· 6 years ago · May 22, 2019, 09:12 AM
1<?php
2
3/*
4Options:
5jetpack_options (array)
6 An array of options.
7 @see Jetpack_Options::get_option_names()
8
9jetpack_register (string)
10 Temporary verification secrets.
11
12jetpack_activated (int)
13 1: the plugin was activated normally
14 2: the plugin was activated on this site because of a network-wide activation
15 3: the plugin was auto-installed
16 4: the plugin was manually disconnected (but is still installed)
17
18jetpack_active_modules (array)
19 Array of active module slugs.
20
21jetpack_do_activate (bool)
22 Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
23*/
24
25require_once( JETPACK__PLUGIN_DIR . '_inc/lib/class.media.php' );
26
27class Jetpack {
28 public $xmlrpc_server = null;
29
30 private $xmlrpc_verification = null;
31 private $rest_authentication_status = null;
32
33 public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
34
35 /**
36 * @var array The handles of styles that are concatenated into jetpack.css.
37 *
38 * When making changes to that list, you must also update concat_list in tools/builder/frontend-css.js.
39 */
40 public $concatenated_style_handles = array(
41 'jetpack-carousel',
42 'grunion.css',
43 'the-neverending-homepage',
44 'jetpack_likes',
45 'jetpack_related-posts',
46 'sharedaddy',
47 'jetpack-slideshow',
48 'presentations',
49 'quiz',
50 'jetpack-subscriptions',
51 'jetpack-responsive-videos-style',
52 'jetpack-social-menu',
53 'tiled-gallery',
54 'jetpack_display_posts_widget',
55 'gravatar-profile-widget',
56 'goodreads-widget',
57 'jetpack_social_media_icons_widget',
58 'jetpack-top-posts-widget',
59 'jetpack_image_widget',
60 'jetpack-my-community-widget',
61 'jetpack-authors-widget',
62 'wordads',
63 'eu-cookie-law-style',
64 'flickr-widget-style',
65 'jetpack-search-widget',
66 'jetpack-simple-payments-widget-style',
67 'jetpack-widget-social-icons-styles',
68 );
69
70 /**
71 * Contains all assets that have had their URL rewritten to minified versions.
72 *
73 * @var array
74 */
75 static $min_assets = array();
76
77 public $plugins_to_deactivate = array(
78 'stats' => array( 'stats/stats.php', 'WordPress.com Stats' ),
79 'shortlinks' => array( 'stats/stats.php', 'WordPress.com Stats' ),
80 'sharedaddy' => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
81 'twitter-widget' => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
82 'contact-form' => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
83 'contact-form' => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
84 'custom-css' => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
85 'random-redirect' => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
86 'videopress' => array( 'video/video.php', 'VideoPress' ),
87 'widget-visibility' => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
88 'widget-visibility' => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
89 'sharedaddy' => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
90 'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
91 'latex' => array( 'wp-latex/wp-latex.php', 'WP LaTeX' )
92 );
93
94 static $capability_translations = array(
95 'administrator' => 'manage_options',
96 'editor' => 'edit_others_posts',
97 'author' => 'publish_posts',
98 'contributor' => 'edit_posts',
99 'subscriber' => 'read',
100 );
101
102 /**
103 * Map of modules that have conflicts with plugins and should not be auto-activated
104 * if the plugins are active. Used by filter_default_modules
105 *
106 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
107 * change `module-slug` and add this to your plugin:
108 *
109 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
110 * function my_jetpack_get_default_modules( $modules ) {
111 * return array_diff( $modules, array( 'module-slug' ) );
112 * }
113 *
114 * @var array
115 */
116 private $conflicting_plugins = array(
117 'comments' => array(
118 'Intense Debate' => 'intensedebate/intensedebate.php',
119 'Disqus' => 'disqus-comment-system/disqus.php',
120 'Livefyre' => 'livefyre-comments/livefyre.php',
121 'Comments Evolved for WordPress' => 'gplus-comments/comments-evolved.php',
122 'Google+ Comments' => 'google-plus-comments/google-plus-comments.php',
123 'WP-SpamShield Anti-Spam' => 'wp-spamshield/wp-spamshield.php',
124 ),
125 'comment-likes' => array(
126 'Epoch' => 'epoch/plugincore.php',
127 ),
128 'contact-form' => array(
129 'Contact Form 7' => 'contact-form-7/wp-contact-form-7.php',
130 'Gravity Forms' => 'gravityforms/gravityforms.php',
131 'Contact Form Plugin' => 'contact-form-plugin/contact_form.php',
132 'Easy Contact Forms' => 'easy-contact-forms/easy-contact-forms.php',
133 'Fast Secure Contact Form' => 'si-contact-form/si-contact-form.php',
134 'Ninja Forms' => 'ninja-forms/ninja-forms.php',
135 ),
136 'minileven' => array(
137 'WPtouch' => 'wptouch/wptouch.php',
138 ),
139 'latex' => array(
140 'LaTeX for WordPress' => 'latex/latex.php',
141 'Youngwhans Simple Latex' => 'youngwhans-simple-latex/yw-latex.php',
142 'Easy WP LaTeX' => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
143 'MathJax-LaTeX' => 'mathjax-latex/mathjax-latex.php',
144 'Enable Latex' => 'enable-latex/enable-latex.php',
145 'WP QuickLaTeX' => 'wp-quicklatex/wp-quicklatex.php',
146 ),
147 'protect' => array(
148 'Limit Login Attempts' => 'limit-login-attempts/limit-login-attempts.php',
149 'Captcha' => 'captcha/captcha.php',
150 'Brute Force Login Protection' => 'brute-force-login-protection/brute-force-login-protection.php',
151 'Login Security Solution' => 'login-security-solution/login-security-solution.php',
152 'WPSecureOps Brute Force Protect' => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
153 'BulletProof Security' => 'bulletproof-security/bulletproof-security.php',
154 'SiteGuard WP Plugin' => 'siteguard/siteguard.php',
155 'Security-protection' => 'security-protection/security-protection.php',
156 'Login Security' => 'login-security/login-security.php',
157 'Botnet Attack Blocker' => 'botnet-attack-blocker/botnet-attack-blocker.php',
158 'Wordfence Security' => 'wordfence/wordfence.php',
159 'All In One WP Security & Firewall' => 'all-in-one-wp-security-and-firewall/wp-security.php',
160 'iThemes Security' => 'better-wp-security/better-wp-security.php',
161 ),
162 'random-redirect' => array(
163 'Random Redirect 2' => 'random-redirect-2/random-redirect.php',
164 ),
165 'related-posts' => array(
166 'YARPP' => 'yet-another-related-posts-plugin/yarpp.php',
167 'WordPress Related Posts' => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
168 'nrelate Related Content' => 'nrelate-related-content/nrelate-related.php',
169 'Contextual Related Posts' => 'contextual-related-posts/contextual-related-posts.php',
170 'Related Posts for WordPress' => 'microkids-related-posts/microkids-related-posts.php',
171 'outbrain' => 'outbrain/outbrain.php',
172 'Shareaholic' => 'shareaholic/shareaholic.php',
173 'Sexybookmarks' => 'sexybookmarks/shareaholic.php',
174 ),
175 'sharedaddy' => array(
176 'AddThis' => 'addthis/addthis_social_widget.php',
177 'Add To Any' => 'add-to-any/add-to-any.php',
178 'ShareThis' => 'share-this/sharethis.php',
179 'Shareaholic' => 'shareaholic/shareaholic.php',
180 ),
181 'seo-tools' => array(
182 'WordPress SEO by Yoast' => 'wordpress-seo/wp-seo.php',
183 'WordPress SEO Premium by Yoast' => 'wordpress-seo-premium/wp-seo-premium.php',
184 'All in One SEO Pack' => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
185 'All in One SEO Pack Pro' => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
186 'The SEO Framework' => 'autodescription/autodescription.php',
187 ),
188 'verification-tools' => array(
189 'WordPress SEO by Yoast' => 'wordpress-seo/wp-seo.php',
190 'WordPress SEO Premium by Yoast' => 'wordpress-seo-premium/wp-seo-premium.php',
191 'All in One SEO Pack' => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
192 'All in One SEO Pack Pro' => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
193 'The SEO Framework' => 'autodescription/autodescription.php',
194 ),
195 'widget-visibility' => array(
196 'Widget Logic' => 'widget-logic/widget_logic.php',
197 'Dynamic Widgets' => 'dynamic-widgets/dynamic-widgets.php',
198 ),
199 'sitemaps' => array(
200 'Google XML Sitemaps' => 'google-sitemap-generator/sitemap.php',
201 'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
202 'Google XML Sitemaps for qTranslate' => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
203 'XML Sitemap & Google News feeds' => 'xml-sitemap-feed/xml-sitemap.php',
204 'Google Sitemap by BestWebSoft' => 'google-sitemap-plugin/google-sitemap-plugin.php',
205 'WordPress SEO by Yoast' => 'wordpress-seo/wp-seo.php',
206 'WordPress SEO Premium by Yoast' => 'wordpress-seo-premium/wp-seo-premium.php',
207 'All in One SEO Pack' => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
208 'All in One SEO Pack Pro' => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
209 'The SEO Framework' => 'autodescription/autodescription.php',
210 'Sitemap' => 'sitemap/sitemap.php',
211 'Simple Wp Sitemap' => 'simple-wp-sitemap/simple-wp-sitemap.php',
212 'Simple Sitemap' => 'simple-sitemap/simple-sitemap.php',
213 'XML Sitemaps' => 'xml-sitemaps/xml-sitemaps.php',
214 'MSM Sitemaps' => 'msm-sitemap/msm-sitemap.php',
215 ),
216 'lazy-images' => array(
217 'Lazy Load' => 'lazy-load/lazy-load.php',
218 'BJ Lazy Load' => 'bj-lazy-load/bj-lazy-load.php',
219 'Lazy Load by WP Rocket' => 'rocket-lazy-load/rocket-lazy-load.php',
220 ),
221 );
222
223 /**
224 * Plugins for which we turn off our Facebook OG Tags implementation.
225 *
226 * Note: All in One SEO Pack, All in one SEO Pack Pro, WordPress SEO by Yoast, and WordPress SEO Premium by Yoast automatically deactivate
227 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
228 *
229 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
230 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
231 */
232 private $open_graph_conflicting_plugins = array(
233 '2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
234 // 2 Click Social Media Buttons
235 'add-link-to-facebook/add-link-to-facebook.php', // Add Link to Facebook
236 'add-meta-tags/add-meta-tags.php', // Add Meta Tags
237 'easy-facebook-share-thumbnails/esft.php', // Easy Facebook Share Thumbnail
238 'heateor-open-graph-meta-tags/heateor-open-graph-meta-tags.php',
239 // Open Graph Meta Tags by Heateor
240 'facebook/facebook.php', // Facebook (official plugin)
241 'facebook-awd/AWD_facebook.php', // Facebook AWD All in one
242 'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
243 // Facebook Featured Image & OG Meta Tags
244 'facebook-meta-tags/facebook-metatags.php', // Facebook Meta Tags
245 'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
246 // Facebook Open Graph Meta Tags for WordPress
247 'facebook-revised-open-graph-meta-tag/index.php', // Facebook Revised Open Graph Meta Tag
248 'facebook-thumb-fixer/_facebook-thumb-fixer.php', // Facebook Thumb Fixer
249 'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
250 // Fedmich's Facebook Open Graph Meta
251 'network-publisher/networkpub.php', // Network Publisher
252 'nextgen-facebook/nextgen-facebook.php', // NextGEN Facebook OG
253 'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
254 // NextScripts SNAP
255 'og-tags/og-tags.php', // OG Tags
256 'opengraph/opengraph.php', // Open Graph
257 'open-graph-protocol-framework/open-graph-protocol-framework.php',
258 // Open Graph Protocol Framework
259 'seo-facebook-comments/seofacebook.php', // SEO Facebook Comments
260 'seo-ultimate/seo-ultimate.php', // SEO Ultimate
261 'sexybookmarks/sexy-bookmarks.php', // Shareaholic
262 'shareaholic/sexy-bookmarks.php', // Shareaholic
263 'sharepress/sharepress.php', // SharePress
264 'simple-facebook-connect/sfc.php', // Simple Facebook Connect
265 'social-discussions/social-discussions.php', // Social Discussions
266 'social-sharing-toolkit/social_sharing_toolkit.php', // Social Sharing Toolkit
267 'socialize/socialize.php', // Socialize
268 'squirrly-seo/squirrly.php', // SEO by SQUIRRLYâ„¢
269 'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
270 // Tweet, Like, Google +1 and Share
271 'wordbooker/wordbooker.php', // Wordbooker
272 'wpsso/wpsso.php', // WordPress Social Sharing Optimization
273 'wp-caregiver/wp-caregiver.php', // WP Caregiver
274 'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
275 // WP Facebook Like Send & Open Graph Meta
276 'wp-facebook-open-graph-protocol/wp-facebook-ogp.php', // WP Facebook Open Graph protocol
277 'wp-ogp/wp-ogp.php', // WP-OGP
278 'zoltonorg-social-plugin/zosp.php', // Zolton.org Social Plugin
279 'wp-fb-share-like-button/wp_fb_share-like_widget.php', // WP Facebook Like Button
280 'open-graph-metabox/open-graph-metabox.php' // Open Graph Metabox
281 );
282
283 /**
284 * Plugins for which we turn off our Twitter Cards Tags implementation.
285 */
286 private $twitter_cards_conflicting_plugins = array(
287 // 'twitter/twitter.php', // The official one handles this on its own.
288 // // https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
289 'eewee-twitter-card/index.php', // Eewee Twitter Card
290 'ig-twitter-cards/ig-twitter-cards.php', // IG:Twitter Cards
291 'jm-twitter-cards/jm-twitter-cards.php', // JM Twitter Cards
292 'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
293 // Pure Web Brilliant's Social Graph Twitter Cards Extension
294 'twitter-cards/twitter-cards.php', // Twitter Cards
295 'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
296 'wp-to-twitter/wp-to-twitter.php', // WP to Twitter
297 'wp-twitter-cards/twitter_cards.php', // WP Twitter Cards
298 );
299
300 /**
301 * Message to display in admin_notice
302 * @var string
303 */
304 public $message = '';
305
306 /**
307 * Error to display in admin_notice
308 * @var string
309 */
310 public $error = '';
311
312 /**
313 * Modules that need more privacy description.
314 * @var string
315 */
316 public $privacy_checks = '';
317
318 /**
319 * Stats to record once the page loads
320 *
321 * @var array
322 */
323 public $stats = array();
324
325 /**
326 * Jetpack_Sync object
327 */
328 public $sync;
329
330 /**
331 * Verified data for JSON authorization request
332 */
333 public $json_api_authorization_request = array();
334
335 /**
336 * @var string Transient key used to prevent multiple simultaneous plugin upgrades
337 */
338 public static $plugin_upgrade_lock_key = 'jetpack_upgrade_lock';
339
340 /**
341 * Holds the singleton instance of this class
342 * @since 2.3.3
343 * @var Jetpack
344 */
345 static $instance = false;
346
347 /**
348 * Singleton
349 * @static
350 */
351 public static function init() {
352 if ( ! self::$instance ) {
353 self::$instance = new Jetpack;
354
355 self::$instance->plugin_upgrade();
356 }
357
358 return self::$instance;
359 }
360
361 /**
362 * Must never be called statically
363 */
364 function plugin_upgrade() {
365 if ( Jetpack::is_active() ) {
366 list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
367 if ( JETPACK__VERSION != $version ) {
368 // Prevent multiple upgrades at once - only a single process should trigger
369 // an upgrade to avoid stampedes
370 if ( false !== get_transient( self::$plugin_upgrade_lock_key ) ) {
371 return;
372 }
373
374 // Set a short lock to prevent multiple instances of the upgrade
375 set_transient( self::$plugin_upgrade_lock_key, 1, 10 );
376
377 // check which active modules actually exist and remove others from active_modules list
378 $unfiltered_modules = Jetpack::get_active_modules();
379 $modules = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
380 if ( array_diff( $unfiltered_modules, $modules ) ) {
381 Jetpack::update_active_modules( $modules );
382 }
383
384 add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
385
386 // Upgrade to 4.3.0
387 if ( Jetpack_Options::get_option( 'identity_crisis_whitelist' ) ) {
388 Jetpack_Options::delete_option( 'identity_crisis_whitelist' );
389 }
390
391 // Make sure Markdown for posts gets turned back on
392 if ( ! get_option( 'wpcom_publish_posts_with_markdown' ) ) {
393 update_option( 'wpcom_publish_posts_with_markdown', true );
394 }
395
396 if ( did_action( 'wp_loaded' ) ) {
397 self::upgrade_on_load();
398 } else {
399 add_action(
400 'wp_loaded',
401 array( __CLASS__, 'upgrade_on_load' )
402 );
403 }
404 }
405 }
406 }
407
408 /**
409 * Runs upgrade routines that need to have modules loaded.
410 */
411 static function upgrade_on_load() {
412
413 // Not attempting any upgrades if jetpack_modules_loaded did not fire.
414 // This can happen in case Jetpack has been just upgraded and is
415 // being initialized late during the page load. In this case we wait
416 // until the next proper admin page load with Jetpack active.
