ) ) {
5019
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
5020
		} elseif ( preg_match( '/[^0-9]/', $json->jetpack_id ) ) {
5021
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
5022
		}
5023
5024
	    return true;
5025
	}
5026
	/**
5027
	 * @return bool|WP_Error
5028
	 */
5029
	public static function register() {
5030
		add_action( 'pre_update_jetpack_option_register', array( 'Jetpack_Options', 'delete_option' ) );
5031
		$secrets = Jetpack::init()->generate_secrets();
5032
5033
		Jetpack_Options::update_option( 'register', $secrets[0] . ':' . $secrets[1] . ':' . $secrets[2] );
5034
5035
		@list( $secret_1, $secret_2, $secret_eol ) = explode( ':', Jetpack_Options::get_option( 'register' ) );
5036
		if ( empty( $secret_1 ) || empty( $secret_2 ) || empty( $secret_eol ) || $secret_eol < time() ) {
5037
			return new Jetpack_Error( 'missing_secrets' );
5038
		}
5039
5040
		$timeout = Jetpack::init()->get_remote_query_timeout_limit();
5041
5042
		$gmt_offset = get_option( 'gmt_offset' );
5043
		if ( ! $gmt_offset ) {
5044
			$gmt_offset = 0;
5045
		}
5046
5047
		$stats_options = get_option( 'stats_options' );
5048
		$stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null;
5049
5050
		$args = array(
5051
			'method'  => 'POST',
5052
			'body'    => array(
5053
				'siteurl'         => site_url(),
5054
				'home'            => home_url(),
5055
				'gmt_offset'      => $gmt_offset,
5056
				'timezone_string' => (string) get_option( 'timezone_string' ),
5057
				'site_name'       => (string) get_option( 'blogname' ),
5058
				'secret_1'        => $secret_1,
5059
				'secret_2'        => $secret_2,
5060
				'site_lang'       => get_locale(),
5061
				'timeout'         => $timeout,
5062
				'stats_id'        => $stats_id,
5063
			),
5064
			'headers' => array(
5065
				'Accept' => 'application/json',
5066
			),
5067
			'timeout' => $timeout,
5068
		);
5069
		$response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'register' ) ), $args, true );
5070
5071
5072
		// Make sure the response is valid and does not contain any Jetpack errors
5073
		$valid_response = Jetpack::init()->validate_remote_register_response( $response );
5074
		if( is_wp_error( $valid_response ) || !$valid_response ) {
5075
		    return $valid_response;
5076
		}
5077
5078
		// Grab the response values to work with
5079
		$code   = wp_remote_retrieve_response_code( $response );
5080
		$entity = wp_remote_retrieve_body( $response );
5081
5082
		if ( $entity )
5083
			$json = json_decode( $entity );
5084
		else
5085
			$json = false;
5086
5087 View Code Duplication
		if ( empty( $json->jetpack_secret ) || ! is_string( $json->jetpack_secret ) )
5088
			return new Jetpack_Error( 'jetpack_secret', '', $code );
5089
5090
		if ( isset( $json->jetpack_public ) ) {
5091
			$jetpack_public = (int) $json->jetpack_public;
5092
		} else {
5093
			$jetpack_public = false;
5094
		}
5095
5096
		Jetpack_Options::update_options(
5097
			array(
5098
				'id'         => (int)    $json->jetpack_id,
5099
				'blog_token' => (string) $json->jetpack_secret,
5100
				'public'     => $jetpack_public,
5101
			)
5102
		);
5103
5104
		/**
5105
		 * Fires when a site is registered on WordPress.com.
5106
		 *
5107
		 * @since 3.7.0
5108
		 *
5109
		 * @param int $json->jetpack_id Jetpack Blog ID.
5110
		 * @param string $json->jetpack_secret Jetpack Blog Token.
5111
		 * @param int|bool $jetpack_public Is the site public.
5112
		 */
5113
		do_action( 'jetpack_site_registered', $json->jetpack_id, $json->jetpack_secret, $jetpack_public );
5114
5115
		// Initialize Jump Start for the first and only time.
5116
		if ( ! Jetpack_Options::get_option( 'jumpstart' ) ) {
5117
			Jetpack_Options::update_option( 'jumpstart', 'new_connection' );
5118
5119
			$jetpack = Jetpack::init();
5120
5121
			$jetpack->stat( 'jumpstart', 'unique-views' );
5122
			$jetpack->do_stats( 'server_side' );
5123
		};
5124
5125
		return true;
5126
	}
5127
5128
	/**
5129
	 * If the db version is showing something other that what we've got now, bump it to current.
5130
	 *
5131
	 * @return bool: True if the option was incorrect and updated, false if nothing happened.
5132
	 */
5133
	public static function maybe_set_version_option() {
5134
		list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
5135
		if ( JETPACK__VERSION != $version ) {
5136
			Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
5137
			return true;
5138
		}
5139
		return false;
5140
	}
5141
5142
/* Client Server API */
5143
5144
	/**
5145
	 * Loads the Jetpack XML-RPC client
5146
	 */
5147
	public static function load_xml_rpc_client() {
5148
		require_once ABSPATH . WPINC . '/class-IXR.php';
5149
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-ixr-client.php';
5150
	}
5151
5152
	function verify_xml_rpc_signature() {
5153
		if ( $this->xmlrpc_verification ) {
5154
			return $this->xmlrpc_verification;
5155
		}
5156
5157
		// It's not for us
5158
		if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) {
5159
			return false;
5160
		}
5161
5162
		@list( $token_key, $version, $user_id ) = explode( ':', $_GET['token'] );
5163
		if (
5164
			empty( $token_key )
5165
		||
5166
			empty( $version ) || strval( JETPACK__API_VERSION ) !== $version
5167
		) {
5168
			return false;
5169
		}
5170
5171
		if ( '0' === $user_id ) {
5172
			$token_type = 'blog';
5173
			$user_id = 0;
5174
		} else {
5175
			$token_type = 'user';
5176
			if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) {
5177
				return false;
5178
			}
5179
			$user_id = (int) $user_id;
5180
5181
			$user = new WP_User( $user_id );
5182
			if ( ! $user || ! $user->exists() ) {
5183
				return false;
5184
			}
5185
		}
5186
5187
		$token = Jetpack_Data::get_access_token( $user_id );
5188
		if ( ! $token ) {
5189
			return false;
5190
		}
5191
5192
		$token_check = "$token_key.";
5193
		if ( ! hash_equals( substr( $token->secret, 0, strlen( $token_check ) ), $token_check ) ) {
5194
			return false;
5195
		}
5196
5197
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5198
5199
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5200
		if ( isset( $_POST['_jetpack_is_multipart'] ) ) {
5201
			$post_data   = $_POST;
5202
			$file_hashes = array();
5203
			foreach ( $post_data as $post_data_key => $post_data_value ) {
5204
				if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) {
5205
					continue;
5206
				}
5207
				$post_data_key = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) );
5208
				$file_hashes[$post_data_key] = $post_data_value;
5209
			}
5210
5211
			foreach ( $file_hashes as $post_data_key => $post_data_value ) {
5212
				unset( $post_data["_jetpack_file_hmac_{$post_data_key}"] );
5213
				$post_data[$post_data_key] = $post_data_value;
5214
			}
5215
5216
			ksort( $post_data );
5217
5218
			$body = http_build_query( stripslashes_deep( $post_data ) );
5219
		} elseif ( is_null( $this->HTTP_RAW_POST_DATA ) ) {
5220
			$body = file_get_contents( 'php://input' );
5221
		} else {
5222
			$body = null;
5223
		}
5224
		$signature = $jetpack_signature->sign_current_request(
5225
			array( 'body' => is_null( $body ) ? $this->HTTP_RAW_POST_DATA : $body, )
5226
		);
5227
5228
		if ( ! $signature ) {
5229
			return false;
5230
		} else if ( is_wp_error( $signature ) ) {
5231
			return $signature;
5232
		} else if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
5233
			return false;
5234
		}
5235
5236
		$timestamp = (int) $_GET['timestamp'];
5237
		$nonce     = stripslashes( (string) $_GET['nonce'] );
5238
5239
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5240
			return false;
5241
		}
5242
5243
		$this->xmlrpc_verification = array(
5244
			'type'    => $token_type,
5245
			'user_id' => $token->external_user_id,
5246
		);
5247
5248
		return $this->xmlrpc_verification;
5249
	}
5250
5251
	/**
5252
	 * Authenticates XML-RPC and other requests from the Jetpack Server
5253
	 */
5254
	function authenticate_jetpack( $user, $username, $password ) {
5255
		if ( is_a( $user, 'WP_User' ) ) {
5256
			return $user;
5257
		}
5258
5259
		$token_details = $this->verify_xml_rpc_signature();
5260
5261
		if ( ! $token_details || is_wp_error( $token_details ) ) {
5262
			return $user;
5263
		}
5264
5265
		if ( 'user' !== $token_details['type'] ) {
5266
			return $user;
5267
		}
5268
5269
		if ( ! $token_details['user_id'] ) {
5270
			return $user;
5271
		}
5272
5273
		nocache_headers();
5274
5275
		return new WP_User( $token_details['user_id'] );
5276
	}
5277
5278
	function add_nonce( $timestamp, $nonce ) {
5279
		global $wpdb;
5280
		static $nonces_used_this_request = array();
5281
5282
		if ( isset( $nonces_used_this_request["$timestamp:$nonce"] ) ) {
5283
			return $nonces_used_this_request["$timestamp:$nonce"];
5284
		}
5285
5286
		// This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce
5287
		$timestamp = (int) $timestamp;
5288
		$nonce     = esc_sql( $nonce );
5289
5290
		// Raw query so we can avoid races: add_option will also update
5291
		$show_errors = $wpdb->show_errors( false );
5292
5293
		$old_nonce = $wpdb->get_row(
5294
			$wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" )
5295
		);
5296
5297
		if ( is_null( $old_nonce ) ) {
5298
			$return = $wpdb->query(
5299
				$wpdb->prepare(
5300
					"INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",
5301
					"jetpack_nonce_{$timestamp}_{$nonce}",
5302
					time(),
5303
					'no'
5304
				)
5305
			);
5306
		} else {
5307
			$return = false;
5308
		}
5309
5310
		$wpdb->show_errors( $show_errors );
5311
5312
		$nonces_used_this_request["$timestamp:$nonce"] = $return;
5313
5314
		return $return;
5315
	}
5316
5317
	/**
5318
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
5319
	 * Capture it here so we can verify the signature later.
5320
	 */
5321
	function xmlrpc_methods( $methods ) {
5322
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5323
		return $methods;
5324
	}
5325
5326
	function public_xmlrpc_methods( $methods ) {
5327
		if ( array_key_exists( 'wp.getOptions', $methods ) ) {
5328
			$methods['wp.getOptions'] = array( $this, 'jetpack_getOptions' );
5329
		}
5330
		return $methods;
5331
	}
5332
5333
	function jetpack_getOptions( $args ) {
5334
		global $wp_xmlrpc_server;
5335
5336
		$wp_xmlrpc_server->escape( $args );
5337
5338
		$username	= $args[1];
5339
		$password	= $args[2];
5340
5341
		if ( !$user = $wp_xmlrpc_server->login($username, $password) ) {
5342
			return $wp_xmlrpc_server->error;
5343
		}
5344
5345
		$options = array();
5346
		$user_data = $this->get_connected_user_data();
5347
		if ( is_array( $user_data ) ) {
5348
			$options['jetpack_user_id'] = array(
5349
				'desc'          => __( 'The WP.com user ID of the connected user', 'jetpack' ),
5350
				'readonly'      => true,
5351
				'value'         => $user_data['ID'],
5352
			);
5353
			$options['jetpack_user_login'] = array(
5354
				'desc'          => __( 'The WP.com username of the connected user', 'jetpack' ),
5355
				'readonly'      => true,
5356
				'value'         => $user_data['login'],
5357
			);
5358
			$options['jetpack_user_email'] = array(
5359
				'desc'          => __( 'The WP.com user email of the connected user', 'jetpack' ),
5360
				'readonly'      => true,
5361
				'value'         => $user_data['email'],
5362
			);
5363
			$options['jetpack_user_site_count'] = array(
5364
				'desc'          => __( 'The number of sites of the connected WP.com user', 'jetpack' ),
5365
				'readonly'      => true,
5366
				'value'         => $user_data['site_count'],
5367
			);
5368
		}
5369
		$wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options );
5370
		$args = stripslashes_deep( $args );
5371
		return $wp_xmlrpc_server->wp_getOptions( $args );
5372
	}
5373
5374
	function xmlrpc_options( $options ) {
5375
		$jetpack_client_id = false;
5376
		if ( self::is_active() ) {
5377
			$jetpack_client_id = Jetpack_Options::get_option( 'id' );
5378
		}
5379
		$options['jetpack_version'] = array(
5380
				'desc'          => __( 'Jetpack Plugin Version', 'jetpack' ),
5381
				'readonly'      => true,
5382
				'value'         => JETPACK__VERSION,
5383
		);
5384
5385
		$options['jetpack_client_id'] = array(
5386
				'desc'          => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),
5387
				'readonly'      => true,
5388
				'value'         => $jetpack_client_id,
5389
		);
5390
		return $options;
5391
	}
5392
5393
	public static function clean_nonces( $all = false ) {
5394
		global $wpdb;
5395
5396
		$sql = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s";
5397
		if ( method_exists ( $wpdb , 'esc_like' ) ) {
5398
			$sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' );
5399
		} else {
5400
			$sql_args = array( like_escape( 'jetpack_nonce_' ) . '%' );
5401
		}
5402
5403
		if ( true !== $all ) {
5404
			$sql .= ' AND CAST( `option_value` AS UNSIGNED ) < %d';
5405
			$sql_args[] = time() - 3600;
5406
		}
5407
5408
		$sql .= ' ORDER BY `option_id` LIMIT 100';
5409
5410
		$sql = $wpdb->prepare( $sql, $sql_args );
5411
5412
		for ( $i = 0; $i < 1000; $i++ ) {
5413
			if ( ! $wpdb->query( $sql ) ) {
5414
				break;
5415
			}
5416
		}
5417
	}
5418
5419
	/**
5420
	 * State is passed via cookies from one request to the next, but never to subsequent requests.
5421
	 * SET: state( $key, $value );
5422
	 * GET: $value = state( $key );
5423
	 *
5424
	 * @param string $key
5425
	 * @param string $value
5426
	 * @param bool $restate private
5427
	 */
5428
	public static function state( $key = null, $value = null, $restate = false ) {
5429
		static $state = array();
5430
		static $path, $domain;
5431
		if ( ! isset( $path ) ) {
5432
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
5433
			$admin_url = Jetpack::admin_url();
5434
			$bits      = parse_url( $admin_url );
5435
5436
			if ( is_array( $bits ) ) {
5437
				$path   = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
5438
				$domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
5439
			} else {
5440
				$path = $domain = null;
5441
			}
5442
		}
5443
5444
		// Extract state from cookies and delete cookies
5445
		if ( isset( $_COOKIE[ 'jetpackState' ] ) && is_array( $_COOKIE[ 'jetpackState' ] ) ) {
5446
			$yum = $_COOKIE[ 'jetpackState' ];
5447
			unset( $_COOKIE[ 'jetpackState' ] );
5448
			foreach ( $yum as $k => $v ) {
5449
				if ( strlen( $v ) )
5450
					$state[ $k ] = $v;
5451
				setcookie( "jetpackState[$k]", false, 0, $path, $domain );
5452
			}
5453
		}
5454
5455
		if ( $restate ) {
5456
			foreach ( $state as $k => $v ) {
5457
				setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
5458
			}
5459
			return;
5460
		}
5461
5462
		// Get a state variable
5463
		if ( isset( $key ) && ! isset( $value ) ) {
5464
			if ( array_key_exists( $key, $state ) )
5465
				return $state[ $key ];
5466
			return null;
5467
		}
5468
5469
		// Set a state variable
5470
		if ( isset ( $key ) && isset( $value ) ) {
5471
			if( is_array( $value ) && isset( $value[0] ) ) {
5472
				$value = $value[0];
5473
			}
5474
			$state[ $key ] = $value;
5475
			setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5476
		}
5477
	}
5478
5479
	public static function restate() {
5480
		Jetpack::state( null, null, true );
5481
	}
5482
5483
	public static function check_privacy( $file ) {
5484
		static $is_site_publicly_accessible = null;
5485
5486
		if ( is_null( $is_site_publicly_accessible ) ) {
5487
			$is_site_publicly_accessible = false;
5488
5489
			Jetpack::load_xml_rpc_client();
5490
			$rpc = new Jetpack_IXR_Client();
5491
5492
			$success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5493
			if ( $success ) {
5494
				$response = $rpc->getResponse();
5495
				if ( $response ) {
5496
					$is_site_publicly_accessible = true;
5497
				}
5498
			}
5499
5500
			Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5501
		}
5502
5503
		if ( $is_site_publicly_accessible ) {
5504
			return;
5505
		}
5506
5507
		$module_slug = self::get_module_slug( $file );
5508
5509
		$privacy_checks = Jetpack::state( 'privacy_checks' );
5510
		if ( ! $privacy_checks ) {
5511
			$privacy_checks = $module_slug;
5512
		} else {
5513
			$privacy_checks .= ",$module_slug";
5514
		}
5515
5516
		Jetpack::state( 'privacy_checks', $privacy_checks );
5517
	}
5518
5519
	/**
5520
	 * Helper method for multicall XMLRPC.
5521
	 */
5522
	public static function xmlrpc_async_call() {
5523
		global $blog_id;
5524
		static $clients = array();
5525
5526
		$client_blog_id = is_multisite() ? $blog_id : 0;
5527
5528
		if ( ! isset( $clients[$client_blog_id] ) ) {
5529
			Jetpack::load_xml_rpc_client();
5530
			$clients[$client_blog_id] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER, ) );
5531
			if ( function_exists( 'ignore_user_abort' ) ) {
5532
				ignore_user_abort( true );
5533
			}
5534
			add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5535
		}
5536
5537
		$args = func_get_args();
5538
5539
		if ( ! empty( $args[0] ) ) {
5540
			call_user_func_array( array( $clients[$client_blog_id], 'addCall' ), $args );
5541
		} elseif ( is_multisite() ) {
5542
			foreach ( $clients as $client_blog_id => $client ) {
5543
				if ( ! $client_blog_id || empty( $client->calls ) ) {
5544
					continue;
5545
				}
5546
5547
				$switch_success = switch_to_blog( $client_blog_id, true );
5548
				if ( ! $switch_success ) {
5549
					continue;
5550
				}
5551
5552
				flush();
5553
				$client->query();
5554
5555
				restore_current_blog();
5556
			}
5557
		} else {
5558
			if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5559
				flush();
5560
				$clients[0]->query();
5561
			}
5562
		}
5563
	}
5564
5565
	public static function staticize_subdomain( $url ) {
5566
5567
		// Extract hostname from URL
5568
		$host = parse_url( $url, PHP_URL_HOST );
5569
5570
		// Explode hostname on '.'