417 if ( ! did_action( 'jetpack_modules_loaded' ) ) {
418 delete_transient( self::$plugin_upgrade_lock_key );
419
420 return;
421 }
422
423 Jetpack::maybe_set_version_option();
424
425 if ( method_exists( 'Jetpack_Widget_Conditions', 'migrate_post_type_rules' ) ) {
426 Jetpack_Widget_Conditions::migrate_post_type_rules();
427 }
428
429 if (
430 class_exists( 'Jetpack_Sitemap_Manager' )
431 && version_compare( JETPACK__VERSION, '5.3', '>=' )
432 ) {
433 do_action( 'jetpack_sitemaps_purge_data' );
434 }
435
436 delete_transient( self::$plugin_upgrade_lock_key );
437 }
438
439 static function update_active_modules( $modules ) {
440 $current_modules = Jetpack_Options::get_option( 'active_modules', array() );
441
442 $success = Jetpack_Options::update_option( 'active_modules', array_unique( $modules ) );
443
444 if ( is_array( $modules ) && is_array( $current_modules ) ) {
445 $new_active_modules = array_diff( $modules, $current_modules );
446 foreach( $new_active_modules as $module ) {
447 /**
448 * Fires when a specific module is activated.
449 *
450 * @since 1.9.0
451 *
452 * @param string $module Module slug.
453 * @param boolean $success whether the module was activated. @since 4.2
454 */
455 do_action( 'jetpack_activate_module', $module, $success );
456
457 /**
458 * Fires when a module is activated.
459 * The dynamic part of the filter, $module, is the module slug.
460 *
461 * @since 1.9.0
462 *
463 * @param string $module Module slug.
464 */
465 do_action( "jetpack_activate_module_$module", $module );
466 }
467
468 $new_deactive_modules = array_diff( $current_modules, $modules );
469 foreach( $new_deactive_modules as $module ) {
470 /**
471 * Fired after a module has been deactivated.
472 *
473 * @since 4.2.0
474 *
475 * @param string $module Module slug.
476 * @param boolean $success whether the module was deactivated.
477 */
478 do_action( 'jetpack_deactivate_module', $module, $success );
479 /**
480 * Fires when a module is deactivated.
481 * The dynamic part of the filter, $module, is the module slug.
482 *
483 * @since 1.9.0
484 *
485 * @param string $module Module slug.
486 */
487 do_action( "jetpack_deactivate_module_$module", $module );
488 }
489 }
490
491 return $success;
492 }
493
494 static function delete_active_modules() {
495 self::update_active_modules( array() );
496 }
497
498 /**
499 * Constructor. Initializes WordPress hooks
500 */
501 private function __construct() {
502 /*
503 * Check for and alert any deprecated hooks
504 */
505 add_action( 'init', array( $this, 'deprecated_hooks' ) );
506
507 /*
508 * Enable enhanced handling of previewing sites in Calypso
509 */
510 if ( Jetpack::is_active() ) {
511 require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-iframe-embed.php';
512 add_action( 'init', array( 'Jetpack_Iframe_Embed', 'init' ), 9, 0 );
513 require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-keyring-service-helper.php';
514 add_action( 'init', array( 'Jetpack_Keyring_Service_Helper', 'init' ), 9, 0 );
515 }
516
517 /*
518 * Load things that should only be in Network Admin.
519 *
520 * For now blow away everything else until a more full
521 * understanding of what is needed at the network level is
522 * available
523 */
524 if ( is_multisite() ) {
525 Jetpack_Network::init();
526 }
527
528 /**
529 * Prepare Gutenberg Editor functionality
530 */
531 require_once JETPACK__PLUGIN_DIR . 'class.jetpack-gutenberg.php';
532 Jetpack_Gutenberg::init();
533 Jetpack_Gutenberg::load_independent_blocks();
534 add_action( 'enqueue_block_editor_assets', array( 'Jetpack_Gutenberg', 'enqueue_block_editor_assets' ) );
535
536 add_action( 'set_user_role', array( $this, 'maybe_clear_other_linked_admins_transient' ), 10, 3 );
537
538 // Unlink user before deleting the user from .com
539 add_action( 'deleted_user', array( $this, 'unlink_user' ), 10, 1 );
540 add_action( 'remove_user_from_blog', array( $this, 'unlink_user' ), 10, 1 );
541
542 // Alternate XML-RPC, via ?for=jetpack&jetpack=comms
543 if ( isset( $_GET['jetpack'] ) && 'comms' == $_GET['jetpack'] && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) {
544 if ( ! defined( 'XMLRPC_REQUEST' ) ) {
545 define( 'XMLRPC_REQUEST', true );
546 }
547
548 add_action( 'template_redirect', array( $this, 'alternate_xmlrpc' ) );
549
550 add_filter( 'xmlrpc_methods', array( $this, 'remove_non_jetpack_xmlrpc_methods' ), 1000 );
551 }
552
553 if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) {
554 @ini_set( 'display_errors', false ); // Display errors can cause the XML to be not well formed.
555
556 require_once JETPACK__PLUGIN_DIR . 'class.jetpack-xmlrpc-server.php';
557 $this->xmlrpc_server = new Jetpack_XMLRPC_Server();
558
559 $this->require_jetpack_authentication();
560
561 if ( Jetpack::is_active() ) {
562 // Hack to preserve $HTTP_RAW_POST_DATA
563 add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
564
565 $signed = $this->verify_xml_rpc_signature();
566 if ( $signed && ! is_wp_error( $signed ) ) {
567 // The actual API methods.
568 add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) );
569 } else {
570 // The jetpack.authorize method should be available for unauthenticated users on a site with an
571 // active Jetpack connection, so that additional users can link their account.
572 add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) );
573 }
574 } else {
575 // The bootstrap API methods.
576 add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) );
577 $signed = $this->verify_xml_rpc_signature();
578 if ( $signed && ! is_wp_error( $signed ) ) {
579 // the jetpack Provision method is available for blog-token-signed requests
580 add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'provision_xmlrpc_methods' ) );
581 }
582 }
583
584 // Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on.
585 add_filter( 'pre_option_enable_xmlrpc', '__return_true' );
586 } elseif (
587 is_admin() &&
588 isset( $_POST['action'] ) && (
589 'jetpack_upload_file' == $_POST['action'] ||
590 'jetpack_update_file' == $_POST['action']
591 )
592 ) {
593 $this->require_jetpack_authentication();
594 $this->add_remote_request_handlers();
595 } else {
596 if ( Jetpack::is_active() ) {
597 add_action( 'login_form_jetpack_json_api_authorization', array( &$this, 'login_form_json_api_authorization' ) );
598 add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) );
599 }
600 }
601
602 if ( Jetpack::is_active() ) {
603 Jetpack_Heartbeat::init();
604 if ( Jetpack::is_module_active( 'stats' ) && Jetpack::is_module_active( 'search' ) ) {
605 require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-search-performance-logger.php';
606 Jetpack_Search_Performance_Logger::init();
607 }
608 }
609
610 add_filter( 'determine_current_user', array( $this, 'wp_rest_authenticate' ) );
611 add_filter( 'rest_authentication_errors', array( $this, 'wp_rest_authentication_errors' ) );
612
613 add_action( 'jetpack_clean_nonces', array( 'Jetpack', 'clean_nonces' ) );
614 if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) {
615 wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
616 }
617
618 add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ) );
619
620 add_action( 'admin_init', array( $this, 'admin_init' ) );
621 add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
622
623 add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
624
625 add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
626 // Filter the dashboard meta box order to swap the new one in in place of the old one.
627 add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
628
629 // returns HTTPS support status
630 add_action( 'wp_ajax_jetpack-recheck-ssl', array( $this, 'ajax_recheck_ssl' ) );
631
632 // JITM AJAX callback function
633 add_action( 'wp_ajax_jitm_ajax', array( $this, 'jetpack_jitm_ajax_callback' ) );
634
635 // Universal ajax callback for all tracking events triggered via js
636 add_action( 'wp_ajax_jetpack_tracks', array( $this, 'jetpack_admin_ajax_tracks_callback' ) );
637
638 add_action( 'wp_ajax_jetpack_connection_banner', array( $this, 'jetpack_connection_banner_callback' ) );
639
640 add_action( 'wp_loaded', array( $this, 'register_assets' ) );
641 add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) );
642 add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) );
643 add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) );
644
645 add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 );
646
647 /**
648 * These actions run checks to load additional files.
649 * They check for external files or plugins, so they need to run as late as possible.
650 */
651 add_action( 'wp_head', array( $this, 'check_open_graph' ), 1 );
652 add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ), 999 );
653 add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
654
655 add_filter( 'plugins_url', array( 'Jetpack', 'maybe_min_asset' ), 1, 3 );
656 add_action( 'style_loader_src', array( 'Jetpack', 'set_suffix_on_min' ), 10, 2 );
657 add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
658
659 add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
660 add_filter( 'profile_update', array( 'Jetpack', 'user_meta_cleanup' ) );
661
662 add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
663 add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
664
665 // A filter to control all just in time messages
666 add_filter( 'jetpack_just_in_time_msgs', '__return_true', 9 );
667 add_filter( 'jetpack_just_in_time_msg_cache', '__return_true', 9);
668
669 // If enabled, point edit post, page, and comment links to Calypso instead of WP-Admin.
670 // We should make sure to only do this for front end links.
671 if ( Jetpack::get_option( 'edit_links_calypso_redirect' ) && ! is_admin() ) {
672 add_filter( 'get_edit_post_link', array( $this, 'point_edit_post_links_to_calypso' ), 1, 2 );
673 add_filter( 'get_edit_comment_link', array( $this, 'point_edit_comment_links_to_calypso' ), 1 );
674
675 //we'll override wp_notify_postauthor and wp_notify_moderator pluggable functions
676 //so they point moderation links on emails to Calypso
677 jetpack_require_lib( 'functions.wp-notify' );
678 }
679
680 // Update the Jetpack plan from API on heartbeats
681 add_action( 'jetpack_heartbeat', array( 'Jetpack_Plan', 'refresh_from_wpcom' ) );
682
683 /**
684 * This is the hack to concatenate all css files into one.
685 * For description and reasoning see the implode_frontend_css method
686 *
687 * Super late priority so we catch all the registered styles
688 */
689 if( !is_admin() ) {
690 add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
691 add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
692 }
693
694 /**
695 * These are sync actions that we need to keep track of for jitms
696 */
697 add_filter( 'jetpack_sync_before_send_updated_option', array( $this, 'jetpack_track_last_sync_callback' ), 99 );
698
699 // Actually push the stats on shutdown.
700 if ( ! has_action( 'shutdown', array( $this, 'push_stats' ) ) ) {
701 add_action( 'shutdown', array( $this, 'push_stats' ) );
702 }
703 }
704
705 /**
706 * This is ported over from the manage module, which has been deprecated and baked in here.
707 *
708 * @param $domains
709 */
710 function add_wpcom_to_allowed_redirect_hosts( $domains ) {
711 add_filter( 'allowed_redirect_hosts', array( $this, 'allow_wpcom_domain' ) );
712 }
713
714 /**
715 * Return $domains, with 'wordpress.com' appended.
716 * This is ported over from the manage module, which has been deprecated and baked in here.
717 *
718 * @param $domains
719 * @return array
720 */
721 function allow_wpcom_domain( $domains ) {
722 if ( empty( $domains ) ) {
723 $domains = array();
724 }
725 $domains[] = 'wordpress.com';
726 return array_unique( $domains );
727 }
728
729 function point_edit_post_links_to_calypso( $default_url, $post_id ) {
730 $post = get_post( $post_id );
731
732 if ( empty( $post ) ) {
733 return $default_url;
734 }
735
736 $post_type = $post->post_type;
737
738 // Mapping the allowed CPTs on WordPress.com to corresponding paths in Calypso.
739 // https://en.support.wordpress.com/custom-post-types/
740 $allowed_post_types = array(
741 'post' => 'post',
742 'page' => 'page',
743 'jetpack-portfolio' => 'edit/jetpack-portfolio',
744 'jetpack-testimonial' => 'edit/jetpack-testimonial',
745 );
746
747 if ( ! in_array( $post_type, array_keys( $allowed_post_types ) ) ) {
748 return $default_url;
749 }
750
751 $path_prefix = $allowed_post_types[ $post_type ];
752
753 $site_slug = Jetpack::build_raw_urls( get_home_url() );
754
755 return esc_url( sprintf( 'https://wordpress.com/%s/%s/%d', $path_prefix, $site_slug, $post_id ) );
756 }
757
758 function point_edit_comment_links_to_calypso( $url ) {
759 // Take the `query` key value from the URL, and parse its parts to the $query_args. `amp;c` matches the comment ID.
760 wp_parse_str( wp_parse_url( $url, PHP_URL_QUERY ), $query_args );
761 return esc_url( sprintf( 'https://wordpress.com/comment/%s/%d',
762 Jetpack::build_raw_urls( get_home_url() ),
763 $query_args['amp;c']
764 ) );
765 }
766
767 function jetpack_track_last_sync_callback( $params ) {
768 /**
769 * Filter to turn off jitm caching
770 *
771 * @since 5.4.0
772 *
773 * @param bool false Whether to cache just in time messages
774 */
775 if ( ! apply_filters( 'jetpack_just_in_time_msg_cache', false ) ) {
776 return $params;
777 }
778
779 if ( is_array( $params ) && isset( $params[0] ) ) {
780 $option = $params[0];
781 if ( 'active_plugins' === $option ) {
782 // use the cache if we can, but not terribly important if it gets evicted
783 set_transient( 'jetpack_last_plugin_sync', time(), HOUR_IN_SECONDS );
784 }
785 }
786
787 return $params;
788 }
789
790 function jetpack_connection_banner_callback() {
791 check_ajax_referer( 'jp-connection-banner-nonce', 'nonce' );
792
793 if ( isset( $_REQUEST['dismissBanner'] ) ) {
794 Jetpack_Options::update_option( 'dismissed_connection_banner', 1 );
795 wp_send_json_success();
796 }
797
798 wp_die();
799 }
800
801 /**
802 * Removes all XML-RPC methods that are not `jetpack.*`.
803 * Only used in our alternate XML-RPC endpoint, where we want to
804 * ensure that Core and other plugins' methods are not exposed.
805 *
806 * @param array $methods
807 * @return array filtered $methods
808 */
809 function remove_non_jetpack_xmlrpc_methods( $methods ) {
810 $jetpack_methods = array();
811
812 foreach ( $methods as $method => $callback ) {
813 if ( 0 === strpos( $method, 'jetpack.' ) ) {
814 $jetpack_methods[ $method ] = $callback;
815 }
816 }
817
818 return $jetpack_methods;
819 }
820
821 /**
822 * Since a lot of hosts use a hammer approach to "protecting" WordPress sites,
823 * and just blanket block all requests to /xmlrpc.php, or apply other overly-sensitive
824 * security/firewall policies, we provide our own alternate XML RPC API endpoint
825 * which is accessible via a different URI. Most of the below is copied directly
826 * from /xmlrpc.php so that we're replicating it as closely as possible.
827 */
828 function alternate_xmlrpc() {
829 // phpcs:disable PHPCompatibility.Variables.RemovedPredefinedGlobalVariables.http_raw_post_dataDeprecatedRemoved
830 global $HTTP_RAW_POST_DATA;
831
832 // Some browser-embedded clients send cookies. We don't want them.
833 $_COOKIE = array();
834
835 // A bug in PHP < 5.2.2 makes $HTTP_RAW_POST_DATA not set by default,
836 // but we can do it ourself.
837 if ( ! isset( $HTTP_RAW_POST_DATA ) ) {
838 $HTTP_RAW_POST_DATA = file_get_contents( 'php://input' );
839 }
840
841 // fix for mozBlog and other cases where '<?xml' isn't on the very first line
842 if ( isset( $HTTP_RAW_POST_DATA ) ) {
843 $HTTP_RAW_POST_DATA = trim( $HTTP_RAW_POST_DATA );
844 }
845
846 // phpcs:enable
847
848 include_once( ABSPATH . 'wp-admin/includes/admin.php' );
849 include_once( ABSPATH . WPINC . '/class-IXR.php' );
850 include_once( ABSPATH . WPINC . '/class-wp-xmlrpc-server.php' );
851
852 /**
853 * Filters the class used for handling XML-RPC requests.
854 *
855 * @since 3.1.0
856 *
857 * @param string $class The name of the XML-RPC server class.
858 */
859 $wp_xmlrpc_server_class = apply_filters( 'wp_xmlrpc_server_class', 'wp_xmlrpc_server' );
860 $wp_xmlrpc_server = new $wp_xmlrpc_server_class;
861
862 // Fire off the request
863 nocache_headers();
864 $wp_xmlrpc_server->serve_request();
865
866 exit;
867 }
868
869 function jetpack_admin_ajax_tracks_callback() {
870 // Check for nonce
871 if ( ! isset( $_REQUEST['tracksNonce'] ) || ! wp_verify_nonce( $_REQUEST['tracksNonce'], 'jp-tracks-ajax-nonce' ) ) {
872 wp_die( 'Permissions check failed.' );
873 }
874
875 if ( ! isset( $_REQUEST['tracksEventName'] ) || ! isset( $_REQUEST['tracksEventType'] ) ) {
876 wp_die( 'No valid event name or type.' );
877 }
878
879 $tracks_data = array();
880 if ( 'click' === $_REQUEST['tracksEventType'] && isset( $_REQUEST['tracksEventProp'] ) ) {
881 if ( is_array( $_REQUEST['tracksEventProp'] ) ) {
882 $tracks_data = $_REQUEST['tracksEventProp'];
883 } else {
884 $tracks_data = array( 'clicked' => $_REQUEST['tracksEventProp'] );
885 }
886 }
887
888 JetpackTracking::record_user_event( $_REQUEST['tracksEventName'], $tracks_data );
889 wp_send_json_success();
890 wp_die();
891 }
892
893 /**
894 * The callback for the JITM ajax requests.
895 */
896 function jetpack_jitm_ajax_callback() {
897 // Check for nonce
898 if ( ! isset( $_REQUEST['jitmNonce'] ) || ! wp_verify_nonce( $_REQUEST['jitmNonce'], 'jetpack-jitm-nonce' ) ) {
899 wp_die( 'Module activation failed due to lack of appropriate permissions' );
900 }
901 if ( isset( $_REQUEST['jitmActionToTake'] ) && 'activate' == $_REQUEST['jitmActionToTake'] ) {
902 $module_slug = $_REQUEST['jitmModule'];
903 Jetpack::log( 'activate', $module_slug );
904 Jetpack::activate_module( $module_slug, false, false );
905 Jetpack::state( 'message', 'no_message' );
906
907 //A Jetpack module is being activated through a JITM, track it
908 $this->stat( 'jitm', $module_slug.'-activated-' . JETPACK__VERSION );
909 $this->do_stats( 'server_side' );
910
911 wp_send_json_success();
912 }
913 if ( isset( $_REQUEST['jitmActionToTake'] ) && 'dismiss' == $_REQUEST['jitmActionToTake'] ) {
914 // get the hide_jitm options array
915 $jetpack_hide_jitm = Jetpack_Options::get_option( 'hide_jitm' );
916 $module_slug = $_REQUEST['jitmModule'];
917
918 if( ! $jetpack_hide_jitm ) {
919 $jetpack_hide_jitm = array(
920 $module_slug => 'hide'
921 );
922 } else {
923 $jetpack_hide_jitm[$module_slug] = 'hide';
924 }
925
926 Jetpack_Options::update_option( 'hide_jitm', $jetpack_hide_jitm );
927
928 //jitm is being dismissed forever, track it
929 $this->stat( 'jitm', $module_slug.'-dismissed-' . JETPACK__VERSION );
930 $this->do_stats( 'server_side' );
931
932 wp_send_json_success();
933 }
934 if ( isset( $_REQUEST['jitmActionToTake'] ) && 'launch' == $_REQUEST['jitmActionToTake'] ) {
935 $module_slug = $_REQUEST['jitmModule'];
936
937 // User went to WordPress.com, track this
938 $this->stat( 'jitm', $module_slug.'-wordpress-tools-' . JETPACK__VERSION );
939 $this->do_stats( 'server_side' );
940
941 wp_send_json_success();
942 }
943 if ( isset( $_REQUEST['jitmActionToTake'] ) && 'viewed' == $_REQUEST['jitmActionToTake'] ) {
944 $track = $_REQUEST['jitmModule'];
945
946 // User is viewing JITM, track it.
947 $this->stat( 'jitm', $track . '-viewed-' . JETPACK__VERSION );
948 $this->do_stats( 'server_side' );
949
950 wp_send_json_success();
951 }
952 }
953
954 /**
955 * If there are any stats that need to be pushed, but haven't been, push them now.
956 */
957 function push_stats() {
958 if ( ! empty( $this->stats ) ) {
959 $this->do_stats( 'server_side' );
960 }
961 }
962
963 function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
964 switch( $cap ) {
965 case 'jetpack_connect' :
966 case 'jetpack_reconnect' :
967 if ( Jetpack::is_development_mode() ) {
968 $caps = array( 'do_not_allow' );
969 break;
970 }
971 /**
972 * Pass through. If it's not development mode, these should match disconnect.
973 * Let users disconnect if it's development mode, just in case things glitch.
974 */
975 case 'jetpack_disconnect' :
976 /**
977 * In multisite, can individual site admins manage their own connection?
978 *
979 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
980 */
981 if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
982 if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
983 /**
984 * We need to update the option name -- it's terribly unclear which
985 * direction the override goes.
986 *
987 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
988 */
989 $caps = array( 'do_not_allow' );
990 break;
991 }
992 }
993
994 $caps = array( 'manage_options' );
995 break;
996 case 'jetpack_manage_modules' :
997 case 'jetpack_activate_modules' :
998 case 'jetpack_deactivate_modules' :
999 $caps = array( 'manage_options' );
1000 break;
1001 case 'jetpack_configure_modules' :
1002 $caps = array( 'manage_options' );
1003 break;
1004 case 'jetpack_manage_autoupdates' :
1005 $caps = array(
1006 'manage_options',
1007 'update_plugins',
1008 );
1009 break;
1010 case 'jetpack_network_admin_page':
1011 case 'jetpack_network_settings_page':
1012 $caps = array( 'manage_network_plugins' );
1013 break;
1014 case 'jetpack_network_sites_page':
1015 $caps = array( 'manage_sites' );
1016 break;
1017 case 'jetpack_admin_page' :
1018 if ( Jetpack::is_development_mode() ) {
1019 $caps = array( 'manage_options' );
1020 break;
1021 } else {
1022 $caps = array( 'read' );
1023 }
1024 break;
1025 case 'jetpack_connect_user' :
1026 if ( Jetpack::is_development_mode() ) {
1027 $caps = array( 'do_not_allow' );
1028 break;
1029 }
1030 $caps = array( 'read' );
1031 break;
1032 }
1033 return $caps;
1034 }
1035
1036 function require_jetpack_authentication() {
1037 // Don't let anyone authenticate
1038 $_COOKIE = array();
1039 remove_all_filters( 'authenticate' );
1040 remove_all_actions( 'wp_login_failed' );
1041
1042 if ( Jetpack::is_active() ) {
1043 // Allow Jetpack authentication
1044 add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 );
1045 }
1046 }
1047
1048 /**
1049 * Load language files
1050 * @action plugins_loaded
1051 */
1052 public static function plugin_textdomain() {
1053 // Note to self, the third argument must not be hardcoded, to account for relocated folders.
1054 load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
1055 }
1056
1057 /**
1058 * Register assets for use in various modules and the Jetpack admin page.
1059 *
1060 * @uses wp_script_is, wp_register_script, plugins_url
1061 * @action wp_loaded
1062 * @return null
1063 */
1064 public function register_assets() {
1065 if ( ! wp_script_is( 'spin', 'registered' ) ) {
1066 wp_register_script(
1067 'spin',
1068 self::get_file_url_for_environment( '_inc/build/spin.min.js', '_inc/spin.js' ),
1069 false,
1070 '1.3'
1071 );
1072 }
1073
1074 if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
1075 wp_register_script(
1076 'jquery.spin',
1077 self::get_file_url_for_environment( '_inc/build/jquery.spin.min.js', '_inc/jquery.spin.js' ),
1078 array( 'jquery', 'spin' ),
1079 '1.3'
1080 );
1081 }
1082
1083 if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
1084 wp_register_script(
1085 'jetpack-gallery-settings',
1086 self::get_file_url_for_environment( '_inc/build/gallery-settings.min.js', '_inc/gallery-settings.js' ),
1087 array( 'media-views' ),
1088 '20121225'
1089 );
1090 }
1091
1092 if ( ! wp_script_is( 'jetpack-twitter-timeline', 'registered' ) ) {
1093 wp_register_script(
1094 'jetpack-twitter-timeline',
1095 self::get_file_url_for_environment( '_inc/build/twitter-timeline.min.js', '_inc/twitter-timeline.js' ),
1096 array( 'jquery' ),
1097 '4.0.0',
1098 true
1099 );
1100 }
1101
1102 if ( ! wp_script_is( 'jetpack-facebook-embed', 'registered' ) ) {
1103 wp_register_script(
1104 'jetpack-facebook-embed',
1105 self::get_file_url_for_environment( '_inc/build/facebook-embed.min.js', '_inc/facebook-embed.js' ),
1106 array( 'jquery' ),
1107 null,
1108 true
1109 );
1110
1111 /** This filter is documented in modules/sharedaddy/sharing-sources.php */
1112 $fb_app_id = apply_filters( 'jetpack_sharing_facebook_app_id', '249643311490' );
1113 if ( ! is_numeric( $fb_app_id ) ) {
1114 $fb_app_id = '';
1115 }
1116 wp_localize_script(
1117 'jetpack-facebook-embed',
1118 'jpfbembed',
1119 array(
1120 'appid' => $fb_app_id,
1121 'locale' => $this->get_locale(),
1122 )
1123 );
1124 }
1125
1126 /**
1127 * As jetpack_register_genericons is by default fired off a hook,
1128 * the hook may have already fired by this point.
1129 * So, let's just trigger it manually.
1130 */
1131 require_once( JETPACK__PLUGIN_DIR . '_inc/genericons.php' );
1132 jetpack_register_genericons();
1133
1134 /**
1135 * Register the social logos
1136 */
1137 require_once( JETPACK__PLUGIN_DIR . '_inc/social-logos.php' );
1138 jetpack_register_social_logos();
1139
1140 if ( ! wp_style_is( 'jetpack-icons', 'registered' ) )
1141 wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
1142 }
1143
1144 /**
1145 * Guess locale from language code.
1146 *
1147 * @param string $lang Language code.
1148 * @return string|bool
1149 */
1150 function guess_locale_from_lang( $lang ) {
1151 if ( 'en' === $lang || 'en_US' === $lang || ! $lang ) {
1152 return 'en_US';
1153 }
1154
1155 if ( ! class_exists( 'GP_Locales' ) ) {
1156 if ( ! defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) || ! file_exists( JETPACK__GLOTPRESS_LOCALES_PATH ) ) {
1157 return false;
1158 }
1159
1160 require JETPACK__GLOTPRESS_LOCALES_PATH;
1161 }
1162
1163 if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
1164 // WP.com: get_locale() returns 'it'
1165 $locale = GP_Locales::by_slug( $lang );
1166 } else {
1167 // Jetpack: get_locale() returns 'it_IT';
1168 $locale = GP_Locales::by_field( 'facebook_locale', $lang );
1169 }
1170
1171 if ( ! $locale ) {
1172 return false;
1173 }
1174
1175 if ( empty( $locale->facebook_locale ) ) {
1176 if ( empty( $locale->wp_locale ) ) {
1177 return false;
1178 } else {
1179 // Facebook SDK is smart enough to fall back to en_US if a
1180 // locale isn't supported. Since supported Facebook locales
1181 // can fall out of sync, we'll attempt to use the known
1182 // wp_locale value and rely on said fallback.
1183 return $locale->wp_locale;
1184 }
1185 }
1186
1187 return $locale->facebook_locale;
1188 }
1189
1190 /**
1191 * Get the locale.
1192 *
1193 * @return string|bool
1194 */
1195 function get_locale() {
1196 $locale = $this->guess_locale_from_lang( get_locale() );
1197
1198 if ( ! $locale ) {
1199 $locale = 'en_US';
1200 }
1201
1202 return $locale;
1203 }
1204
1205 /**
1206 * Device Pixels support
1207 * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers.
1208 */
1209 function devicepx() {
1210 if ( Jetpack::is_active() && ! Jetpack_AMP_Support::is_amp_request() ) {
1211 wp_enqueue_script( 'devicepx', 'https://s0.wp.com/wp-content/js/devicepx-jetpack.js', array(), gmdate( 'oW' ), true );
1212 }
1213 }
1214
1215 /**
1216 * Return the network_site_url so that .com knows what network this site is a part of.
1217 * @param bool $option
1218 * @return string
1219 */
1220 public function jetpack_main_network_site_option( $option ) {
1221 return network_site_url();
1222 }
1223 /**
1224 * Network Name.
1225 */
1226 static function network_name( $option = null ) {
1227 global $current_site;
1228 return $current_site->site_name;
1229 }
1230 /**
1231 * Does the network allow new user and site registrations.
1232 * @return string
1233 */
1234 static function network_allow_new_registrations( $option = null ) {
1235 return ( in_array( get_site_option( 'registration' ), array('none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration') : 'none' );
1236 }
1237 /**
1238 * Does the network allow admins to add new users.
1239 * @return boolian
1240 */
1241 static function network_add_new_users( $option = null ) {
1242 return (bool) get_site_option( 'add_new_users' );
1243 }
1244 /**
1245 * File upload psace left per site in MB.
1246 * -1 means NO LIMIT.
1247 * @return number
1248 */
1249 static function network_site_upload_space( $option = null ) {
1250 // value in MB
1251 return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
1252 }
1253
1254 /**
1255 * Network allowed file types.
1256 * @return string
1257 */
1258 static function network_upload_file_types( $option = null ) {
1259 return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
1260 }
1261
1262 /**
1263 * Maximum file upload size set by the network.
1264 * @return number
1265 */
1266 static function network_max_upload_file_size( $option = null ) {
1267 // value in KB
1268 return get_site_option( 'fileupload_maxk', 300 );
1269 }
1270
1271 /**
1272 * Lets us know if a site allows admins to manage the network.
1273 * @return array
1274 */
1275 static function network_enable_administration_menus( $option = null ) {
1276 return get_site_option( 'menu_items' );
1277 }
1278
1279 /**
1280 * If a user has been promoted to or demoted from admin, we need to clear the
1281 * jetpack_other_linked_admins transient.
1282 *
1283 * @since 4.3.2
1284 * @since 4.4.0 $old_roles is null by default and if it's not passed, the transient is cleared.
1285 *
1286 * @param int $user_id The user ID whose role changed.
1287 * @param string $role The new role.
1288 * @param array $old_roles An array of the user's previous roles.
1289 */
1290 function maybe_clear_other_linked_admins_transient( $user_id, $role, $old_roles = null ) {
1291 if ( 'administrator' == $role
1292 || ( is_array( $old_roles ) && in_array( 'administrator', $old_roles ) )
1293 || is_null( $old_roles )
1294 ) {
1295 delete_transient( 'jetpack_other_linked_admins' );
1296 }
1297 }
1298
1299 /**
1300 * Checks to see if there are any other users available to become primary
1301 * Users must both:
1302 * - Be linked to wpcom
1303 * - Be an admin
1304 *
1305 * @return mixed False if no other users are linked, Int if there are.
1306 */
1307 static function get_other_linked_admins() {
1308 $other_linked_users = get_transient( 'jetpack_other_linked_admins' );
1309
1310 if ( false === $other_linked_users ) {
1311 $admins = get_users( array( 'role' => 'administrator' ) );
1312 if ( count( $admins ) > 1 ) {
1313 $available = array();
1314 foreach ( $admins as $admin ) {
1315 if ( Jetpack::is_user_connected( $admin->ID ) ) {
1316 $available[] = $admin->ID;
1317 }
1318 }
1319
1320 $count_connected_admins = count( $available );
1321 if ( count( $available ) > 1 ) {
1322 $other_linked_users = $count_connected_admins;
1323 } else {
1324 $other_linked_users = 0;
1325 }
1326 } else {
1327 $other_linked_users = 0;
1328 }
1329
1330 set_transient( 'jetpack_other_linked_admins', $other_linked_users, HOUR_IN_SECONDS );
1331 }
1332
1333 return ( 0 === $other_linked_users ) ? false : $other_linked_users;
1334 }
1335
1336 /**
1337 * Return whether we are dealing with a multi network setup or not.
1338 * The reason we are type casting this is because we want to avoid the situation where
1339 * the result is false since when is_main_network_option return false it cases
1340 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
1341 * database which could be set to anything as opposed to what this function returns.
1342 * @param bool $option
1343 *
1344 * @return boolean
1345 */
1346 public function is_main_network_option( $option ) {
1347 // return '1' or ''
1348 return (string) (bool) Jetpack::is_multi_network();
1349 }
1350
1351 /**
1352 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
1353 *
1354 * @param string $option
1355 * @return boolean
1356 */
1357 public function is_multisite( $option ) {
1358 return (string) (bool) is_multisite();
1359 }
1360
1361 /**
1362 * Implemented since there is no core is multi network function
1363 * Right now there is no way to tell if we which network is the dominant network on the system
1364 *
1365 * @since 3.3
1366 * @return boolean
1367 */
1368 public static function is_multi_network() {
1369 global $wpdb;
1370
1371 // if we don't have a multi site setup no need to do any more
1372 if ( ! is_multisite() ) {
1373 return false;
1374 }
1375
1376 $num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
1377 if ( $num_sites > 1 ) {
1378 return true;
1379 } else {
1380 return false;
1381 }
1382 }
1383
1384 /**
1385 * Trigger an update to the main_network_site when we update the siteurl of a site.
1386 * @return null
1387 */
1388 function update_jetpack_main_network_site_option() {
1389 _deprecated_function( __METHOD__, 'jetpack-4.2' );
1390 }
1391 /**
1392 * Triggered after a user updates the network settings via Network Settings Admin Page
1393 *
1394 */
1395 function update_jetpack_network_settings() {
1396 _deprecated_function( __METHOD__, 'jetpack-4.2' );
1397 // Only sync this info for the main network site.