5571
		$exploded_host = explode( '.', $host );
5572
5573
		// Retrieve the name and TLD
5574
		if ( count( $exploded_host ) > 1 ) {
5575
			$name = $exploded_host[ count( $exploded_host ) - 2 ];
5576
			$tld = $exploded_host[ count( $exploded_host ) - 1 ];
5577
			// Rebuild domain excluding subdomains
5578
			$domain = $name . '.' . $tld;
5579
		} else {
5580
			$domain = $host;
5581
		}
5582
		// Array of Automattic domains
5583
		$domain_whitelist = array( 'wordpress.com', 'wp.com' );
5584
5585
		// Return $url if not an Automattic domain
5586
		if ( ! in_array( $domain, $domain_whitelist ) ) {
5587
			return $url;
5588
		}
5589
5590
		if ( is_ssl() ) {
5591
			return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5592
		}
5593
5594
		srand( crc32( basename( $url ) ) );
5595
		$static_counter = rand( 0, 2 );
5596
		srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5597
5598
		return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5599
	}
5600
5601
/* JSON API Authorization */
5602
5603
	/**
5604
	 * Handles the login action for Authorizing the JSON API
5605
	 */
5606
	function login_form_json_api_authorization() {
5607
		$this->verify_json_api_authorization_request();
5608
5609
		add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5610
5611
		add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5612
		add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5613
		add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5614
	}
5615
5616
	// Make sure the login form is POSTed to the signed URL so we can reverify the request
5617
	function post_login_form_to_signed_url( $url, $path, $scheme ) {
5618
		if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5619
			return $url;
5620
		}
5621
5622
		$parsed_url = parse_url( $url );
5623
		$url = strtok( $url, '?' );
5624
		$url = "$url?{$_SERVER['QUERY_STRING']}";
5625
		if ( ! empty( $parsed_url['query'] ) )
5626
			$url .= "&{$parsed_url['query']}";
5627
5628
		return $url;
5629
	}
5630
5631
	// Make sure the POSTed request is handled by the same action
5632
	function preserve_action_in_login_form_for_json_api_authorization() {
5633
		echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
5634
		echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
5635
	}
5636
5637
	// If someone logs in to approve API access, store the Access Code in usermeta
5638
	function store_json_api_authorization_token( $user_login, $user ) {
5639
		add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
5640
		add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
5641
		$token = wp_generate_password( 32, false );
5642
		update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
5643
	}
5644
5645
	// Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
5646
	function allow_wpcom_public_api_domain( $domains ) {
5647
		$domains[] = 'public-api.wordpress.com';
5648
		return $domains;
5649
	}
5650
5651
	// Add the Access Code details to the public-api.wordpress.com redirect
5652
	function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
5653
		return add_query_arg(
5654
			urlencode_deep(
5655
				array(
5656
					'jetpack-code'    => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
5657
					'jetpack-user-id' => (int) $user->ID,
5658
					'jetpack-state'   => $this->json_api_authorization_request['state'],
5659
				)
5660
			),
5661
			$redirect_to
5662
		);
5663
	}
5664
5665
	// Verifies the request by checking the signature
5666
	function verify_json_api_authorization_request() {
5667
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5668
5669
		$token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
5670
		if ( ! $token || empty( $token->secret ) ) {
5671
			wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.' , 'jetpack' ) );
5672
		}
5673
5674
		$die_error = __( 'Someone may be trying to trick you into giving them access to your site.  Or it could be you just encountered a bug :).  Either way, please close this window.', 'jetpack' );
5675
5676
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5677
5678
		if ( isset( $_POST['jetpack_json_api_original_query'] ) ) {
5679
			$signature = $jetpack_signature->sign_request( $_GET['token'], $_GET['timestamp'], $_GET['nonce'], '', 'GET', $_POST['jetpack_json_api_original_query'], null, true );
5680
		} else {
5681
			$signature = $jetpack_signature->sign_current_request( array( 'body' => null, 'method' => 'GET' ) );
5682
		}
5683
5684
		if ( ! $signature ) {
5685
			wp_die( $die_error );
5686
		} else if ( is_wp_error( $signature ) ) {
5687
			wp_die( $die_error );
5688
		} else if ( $signature !== $_GET['signature'] ) {
5689
			if ( is_ssl() ) {
5690
				// If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
5691
				$signature = $jetpack_signature->sign_current_request( array( 'scheme' => 'http', 'body' => null, 'method' => 'GET' ) );
5692
				if ( ! $signature || is_wp_error( $signature ) || $signature !== $_GET['signature'] ) {
5693
					wp_die( $die_error );
5694
				}
5695
			} else {
5696
				wp_die( $die_error );
5697
			}
5698
		}
5699
5700
		$timestamp = (int) $_GET['timestamp'];
5701
		$nonce     = stripslashes( (string) $_GET['nonce'] );
5702
5703
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5704
			// De-nonce the nonce, at least for 5 minutes.
5705
			// We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
5706
			$old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
5707
			if ( $old_nonce_time < time() - 300 ) {
5708
				wp_die( __( 'The authorization process expired.  Please go back and try again.' , 'jetpack' ) );
5709
			}
5710
		}
5711
5712
		$data = json_decode( base64_decode( stripslashes( $_GET['data'] ) ) );
5713
		$data_filters = array(
5714
			'state'        => 'opaque',
5715
			'client_id'    => 'int',
5716
			'client_title' => 'string',
5717
			'client_image' => 'url',
5718
		);
5719
5720
		foreach ( $data_filters as $key => $sanitation ) {
5721
			if ( ! isset( $data->$key ) ) {
5722
				wp_die( $die_error );
5723
			}
5724
5725
			switch ( $sanitation ) {
5726
			case 'int' :
5727
				$this->json_api_authorization_request[$key] = (int) $data->$key;
5728
				break;
5729
			case 'opaque' :
5730
				$this->json_api_authorization_request[$key] = (string) $data->$key;
5731
				break;
5732
			case 'string' :
5733
				$this->json_api_authorization_request[$key] = wp_kses( (string) $data->$key, array() );
5734
				break;
5735
			case 'url' :
5736
				$this->json_api_authorization_request[$key] = esc_url_raw( (string) $data->$key );
5737
				break;
5738
			}
5739
		}
5740
5741
		if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
5742
			wp_die( $die_error );
5743
		}
5744
	}
5745
5746
	function login_message_json_api_authorization( $message ) {
5747
		return '<p class="message">' . sprintf(
5748
			esc_html__( '%s wants to access your site&#8217;s data.  Log in to authorize that access.' , 'jetpack' ),
5749
			'<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
5750
		) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
5751
	}
5752
5753
	/**
5754
	 * Get $content_width, but with a <s>twist</s> filter.
5755
	 */
5756
	public static function get_content_width() {
5757
		$content_width = isset( $GLOBALS['content_width'] ) ? $GLOBALS['content_width'] : false;
5758
		/**
5759
		 * Filter the Content Width value.
5760
		 *
5761
		 * @since 2.2.3
5762
		 *
5763
		 * @param string $content_width Content Width value.
5764
		 */
5765
		return apply_filters( 'jetpack_content_width', $content_width );
5766
	}
5767
5768
	/**
5769
	 * Centralize the function here until it gets added to core.
5770
	 *
5771
	 * @param int|string|object $id_or_email A user ID,  email address, or comment object
5772
	 * @param int $size Size of the avatar image
5773
	 * @param string $default URL to a default image to use if no avatar is available
5774
	 * @param bool $force_display Whether to force it to return an avatar even if show_avatars is disabled
5775
	 *
5776
	 * @return array First element is the URL, second is the class.
5777
	 */
5778
	public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
5779
		// Don't bother adding the __return_true filter if it's already there.
5780
		$has_filter = has_filter( 'pre_option_show_avatars', '__return_true' );
5781
5782
		if ( $force_display && ! $has_filter )
5783
			add_filter( 'pre_option_show_avatars', '__return_true' );
5784
5785
		$avatar = get_avatar( $id_or_email, $size, $default );
5786
5787
		if ( $force_display && ! $has_filter )
5788
			remove_filter( 'pre_option_show_avatars', '__return_true' );
5789
5790
		// If no data, fail out.
5791
		if ( is_wp_error( $avatar ) || ! $avatar )
5792
			return array( null, null );
5793
5794
		// Pull out the URL.  If it's not there, fail out.
5795
		if ( ! preg_match( '/src=["\']([^"\']+)["\']/', $avatar, $url_matches ) )
5796
			return array( null, null );
5797
		$url = wp_specialchars_decode( $url_matches[1], ENT_QUOTES );
5798
5799
		// Pull out the class, but it's not a big deal if it's missing.
5800
		$class = '';
5801
		if ( preg_match( '/class=["\']([^"\']+)["\']/', $avatar, $class_matches ) )
5802
			$class = wp_specialchars_decode( $class_matches[1], ENT_QUOTES );
5803
5804
		return array( $url, $class );
5805
	}
5806
5807
	/**
5808
	 * Pings the WordPress.com Mirror Site for the specified options.
5809
	 *
5810
	 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
5811
	 *
5812
	 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
5813
	 */
5814
	public function get_cloud_site_options( $option_names ) {
5815
		$option_names = array_filter( (array) $option_names, 'is_string' );
5816
5817
		Jetpack::load_xml_rpc_client();
5818
		$xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER, ) );
5819
		$xml->query( 'jetpack.fetchSiteOptions', $option_names );
5820
		if ( $xml->isError() ) {
5821
			return array(
5822
				'error_code' => $xml->getErrorCode(),
5823
				'error_msg'  => $xml->getErrorMessage(),
5824
			);
5825
		}
5826
		$cloud_site_options = $xml->getResponse();
5827
5828
		return $cloud_site_options;
5829
	}
5830
5831
	/**
5832
	 * Fetch the filtered array of options that we should compare to determine an identity crisis.
5833
	 *
5834
	 * @return array An array of options to check.
5835
	 */
5836
	public static function identity_crisis_options_to_check() {
5837
		$options = array(
5838
			'siteurl',
5839
			'home',
5840
		);
5841
		/**
5842
		 * Filter the options that we should compare to determine an identity crisis.
5843
		 *
5844
		 * @since 2.5.0
5845
		 *
5846
		 * @param array $options Array of options to compare to determine an identity crisis.
5847
		 */
5848
		return apply_filters( 'jetpack_identity_crisis_options_to_check', $options );
5849
	}
5850
5851
	/**
5852
	 * Checks to make sure that local options have the same values as remote options.  Will cache the results for up to 24 hours.
5853
	 *
5854
	 * @param bool $force_recheck Whether to ignore any cached transient and manually re-check.
5855
	 *
5856
	 * @return array An array of options that do not match.  If everything is good, it will evaluate to false.
5857
	 */
5858
	public static function check_identity_crisis( $force_recheck = false ) {
5859
		if ( ! Jetpack::is_active() || Jetpack::is_development_mode() || Jetpack::is_staging_site() )
5860
			return false;
5861
5862
		if ( $force_recheck || false === ( $errors = get_transient( 'jetpack_has_identity_crisis' ) ) ) {
5863
			$options_to_check = self::identity_crisis_options_to_check();
5864
			$cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check );
5865
			$errors        = array();
5866
5867
			foreach ( $cloud_options as $cloud_key => $cloud_value ) {
5868
5869
				// If it's not the same as the local value...
5870
				if ( $cloud_value !== get_option( $cloud_key ) ) {
5871
5872
					// Break out if we're getting errors.  We are going to check the error keys later when we alert.
5873
					if ( 'error_code' == $cloud_key ) {
5874
						$errors[ $cloud_key ] = $cloud_value;
5875
						break;
5876
					}
5877
5878
					$parsed_cloud_value = parse_url( $cloud_value );
5879
					// If the current options is an IP address
5880
					if ( filter_var( $parsed_cloud_value['host'], FILTER_VALIDATE_IP ) ) {
5881
						// Give the new value a Jetpack to fly in to the clouds
5882
						Jetpack::resolve_identity_crisis( $cloud_key );
5883
						continue;
5884
					}
5885
5886
					// And it's not been added to the whitelist...
5887
					if ( ! self::is_identity_crisis_value_whitelisted( $cloud_key, $cloud_value ) ) {
5888
						/*
5889
						 * This should be a temporary hack until a cleaner solution is found.
5890
						 *
5891
						 * The siteurl and home can be set to use http in General > Settings
5892
						 * however some constants can be defined that can force https in wp-admin
5893
						 * when this happens wpcom can confuse wporg with a fake identity
5894
						 * crisis with a mismatch of http vs https when it should be allowed.
5895
						 * we need to check that here.
5896
						 *
5897
						 * @see https://github.com/Automattic/jetpack/issues/1006
5898
						 */
5899
						if ( ( 'home' == $cloud_key || 'siteurl' == $cloud_key )
5900
							&& ( substr( $cloud_value, 0, 8 ) == "https://" )
5901
							&& Jetpack::init()->is_ssl_required_to_visit_site() ) {
5902
							// Ok, we found a mismatch of http and https because of wp-config, not an invalid url
5903
							continue;
5904
						}
5905
5906
5907
						// Then kick an error!
5908
						$errors[ $cloud_key ] = $cloud_value;
5909
					}
5910
				}
5911
			}
5912
		}
5913
5914
		/**
5915
		 * Filters the errors returned when checking for an Identity Crisis.
5916
		 *
5917
		 * @since 2.3.2
5918
		 *
5919
		 * @param array $errors Array of Identity Crisis errors.
5920
		 * @param bool $force_recheck Ignore any cached transient and manually re-check. Default to false.
5921
		 */
5922
		return apply_filters( 'jetpack_has_identity_crisis', $errors, $force_recheck );
5923
	}
5924
5925
	/*
5926
	 * Resolve ID crisis
5927
	 *
5928
	 * If the URL has changed, but the rest of the options are the same (i.e. blog/user tokens)
5929
	 * The user has the option to update the shadow site with the new URL before a new
5930
	 * token is created.
5931
	 *
5932
	 * @param $key : Which option to sync.  null defautlts to home and siteurl
5933
	 */
5934
	public static function resolve_identity_crisis( $key = null ) {
5935
		if ( $key ) {
5936
			$identity_options = array( $key );
5937
		} else {
5938
			$identity_options = self::identity_crisis_options_to_check();
5939
		}
5940
5941
		if ( is_array( $identity_options ) ) {
5942
			foreach( $identity_options as $identity_option ) {
5943
				Jetpack_Sync::sync_options( __FILE__, $identity_option );
5944
5945
				/**
5946
				 * Fires when a shadow site option is updated.
5947
				 * These options are updated via the Identity Crisis UI.
5948
				 * $identity_option is the option that gets updated.
5949
				 *
5950
				 * @since 3.7.0
5951
				 */
5952
				do_action( "update_option_{$identity_option}" );
5953
			}
5954
		}
5955
	}
5956
5957
	/*
5958
	 * Whitelist URL
5959
	 *
5960
	 * Ignore the URL differences between the blog and the shadow site.
5961
	 */
5962
	public static function whitelist_current_url() {
5963
		$options_to_check = Jetpack::identity_crisis_options_to_check();
5964
		$cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check );
5965
5966
		foreach ( $cloud_options as $cloud_key => $cloud_value ) {
5967
			Jetpack::whitelist_identity_crisis_value( $cloud_key, $cloud_value );
5968
		}
5969
	}
5970
5971
	/*
5972
	 * Ajax callbacks for ID crisis resolutions
5973
	 *
5974
	 * Things that could happen here:
5975
	 *  - site_migrated : Update the URL on the shadow blog to match new domain
5976
	 *  - whitelist     : Ignore the URL difference
5977
	 *  - default       : Error message
5978
	 */
5979
	public static function resolve_identity_crisis_ajax_callback() {
5980
		check_ajax_referer( 'resolve-identity-crisis', 'ajax-nonce' );
5981
5982
		switch ( $_POST[ 'crisis_resolution_action' ] ) {
5983
			case 'site_migrated':
5984
				Jetpack::resolve_identity_crisis();
5985
				echo 'resolved';
5986
				break;
5987
5988
			case 'whitelist':
5989
				Jetpack::whitelist_current_url();
5990
				echo 'whitelisted';
5991
				break;
5992
5993
			case 'reset_connection':
5994
				// Delete the options first so it doesn't get confused which site to disconnect dotcom-side
5995
				Jetpack_Options::delete_option(
5996
					array(
5997
						'register',
5998
						'blog_token',
5999
						'user_token',
6000
						'user_tokens',
6001
						'master_user',
6002
						'time_diff',
6003
						'fallback_no_verify_ssl_certs',
6004
						'id',
6005
					)
6006
				);
6007
				delete_transient( 'jetpack_has_identity_crisis' );
6008
6009
				echo 'reset-connection-success';
6010
				break;
6011
6012
			default:
6013
				echo 'missing action';
6014
				break;
6015
		}
6016
6017
		wp_die();
6018
	}
6019
6020
	/**
6021
	 * Adds a value to the whitelist for the specified key.
6022
	 *
6023
	 * @param string $key The option name that we're whitelisting the value for.
6024
	 * @param string $value The value that we're intending to add to the whitelist.
6025
	 *
6026
	 * @return bool Whether the value was added to the whitelist, or false if it was already there.
6027
	 */
6028
	public static function whitelist_identity_crisis_value( $key, $value ) {
6029
		if ( Jetpack::is_identity_crisis_value_whitelisted( $key, $value ) ) {
6030
			return false;
6031
		}
6032
6033
		$whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist', array() );
6034
		if ( empty( $whitelist[ $key ] ) || ! is_array( $whitelist[ $key ] ) ) {
6035
			$whitelist[ $key ] = array();
6036
		}
6037
		array_push( $whitelist[ $key ], $value );
6038
6039
		Jetpack_Options::update_option( 'identity_crisis_whitelist', $whitelist );
6040
		return true;
6041
	}
6042
6043
	/**
6044
	 * Checks whether a value is already whitelisted.
6045
	 *
6046
	 * @param string $key The option name that we're checking the value for.
6047
	 * @param string $value The value that we're curious to see if it's on the whitelist.
6048
	 *
6049
	 * @return bool Whether the value is whitelisted.
6050
	 */
6051
	public static function is_identity_crisis_value_whitelisted( $key, $value ) {
6052
		$whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist', array() );
6053
		if ( ! empty( $whitelist[ $key ] ) && is_array( $whitelist[ $key ] ) && in_array( $value, $whitelist[ $key ] ) ) {
6054
			return true;
6055
		}
6056
		return false;
6057
	}
6058
6059
	/**
6060
	 * Checks whether the home and siteurl specifically are whitelisted
6061
	 * Written so that we don't have re-check $key and $value params every time
6062
	 * we want to check if this site is whitelisted, for example in footer.php
6063
	 *
6064
	 * @return bool True = already whitelsisted False = not whitelisted
6065
	 */
6066
	public static function is_staging_site() {
6067
		$is_staging = false;
6068
6069
		$current_whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist' );
6070
		if ( $current_whitelist ) {
6071
			$options_to_check  = Jetpack::identity_crisis_options_to_check();
6072
			$cloud_options     = Jetpack::init()->get_cloud_site_options( $options_to_check );
6073
6074
			foreach ( $cloud_options as $cloud_key => $cloud_value ) {
6075
				if ( self::is_identity_crisis_value_whitelisted( $cloud_key, $cloud_value ) ) {
6076
					$is_staging = true;
6077
					break;
6078
				}
6079
			}
6080
		}
6081
		$known_staging = array(
6082
			'urls' => array(
6083
				'#\.staging\.wpengine\.com$#i',
6084
				),
6085
			'constants' => array(
6086
				'IS_WPE_SNAPSHOT',
6087
				'JETPACK_STAGING_MODE',
6088
				)
6089
			);
6090
		/**
6091
		 * Filters the flags of known staging sites.