1398 }
1399
1400 /**
1401 * Get back if the current site is single user site.
1402 *
1403 * @return bool
1404 */
1405 public static function is_single_user_site() {
1406 global $wpdb;
1407
1408 if ( false === ( $some_users = get_transient( 'jetpack_is_single_user' ) ) ) {
1409 $some_users = $wpdb->get_var( "SELECT COUNT(*) FROM (SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities' LIMIT 2) AS someusers" );
1410 set_transient( 'jetpack_is_single_user', (int) $some_users, 12 * HOUR_IN_SECONDS );
1411 }
1412 return 1 === (int) $some_users;
1413 }
1414
1415 /**
1416 * Returns true if the site has file write access false otherwise.
1417 * @return string ( '1' | '0' )
1418 **/
1419 public static function file_system_write_access() {
1420 if ( ! function_exists( 'get_filesystem_method' ) ) {
1421 require_once( ABSPATH . 'wp-admin/includes/file.php' );
1422 }
1423
1424 require_once( ABSPATH . 'wp-admin/includes/template.php' );
1425
1426 $filesystem_method = get_filesystem_method();
1427 if ( $filesystem_method === 'direct' ) {
1428 return 1;
1429 }
1430
1431 ob_start();
1432 $filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1433 ob_end_clean();
1434 if ( $filesystem_credentials_are_stored ) {
1435 return 1;
1436 }
1437 return 0;
1438 }
1439
1440 /**
1441 * Finds out if a site is using a version control system.
1442 * @return string ( '1' | '0' )
1443 **/
1444 public static function is_version_controlled() {
1445 _deprecated_function( __METHOD__, 'jetpack-4.2', 'Jetpack_Sync_Functions::is_version_controlled' );
1446 return (string) (int) Jetpack_Sync_Functions::is_version_controlled();
1447 }
1448
1449 /**
1450 * Determines whether the current theme supports featured images or not.
1451 * @return string ( '1' | '0' )
1452 */
1453 public static function featured_images_enabled() {
1454 _deprecated_function( __METHOD__, 'jetpack-4.2' );
1455 return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1456 }
1457
1458 /**
1459 * Wrapper for core's get_avatar_url(). This one is deprecated.
1460 *
1461 * @deprecated 4.7 use get_avatar_url instead.
1462 * @param int|string|object $id_or_email A user ID, email address, or comment object
1463 * @param int $size Size of the avatar image
1464 * @param string $default URL to a default image to use if no avatar is available
1465 * @param bool $force_display Whether to force it to return an avatar even if show_avatars is disabled
1466 *
1467 * @return array
1468 */
1469 public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
1470 _deprecated_function( __METHOD__, 'jetpack-4.7', 'get_avatar_url' );
1471 return get_avatar_url( $id_or_email, array(
1472 'size' => $size,
1473 'default' => $default,
1474 'force_default' => $force_display,
1475 ) );
1476 }
1477
1478 /**
1479 * jetpack_updates is saved in the following schema:
1480 *
1481 * array (
1482 * 'plugins' => (int) Number of plugin updates available.
1483 * 'themes' => (int) Number of theme updates available.
1484 * 'wordpress' => (int) Number of WordPress core updates available.
1485 * 'translations' => (int) Number of translation updates available.
1486 * 'total' => (int) Total of all available updates.
1487 * 'wp_update_version' => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1488 * )
1489 * @return array
1490 */
1491 public static function get_updates() {
1492 $update_data = wp_get_update_data();
1493
1494 // Stores the individual update counts as well as the total count.
1495 if ( isset( $update_data['counts'] ) ) {
1496 $updates = $update_data['counts'];
1497 }
1498
1499 // If we need to update WordPress core, let's find the latest version number.
1500 if ( ! empty( $updates['wordpress'] ) ) {
1501 $cur = get_preferred_from_update_core();
1502 if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1503 $updates['wp_update_version'] = $cur->current;
1504 }
1505 }
1506 return isset( $updates ) ? $updates : array();
1507 }
1508
1509 public static function get_update_details() {
1510 $update_details = array(
1511 'update_core' => get_site_transient( 'update_core' ),
1512 'update_plugins' => get_site_transient( 'update_plugins' ),
1513 'update_themes' => get_site_transient( 'update_themes' ),
1514 );
1515 return $update_details;
1516 }
1517
1518 public static function refresh_update_data() {
1519 _deprecated_function( __METHOD__, 'jetpack-4.2' );
1520
1521 }
1522
1523 public static function refresh_theme_data() {
1524 _deprecated_function( __METHOD__, 'jetpack-4.2' );
1525 }
1526
1527 /**
1528 * Is Jetpack active?
1529 */
1530 public static function is_active() {
1531 return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1532 }
1533
1534 /**
1535 * Make an API call to WordPress.com for plan status
1536 *
1537 * @deprecated 7.2.0 Use Jetpack_Plan::refresh_from_wpcom.
1538 *
1539 * @return bool True if plan is updated, false if no update
1540 */
1541 public static function refresh_active_plan_from_wpcom() {
1542 _deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::refresh_from_wpcom' );
1543 return Jetpack_Plan::refresh_from_wpcom();
1544 }
1545
1546 /**
1547 * Get the plan that this Jetpack site is currently using
1548 *
1549 * @deprecated 7.2.0 Use Jetpack_Plan::get.
1550 * @return array Active Jetpack plan details.
1551 */
1552 public static function get_active_plan() {
1553 _deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::get' );
1554 return Jetpack_Plan::get();
1555 }
1556
1557 /**
1558 * Determine whether the active plan supports a particular feature
1559 *
1560 * @deprecated 7.2.0 Use Jetpack_Plan::supports.
1561 * @return bool True if plan supports feature, false if not.
1562 */
1563 public static function active_plan_supports( $feature ) {
1564 _deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::supports' );
1565 return Jetpack_Plan::supports( $feature );
1566 }
1567
1568 /**
1569 * Is Jetpack in development (offline) mode?
1570 */
1571 public static function is_development_mode() {
1572 $development_mode = false;
1573
1574 if ( defined( 'JETPACK_DEV_DEBUG' ) ) {
1575 $development_mode = JETPACK_DEV_DEBUG;
1576 } elseif ( $site_url = site_url() ) {
1577 $development_mode = false === strpos( $site_url, '.' );
1578 }
1579
1580 /**
1581 * Filters Jetpack's development mode.
1582 *
1583 * @see https://jetpack.com/support/development-mode/
1584 *
1585 * @since 2.2.1
1586 *
1587 * @param bool $development_mode Is Jetpack's development mode active.
1588 */
1589 $development_mode = ( bool ) apply_filters( 'jetpack_development_mode', $development_mode );
1590 return $development_mode;
1591 }
1592
1593 /**
1594 * Whether the site is currently onboarding or not.
1595 * A site is considered as being onboarded if it currently has an onboarding token.
1596 *
1597 * @since 5.8
1598 *
1599 * @access public
1600 * @static
1601 *
1602 * @return bool True if the site is currently onboarding, false otherwise
1603 */
1604 public static function is_onboarding() {
1605 return Jetpack_Options::get_option( 'onboarding' ) !== false;
1606 }
1607
1608 /**
1609 * Determines reason for Jetpack development mode.
1610 */
1611 public static function development_mode_trigger_text() {
1612 if ( ! Jetpack::is_development_mode() ) {
1613 return __( 'Jetpack is not in Development Mode.', 'jetpack' );
1614 }
1615
1616 if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1617 $notice = __( 'The JETPACK_DEV_DEBUG constant is defined in wp-config.php or elsewhere.', 'jetpack' );
1618 } elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1619 $notice = __( 'The site URL lacking a dot (e.g. http://localhost).', 'jetpack' );
1620 } else {
1621 $notice = __( 'The jetpack_development_mode filter is set to true.', 'jetpack' );
1622 }
1623
1624 return $notice;
1625
1626 }
1627 /**
1628 * Get Jetpack development mode notice text and notice class.
1629 *
1630 * Mirrors the checks made in Jetpack::is_development_mode
1631 *
1632 */
1633 public static function show_development_mode_notice() {
1634 if ( Jetpack::is_development_mode() ) {
1635 $notice = sprintf(
1636 /* translators: %s is a URL */
1637 __( 'In <a href="%s" target="_blank">Development Mode</a>:', 'jetpack' ),
1638 'https://jetpack.com/support/development-mode/'
1639 );
1640
1641 $notice .= ' ' . Jetpack::development_mode_trigger_text();
1642
1643 echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1644 }
1645
1646 // Throw up a notice if using a development version and as for feedback.
1647 if ( Jetpack::is_development_version() ) {
1648 /* translators: %s is a URL */
1649 $notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.com/contact-support/beta-group/' );
1650
1651 echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1652 }
1653 // Throw up a notice if using staging mode
1654 if ( Jetpack::is_staging_site() ) {
1655 /* translators: %s is a URL */
1656 $notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', 'jetpack' ), 'https://jetpack.com/support/staging-sites/' );
1657
1658 echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1659 }
1660 }
1661
1662 /**
1663 * Whether Jetpack's version maps to a public release, or a development version.
1664 */
1665 public static function is_development_version() {
1666 /**
1667 * Allows filtering whether this is a development version of Jetpack.
1668 *
1669 * This filter is especially useful for tests.
1670 *
1671 * @since 4.3.0
1672 *
1673 * @param bool $development_version Is this a develoment version of Jetpack?
1674 */
1675 return (bool) apply_filters(
1676 'jetpack_development_version',
1677 ! preg_match( '/^\d+(\.\d+)+$/', Jetpack_Constants::get_constant( 'JETPACK__VERSION' ) )
1678 );
1679 }
1680
1681 /**
1682 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1683 */
1684 public static function is_user_connected( $user_id = false ) {
1685 $user_id = false === $user_id ? get_current_user_id() : absint( $user_id );
1686 if ( ! $user_id ) {
1687 return false;
1688 }
1689
1690 return (bool) Jetpack_Data::get_access_token( $user_id );
1691 }
1692
1693 /**
1694 * Get the wpcom user data of the current|specified connected user.
1695 */
1696 public static function get_connected_user_data( $user_id = null ) {
1697 if ( ! $user_id ) {
1698 $user_id = get_current_user_id();
1699 }
1700
1701 $transient_key = "jetpack_connected_user_data_$user_id";
1702
1703 if ( $cached_user_data = get_transient( $transient_key ) ) {
1704 return $cached_user_data;
1705 }
1706
1707 Jetpack::load_xml_rpc_client();
1708 $xml = new Jetpack_IXR_Client( array(
1709 'user_id' => $user_id,
1710 ) );
1711 $xml->query( 'wpcom.getUser' );
1712 if ( ! $xml->isError() ) {
1713 $user_data = $xml->getResponse();
1714 set_transient( $transient_key, $xml->getResponse(), DAY_IN_SECONDS );
1715 return $user_data;
1716 }
1717
1718 return false;
1719 }
1720
1721 /**
1722 * Get the wpcom email of the current|specified connected user.
1723 */
1724 public static function get_connected_user_email( $user_id = null ) {
1725 if ( ! $user_id ) {
1726 $user_id = get_current_user_id();
1727 }
1728 Jetpack::load_xml_rpc_client();
1729 $xml = new Jetpack_IXR_Client( array(
1730 'user_id' => $user_id,
1731 ) );
1732 $xml->query( 'wpcom.getUserEmail' );
1733 if ( ! $xml->isError() ) {
1734 return $xml->getResponse();
1735 }
1736 return false;
1737 }
1738
1739 /**
1740 * Get the wpcom email of the master user.
1741 */
1742 public static function get_master_user_email() {
1743 $master_user_id = Jetpack_Options::get_option( 'master_user' );
1744 if ( $master_user_id ) {
1745 return self::get_connected_user_email( $master_user_id );
1746 }
1747 return '';
1748 }
1749
1750 function current_user_is_connection_owner() {
1751 $user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1752 return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && get_current_user_id() === $user_token->external_user_id;
1753 }
1754
1755 /**
1756 * Gets current user IP address.
1757 *
1758 * @param bool $check_all_headers Check all headers? Default is `false`.
1759 *
1760 * @return string Current user IP address.
1761 */
1762 public static function current_user_ip( $check_all_headers = false ) {
1763 if ( $check_all_headers ) {
1764 foreach ( array(
1765 'HTTP_CF_CONNECTING_IP',
1766 'HTTP_CLIENT_IP',
1767 'HTTP_X_FORWARDED_FOR',
1768 'HTTP_X_FORWARDED',
1769 'HTTP_X_CLUSTER_CLIENT_IP',
1770 'HTTP_FORWARDED_FOR',
1771 'HTTP_FORWARDED',
1772 'HTTP_VIA',
1773 ) as $key ) {
1774 if ( ! empty( $_SERVER[ $key ] ) ) {
1775 return $_SERVER[ $key ];
1776 }
1777 }
1778 }
1779
1780 return ! empty( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : '';
1781 }
1782
1783 /**
1784 * Add any extra oEmbed providers that we know about and use on wpcom for feature parity.
1785 */
1786 function extra_oembed_providers() {
1787 // Cloudup: https://dev.cloudup.com/#oembed
1788 wp_oembed_add_provider( 'https://cloudup.com/*' , 'https://cloudup.com/oembed' );
1789 wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' );
1790 wp_oembed_add_provider( '#https?://(www\.)?gfycat\.com/.*#i', 'https://api.gfycat.com/v1/oembed', true );
1791 wp_oembed_add_provider( '#https?://[^.]+\.(wistia\.com|wi\.st)/(medias|embed)/.*#', 'https://fast.wistia.com/oembed', true );
1792 wp_oembed_add_provider( '#https?://sketchfab\.com/.*#i', 'https://sketchfab.com/oembed', true );
1793 wp_oembed_add_provider( '#https?://(www\.)?icloud\.com/keynote/.*#i', 'https://iwmb.icloud.com/iwmb/oembed', true );
1794 }
1795
1796 /**
1797 * Synchronize connected user role changes
1798 */
1799 function user_role_change( $user_id ) {
1800 _deprecated_function( __METHOD__, 'jetpack-4.2', 'Jetpack_Sync_Users::user_role_change()' );
1801 Jetpack_Sync_Users::user_role_change( $user_id );
1802 }
1803
1804 /**
1805 * Loads the currently active modules.
1806 */
1807 public static function load_modules() {
1808 if (
1809 ! self::is_active()
1810 && ! self::is_development_mode()
1811 && ! self::is_onboarding()
1812 && (
1813 ! is_multisite()
1814 || ! get_site_option( 'jetpack_protect_active' )
1815 )
1816 ) {
1817 return;
1818 }
1819
1820 $version = Jetpack_Options::get_option( 'version' );
1821 if ( ! $version ) {
1822 $version = $old_version = JETPACK__VERSION . ':' . time();
1823 /** This action is documented in class.jetpack.php */
1824 do_action( 'updating_jetpack_version', $version, false );
1825 Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1826 }
1827 list( $version ) = explode( ':', $version );
1828
1829 $modules = array_filter( Jetpack::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1830
1831 $modules_data = array();
1832
1833 // Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1834 if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1835 $updated_modules = array();
1836 foreach ( $modules as $module ) {
1837 $modules_data[ $module ] = Jetpack::get_module( $module );
1838 if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1839 continue;
1840 }
1841
1842 if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1843 continue;
1844 }
1845
1846 $updated_modules[] = $module;
1847 }
1848
1849 $modules = array_diff( $modules, $updated_modules );
1850 }
1851
1852 $is_development_mode = Jetpack::is_development_mode();
1853
1854 foreach ( $modules as $index => $module ) {
1855 // If we're in dev mode, disable modules requiring a connection
1856 if ( $is_development_mode ) {
1857 // Prime the pump if we need to
1858 if ( empty( $modules_data[ $module ] ) ) {
1859 $modules_data[ $module ] = Jetpack::get_module( $module );
1860 }
1861 // If the module requires a connection, but we're in local mode, don't include it.
1862 if ( $modules_data[ $module ]['requires_connection'] ) {
1863 continue;
1864 }
1865 }
1866
1867 if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1868 continue;
1869 }
1870
1871 if ( ! include_once( Jetpack::get_module_path( $module ) ) ) {
1872 unset( $modules[ $index ] );
1873 self::update_active_modules( array_values( $modules ) );
1874 continue;
1875 }
1876
1877 /**
1878 * Fires when a specific module is loaded.
1879 * The dynamic part of the hook, $module, is the module slug.
1880 *
1881 * @since 1.1.0
1882 */
1883 do_action( 'jetpack_module_loaded_' . $module );
1884 }
1885
1886 /**
1887 * Fires when all the modules are loaded.
1888 *
1889 * @since 1.1.0
1890 */
1891 do_action( 'jetpack_modules_loaded' );
1892
1893 // Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1894 require_once( JETPACK__PLUGIN_DIR . 'modules/module-extras.php' );
1895 }
1896
1897 /**
1898 * Check if Jetpack's REST API compat file should be included
1899 * @action plugins_loaded
1900 * @return null
1901 */
1902 public function check_rest_api_compat() {
1903 /**
1904 * Filters the list of REST API compat files to be included.