6092
		 *
6093
		 * @since 3.9.0
6094
		 *
6095
		 * @param array $known_staging {
6096
		 *     An array of arrays that each are used to check if the current site is staging.
6097
		 *     @type array $urls      URLs of staging sites in regex to check against site_url.
6098
		 *     @type array $cosntants PHP constants of known staging/developement environments.
6099
		 *  }
6100
		 */
6101
		$known_staging = apply_filters( 'jetpack_known_staging', $known_staging );
6102
6103
		if ( isset( $known_staging['urls'] ) ) {
6104
			foreach ( $known_staging['urls'] as $url ){
6105
				if ( preg_match( $url, site_url() ) ) {
6106
					$is_staging = true;
6107
					break;
6108
				}
6109
			}
6110
		}
6111
6112
		if ( isset( $known_staging['constants'] ) ) {
6113
			foreach ( $known_staging['constants'] as $constant ) {
6114
				if ( defined( $constant ) && constant( $constant ) ) {
6115
					$is_staging = true;
6116
				}
6117
			}
6118
		}
6119
6120
		/**
6121
		 * Filters is_staging_site check.
6122
		 *
6123
		 * @since 3.9.0
6124
		 *
6125
		 * @param bool $is_staging If the current site is a staging site.
6126
		 */
6127
		return apply_filters( 'jetpack_is_staging_site', $is_staging );
6128
	}
6129
6130
	public function identity_crisis_js( $nonce ) {
6131
?>
6132
<script>
6133
(function( $ ) {
6134
	var SECOND_IN_MS = 1000;
6135
6136
	function contactSupport( e ) {
6137
		e.preventDefault();
6138
		$( '.jp-id-crisis-question' ).hide();
6139
		$( '#jp-id-crisis-contact-support' ).show();
6140
	}
6141
6142
	function autodismissSuccessBanner() {
6143
		$( '.jp-identity-crisis' ).fadeOut(600); //.addClass( 'dismiss' );
6144
	}
6145
6146
	var data = { action: 'jetpack_resolve_identity_crisis', 'ajax-nonce': '<?php echo $nonce; ?>' };
6147
6148
	$( document ).ready(function() {
6149
6150
		// Site moved: Update the URL on the shadow blog
6151
		$( '.site-moved' ).click(function( e ) {
6152
			e.preventDefault();
6153
			data.crisis_resolution_action = 'site_migrated';
6154
			$( '#jp-id-crisis-question-1 .spinner' ).show();
6155
			$.post( ajaxurl, data, function() {
6156
				$( '.jp-id-crisis-question' ).hide();
6157
				$( '.banner-title' ).hide();
6158
				$( '#jp-id-crisis-success' ).show();
6159
				setTimeout( autodismissSuccessBanner, 6 * SECOND_IN_MS );
6160
			});
6161
6162
		});
6163
6164
		// URL hasn't changed, next question please.
6165
		$( '.site-not-moved' ).click(function( e ) {
6166
			e.preventDefault();
6167
			$( '.jp-id-crisis-question' ).hide();
6168
			$( '#jp-id-crisis-question-2' ).show();
6169
		});
6170
6171
		// Reset connection: two separate sites.
6172
		$( '.reset-connection' ).click(function( e ) {
6173
			data.crisis_resolution_action = 'reset_connection';
6174
			$.post( ajaxurl, data, function( response ) {
6175
				if ( 'reset-connection-success' === response ) {
6176
					window.location.replace( '<?php echo Jetpack::admin_url(); ?>' );
6177
				}
6178
			});
6179
		});
6180
6181
		// It's a dev environment.  Ignore.
6182
		$( '.is-dev-env' ).click(function( e ) {
6183
			data.crisis_resolution_action = 'whitelist';
6184
			$( '#jp-id-crisis-question-2 .spinner' ).show();
6185
			$.post( ajaxurl, data, function() {
6186
				$( '.jp-id-crisis-question' ).hide();
6187
				$( '.banner-title' ).hide();
6188
				$( '#jp-id-crisis-success' ).show();
6189
				setTimeout( autodismissSuccessBanner, 4 * SECOND_IN_MS );
6190
			});
6191
		});
6192
6193
		$( '.not-reconnecting' ).click(contactSupport);
6194
		$( '.not-staging-or-dev' ).click(contactSupport);
6195
	});
6196
})( jQuery );
6197
</script>
6198
<?php
6199
	}
6200
6201
	/**
6202
	 * Displays an admin_notice, alerting the user to an identity crisis.
6203
	 */
6204
	public function alert_identity_crisis() {
6205
		// @todo temporary killing of feature in 3.8.1 as it revealed a number of scenarios not foreseen.
6206
		if ( ! Jetpack::is_development_version() ) {
6207
			return;
6208
		}
6209
6210
		// @todo temporary copout for dealing with domain mapping
6211
		// @see https://github.com/Automattic/jetpack/issues/2702
6212
		if ( is_multisite() && defined( 'SUNRISE' ) && ! Jetpack::is_development_version() ) {
6213
			return;
6214
		}
6215
6216
		if ( ! current_user_can( 'jetpack_disconnect' ) ) {
6217
			return;
6218
		}
6219
6220
		if ( ! $errors = self::check_identity_crisis() ) {
6221
			return;
6222
		}
6223
6224
		// Only show on dashboard and jetpack pages
6225
		$screen = get_current_screen();
6226
		if ( 'dashboard' !== $screen->base && ! did_action( 'jetpack_notices' ) ) {
6227
			return;
6228
		}
6229
6230
		// Include the js!
6231
		$ajax_nonce = wp_create_nonce( 'resolve-identity-crisis' );
6232
		$this->identity_crisis_js( $ajax_nonce );
6233
6234
		// Include the CSS!
6235
		if ( ! wp_script_is( 'jetpack', 'done' ) ) {
6236
			$this->admin_banner_styles();
6237
		}
6238
6239
		if ( ! array_key_exists( 'error_code', $errors ) ) {
6240
			$key = 'siteurl';
6241
			if ( ! $errors[ $key ] ) {
6242
				$key = 'home';
6243
			}
6244
		} else {
6245
			$key = 'error_code';
6246
			// 401 is the only error we care about.  Any other errors should not trigger the alert.
6247
			if ( 401 !== $errors[ $key ] ) {
6248
				return;
6249
			}
6250
		}
6251
6252
		?>
6253
6254
		<style>
6255
			.jp-identity-crisis .jp-btn-group {
6256
					margin: 15px 0;
6257
				}
6258
			.jp-identity-crisis strong {
6259
					color: #518d2a;
6260
				}
6261
			.jp-identity-crisis.dismiss {
6262
				display: none;
6263
			}
6264
			.jp-identity-crisis .button {
6265
				margin-right: 4px;
6266
			}
6267
		</style>
6268
6269
		<div id="message" class="error jetpack-message jp-identity-crisis stay-visible">
6270
			<div class="service-mark"></div>
6271
			<div class="jp-id-banner__content">
6272
				<!-- <h3 class="banner-title"><?php _e( 'Something\'s not quite right with your Jetpack connection! Let\'s fix that.', 'jetpack' ); ?></h3> -->
6273
6274
				<div class="jp-id-crisis-question" id="jp-id-crisis-question-1">
6275
					<?php
6276
					// 401 means that this site has been disconnected from wpcom, but the remote site still thinks it's connected.
6277
					if ( 'error_code' == $key && '401' == $errors[ $key ] ) : ?>
6278
						<div class="banner-content">
6279
							<p><?php
6280
								/* translators: %s is a URL */
6281
								printf( __( 'Our records show that this site does not have a valid connection to WordPress.com. Please reset your connection to fix this. <a href="%s" target="_blank">What caused this?</a>', 'jetpack' ), 'https://jetpack.me/support/no-valid-wordpress-com-connection/' );
6282
							?></p>
6283
						</div>
6284
						<div class="jp-btn-group">
6285
							<a href="#" class="reset-connection"><?php _e( 'Reset the connection', 'jetpack' ); ?></a>
6286
							<span class="idc-separator">|</span>
6287
							<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=dismiss' ), 'jetpack-deactivate' ) ); ?>"><?php _e( 'Deactivate Jetpack', 'jetpack' ); ?></a>
6288
						</div>
6289
					<?php else : ?>
6290
							<div class="banner-content">
6291
							<p><?php printf( __( 'It looks like you may have changed your domain. Is <strong>%1$s</strong> still your site\'s domain, or have you updated it to <strong> %2$s </strong>?', 'jetpack' ), $errors[ $key ], (string) get_option( $key ) ); ?></p>
6292
							</div>
6293
						<div class="jp-btn-group">
6294
							<a href="#" class="regular site-moved"><?php printf( __( '%s is now my domain.', 'jetpack' ), $errors[ $key ] ); ?></a> <span class="idc-separator">|</span> <a href="#" class="site-not-moved" ><?php printf( __( '%s is still my domain.', 'jetpack' ), (string) get_option( $key ) ); ?></a>
6295
							<span class="spinner"></span>
6296
						</div>
6297
					<?php endif ; ?>
6298
				</div>
6299
6300
				<div class="jp-id-crisis-question" id="jp-id-crisis-question-2" style="display: none;">
6301
					<div class="banner-content">
6302
						<p><?php printf(
6303
							/* translators: %1$s, %2$s and %3$s are URLs */
6304
							__(
6305
								'Are <strong> %2$s </strong> and <strong> %1$s </strong> two completely separate websites? If so we should create a new connection, which will reset your followers and linked services. <a href="%3$s"><em>What does this mean?</em></a>',
6306
								'jetpack'
6307
							),
6308
							$errors[ $key ],
6309
							(string) get_option( $key ),
6310
							'https://jetpack.me/support/what-does-resetting-the-connection-mean/'
6311
						); ?></p>
6312
					</div>
6313
					<div class="jp-btn-group">
6314
						<a href="#" class="reset-connection"><?php _e( 'Reset the connection', 'jetpack' ); ?></a> <span class="idc-separator">|</span>
6315
						<a href="#" class="is-dev-env"><?php _e( 'This is a development environment', 'jetpack' ); ?></a> <span class="idc-separator">|</span>
6316
						<a href="https://jetpack.me/contact-support/" class="contact-support"><?php _e( 'Submit a support ticket', 'jetpack' ); ?></a>
6317
						<span class="spinner"></span>
6318
					</div>
6319
				</div>
6320
6321
				<div class="jp-id-crisis-success" id="jp-id-crisis-success" style="display: none;">
6322
					<h3 class="success-notice"><?php printf( __( 'Thanks for taking the time to sort things out. We&#039;ve updated our records accordingly!', 'jetpack' ) ); ?></h3>
6323
				</div>
6324
			</div>
6325
		</div>
6326
6327
		<?php
6328
	}
6329
6330
	/**
6331
	 * Maybe Use a .min.css stylesheet, maybe not.
6332
	 *
6333
	 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
6334
	 */
6335
	public static function maybe_min_asset( $url, $path, $plugin ) {
6336
		// Short out on things trying to find actual paths.
6337
		if ( ! $path || empty( $plugin ) ) {
6338
			return $url;
6339
		}
6340
6341
		// Strip out the abspath.
6342
		$base = dirname( plugin_basename( $plugin ) );
6343
6344
		// Short out on non-Jetpack assets.
6345
		if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
6346
			return $url;
6347
		}
6348
6349
		// File name parsing.
6350
		$file              = "{$base}/{$path}";
6351
		$full_path         = JETPACK__PLUGIN_DIR . substr( $file, 8 );
6352
		$file_name         = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
6353
		$file_name_parts_r = array_reverse( explode( '.', $file_name ) );
6354
		$extension         = array_shift( $file_name_parts_r );
6355
6356
		if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
6357
			// Already pointing at the minified version.
6358
			if ( 'min' === $file_name_parts_r[0] ) {
6359
				return $url;
6360
			}
6361
6362
			$min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
6363
			if ( file_exists( $min_full_path ) ) {
6364
				$url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
6365
			}
6366
		}
6367
6368
		return $url;
6369
	}
6370
6371
	/**
6372
	 * Maybe inlines a stylesheet.
6373
	 *
6374
	 * If you'd like to inline a stylesheet instead of printing a link to it,
6375
	 * wp_style_add_data( 'handle', 'jetpack-inline', true );
6376
	 *
6377
	 * Attached to `style_loader_tag` filter.
6378
	 *
6379
	 * @param string $tag The tag that would link to the external asset.
6380
	 * @param string $handle The registered handle of the script in question.
6381
	 *
6382
	 * @return string
6383
	 */
6384
	public static function maybe_inline_style( $tag, $handle ) {
6385
		global $wp_styles;
6386
		$item = $wp_styles->registered[ $handle ];
6387
6388
		if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
6389
			return $tag;
6390
		}
6391
6392
		if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
6393
			$href = $matches[1];
6394
			// Strip off query string
6395
			if ( $pos = strpos( $href, '?' ) ) {
6396
				$href = substr( $href, 0, $pos );
6397
			}
6398
			// Strip off fragment
6399
			if ( $pos = strpos( $href, '#' ) ) {
6400
				$href = substr( $href, 0, $pos );
6401
			}
6402
		} else {
6403
			return $tag;
6404
		}
6405
6406
		$plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
6407
		if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
6408
			return $tag;
6409
		}
6410
6411
		// If this stylesheet has a RTL version, and the RTL version replaces normal...
6412
		if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
6413
			// And this isn't the pass that actually deals with the RTL version...
6414
			if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
6415
				// Short out, as the RTL version will deal with it in a moment.
6416
				return $tag;
6417
			}
6418
		}
6419
6420
		$file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
6421
		$css  = Jetpack::absolutize_css_urls( file_get_contents( $file ), $href );
6422
		if ( $css ) {
6423
			$tag = "<!-- Inline {$item->handle} -->\r\n";
6424
			if ( empty( $item->extra['after'] ) ) {
6425
				wp_add_inline_style( $handle, $css );
6426
			} else {
6427
				array_unshift( $item->extra['after'], $css );
6428
				wp_style_add_data( $handle, 'after', $item->extra['after'] );
6429
			}
6430
		}
6431
6432
		return $tag;
6433
	}
6434
6435
	/**
6436
	 * Loads a view file from the views
6437
	 *
6438
	 * Data passed in with the $data parameter will be available in the
6439
	 * template file as $data['value']
6440
	 *
6441
	 * @param string $template - Template file to load
6442
	 * @param array $data - Any data to pass along to the template
6443
	 * @return boolean - If template file was found
6444
	 **/
6445
	public function load_view( $template, $data = array() ) {
6446
		$views_dir = JETPACK__PLUGIN_DIR . 'views/';
6447
6448
		if( file_exists( $views_dir . $template ) ) {
6449
			require_once( $views_dir . $template );
6450
			return true;
6451
		}
6452
6453
		error_log( "Jetpack: Unable to find view file $views_dir$template" );
6454
		return false;
6455
	}
6456
6457
	/**
6458
	 * Sends a ping to the Jetpack servers to toggle on/off remote portions
6459
	 * required by some modules.
6460
	 *
6461
	 * @param string $module_slug
6462
	 */
6463
	public function toggle_module_on_wpcom( $module_slug ) {
6464
		Jetpack::init()->sync->register( 'noop' );
6465
6466
		if ( false !== strpos( current_filter(), 'jetpack_activate_module_' ) ) {
6467
			self::check_privacy( $module_slug );
6468
		}
6469
6470
	}
6471
6472
	/**
6473
	 * Throws warnings for deprecated hooks to be removed from Jetpack
6474
	 */
6475
	public function deprecated_hooks() {
6476
		global $wp_filter;
6477
6478
		/*
6479
		 * Format:
6480
		 * deprecated_filter_name => replacement_name
6481
		 *
6482
		 * If there is no replacement us null for replacement_name
6483
		 */
6484
		$deprecated_list = array(
6485
			'jetpack_bail_on_shortcode' => 'jetpack_shortcodes_to_include',
6486
			'wpl_sharing_2014_1'        => null,
6487
			'jetpack-tools-to-include'  => 'jetpack_tools_to_include',
6488
		);
6489
6490
		// This is a silly loop depth. Better way?
6491
		foreach( $deprecated_list AS $hook => $hook_alt ) {
6492
			if( isset( $wp_filter[ $hook ] ) && is_array( $wp_filter[ $hook ] ) ) {
6493
				foreach( $wp_filter[$hook] AS $func => $values ) {
6494
					foreach( $values AS $hooked ) {
6495
						_deprecated_function( $hook . ' used for ' . $hooked['function'], null, $hook_alt );
6496
					}
6497
				}
6498
			}
6499
		}
6500
	}
6501
6502
	/**
6503
	 * Converts any url in a stylesheet, to the correct absolute url.
6504
	 *
6505
	 * Considerations:
6506
	 *  - Normal, relative URLs     `feh.png`
6507
	 *  - Data URLs                 `data:image/gif;base64,eh129ehiuehjdhsa==`
6508
	 *  - Schema-agnostic URLs      `//domain.com/feh.png`
6509
	 *  - Absolute URLs             `http://domain.com/feh.png`
6510
	 *  - Domain root relative URLs `/feh.png`
6511
	 *
6512
	 * @param $css string: The raw CSS -- should be read in directly from the file.
6513
	 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
6514
	 *
6515
	 * @return mixed|string
6516
	 */
6517
	public static function absolutize_css_urls( $css, $css_file_url ) {
6518
		$pattern = '#url\((?P<path>[^)]*)\)#i';
6519
		$css_dir = dirname( $css_file_url );
6520
		$p       = parse_url( $css_dir );
6521
		$domain  = sprintf(
6522
					'%1$s//%2$s%3$s%4$s',
6523
					isset( $p['scheme'] )           ? "{$p['scheme']}:" : '',
6524
					isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
6525
					$p['host'],
6526
					isset( $p['port'] )             ? ":{$p['port']}" : ''
6527
				);
6528
6529
		if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
6530
			$find = $replace = array();
6531
			foreach ( $matches as $match ) {
6532
				$url = trim( $match['path'], "'\" \t" );
6533
6534
				// If this is a data url, we don't want to mess with it.
6535
				if ( 'data:' === substr( $url, 0, 5 ) ) {
6536
					continue;
6537
				}
6538
6539
				// If this is an absolute or protocol-agnostic url,
6540
				// we don't want to mess with it.