1905 *
1906 * @since 2.2.5
1907 *
1908 * @param array $args Array of REST API compat files to include.
1909 */
1910 $_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1911
1912 if ( function_exists( 'bbpress' ) )
1913 $_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php';
1914
1915 foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include )
1916 require_once $_jetpack_rest_api_compat_include;
1917 }
1918
1919 /**
1920 * Gets all plugins currently active in values, regardless of whether they're
1921 * traditionally activated or network activated.
1922 *
1923 * @todo Store the result in core's object cache maybe?
1924 */
1925 public static function get_active_plugins() {
1926 $active_plugins = (array) get_option( 'active_plugins', array() );
1927
1928 if ( is_multisite() ) {
1929 // Due to legacy code, active_sitewide_plugins stores them in the keys,
1930 // whereas active_plugins stores them in the values.
1931 $network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
1932 if ( $network_plugins ) {
1933 $active_plugins = array_merge( $active_plugins, $network_plugins );
1934 }
1935 }
1936
1937 sort( $active_plugins );
1938
1939 return array_unique( $active_plugins );
1940 }
1941
1942 /**
1943 * Gets and parses additional plugin data to send with the heartbeat data
1944 *
1945 * @since 3.8.1
1946 *
1947 * @return array Array of plugin data
1948 */
1949 public static function get_parsed_plugin_data() {
1950 if ( ! function_exists( 'get_plugins' ) ) {
1951 require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1952 }
1953 /** This filter is documented in wp-admin/includes/class-wp-plugins-list-table.php */
1954 $all_plugins = apply_filters( 'all_plugins', get_plugins() );
1955 $active_plugins = Jetpack::get_active_plugins();
1956
1957 $plugins = array();
1958 foreach ( $all_plugins as $path => $plugin_data ) {
1959 $plugins[ $path ] = array(
1960 'is_active' => in_array( $path, $active_plugins ),
1961 'file' => $path,
1962 'name' => $plugin_data['Name'],
1963 'version' => $plugin_data['Version'],
1964 'author' => $plugin_data['Author'],
1965 );
1966 }
1967
1968 return $plugins;
1969 }
1970
1971 /**
1972 * Gets and parses theme data to send with the heartbeat data
1973 *
1974 * @since 3.8.1
1975 *
1976 * @return array Array of theme data
1977 */
1978 public static function get_parsed_theme_data() {
1979 $all_themes = wp_get_themes( array( 'allowed' => true ) );
1980 $header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
1981
1982 $themes = array();
1983 foreach ( $all_themes as $slug => $theme_data ) {
1984 $theme_headers = array();
1985 foreach ( $header_keys as $header_key ) {
1986 $theme_headers[ $header_key ] = $theme_data->get( $header_key );
1987 }
1988
1989 $themes[ $slug ] = array(
1990 'is_active_theme' => $slug == wp_get_theme()->get_template(),
1991 'slug' => $slug,
1992 'theme_root' => $theme_data->get_theme_root_uri(),
1993 'parent' => $theme_data->parent(),
1994 'headers' => $theme_headers
1995 );
1996 }
1997
1998 return $themes;
1999 }
2000
2001 /**
2002 * Checks whether a specific plugin is active.
2003 *
2004 * We don't want to store these in a static variable, in case
2005 * there are switch_to_blog() calls involved.
2006 */
2007 public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
2008 return in_array( $plugin, self::get_active_plugins() );
2009 }
2010
2011 /**
2012 * Check if Jetpack's Open Graph tags should be used.
2013 * If certain plugins are active, Jetpack's og tags are suppressed.
2014 *
2015 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
2016 * @action plugins_loaded
2017 * @return null
2018 */
2019 public function check_open_graph() {
2020 if ( in_array( 'publicize', Jetpack::get_active_modules() ) || in_array( 'sharedaddy', Jetpack::get_active_modules() ) ) {
2021 add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
2022 }
2023
2024 $active_plugins = self::get_active_plugins();
2025
2026 if ( ! empty( $active_plugins ) ) {
2027 foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
2028 if ( in_array( $plugin, $active_plugins ) ) {
2029 add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
2030 break;
2031 }
2032 }
2033 }
2034
2035 /**
2036 * Allow the addition of Open Graph Meta Tags to all pages.
2037 *
2038 * @since 2.0.3
2039 *
2040 * @param bool false Should Open Graph Meta tags be added. Default to false.
2041 */
2042 if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
2043 require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
2044 }
2045 }
2046
2047 /**
2048 * Check if Jetpack's Twitter tags should be used.
2049 * If certain plugins are active, Jetpack's twitter tags are suppressed.
2050 *
2051 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
2052 * @action plugins_loaded
2053 * @return null
2054 */
2055 public function check_twitter_tags() {
2056
2057 $active_plugins = self::get_active_plugins();
2058
2059 if ( ! empty( $active_plugins ) ) {
2060 foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
2061 if ( in_array( $plugin, $active_plugins ) ) {
2062 add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
2063 break;
2064 }
2065 }
2066 }
2067
2068 /**
2069 * Allow Twitter Card Meta tags to be disabled.
2070 *
2071 * @since 2.6.0
2072 *
2073 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
2074 */
2075 if ( ! apply_filters( 'jetpack_disable_twitter_cards', false ) ) {
2076 require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
2077 }
2078 }
2079
2080 /**
2081 * Allows plugins to submit security reports.
2082 *
2083 * @param string $type Report type (login_form, backup, file_scanning, spam)
2084 * @param string $plugin_file Plugin __FILE__, so that we can pull plugin data
2085 * @param array $args See definitions above
2086 */
2087 public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
2088 _deprecated_function( __FUNCTION__, 'jetpack-4.2', null );
2089 }
2090
2091/* Jetpack Options API */
2092
2093 public static function get_option_names( $type = 'compact' ) {
2094 return Jetpack_Options::get_option_names( $type );
2095 }
2096
2097 /**
2098 * Returns the requested option. Looks in jetpack_options or jetpack_$name as appropriate.
2099 *
2100 * @param string $name Option name
2101 * @param mixed $default (optional)
2102 */
2103 public static function get_option( $name, $default = false ) {
2104 return Jetpack_Options::get_option( $name, $default );
2105 }
2106
2107 /**
2108 * Updates the single given option. Updates jetpack_options or jetpack_$name as appropriate.
2109 *
2110 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
2111 * @param string $name Option name
2112 * @param mixed $value Option value
2113 */
2114 public static function update_option( $name, $value ) {
2115 _deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
2116 return Jetpack_Options::update_option( $name, $value );
2117 }
2118
2119 /**
2120 * Updates the multiple given options. Updates jetpack_options and/or jetpack_$name as appropriate.
2121 *
2122 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
2123 * @param array $array array( option name => option value, ... )
2124 */
2125 public static function update_options( $array ) {
2126 _deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
2127 return Jetpack_Options::update_options( $array );
2128 }
2129
2130 /**
2131 * Deletes the given option. May be passed multiple option names as an array.
2132 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
2133 *
2134 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
2135 * @param string|array $names
2136 */
2137 public static function delete_option( $names ) {
2138 _deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
2139 return Jetpack_Options::delete_option( $names );
2140 }
2141
2142 /**
2143 * Enters a user token into the user_tokens option
2144 *
2145 * @param int $user_id
2146 * @param string $token
2147 * return bool
2148 */
2149 public static function update_user_token( $user_id, $token, $is_master_user ) {
2150 // not designed for concurrent updates
2151 $user_tokens = Jetpack_Options::get_option( 'user_tokens' );
2152 if ( ! is_array( $user_tokens ) )
2153 $user_tokens = array();
2154 $user_tokens[$user_id] = $token;
2155 if ( $is_master_user ) {
2156 $master_user = $user_id;
2157 $options = compact( 'user_tokens', 'master_user' );
2158 } else {
2159 $options = compact( 'user_tokens' );
2160 }
2161 return Jetpack_Options::update_options( $options );
2162 }
2163
2164 /**
2165 * Returns an array of all PHP files in the specified absolute path.
2166 * Equivalent to glob( "$absolute_path/*.php" ).
2167 *
2168 * @param string $absolute_path The absolute path of the directory to search.
2169 * @return array Array of absolute paths to the PHP files.
2170 */
2171 public static function glob_php( $absolute_path ) {
2172 if ( function_exists( 'glob' ) ) {
2173 return glob( "$absolute_path/*.php" );
2174 }
2175
2176 $absolute_path = untrailingslashit( $absolute_path );
2177 $files = array();
2178 if ( ! $dir = @opendir( $absolute_path ) ) {
2179 return $files;
2180 }
2181
2182 while ( false !== $file = readdir( $dir ) ) {
2183 if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
2184 continue;
2185 }
2186
2187 $file = "$absolute_path/$file";
2188
2189 if ( ! is_file( $file ) ) {
2190 continue;
2191 }
2192
2193 $files[] = $file;
2194 }
2195
2196 closedir( $dir );
2197
2198 return $files;
2199 }
2200
2201 public static function activate_new_modules( $redirect = false ) {
2202 if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
2203 return;
2204 }
2205
2206 $jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
2207 if ( ! $jetpack_old_version ) {
2208 $jetpack_old_version = $version = $old_version = '1.1:' . time();
2209 /** This action is documented in class.jetpack.php */
2210 do_action( 'updating_jetpack_version', $version, false );
2211 Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2212 }
2213
2214 list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
2215
2216 if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
2217 return;
2218 }
2219
2220 $active_modules = Jetpack::get_active_modules();
2221 $reactivate_modules = array();
2222 foreach ( $active_modules as $active_module ) {
2223 $module = Jetpack::get_module( $active_module );
2224 if ( ! isset( $module['changed'] ) ) {
2225 continue;
2226 }
2227
2228 if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
2229 continue;
2230 }
2231
2232 $reactivate_modules[] = $active_module;
2233 Jetpack::deactivate_module( $active_module );
2234 }
2235
2236 $new_version = JETPACK__VERSION . ':' . time();
2237 /** This action is documented in class.jetpack.php */
2238 do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
2239 Jetpack_Options::update_options(
2240 array(
2241 'version' => $new_version,
2242 'old_version' => $jetpack_old_version,
2243 )
2244 );
2245
2246 Jetpack::state( 'message', 'modules_activated' );
2247 Jetpack::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules );
2248
2249 if ( $redirect ) {
2250 $page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
2251 if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
2252 $page = $_GET['page'];
2253 }
2254
2255 wp_safe_redirect( Jetpack::admin_url( 'page=' . $page ) );
2256 exit;
2257 }
2258 }
2259
2260 /**
2261 * List available Jetpack modules. Simply lists .php files in /modules/.
2262 * Make sure to tuck away module "library" files in a sub-directory.
2263 */
2264 public static function get_available_modules( $min_version = false, $max_version = false ) {
2265 static $modules = null;
2266
2267 if ( ! isset( $modules ) ) {
2268 $available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
2269 // Use the cache if we're on the front-end and it's available...
2270 if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
2271 $modules = $available_modules_option[ JETPACK__VERSION ];
2272 } else {
2273 $files = Jetpack::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
2274
2275 $modules = array();
2276
2277 foreach ( $files as $file ) {
2278 if ( ! $headers = Jetpack::get_module( $file ) ) {
2279 continue;
2280 }
2281
2282 $modules[ Jetpack::get_module_slug( $file ) ] = $headers['introduced'];
2283 }
2284
2285 Jetpack_Options::update_option( 'available_modules', array(
2286 JETPACK__VERSION => $modules,
2287 ) );
2288 }
2289 }
2290
2291 /**
2292 * Filters the array of modules available to be activated.
2293 *
2294 * @since 2.4.0
2295 *
2296 * @param array $modules Array of available modules.
2297 * @param string $min_version Minimum version number required to use modules.
2298 * @param string $max_version Maximum version number required to use modules.
2299 */
2300 $mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2301
2302 if ( ! $min_version && ! $max_version ) {
2303 return array_keys( $mods );
2304 }
2305
2306 $r = array();
2307 foreach ( $mods as $slug => $introduced ) {
2308 if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2309 continue;
2310 }
2311
2312 if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2313 continue;
2314 }
2315
2316 $r[] = $slug;
2317 }
2318
2319 return $r;
2320 }
2321
2322 /**
2323 * Default modules loaded on activation.
2324 */
2325 public static function get_default_modules( $min_version = false, $max_version = false ) {
2326 $return = array();
2327
2328 foreach ( Jetpack::get_available_modules( $min_version, $max_version ) as $module ) {
2329 $module_data = Jetpack::get_module( $module );
2330
2331 switch ( strtolower( $module_data['auto_activate'] ) ) {
2332 case 'yes' :
2333 $return[] = $module;
2334 break;
2335 case 'public' :
2336 if ( Jetpack_Options::get_option( 'public' ) ) {
2337 $return[] = $module;
2338 }
2339 break;
2340 case 'no' :
2341 default :
2342 break;
2343 }
2344 }
2345 /**
2346 * Filters the array of default modules.
2347 *
2348 * @since 2.5.0
2349 *
2350 * @param array $return Array of default modules.
2351 * @param string $min_version Minimum version number required to use modules.
2352 * @param string $max_version Maximum version number required to use modules.
2353 */
2354 return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2355 }
2356
2357 /**
2358 * Checks activated modules during auto-activation to determine
2359 * if any of those modules are being deprecated. If so, close
2360 * them out, and add any replacement modules.
2361 *
2362 * Runs at priority 99 by default.
2363 *
2364 * This is run late, so that it can still activate a module if
2365 * the new module is a replacement for another that the user
2366 * currently has active, even if something at the normal priority
2367 * would kibosh everything.
2368 *
2369 * @since 2.6
2370 * @uses jetpack_get_default_modules filter
2371 * @param array $modules
2372 * @return array
2373 */
2374 function handle_deprecated_modules( $modules ) {
2375 $deprecated_modules = array(
2376 'debug' => null, // Closed out and moved to the debugger library.
2377 'wpcc' => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2378 'gplus-authorship' => null, // Closed out in 3.2 -- Google dropped support.
2379 );
2380
2381 // Don't activate SSO if they never completed activating WPCC.
2382 if ( Jetpack::is_module_active( 'wpcc' ) ) {
2383 $wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2384 if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2385 $deprecated_modules['wpcc'] = null;
2386 }
2387 }
2388
2389 foreach ( $deprecated_modules as $module => $replacement ) {
2390 if ( Jetpack::is_module_active( $module ) ) {
2391 self::deactivate_module( $module );
2392 if ( $replacement ) {
2393 $modules[] = $replacement;
2394 }
2395 }
2396 }
2397
2398 return array_unique( $modules );
2399 }
2400
2401 /**
2402 * Checks activated plugins during auto-activation to determine
2403 * if any of those plugins are in the list with a corresponding module
2404 * that is not compatible with the plugin. The module will not be allowed
2405 * to auto-activate.
2406 *
2407 * @since 2.6
2408 * @uses jetpack_get_default_modules filter
2409 * @param array $modules
2410 * @return array
2411 */
2412 function filter_default_modules( $modules ) {
2413
2414 $active_plugins = self::get_active_plugins();
2415
2416 if ( ! empty( $active_plugins ) ) {
2417
2418 // For each module we'd like to auto-activate...
2419 foreach ( $modules as $key => $module ) {
2420 // If there are potential conflicts for it...
2421 if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2422 // For each potential conflict...
2423 foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2424 // If that conflicting plugin is active...
2425 if ( in_array( $plugin, $active_plugins ) ) {
2426 // Remove that item from being auto-activated.
2427 unset( $modules[ $key ] );
2428 }
2429 }
2430 }
2431 }
2432 }
2433
2434 return $modules;
2435 }
2436
2437 /**
2438 * Extract a module's slug from its full path.
2439 */
2440 public static function get_module_slug( $file ) {
2441 return str_replace( '.php', '', basename( $file ) );
2442 }
2443
2444 /**
2445 * Generate a module's path from its slug.
2446 */
2447 public static function get_module_path( $slug ) {
2448 return JETPACK__PLUGIN_DIR . "modules/$slug.php";
2449 }
2450
2451 /**
2452 * Load module data from module file. Headers differ from WordPress
2453 * plugin headers to avoid them being identified as standalone
2454 * plugins on the WordPress plugins page.
2455 */
2456 public static function get_module( $module ) {
2457 $headers = array(
2458 'name' => 'Module Name',
2459 'description' => 'Module Description',
2460 'jumpstart_desc' => 'Jumpstart Description',
2461 'sort' => 'Sort Order',
2462 'recommendation_order' => 'Recommendation Order',
2463 'introduced' => 'First Introduced',
2464 'changed' => 'Major Changes In',
2465 'deactivate' => 'Deactivate',
2466 'free' => 'Free',
2467 'requires_connection' => 'Requires Connection',
2468 'auto_activate' => 'Auto Activate',
2469 'module_tags' => 'Module Tags',
2470 'feature' => 'Feature',
2471 'additional_search_queries' => 'Additional Search Queries',
2472 'plan_classes' => 'Plans',
2473 );
2474
2475 $file = Jetpack::get_module_path( Jetpack::get_module_slug( $module ) );
2476
2477 $mod = Jetpack::get_file_data( $file, $headers );
2478 if ( empty( $mod['name'] ) ) {
2479 return false;
2480 }
2481
2482 $mod['sort'] = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2483 $mod['recommendation_order'] = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2484 $mod['deactivate'] = empty( $mod['deactivate'] );
2485 $mod['free'] = empty( $mod['free'] );
2486 $mod['requires_connection'] = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2487
2488 if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2489 $mod['auto_activate'] = 'No';
2490 } else {
2491 $mod['auto_activate'] = (string) $mod['auto_activate'];
2492 }
2493
2494 if ( $mod['module_tags'] ) {
2495 $mod['module_tags'] = explode( ',', $mod['module_tags'] );
2496 $mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2497 $mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2498 } else {
2499 $mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2500 }
2501
2502 if ( $mod['plan_classes'] ) {
2503 $mod['plan_classes'] = explode( ',', $mod['plan_classes'] );
2504 $mod['plan_classes'] = array_map( 'strtolower', array_map( 'trim', $mod['plan_classes'] ) );
2505 } else {
2506 $mod['plan_classes'] = array( 'free' );
2507 }
2508
2509 if ( $mod['feature'] ) {
2510 $mod['feature'] = explode( ',', $mod['feature'] );
2511 $mod['feature'] = array_map( 'trim', $mod['feature'] );
2512 } else {
2513 $mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2514 }
2515
2516 /**
2517 * Filters the feature array on a module.
2518 *
2519 * This filter allows you to control where each module is filtered: Recommended,
2520 * Jumpstart, and the default "Other" listing.
2521 *
2522 * @since 3.5.0
2523 *
2524 * @param array $mod['feature'] The areas to feature this module:
2525 * 'Jumpstart' adds to the "Jumpstart" option to activate many modules at once.
2526 * 'Recommended' shows on the main Jetpack admin screen.
2527 * 'Other' should be the default if no other value is in the array.
2528 * @param string $module The slug of the module, e.g. sharedaddy.
2529 * @param array $mod All the currently assembled module data.
2530 */
2531 $mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2532
2533 /**
2534 * Filter the returned data about a module.
2535 *
2536 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2537 * so please be careful.
2538 *
2539 * @since 3.6.0
2540 *
2541 * @param array $mod The details of the requested module.
2542 * @param string $module The slug of the module, e.g. sharedaddy
2543 * @param string $file The path to the module source file.
2544 */
2545 return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2546 }
2547
2548 /**
2549 * Like core's get_file_data implementation, but caches the result.
2550 */
2551 public static function get_file_data( $file, $headers ) {
2552 //Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2553 $file_name = basename( $file );
2554
2555 $cache_key = 'jetpack_file_data_' . JETPACK__VERSION;
2556
2557 $file_data_option = get_transient( $cache_key );
2558
2559 if ( false === $file_data_option ) {
2560 $file_data_option = array();
2561 }
2562
2563 $key = md5( $file_name . serialize( $headers ) );
2564 $refresh_cache = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2565
2566 // If we don't need to refresh the cache, and already have the value, short-circuit!
2567 if ( ! $refresh_cache && isset( $file_data_option[ $key ] ) ) {
2568 return $file_data_option[ $key ];
2569 }
2570
2571 $data = get_file_data( $file, $headers );
2572
2573 $file_data_option[ $key ] = $data;
2574
2575 set_transient( $cache_key, $file_data_option, 29 * DAY_IN_SECONDS );
2576
2577 return $data;
2578 }
2579
2580
2581 /**
2582 * Return translated module tag.
2583 *
2584 * @param string $tag Tag as it appears in each module heading.
2585 *
2586 * @return mixed
2587 */
2588 public static function translate_module_tag( $tag ) {
2589 return jetpack_get_module_i18n_tag( $tag );
2590 }
2591
2592 /**
2593 * Get i18n strings as a JSON-encoded string
2594 *
2595 * @return string The locale as JSON
2596 */
2597 public static function get_i18n_data_json() {
2598
2599 // WordPress 5.0 uses md5 hashes of file paths to associate translation
2600 // JSON files with the file they should be included for. This is an md5
2601 // of '_inc/build/admin.js'.
2602 $path_md5 = '1bac79e646a8bf4081a5011ab72d5807';
2603
2604 $i18n_json =
2605 JETPACK__PLUGIN_DIR
2606 . 'languages/json/jetpack-'
2607 . get_user_locale()
2608 . '-'
2609 . $path_md5
2610 . '.json';
2611
2612 if ( is_file( $i18n_json ) && is_readable( $i18n_json ) ) {
2613 $locale_data = @file_get_contents( $i18n_json );
2614 if ( $locale_data ) {
2615 return $locale_data;
2616 }
2617 }
2618
2619 // Return valid empty Jed locale
2620 return '{ "locale_data": { "messages": { "": {} } } }';
2621 }
2622
2623 /**
2624 * Add locale data setup to wp-i18n
2625 *
2626 * Any Jetpack script that depends on wp-i18n should use this method to set up the locale.
2627 *
2628 * The locale setup depends on an adding inline script. This is error-prone and could easily
2629 * result in multiple additions of the same script when exactly 0 or 1 is desireable.
2630 *
2631 * This method provides a safe way to request the setup multiple times but add the script at
2632 * most once.
2633 *
2634 * @since 6.7.0
2635 *
2636 * @return void
2637 */
2638 public static function setup_wp_i18n_locale_data() {
2639 static $script_added = false;
2640 if ( ! $script_added ) {
2641 $script_added = true;
2642 wp_add_inline_script(
2643 'wp-i18n',
2644 'wp.i18n.setLocaleData( ' . Jetpack::get_i18n_data_json() . ', \'jetpack\' );'
2645 );
2646 }
2647 }
2648
2649 /**
2650 * Return module name translation. Uses matching string created in modules/module-headings.php.
2651 *
2652 * @since 3.9.2
2653 *
2654 * @param array $modules
2655 *
2656 * @return string|void
2657 */
2658 public static function get_translated_modules( $modules ) {
2659 foreach ( $modules as $index => $module ) {
2660 $i18n_module = jetpack_get_module_i18n( $module['module'] );
2661 if ( isset( $module['name'] ) ) {
2662 $modules[ $index ]['name'] = $i18n_module['name'];
2663 }
2664 if ( isset( $module['description'] ) ) {
2665 $modules[ $index ]['description'] = $i18n_module['description'];
2666 $modules[ $index ]['short_description'] = $i18n_module['description'];
2667 }
2668 }
2669 return $modules;
2670 }
2671
2672 /**
2673 * Get a list of activated modules as an array of module slugs.
2674 */
2675 public static function get_active_modules() {
2676 $active = Jetpack_Options::get_option( 'active_modules' );
2677
2678 if ( ! is_array( $active ) ) {
2679 $active = array();
2680 }
2681
2682 if ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) {
2683 $active[] = 'vaultpress';
2684 } else {
2685 $active = array_diff( $active, array( 'vaultpress' ) );
2686 }
2687
2688 //If protect is active on the main site of a multisite, it should be active on all sites.
2689 if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2690 $active[] = 'protect';
2691 }
2692
2693 /**
2694 * Allow filtering of the active modules.
2695 *
2696 * Gives theme and plugin developers the power to alter the modules that
2697 * are activated on the fly.
2698 *
2699 * @since 5.8.0
2700 *
2701 * @param array $active Array of active module slugs.
2702 */
2703 $active = apply_filters( 'jetpack_active_modules', $active );
2704
2705 return array_unique( $active );
2706 }
2707
2708 /**
2709 * Check whether or not a Jetpack module is active.
2710 *
2711 * @param string $module The slug of a Jetpack module.
2712 * @return bool
2713 *
2714 * @static
2715 */
2716 public static function is_module_active( $module ) {
2717 return in_array( $module, self::get_active_modules() );
2718 }
2719
2720 public static function is_module( $module ) {
2721 return ! empty( $module ) && ! validate_file( $module, Jetpack::get_available_modules() );
2722 }
2723
2724 /**
2725 * Catches PHP errors. Must be used in conjunction with output buffering.
2726 *
2727 * @param bool $catch True to start catching, False to stop.
2728 *
2729 * @static
2730 */
2731 public static function catch_errors( $catch ) {
2732 static $display_errors, $error_reporting;
2733
2734 if ( $catch ) {
2735 $display_errors = @ini_set( 'display_errors', 1 );
2736 $error_reporting = @error_reporting( E_ALL );
2737 add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2738 } else {
2739 @ini_set( 'display_errors', $display_errors );
2740 @error_reporting( $error_reporting );
2741 remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2742 }
2743 }
2744
2745 /**
2746 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2747 */
2748 public static function catch_errors_on_shutdown() {
2749 Jetpack::state( 'php_errors', self::alias_directories( ob_get_clean() ) );
2750 }
2751
2752 /**
2753 * Rewrite any string to make paths easier to read.
2754 *
2755 * Rewrites ABSPATH (eg `/home/jetpack/wordpress/`) to ABSPATH, and if WP_CONTENT_DIR
2756 * is located outside of ABSPATH, rewrites that to WP_CONTENT_DIR.
2757 *
2758 * @param $string
2759 * @return mixed
2760 */
2761 public static function alias_directories( $string ) {
2762 // ABSPATH has a trailing slash.
2763 $string = str_replace( ABSPATH, 'ABSPATH/', $string );
2764 // WP_CONTENT_DIR does not have a trailing slash.
2765 $string = str_replace( WP_CONTENT_DIR, 'WP_CONTENT_DIR', $string );
2766
2767 return $string;
2768 }
2769
2770 public static function activate_default_modules(
2771 $min_version = false,
2772 $max_version = false,
2773 $other_modules = array(),
2774 $redirect = true,
2775 $send_state_messages = true
2776 ) {
2777 $jetpack = Jetpack::init();
2778
2779 $modules = Jetpack::get_default_modules( $min_version, $max_version );
2780 $modules = array_merge( $other_modules, $modules );
2781
2782 // Look for standalone plugins and disable if active.
2783
2784 $to_deactivate = array();
2785 foreach ( $modules as $module ) {
2786 if ( isset( $jetpack->plugins_to_deactivate[$module] ) ) {
2787 $to_deactivate[$module] = $jetpack->plugins_to_deactivate[$module];
2788 }
2789 }
2790
2791 $deactivated = array();
2792 foreach ( $to_deactivate as $module => $deactivate_me ) {
2793 list( $probable_file, $probable_title ) = $deactivate_me;
2794 if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2795 $deactivated[] = $module;
2796 }
2797 }
2798
2799 if ( $deactivated && $redirect ) {
2800 Jetpack::state( 'deactivated_plugins', join( ',', $deactivated ) );
2801
2802 $url = add_query_arg(
2803 array(
2804 'action' => 'activate_default_modules',
2805 '_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2806 ),
2807 add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), Jetpack::admin_url( 'page=jetpack' ) )
2808 );
2809 wp_safe_redirect( $url );
2810 exit;
2811 }
2812
2813 /**
2814 * Fires before default modules are activated.
2815 *
2816 * @since 1.9.0
2817 *
2818 * @param string $min_version Minimum version number required to use modules.
2819 * @param string $max_version Maximum version number required to use modules.
2820 * @param array $other_modules Array of other modules to activate alongside the default modules.
2821 */
2822 do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2823
2824 // Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2825 if ( $send_state_messages ) {
2826 Jetpack::restate();
2827 Jetpack::catch_errors( true );
2828 }
2829
2830 $active = Jetpack::get_active_modules();
2831
2832 foreach ( $modules as $module ) {
2833 if ( did_action( "jetpack_module_loaded_$module" ) ) {
2834 $active[] = $module;
2835 self::update_active_modules( $active );
2836 continue;
2837 }
2838
2839 if ( $send_state_messages && in_array( $module, $active ) ) {
2840 $module_info = Jetpack::get_module( $module );
2841 if ( ! $module_info['deactivate'] ) {
2842 $state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2843 if ( $active_state = Jetpack::state( $state ) ) {
2844 $active_state = explode( ',', $active_state );
2845 } else {
2846 $active_state = array();
2847 }
2848 $active_state[] = $module;
2849 Jetpack::state( $state, implode( ',', $active_state ) );
2850 }
2851 continue;
2852 }
2853
2854 $file = Jetpack::get_module_path( $module );
2855 if ( ! file_exists( $file ) ) {
2856 continue;
2857 }
2858
2859 // we'll override this later if the plugin can be included without fatal error
2860 if ( $redirect ) {
2861 wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2862 }
2863
2864 if ( $send_state_messages ) {
2865 Jetpack::state( 'error', 'module_activation_failed' );
2866 Jetpack::state( 'module', $module );
2867 }
2868
2869 ob_start();
2870 require_once $file;
2871
2872 $active[] = $module;
2873
2874 if ( $send_state_messages ) {
2875
2876 $state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2877 if ( $active_state = Jetpack::state( $state ) ) {
2878 $active_state = explode( ',', $active_state );
2879 } else {
2880 $active_state = array();
2881 }
2882 $active_state[] = $module;
2883 Jetpack::state( $state, implode( ',', $active_state ) );
2884 }
2885
2886 Jetpack::update_active_modules( $active );
2887
2888 ob_end_clean();
2889 }
2890
2891 if ( $send_state_messages ) {
2892 Jetpack::state( 'error', false );
2893 Jetpack::state( 'module', false );
2894 }
2895
2896 Jetpack::catch_errors( false );
2897 /**
2898 * Fires when default modules are activated.
2899 *
2900 * @since 1.9.0
2901 *
2902 * @param string $min_version Minimum version number required to use modules.
2903 * @param string $max_version Maximum version number required to use modules.
2904 * @param array $other_modules Array of other modules to activate alongside the default modules.
2905 */
2906 do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
2907 }
2908
2909 public static function activate_module( $module, $exit = true, $redirect = true ) {
2910 /**
2911 * Fires before a module is activated.
2912 *
2913 * @since 2.6.0
2914 *
2915 * @param string $module Module slug.
2916 * @param bool $exit Should we exit after the module has been activated. Default to true.
2917 * @param bool $redirect Should the user be redirected after module activation? Default to true.
2918 */
2919 do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
2920
2921 $jetpack = Jetpack::init();
2922
2923 if ( ! strlen( $module ) )
2924 return false;
2925
2926 if ( ! Jetpack::is_module( $module ) )
2927 return false;
2928
2929 // If it's already active, then don't do it again
2930 $active = Jetpack::get_active_modules();
2931 foreach ( $active as $act ) {
2932 if ( $act == $module )
2933 return true;
2934 }
2935
2936 $module_data = Jetpack::get_module( $module );
2937
2938 if ( ! Jetpack::is_active() ) {
2939 if ( ! Jetpack::is_development_mode() && ! Jetpack::is_onboarding() )
2940 return false;
2941
2942 // If we're not connected but in development mode, make sure the module doesn't require a connection
2943 if ( Jetpack::is_development_mode() && $module_data['requires_connection'] )
2944 return false;
2945 }
2946
2947 // Check and see if the old plugin is active
2948 if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2949 // Deactivate the old plugin
2950 if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
2951 // If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
2952 // We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
2953 Jetpack::state( 'deactivated_plugins', $module );
2954 wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
2955 exit;
2956 }
2957 }
2958
2959 // Protect won't work with mis-configured IPs
2960 if ( 'protect' === $module ) {
2961 include_once JETPACK__PLUGIN_DIR . 'modules/protect/shared-functions.php';
2962 if ( ! jetpack_protect_get_ip() ) {
2963 Jetpack::state( 'message', 'protect_misconfigured_ip' );
2964 return false;
2965 }
2966 }
2967
2968 if ( ! Jetpack_Plan::supports( $module ) ) {
2969 return false;
2970 }
2971
2972 // Check the file for fatal errors, a la wp-admin/plugins.php::activate
2973 Jetpack::state( 'module', $module );
2974 Jetpack::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
2975
2976 Jetpack::catch_errors( true );
2977 ob_start();
2978 require Jetpack::get_module_path( $module );
2979 /** This action is documented in class.jetpack.php */
2980 do_action( 'jetpack_activate_module', $module );
2981 $active[] = $module;
2982 Jetpack::update_active_modules( $active );
2983
2984 Jetpack::state( 'error', false ); // the override
2985 ob_end_clean();
2986 Jetpack::catch_errors( false );
2987
2988 if ( $redirect ) {
2989 wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2990 }
2991 if ( $exit ) {
2992 exit;
2993 }
2994 return true;
2995 }
2996
2997 function activate_module_actions( $module ) {
2998 _deprecated_function( __METHOD__, 'jetpack-4.2' );
2999 }
3000
3001 public static function deactivate_module( $module ) {
3002 /**
3003 * Fires when a module is deactivated.
3004 *
3005 * @since 1.9.0
3006 *
3007 * @param string $module Module slug.
3008 */
3009 do_action( 'jetpack_pre_deactivate_module', $module );
3010
3011 $jetpack = Jetpack::init();
3012
3013 $active = Jetpack::get_active_modules();
3014 $new = array_filter( array_diff( $active, (array) $module ) );
3015
3016 return self::update_active_modules( $new );
3017 }
3018
3019 public static function enable_module_configurable( $module ) {
3020 $module = Jetpack::get_module_slug( $module );
3021 add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
3022 }
3023
3024 /**
3025 * Composes a module configure URL. It uses Jetpack settings search as default value
3026 * It is possible to redefine resulting URL by using "jetpack_module_configuration_url_$module" filter
3027 *
3028 * @param string $module Module slug
3029 * @return string $url module configuration URL
3030 */
3031 public static function module_configuration_url( $module ) {
3032 $module = Jetpack::get_module_slug( $module );
3033 $default_url = Jetpack::admin_url() . "#/settings?term=$module";
3034 /**
3035 * Allows to modify configure_url of specific module to be able to redirect to some custom location.