6541
				if ( preg_match( '#^(https?:)?//#i', $url ) ) {
6542
					continue;
6543
				}
6544
6545
				switch ( substr( $url, 0, 1 ) ) {
6546
					case '/':
6547
						$absolute = $domain . $url;
6548
						break;
6549
					default:
6550
						$absolute = $css_dir . '/' . $url;
6551
				}
6552
6553
				$find[]    = $match[0];
6554
				$replace[] = sprintf( 'url("%s")', $absolute );
6555
			}
6556
			$css = str_replace( $find, $replace, $css );
6557
		}
6558
6559
		return $css;
6560
	}
6561
6562
	/**
6563
	 * This method checks to see if SSL is required by the site in
6564
	 * order to visit it in some way other than only setting the
6565
	 * https value in the home or siteurl values.
6566
	 *
6567
	 * @since 3.2
6568
	 * @return boolean
6569
	 **/
6570
	private function is_ssl_required_to_visit_site() {
6571
		global $wp_version;
6572
		$ssl = is_ssl();
6573
6574
		if ( force_ssl_admin() ) {
6575
			$ssl = true;
6576
		}
6577
		return $ssl;
6578
	}
6579
6580
	/**
6581
	 * This methods removes all of the registered css files on the frontend
6582
	 * from Jetpack in favor of using a single file. In effect "imploding"
6583
	 * all the files into one file.
6584
	 *
6585
	 * Pros:
6586
	 * - Uses only ONE css asset connection instead of 15
6587
	 * - Saves a minimum of 56k
6588
	 * - Reduces server load
6589
	 * - Reduces time to first painted byte
6590
	 *
6591
	 * Cons:
6592
	 * - Loads css for ALL modules. However all selectors are prefixed so it
6593
	 *		should not cause any issues with themes.
6594
	 * - Plugins/themes dequeuing styles no longer do anything. See
6595
	 *		jetpack_implode_frontend_css filter for a workaround
6596
	 *
6597
	 * For some situations developers may wish to disable css imploding and
6598
	 * instead operate in legacy mode where each file loads seperately and
6599
	 * can be edited individually or dequeued. This can be accomplished with
6600
	 * the following line:
6601
	 *
6602
	 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
6603
	 *
6604
	 * @since 3.2
6605
	 **/
6606
	public function implode_frontend_css( $travis_test = false ) {
6607
		$do_implode = true;
6608
		if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
6609
			$do_implode = false;
6610
		}
6611
6612
		/**
6613
		 * Allow CSS to be concatenated into a single jetpack.css file.
6614
		 *
6615
		 * @since 3.2.0
6616
		 *
6617
		 * @param bool $do_implode Should CSS be concatenated? Default to true.
6618
		 */
6619
		$do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
6620
6621
		// Do not use the imploded file when default behaviour was altered through the filter
6622
		if ( ! $do_implode ) {
6623
			return;
6624
		}
6625
6626
		// We do not want to use the imploded file in dev mode, or if not connected
6627
		if ( Jetpack::is_development_mode() || ! self::is_active() ) {
6628
			if ( ! $travis_test ) {
6629
				return;
6630
			}
6631
		}
6632
6633
		// Do not use the imploded file if sharing css was dequeued via the sharing settings screen
6634
		if ( get_option( 'sharedaddy_disable_resources' ) ) {
6635
			return;
6636
		}
6637
6638
		/*
6639
		 * Now we assume Jetpack is connected and able to serve the single
6640
		 * file.
6641
		 *
6642
		 * In the future there will be a check here to serve the file locally
6643
		 * or potentially from the Jetpack CDN
6644
		 *
6645
		 * For now:
6646
		 * - Enqueue a single imploded css file
6647
		 * - Zero out the style_loader_tag for the bundled ones
6648
		 * - Be happy, drink scotch
6649
		 */
6650
6651
		add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
6652
6653
		$version = Jetpack::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
6654
6655
		wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
6656
		wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
6657
	}
6658
6659
	function concat_remove_style_loader_tag( $tag, $handle ) {
6660
		if ( in_array( $handle, $this->concatenated_style_handles ) ) {
6661
			$tag = '';
6662
			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
6663
				$tag = "<!-- `" . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
6664
			}
6665
		}
6666
6667
		return $tag;
6668
	}
6669
6670
	/*
6671
	 * Check the heartbeat data
6672
	 *
6673
	 * Organizes the heartbeat data by severity.  For example, if the site
6674
	 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
6675
	 *
6676
	 * Data will be added to "caution" array, if it either:
6677
	 *  - Out of date Jetpack version
6678
	 *  - Out of date WP version
6679
	 *  - Out of date PHP version
6680
	 *
6681
	 * $return array $filtered_data
6682
	 */
6683
	public static function jetpack_check_heartbeat_data() {
6684
		$raw_data = Jetpack_Heartbeat::generate_stats_array();
6685
6686
		$good    = array();
6687
		$caution = array();
6688
		$bad     = array();
6689
6690
		foreach ( $raw_data as $stat => $value ) {
6691
6692
			// Check jetpack version
6693
			if ( 'version' == $stat ) {
6694
				if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
6695
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__VERSION;
6696
					continue;
6697
				}
6698
			}
6699
6700
			// Check WP version
6701
			if ( 'wp-version' == $stat ) {
6702
				if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
6703
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_WP_VERSION;
6704
					continue;
6705
				}
6706
			}
6707
6708
			// Check PHP version
6709
			if ( 'php-version' == $stat ) {
6710
				if ( version_compare( PHP_VERSION, '5.2.4', '<' ) ) {
6711
					$caution[ $stat ] = $value . " - min supported is 5.2.4";
6712
					continue;
6713
				}
6714
			}
6715
6716
			// Check ID crisis
6717
			if ( 'identitycrisis' == $stat ) {
6718
				if ( 'yes' == $value ) {
6719
					$bad[ $stat ] = $value;
6720
					continue;
6721
				}
6722
			}
6723
6724
			// The rest are good :)
6725
			$good[ $stat ] = $value;
6726
		}
6727
6728
		$filtered_data = array(
6729
			'good'    => $good,
6730
			'caution' => $caution,
6731
			'bad'     => $bad
6732
		);
6733
6734
		return $filtered_data;
6735
	}
6736
6737
6738
	/*
6739
	 * This method is used to organize all options that can be reset
6740
	 * without disconnecting Jetpack.
6741
	 *
6742
	 * It is used in class.jetpack-cli.php to reset options
6743
	 *
6744
	 * @return array of options to delete.
6745
	 */
6746
	public static function get_jetpack_options_for_reset() {
6747
		$jetpack_options            = Jetpack_Options::get_option_names();
6748
		$jetpack_options_non_compat = Jetpack_Options::get_option_names( 'non_compact' );
6749
		$jetpack_options_private    = Jetpack_Options::get_option_names( 'private' );
6750
6751
		$all_jp_options = array_merge( $jetpack_options, $jetpack_options_non_compat, $jetpack_options_private );
6752
6753
		// A manual build of the wp options
6754
		$wp_options = array(
6755
			'sharing-options',
6756
			'disabled_likes',
6757
			'disabled_reblogs',
6758
			'jetpack_comments_likes_enabled',
6759
			'wp_mobile_excerpt',
6760
			'wp_mobile_featured_images',
6761
			'wp_mobile_app_promos',
6762
			'stats_options',
6763
			'stats_dashboard_widget',
6764
			'safecss_preview_rev',
6765
			'safecss_rev',
6766
			'safecss_revision_migrated',
6767
			'nova_menu_order',
6768
			'jetpack_portfolio',
6769
			'jetpack_portfolio_posts_per_page',
6770
			'jetpack_testimonial',
6771
			'jetpack_testimonial_posts_per_page',
6772
			'wp_mobile_custom_css',
6773
			'sharedaddy_disable_resources',
6774
			'sharing-options',
6775
			'sharing-services',
6776
			'site_icon_temp_data',
6777
			'featured-content',
6778
			'site_logo',
6779
		);
6780
6781
		// Flag some Jetpack options as unsafe
6782
		$unsafe_options = array(
6783
			'id',                           // (int)    The Client ID/WP.com Blog ID of this site.
6784
			'master_user',                  // (int)    The local User ID of the user who connected this site to jetpack.wordpress.com.
6785
			'version',                      // (string) Used during upgrade procedure to auto-activate new modules. version:time
6786
			'jumpstart',                    // (string) A flag for whether or not to show the Jump Start.  Accepts: new_connection, jumpstart_activated, jetpack_action_taken, jumpstart_dismissed.
6787
6788
			// non_compact
6789
			'activated',
6790
6791
			// private
6792
			'register',
6793
			'blog_token',                  // (string) The Client Secret/Blog Token of this site.
6794
			'user_token',                  // (string) The User Token of this site. (deprecated)
6795
			'user_tokens'
6796
		);
6797
6798
		// Remove the unsafe Jetpack options
6799
		foreach ( $unsafe_options as $unsafe_option ) {
6800
			if ( false !== ( $key = array_search( $unsafe_option, $all_jp_options ) ) ) {
6801
				unset( $all_jp_options[ $key ] );
6802
			}
6803
		}
6804
6805
		$options = array(
6806
			'jp_options' => $all_jp_options,
6807
			'wp_options' => $wp_options
6808
		);
6809
6810
		return $options;
6811
	}
6812
6813
	/*
6814
	 * Check if an option of a Jetpack module has been updated.
6815
	 *
6816
	 * If any module option has been updated before Jump Start has been dismissed,
6817
	 * update the 'jumpstart' option so we can hide Jump Start.