3036 *
3037 * @since 6.9.0
3038 *
3039 * @param string $default_url Default url, which redirects to jetpack settings page.
3040 */
3041 $url = apply_filters( 'jetpack_module_configuration_url_' . $module, $default_url );
3042
3043 return $url;
3044 }
3045
3046/* Installation */
3047 public static function bail_on_activation( $message, $deactivate = true ) {
3048?>
3049<!doctype html>
3050<html>
3051<head>
3052<meta charset="<?php bloginfo( 'charset' ); ?>">
3053<style>
3054* {
3055 text-align: center;
3056 margin: 0;
3057 padding: 0;
3058 font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
3059}
3060p {
3061 margin-top: 1em;
3062 font-size: 18px;
3063}
3064</style>
3065<body>
3066<p><?php echo esc_html( $message ); ?></p>
3067</body>
3068</html>
3069<?php
3070 if ( $deactivate ) {
3071 $plugins = get_option( 'active_plugins' );
3072 $jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
3073 $update = false;
3074 foreach ( $plugins as $i => $plugin ) {
3075 if ( $plugin === $jetpack ) {
3076 $plugins[$i] = false;
3077 $update = true;
3078 }
3079 }
3080
3081 if ( $update ) {
3082 update_option( 'active_plugins', array_filter( $plugins ) );
3083 }
3084 }
3085 exit;
3086 }
3087
3088 /**
3089 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
3090 * @static
3091 */
3092 public static function plugin_activation( $network_wide ) {
3093 Jetpack_Options::update_option( 'activated', 1 );
3094
3095 if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
3096 Jetpack::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
3097 }
3098
3099 if ( $network_wide )
3100 Jetpack::state( 'network_nag', true );
3101
3102 // For firing one-off events (notices) immediately after activation
3103 set_transient( 'activated_jetpack', true, .1 * MINUTE_IN_SECONDS );
3104
3105 update_option( 'jetpack_activation_source', self::get_activation_source( wp_get_referer() ) );
3106
3107 Jetpack::plugin_initialize();
3108 }
3109
3110 public static function get_activation_source( $referer_url ) {
3111
3112 if ( defined( 'WP_CLI' ) && WP_CLI ) {
3113 return array( 'wp-cli', null );
3114 }
3115
3116 $referer = parse_url( $referer_url );
3117
3118 $source_type = 'unknown';
3119 $source_query = null;
3120
3121 if ( ! is_array( $referer ) ) {
3122 return array( $source_type, $source_query );
3123 }
3124
3125 $plugins_path = parse_url( admin_url( 'plugins.php' ), PHP_URL_PATH );
3126 $plugins_install_path = parse_url( admin_url( 'plugin-install.php' ), PHP_URL_PATH );// /wp-admin/plugin-install.php
3127
3128 if ( isset( $referer['query'] ) ) {
3129 parse_str( $referer['query'], $query_parts );
3130 } else {
3131 $query_parts = array();
3132 }
3133
3134 if ( $plugins_path === $referer['path'] ) {
3135 $source_type = 'list';
3136 } elseif ( $plugins_install_path === $referer['path'] ) {
3137 $tab = isset( $query_parts['tab'] ) ? $query_parts['tab'] : 'featured';
3138 switch( $tab ) {
3139 case 'popular':
3140 $source_type = 'popular';
3141 break;
3142 case 'recommended':
3143 $source_type = 'recommended';
3144 break;
3145 case 'favorites':
3146 $source_type = 'favorites';
3147 break;
3148 case 'search':
3149 $source_type = 'search-' . ( isset( $query_parts['type'] ) ? $query_parts['type'] : 'term' );
3150 $source_query = isset( $query_parts['s'] ) ? $query_parts['s'] : null;
3151 break;
3152 default:
3153 $source_type = 'featured';
3154 }
3155 }
3156
3157 return array( $source_type, $source_query );
3158 }
3159
3160 /**
3161 * Runs before bumping version numbers up to a new version
3162 * @param string $version Version:timestamp
3163 * @param string $old_version Old Version:timestamp or false if not set yet.
3164 * @return null [description]
3165 */
3166 public static function do_version_bump( $version, $old_version ) {
3167 if ( ! $old_version ) { // For new sites
3168 // There used to be stuff here, but this seems like it might be useful to someone in the future...
3169 }
3170 }
3171
3172 /**
3173 * Sets the internal version number and activation state.
3174 * @static
3175 */
3176 public static function plugin_initialize() {
3177 if ( ! Jetpack_Options::get_option( 'activated' ) ) {
3178 Jetpack_Options::update_option( 'activated', 2 );
3179 }
3180
3181 if ( ! Jetpack_Options::get_option( 'version' ) ) {
3182 $version = $old_version = JETPACK__VERSION . ':' . time();
3183 /** This action is documented in class.jetpack.php */
3184 do_action( 'updating_jetpack_version', $version, false );
3185 Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
3186 }
3187
3188 Jetpack::load_modules();
3189
3190 Jetpack_Options::delete_option( 'do_activate' );
3191 Jetpack_Options::delete_option( 'dismissed_connection_banner' );
3192 }
3193
3194 /**
3195 * Removes all connection options
3196 * @static
3197 */
3198 public static function plugin_deactivation( ) {
3199 require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
3200 if( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
3201 Jetpack_Network::init()->deactivate();
3202 } else {
3203 Jetpack::disconnect( false );
3204 //Jetpack_Heartbeat::init()->deactivate();
3205 }
3206 }
3207
3208 /**
3209 * Disconnects from the Jetpack servers.
3210 * Forgets all connection details and tells the Jetpack servers to do the same.
3211 * @static
3212 */
3213 public static function disconnect( $update_activated_state = true ) {
3214 wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
3215 Jetpack::clean_nonces( true );
3216
3217 // If the site is in an IDC because sync is not allowed,
3218 // let's make sure to not disconnect the production site.
3219 if ( ! self::validate_sync_error_idc_option() ) {
3220 JetpackTracking::record_user_event( 'disconnect_site', array() );
3221 Jetpack::load_xml_rpc_client();
3222 $xml = new Jetpack_IXR_Client();
3223 $xml->query( 'jetpack.deregister' );
3224 }
3225
3226 Jetpack_Options::delete_option(
3227 array(
3228 'blog_token',
3229 'user_token',
3230 'user_tokens',
3231 'master_user',
3232 'time_diff',
3233 'fallback_no_verify_ssl_certs',
3234 )
3235 );
3236
3237 Jetpack_IDC::clear_all_idc_options();
3238 Jetpack_Options::delete_raw_option( 'jetpack_secrets' );
3239
3240 if ( $update_activated_state ) {
3241 Jetpack_Options::update_option( 'activated', 4 );
3242 }
3243
3244 if ( $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' ) ) {
3245 // Check then record unique disconnection if site has never been disconnected previously
3246 if ( - 1 == $jetpack_unique_connection['disconnected'] ) {
3247 $jetpack_unique_connection['disconnected'] = 1;
3248 } else {
3249 if ( 0 == $jetpack_unique_connection['disconnected'] ) {
3250 //track unique disconnect
3251 $jetpack = Jetpack::init();
3252
3253 $jetpack->stat( 'connections', 'unique-disconnect' );
3254 $jetpack->do_stats( 'server_side' );
3255 }
3256 // increment number of times disconnected
3257 $jetpack_unique_connection['disconnected'] += 1;
3258 }
3259
3260 Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
3261 }
3262
3263 // Delete cached connected user data
3264 $transient_key = "jetpack_connected_user_data_" . get_current_user_id();
3265 delete_transient( $transient_key );
3266
3267 // Delete all the sync related data. Since it could be taking up space.
3268 require_once JETPACK__PLUGIN_DIR . 'sync/class.jetpack-sync-sender.php';
3269 Jetpack_Sync_Sender::get_instance()->uninstall();
3270
3271 // Disable the Heartbeat cron
3272 Jetpack_Heartbeat::init()->deactivate();
3273 }
3274
3275 /**
3276 * Unlinks the current user from the linked WordPress.com user
3277 */
3278 public static function unlink_user( $user_id = null ) {
3279 if ( ! $tokens = Jetpack_Options::get_option( 'user_tokens' ) )
3280 return false;
3281
3282 $user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id );
3283
3284 if ( Jetpack_Options::get_option( 'master_user' ) == $user_id )
3285 return false;
3286
3287 if ( ! isset( $tokens[ $user_id ] ) )
3288 return false;
3289
3290 Jetpack::load_xml_rpc_client();
3291 $xml = new Jetpack_IXR_Client( compact( 'user_id' ) );
3292 $xml->query( 'jetpack.unlink_user', $user_id );
3293
3294 unset( $tokens[ $user_id ] );
3295
3296 Jetpack_Options::update_option( 'user_tokens', $tokens );
3297
3298 /**
3299 * Fires after the current user has been unlinked from WordPress.com.
3300 *
3301 * @since 4.1.0
3302 *
3303 * @param int $user_id The current user's ID.
3304 */
3305 do_action( 'jetpack_unlinked_user', $user_id );
3306
3307 return true;
3308 }
3309
3310 /**
3311 * Attempts Jetpack registration. If it fail, a state flag is set: @see ::admin_page_load()
3312 */
3313 public static function try_registration() {
3314 // The user has agreed to the TOS at some point by now.
3315 Jetpack_Options::update_option( 'tos_agreed', true );
3316
3317 // Let's get some testing in beta versions and such.
3318 if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
3319 // Before attempting to connect, let's make sure that the domains are viable.
3320 $domains_to_check = array_unique( array(
3321 'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),
3322 'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),
3323 ) );
3324 foreach ( $domains_to_check as $domain ) {
3325 $result = Jetpack_Data::is_usable_domain( $domain );
3326 if ( is_wp_error( $result ) ) {
3327 return $result;
3328 }
3329 }
3330 }
3331
3332 $result = Jetpack::register();
3333
3334 // If there was an error with registration and the site was not registered, record this so we can show a message.
3335 if ( ! $result || is_wp_error( $result ) ) {
3336 return $result;
3337 } else {
3338 return true;
3339 }
3340 }
3341
3342 /**
3343 * Tracking an internal event log. Try not to put too much chaff in here.
3344 *
3345 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
3346 */
3347 public static function log( $code, $data = null ) {
3348 // only grab the latest 200 entries
3349 $log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
3350
3351 // Append our event to the log
3352 $log_entry = array(
3353 'time' => time(),
3354 'user_id' => get_current_user_id(),
3355 'blog_id' => Jetpack_Options::get_option( 'id' ),
3356 'code' => $code,
3357 );
3358 // Don't bother storing it unless we've got some.
3359 if ( ! is_null( $data ) ) {
3360 $log_entry['data'] = $data;
3361 }
3362 $log[] = $log_entry;
3363
3364 // Try add_option first, to make sure it's not autoloaded.
3365 // @todo: Add an add_option method to Jetpack_Options
3366 if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
3367 Jetpack_Options::update_option( 'log', $log );
3368 }
3369
3370 /**
3371 * Fires when Jetpack logs an internal event.
3372 *
3373 * @since 3.0.0
3374 *
3375 * @param array $log_entry {
3376 * Array of details about the log entry.
3377 *
3378 * @param string time Time of the event.
3379 * @param int user_id ID of the user who trigerred the event.
3380 * @param int blog_id Jetpack Blog ID.
3381 * @param string code Unique name for the event.
3382 * @param string data Data about the event.
3383 * }
3384 */
3385 do_action( 'jetpack_log_entry', $log_entry );
3386 }
3387
3388 /**
3389 * Get the internal event log.
3390 *
3391 * @param $event (string) - only return the specific log events
3392 * @param $num (int) - get specific number of latest results, limited to 200
3393 *
3394 * @return array of log events || WP_Error for invalid params
3395 */
3396 public static function get_log( $event = false, $num = false ) {
3397 if ( $event && ! is_string( $event ) ) {
3398 return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
3399 }
3400
3401 if ( $num && ! is_numeric( $num ) ) {
3402 return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
3403 }
3404
3405 $entire_log = Jetpack_Options::get_option( 'log', array() );
3406
3407 // If nothing set - act as it did before, otherwise let's start customizing the output
3408 if ( ! $num && ! $event ) {
3409 return $entire_log;
3410 } else {
3411 $entire_log = array_reverse( $entire_log );
3412 }
3413
3414 $custom_log_output = array();
3415
3416 if ( $event ) {
3417 foreach ( $entire_log as $log_event ) {
3418 if ( $event == $log_event[ 'code' ] ) {
3419 $custom_log_output[] = $log_event;
3420 }
3421 }
3422 } else {
3423 $custom_log_output = $entire_log;
3424 }
3425
3426 if ( $num ) {
3427 $custom_log_output = array_slice( $custom_log_output, 0, $num );
3428 }
3429
3430 return $custom_log_output;
3431 }
3432
3433 /**
3434 * Log modification of important settings.
3435 */
3436 public static function log_settings_change( $option, $old_value, $value ) {
3437 switch( $option ) {
3438 case 'jetpack_sync_non_public_post_stati':
3439 self::log( $option, $value );
3440 break;
3441 }
3442 }
3443
3444 /**
3445 * Return stat data for WPCOM sync
3446 */
3447 public static function get_stat_data( $encode = true, $extended = true ) {
3448 $data = Jetpack_Heartbeat::generate_stats_array();
3449
3450 if ( $extended ) {
3451 $additional_data = self::get_additional_stat_data();
3452 $data = array_merge( $data, $additional_data );
3453 }
3454
3455 if ( $encode ) {
3456 return json_encode( $data );
3457 }
3458
3459 return $data;
3460 }
3461
3462 /**
3463 * Get additional stat data to sync to WPCOM
3464 */
3465 public static function get_additional_stat_data( $prefix = '' ) {
3466 $return["{$prefix}themes"] = Jetpack::get_parsed_theme_data();
3467 $return["{$prefix}plugins-extra"] = Jetpack::get_parsed_plugin_data();
3468 $return["{$prefix}users"] = (int) Jetpack::get_site_user_count();
3469 $return["{$prefix}site-count"] = 0;
3470
3471 if ( function_exists( 'get_blog_count' ) ) {
3472 $return["{$prefix}site-count"] = get_blog_count();
3473 }
3474 return $return;
3475 }
3476
3477 private static function get_site_user_count() {
3478 global $wpdb;
3479
3480 if ( function_exists( 'wp_is_large_network' ) ) {
3481 if ( wp_is_large_network( 'users' ) ) {
3482 return -1; // Not a real value but should tell us that we are dealing with a large network.
3483 }
3484 }
3485 if ( false === ( $user_count = get_transient( 'jetpack_site_user_count' ) ) ) {
3486 // It wasn't there, so regenerate the data and save the transient
3487 $user_count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities'" );
3488 set_transient( 'jetpack_site_user_count', $user_count, DAY_IN_SECONDS );
3489 }
3490 return $user_count;
3491 }
3492
3493 /* Admin Pages */
3494
3495 function admin_init() {
3496 // If the plugin is not connected, display a connect message.
3497 if (
3498 // the plugin was auto-activated and needs its candy
3499 Jetpack_Options::get_option_and_ensure_autoload( 'do_activate', '0' )
3500 ||
3501 // the plugin is active, but was never activated. Probably came from a site-wide network activation
3502 ! Jetpack_Options::get_option( 'activated' )
3503 ) {
3504 Jetpack::plugin_initialize();
3505 }
3506
3507 if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
3508 Jetpack_Connection_Banner::init();
3509 } elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3510 // Upgrade: 1.1 -> 1.1.1
3511 // Check and see if host can verify the Jetpack servers' SSL certificate
3512 $args = array();
3513 Jetpack_Client::_wp_remote_request(
3514 Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'test' ) ),
3515 $args,
3516 true
3517 );
3518 }
3519
3520 if ( current_user_can( 'manage_options' ) && 'AUTO' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3521 add_action( 'jetpack_notices', array( $this, 'alert_auto_ssl_fail' ) );
3522 }
3523
3524 add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3525 add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3526 add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3527
3528 if ( Jetpack::is_active() || Jetpack::is_development_mode() ) {
3529 // Artificially throw errors in certain whitelisted cases during plugin activation
3530 add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3531 }
3532
3533 // Add custom column in wp-admin/users.php to show whether user is linked.
3534 add_filter( 'manage_users_columns', array( $this, 'jetpack_icon_user_connected' ) );
3535 add_action( 'manage_users_custom_column', array( $this, 'jetpack_show_user_connected_icon' ), 10, 3 );
3536 add_action( 'admin_print_styles', array( $this, 'jetpack_user_col_style' ) );
3537 }
3538
3539 function admin_body_class( $admin_body_class = '' ) {
3540 $classes = explode( ' ', trim( $admin_body_class ) );
3541
3542 $classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3543
3544 $admin_body_class = implode( ' ', array_unique( $classes ) );
3545 return " $admin_body_class ";
3546 }
3547
3548 static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3549 return $admin_body_class . ' jetpack-pagestyles ';
3550 }
3551
3552 /**
3553 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3554 * This function artificially throws errors for such cases (whitelisted).