6818
	 */
6819
	public static function jumpstart_has_updated_module_option( $option_name = '' ) {
6820
		// Bail if Jump Start has already been dismissed
6821
		if ( 'new_connection' !== Jetpack::get_option( 'jumpstart' ) ) {
6822
			return false;
6823
		}
6824
6825
		$jetpack = Jetpack::init();
6826
6827
6828
		// Manual build of module options
6829
		$option_names = self::get_jetpack_options_for_reset();
6830
6831
		if ( in_array( $option_name, $option_names['wp_options'] ) ) {
6832
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
6833
6834
			//Jump start is being dismissed send data to MC Stats
6835
			$jetpack->stat( 'jumpstart', 'manual,'.$option_name );
6836
6837
			$jetpack->do_stats( 'server_side' );
6838
		}
6839
6840
	}
6841
6842
	/*
6843
	 * Strip http:// or https:// from a url, replaces forward slash with ::,
6844
	 * so we can bring them directly to their site in calypso.
6845
	 *
6846
	 * @param string | url
6847
	 * @return string | url without the guff
6848
	 */
6849
	public static function build_raw_urls( $url ) {
6850
		$strip_http = '/.*?:\/\//i';
6851
		$url = preg_replace( $strip_http, '', $url  );
6852
		$url = str_replace( '/', '::', $url );
6853
		return $url;
6854
	}
6855
6856
	/**
6857
	 * Stores and prints out domains to prefetch for page speed optimization.
6858
	 *
6859
	 * @param mixed $new_urls
6860
	 */
6861
	public static function dns_prefetch( $new_urls = null ) {
6862
		static $prefetch_urls = array();
6863
		if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6864
			echo "\r\n";
6865
			foreach ( $prefetch_urls as $this_prefetch_url ) {
6866
				printf( "<link rel='dns-prefetch' href='%s'>\r\n", esc_attr( $this_prefetch_url ) );
6867
			}
6868
		} elseif ( ! empty( $new_urls ) ) {
6869
			if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6870
				add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6871
			}
6872
			foreach ( (array) $new_urls as $this_new_url ) {
6873
				$prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6874
			}
6875
			$prefetch_urls = array_unique( $prefetch_urls );
6876
		}
6877
	}
6878
6879
	public function wp_dashboard_setup() {
6880
		if ( self::is_active() ) {
6881
			add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6882
			$widget_title = __( 'Site Stats', 'jetpack' );
6883
		} elseif ( ! self::is_development_mode() && current_user_can( 'jetpack_connect' ) ) {
6884
			add_action( 'jetpack_dashboard_widget', array( $this, 'dashboard_widget_connect_to_wpcom' ) );
6885
			$widget_title = __( 'Please Connect Jetpack', 'jetpack' );
6886
		}
6887
6888
		if ( has_action( 'jetpack_dashboard_widget' ) ) {
6889
			wp_add_dashboard_widget(
6890
				'jetpack_summary_widget',
6891
				$widget_title,
6892
				array( __CLASS__, 'dashboard_widget' )
6893
			);
6894
			wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6895
6896
			// If we're inactive and not in development mode, sort our box to the top.
6897
			if ( ! self::is_active() && ! self::is_development_mode() ) {
6898
				global $wp_meta_boxes;
6899
6900
				$dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6901
				$ours      = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6902
6903
				$wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6904
			}
6905
		}
6906
	}
6907
6908
	/**
6909
	 * @param mixed $result Value for the user's option
6910
	 * @return mixed
6911
	 */
6912
	function get_user_option_meta_box_order_dashboard( $sorted ) {
6913
		if ( ! is_array( $sorted ) ) {
6914
			return $sorted;
6915
		}
6916
6917
		foreach ( $sorted as $box_context => $ids ) {
6918
			if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6919
				// If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6920
				continue;
6921
			}
6922
6923
			$ids_array = explode( ',', $ids );
6924
			$key = array_search( 'dashboard_stats', $ids_array );
6925
6926
			if ( false !== $key ) {
6927
				// If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6928
				$ids_array[ $key ] = 'jetpack_summary_widget';
6929
				$sorted[ $box_context ] = implode( ',', $ids_array );
6930
				// We've found it, stop searching, and just return.
6931
				break;
6932
			}
6933
		}
6934
6935
		return $sorted;
6936
	}
6937
6938
	public static function dashboard_widget() {
6939
		/**
6940
		 * Fires when the dashboard is loaded.
6941
		 *
6942
		 * @since 3.4.0
6943
		 */
6944
		do_action( 'jetpack_dashboard_widget' );
6945
	}
6946
6947
	public static function dashboard_widget_footer() {
6948
		?>
6949
		<footer>
6950
6951
		<div class="protect">
6952
			<?php if ( Jetpack::is_module_active( 'protect' ) ) : ?>
6953
				<h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3>
6954
				<p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6955
			<?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?>
6956
				<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( array( 'action' => 'activate', 'module' => 'protect' ) ), 'jetpack_activate-protect' ) ); ?>" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
6957
					<?php esc_html_e( 'Activate Protect', 'jetpack' ); ?>
6958
				</a>
6959
			<?php else : ?>
6960
				<?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?>
6961
			<?php endif; ?>
6962
		</div>
6963
6964
		<div class="akismet">
6965
			<?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
6966
				<h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3>
6967
				<p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6968 View Code Duplication
			<?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
6969
				<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => 'akismet/akismet.php' ), admin_url( 'plugins.php' ) ), 'activate-plugin_akismet/akismet.php' ) ); ?>" class="button button-jetpack">
6970
					<?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?>
6971
				</a>
6972
			<?php else : ?>
6973
				<p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
6974
			<?php endif; ?>
6975
		</div>
6976
6977
6978 View Code Duplication
		<?php if ( ! current_user_can( 'edit_posts' ) && self::is_user_connected() ) : ?>
6979
			<div style="width: 100%; text-align: center; padding-top: 20px; clear: both;"><a class="button" title="<?php esc_attr_e( 'Unlink your account from WordPress.com', 'jetpack' ); ?>" href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'unlink', 'redirect' => 'sub-unlink' ), admin_url( 'index.php' ) ), 'jetpack-unlink' ) ); ?>"><?php esc_html_e( 'Unlink your account from WordPress.com', 'jetpack' ); ?></a></div>
6980
		<?php endif; ?>
6981
6982
		</footer>
6983
		<?php
6984
	}
6985
6986
	public function dashboard_widget_connect_to_wpcom() {
6987
		if ( Jetpack::is_active() || Jetpack::is_development_mode() || ! current_user_can( 'jetpack_connect' ) ) {
6988
			return;
6989
		}
6990
		?>
6991
		<div class="wpcom-connect">
6992
			<div class="jp-emblem">
6993
			<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0" y="0" viewBox="0 0 172.9 172.9" enable-background="new 0 0 172.9 172.9" xml:space="preserve">
6994
				<path d="M86.4 0C38.7 0 0 38.7 0 86.4c0 47.7 38.7 86.4 86.4 86.4s86.4-38.7 86.4-86.4C172.9 38.7 134.2 0 86.4 0zM83.1 106.6l-27.1-6.9C49 98 45.7 90.1 49.3 84l33.8-58.5V106.6zM124.9 88.9l-33.8 58.5V66.3l27.1 6.9C125.1 74.9 128.4 82.8 124.9 88.9z"/>
6995
			</svg>
6996
			</div>
6997
			<h3><?php esc_html_e( 'Please Connect Jetpack', 'jetpack' ); ?></h3>
6998
			<p><?php echo wp_kses( __( 'Connecting Jetpack will show you <strong>stats</strong> about your traffic, <strong>protect</strong> you from brute force attacks, <strong>speed up</strong> your images and photos, and enable other <strong>traffic and security</strong> features.', 'jetpack' ), 'jetpack' ) ?></p>
6999
7000
			<div class="actions">
7001
				<a href="<?php echo $this->build_connect_url() ?>" class="button button-primary">
7002
					<?php esc_html_e( 'Connect Jetpack', 'jetpack' ); ?>
7003
				</a>
7004
			</div>
7005
		</div>
7006
		<?php
7007
	}
7008
7009
	/*
7010
	 * A graceful transition to using Core's site icon.
7011
	 *
7012
	 * All of the hard work has already been done with the image
7013
	 * in all_done_page(). All that needs to be done now is update
7014
	 * the option and display proper messaging.
7015
	 *
7016
	 * @todo remove when WP 4.3 is minimum
7017
	 *
7018
	 * @since 3.6.1
7019
	 *
7020
	 * @return bool false = Core's icon not available || true = Core's icon is available
7021
	 */
7022
	public static function jetpack_site_icon_available_in_core() {
7023
		global $wp_version;
7024
		$core_icon_available = function_exists( 'has_site_icon' ) && version_compare( $wp_version, '4.3-beta' ) >= 0;
7025
7026
		if ( ! $core_icon_available ) {
7027
			return false;
7028
		}
7029
7030
		// No need for Jetpack's site icon anymore if core's is already set
7031
		if ( has_site_icon() ) {
7032
			if ( Jetpack::is_module_active( 'site-icon' ) ) {
7033
				Jetpack::log( 'deactivate', 'site-icon' );
7034
				Jetpack::deactivate_module( 'site-icon' );
7035
			}
7036
			return true;
7037
		}
7038
7039
		// Transfer Jetpack's site icon to use core.
7040
		$site_icon_id = Jetpack::get_option( 'site_icon_id' );
7041
		if ( $site_icon_id ) {
7042
			// Update core's site icon
7043
			update_option( 'site_icon', $site_icon_id );
7044
7045
			// Delete Jetpack's icon option. We still want the blavatar and attached data though.
7046
			delete_option( 'site_icon_id' );
7047
		}
7048
7049
		// No need for Jetpack's site icon anymore
7050
		if ( Jetpack::is_module_active( 'site-icon' ) ) {
7051
			Jetpack::log( 'deactivate', 'site-icon' );
7052
			Jetpack::deactivate_module( 'site-icon' );
7053
		}
7054
7055
		return true;
7056
	}
7057
7058
}
7059