3555 *
3556 * @param string $plugin The activated plugin.
3557 */
3558 function throw_error_on_activate_plugin( $plugin ) {
3559 $active_modules = Jetpack::get_active_modules();
3560
3561 // The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3562 if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3563 $throw = false;
3564
3565 // Try and make sure it really was the stats plugin
3566 if ( ! class_exists( 'ReflectionFunction' ) ) {
3567 if ( 'stats.php' == basename( $plugin ) ) {
3568 $throw = true;
3569 }
3570 } else {
3571 $reflection = new ReflectionFunction( 'stats_get_api_key' );
3572 if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3573 $throw = true;
3574 }
3575 }
3576
3577 if ( $throw ) {
3578 trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old “%1$s” plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3579 }
3580 }
3581 }
3582
3583 function intercept_plugin_error_scrape_init() {
3584 add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3585 }
3586
3587 function intercept_plugin_error_scrape( $action, $result ) {
3588 if ( ! $result ) {
3589 return;
3590 }
3591
3592 foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3593 if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3594 Jetpack::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old “%1$s” plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3595 }
3596 }
3597 }
3598
3599 function add_remote_request_handlers() {
3600 add_action( 'wp_ajax_nopriv_jetpack_upload_file', array( $this, 'remote_request_handlers' ) );
3601 add_action( 'wp_ajax_nopriv_jetpack_update_file', array( $this, 'remote_request_handlers' ) );
3602 }
3603
3604 function remote_request_handlers() {
3605 $action = current_filter();
3606
3607 switch ( current_filter() ) {
3608 case 'wp_ajax_nopriv_jetpack_upload_file' :
3609 $response = $this->upload_handler();
3610 break;
3611
3612 case 'wp_ajax_nopriv_jetpack_update_file' :
3613 $response = $this->upload_handler( true );
3614 break;
3615 default :
3616 $response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
3617 break;
3618 }
3619
3620 if ( ! $response ) {
3621 $response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
3622 }
3623
3624 if ( is_wp_error( $response ) ) {
3625 $status_code = $response->get_error_data();
3626 $error = $response->get_error_code();
3627 $error_description = $response->get_error_message();
3628
3629 if ( ! is_int( $status_code ) ) {
3630 $status_code = 400;
3631 }
3632
3633 status_header( $status_code );
3634 die( json_encode( (object) compact( 'error', 'error_description' ) ) );
3635 }
3636
3637 status_header( 200 );
3638 if ( true === $response ) {
3639 exit;
3640 }
3641
3642 die( json_encode( (object) $response ) );
3643 }
3644
3645 /**
3646 * Uploads a file gotten from the global $_FILES.
3647 * If `$update_media_item` is true and `post_id` is defined
3648 * the attachment file of the media item (gotten through of the post_id)
3649 * will be updated instead of add a new one.
3650 *
3651 * @param boolean $update_media_item - update media attachment
3652 * @return array - An array describing the uploadind files process
3653 */
3654 function upload_handler( $update_media_item = false ) {
3655 if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3656 return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
3657 }
3658
3659 $user = wp_authenticate( '', '' );
3660 if ( ! $user || is_wp_error( $user ) ) {
3661 return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
3662 }
3663
3664 wp_set_current_user( $user->ID );
3665
3666 if ( ! current_user_can( 'upload_files' ) ) {
3667 return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
3668 }
3669
3670 if ( empty( $_FILES ) ) {
3671 return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
3672 }
3673
3674 foreach ( array_keys( $_FILES ) as $files_key ) {
3675 if ( ! isset( $_POST["_jetpack_file_hmac_{$files_key}"] ) ) {
3676 return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
3677 }
3678 }
3679
3680 $media_keys = array_keys( $_FILES['media'] );
3681
3682 $token = Jetpack_Data::get_access_token( get_current_user_id() );
3683 if ( ! $token || is_wp_error( $token ) ) {
3684 return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
3685 }
3686
3687 $uploaded_files = array();
3688 $global_post = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3689 unset( $GLOBALS['post'] );
3690 foreach ( $_FILES['media']['name'] as $index => $name ) {
3691 $file = array();
3692 foreach ( $media_keys as $media_key ) {
3693 $file[$media_key] = $_FILES['media'][$media_key][$index];
3694 }
3695
3696 list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][$index] );
3697
3698 $hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3699 if ( $hmac_provided !== $hmac_file ) {
3700 $uploaded_files[$index] = (object) array( 'error' => 'invalid_hmac', 'error_description' => 'The corresponding HMAC for this file does not match' );
3701 continue;
3702 }
3703
3704 $_FILES['.jetpack.upload.'] = $file;
3705 $post_id = isset( $_POST['post_id'][$index] ) ? absint( $_POST['post_id'][$index] ) : 0;
3706 if ( ! current_user_can( 'edit_post', $post_id ) ) {
3707 $post_id = 0;
3708 }
3709
3710 if ( $update_media_item ) {
3711 if ( ! isset( $post_id ) || $post_id === 0 ) {
3712 return new Jetpack_Error( 'invalid_input', 'Media ID must be defined.', 400 );
3713 }
3714
3715 $media_array = $_FILES['media'];
3716
3717 $file_array['name'] = $media_array['name'][0];
3718 $file_array['type'] = $media_array['type'][0];
3719 $file_array['tmp_name'] = $media_array['tmp_name'][0];
3720 $file_array['error'] = $media_array['error'][0];
3721 $file_array['size'] = $media_array['size'][0];
3722
3723 $edited_media_item = Jetpack_Media::edit_media_file( $post_id, $file_array );
3724
3725 if ( is_wp_error( $edited_media_item ) ) {
3726 return $edited_media_item;
3727 }
3728
3729 $response = (object) array(
3730 'id' => (string) $post_id,
3731 'file' => (string) $edited_media_item->post_title,
3732 'url' => (string) wp_get_attachment_url( $post_id ),
3733 'type' => (string) $edited_media_item->post_mime_type,
3734 'meta' => (array) wp_get_attachment_metadata( $post_id ),
3735 );
3736
3737 return (array) array( $response );
3738 }
3739
3740 $attachment_id = media_handle_upload(
3741 '.jetpack.upload.',
3742 $post_id,
3743 array(),
3744 array(
3745 'action' => 'jetpack_upload_file',
3746 )
3747 );
3748
3749 if ( ! $attachment_id ) {
3750 $uploaded_files[$index] = (object) array( 'error' => 'unknown', 'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site' );
3751 } elseif ( is_wp_error( $attachment_id ) ) {
3752 $uploaded_files[$index] = (object) array( 'error' => 'attachment_' . $attachment_id->get_error_code(), 'error_description' => $attachment_id->get_error_message() );
3753 } else {
3754 $attachment = get_post( $attachment_id );
3755 $uploaded_files[$index] = (object) array(
3756 'id' => (string) $attachment_id,
3757 'file' => $attachment->post_title,
3758 'url' => wp_get_attachment_url( $attachment_id ),
3759 'type' => $attachment->post_mime_type,
3760 'meta' => wp_get_attachment_metadata( $attachment_id ),
3761 );
3762 // Zip files uploads are not supported unless they are done for installation purposed
3763 // lets delete them in case something goes wrong in this whole process
3764 if ( 'application/zip' === $attachment->post_mime_type ) {
3765 // Schedule a cleanup for 2 hours from now in case of failed install.
3766 wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $attachment_id ) );
3767 }
3768 }
3769 }
3770 if ( ! is_null( $global_post ) ) {
3771 $GLOBALS['post'] = $global_post;
3772 }
3773
3774 return $uploaded_files;
3775 }
3776
3777 /**
3778 * Add help to the Jetpack page
3779 *
3780 * @since Jetpack (1.2.3)
3781 * @return false if not the Jetpack page
3782 */
3783 function admin_help() {
3784 $current_screen = get_current_screen();
3785
3786 // Overview
3787 $current_screen->add_help_tab(
3788 array(
3789 'id' => 'home',
3790 'title' => __( 'Home', 'jetpack' ),
3791 'content' =>
3792 '<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3793 '<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3794 '<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3795 )
3796 );
3797
3798 // Screen Content
3799 if ( current_user_can( 'manage_options' ) ) {
3800 $current_screen->add_help_tab(
3801 array(
3802 'id' => 'settings',
3803 'title' => __( 'Settings', 'jetpack' ),
3804 'content' =>
3805 '<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3806 '<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3807 '<ol>' .
3808 '<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.', 'jetpack' ) . '</li>' .
3809 '<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.', 'jetpack' ) . '</li>' .
3810 '</ol>' .
3811 '<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>'
3812 )
3813 );
3814 }
3815
3816 // Help Sidebar
3817 $current_screen->set_help_sidebar(
3818 '<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3819 '<p><a href="https://jetpack.com/faq/" target="_blank">' . __( 'Jetpack FAQ', 'jetpack' ) . '</a></p>' .
3820 '<p><a href="https://jetpack.com/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3821 '<p><a href="' . Jetpack::admin_url( array( 'page' => 'jetpack-debugger' ) ) .'">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3822 );
3823 }
3824
3825 function admin_menu_css() {
3826 wp_enqueue_style( 'jetpack-icons' );
3827 }
3828
3829 function admin_menu_order() {
3830 return true;
3831 }
3832
3833 function jetpack_menu_order( $menu_order ) {
3834 $jp_menu_order = array();
3835
3836 foreach ( $menu_order as $index => $item ) {
3837 if ( $item != 'jetpack' ) {
3838 $jp_menu_order[] = $item;
3839 }
3840
3841 if ( $index == 0 ) {
3842 $jp_menu_order[] = 'jetpack';
3843 }
3844 }
3845
3846 return $jp_menu_order;
3847 }
3848
3849 function admin_banner_styles() {
3850 $min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3851
3852 if ( ! wp_style_is( 'jetpack-dops-style' ) ) {
3853 wp_register_style(
3854 'jetpack-dops-style',
3855 plugins_url( '_inc/build/admin.dops-style.css', JETPACK__PLUGIN_FILE ),
3856 array(),
3857 JETPACK__VERSION
3858 );
3859 }
3860
3861 wp_enqueue_style(
3862 'jetpack',
3863 plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ),
3864 array( 'jetpack-dops-style' ),
3865 JETPACK__VERSION . '-20121016'
3866 );
3867 wp_style_add_data( 'jetpack', 'rtl', 'replace' );
3868 wp_style_add_data( 'jetpack', 'suffix', $min );
3869 }
3870
3871 function plugin_action_links( $actions ) {
3872
3873 $jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack' ), 'Jetpack' ) );
3874
3875 if( current_user_can( 'jetpack_manage_modules' ) && ( Jetpack::is_active() || Jetpack::is_development_mode() ) ) {
3876 return array_merge(
3877 $jetpack_home,
3878 array( 'settings' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack#/settings' ), __( 'Settings', 'jetpack' ) ) ),
3879 array( 'support' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack-debugger '), __( 'Support', 'jetpack' ) ) ),
3880 $actions
3881 );
3882 }
3883
3884 return array_merge( $jetpack_home, $actions );
3885 }
3886
3887 /*
3888 * Registration flow:
3889 * 1 - ::admin_page_load() action=register
3890 * 2 - ::try_registration()
3891 * 3 - ::register()
3892 * - Creates jetpack_register option containing two secrets and a timestamp
3893 * - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
3894 * siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
3895 * - That request to jetpack.wordpress.com does not immediately respond. It first makes a request BACK to this site's
3896 * xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
3897 * - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
3898 * - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
3899 * jetpack_id, jetpack_secret, jetpack_public
3900 * - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
3901 * 4 - redirect to https://wordpress.com/start/jetpack-connect
3902 * 5 - user logs in with WP.com account
3903 * 6 - remote request to this site's xmlrpc.php with action remoteAuthorize, Jetpack_XMLRPC_Server->remote_authorize
3904 * - Jetpack_Client_Server::authorize()
3905 * - Jetpack_Client_Server::get_token()
3906 * - GET https://jetpack.wordpress.com/jetpack.token/1/ with
3907 * client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
3908 * - which responds with access_token, token_type, scope
3909 * - Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id
3910 * - Jetpack::activate_default_modules()
3911 * - Deactivates deprecated plugins
3912 * - Activates all default modules
3913 * - Responds with either error, or 'connected' for new connection, or 'linked' for additional linked users
3914 * 7 - For a new connection, user selects a Jetpack plan on wordpress.com
3915 * 8 - User is redirected back to wp-admin/index.php?page=jetpack with state:message=authorized
3916 * Done!
3917 */
3918
3919 /**
3920 * Handles the page load events for the Jetpack admin page
3921 */
3922 function admin_page_load() {
3923 $error = false;
3924
3925 // Make sure we have the right body class to hook stylings for subpages off of.
3926 add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ) );
3927
3928 if ( ! empty( $_GET['jetpack_restate'] ) ) {
3929 // Should only be used in intermediate redirects to preserve state across redirects
3930 Jetpack::restate();
3931 }
3932
3933 if ( isset( $_GET['connect_url_redirect'] ) ) {
3934 // User clicked in the iframe to link their accounts
3935 if ( ! Jetpack::is_user_connected() ) {
3936 $from = ! empty( $_GET['from'] ) ? $_GET['from'] : 'iframe';
3937 $redirect = ! empty( $_GET['redirect_after_auth'] ) ? $_GET['redirect_after_auth'] : false;
3938
3939 add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
3940 $connect_url = $this->build_connect_url( true, $redirect, $from );
3941 remove_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
3942
3943 if ( isset( $_GET['notes_iframe'] ) )
3944 $connect_url .= '¬es_iframe';
3945 wp_redirect( $connect_url );
3946 exit;
3947 } else {
3948 if ( ! isset( $_GET['calypso_env'] ) ) {
3949 Jetpack::state( 'message', 'already_authorized' );
3950 wp_safe_redirect( Jetpack::admin_url() );
3951 exit;
3952 } else {
3953 $connect_url = $this->build_connect_url( true, false, 'iframe' );
3954 $connect_url .= '&already_authorized=true';
3955 wp_redirect( $connect_url );
3956 exit;
3957 }
3958 }
3959 }
3960
3961
3962 if ( isset( $_GET['action'] ) ) {
3963 switch ( $_GET['action'] ) {
3964 case 'authorize':
3965 if ( Jetpack::is_active() && Jetpack::is_user_connected() ) {
3966 Jetpack::state( 'message', 'already_authorized' );
3967 wp_safe_redirect( Jetpack::admin_url() );
3968 exit;
3969 }
3970 Jetpack::log( 'authorize' );
3971 $client_server = new Jetpack_Client_Server;
3972 $client_server->client_authorize();
3973 exit;
3974 case 'register' :
3975 if ( ! current_user_can( 'jetpack_connect' ) ) {
3976 $error = 'cheatin';
3977 break;
3978 }
3979 check_admin_referer( 'jetpack-register' );
3980 Jetpack::log( 'register' );
3981 Jetpack::maybe_set_version_option();
3982 $registered = Jetpack::try_registration();
3983 if ( is_wp_error( $registered ) ) {
3984 $error = $registered->get_error_code();
3985 Jetpack::state( 'error', $error );
3986 Jetpack::state( 'error', $registered->get_error_message() );
3987 JetpackTracking::record_user_event( 'jpc_register_fail', array(
3988 'error_code' => $error,
3989 'error_message' => $registered->get_error_message()
3990 ) );
3991 break;
3992 }
3993
3994 $from = isset( $_GET['from'] ) ? $_GET['from'] : false;
3995 $redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : false;
3996
3997 JetpackTracking::record_user_event( 'jpc_register_success', array(
3998 'from' => $from
3999 ) );
4000
4001 $url = $this->build_connect_url( true, $redirect, $from );
4002
4003 if ( ! empty( $_GET['onboarding'] ) ) {
4004 $url = add_query_arg( 'onboarding', $_GET['onboarding'], $url );
4005 }
4006
4007 if ( ! empty( $_GET['auth_approved'] ) && 'true' === $_GET['auth_approved'] ) {
4008 $url = add_query_arg( 'auth_approved', 'true', $url );
4009 }
4010
4011 wp_redirect( $url );
4012 exit;
4013 case 'activate' :
4014 if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
4015 $error = 'cheatin';
4016 break;
4017 }
4018
4019 $module = stripslashes( $_GET['module'] );
4020 check_admin_referer( "jetpack_activate-$module" );
4021 Jetpack::log( 'activate', $module );
4022 if ( ! Jetpack::activate_module( $module ) ) {
4023 Jetpack::state( 'error', sprintf( __( 'Could not activate %s', 'jetpack' ), $module ) );
4024 }
4025 // The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
4026 wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4027 exit;
4028 case 'activate_default_modules' :
4029 check_admin_referer( 'activate_default_modules' );
4030 Jetpack::log( 'activate_default_modules' );
4031 Jetpack::restate();
4032 $min_version = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
4033 $max_version = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
4034 $other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
4035 Jetpack::activate_default_modules( $min_version, $max_version, $other_modules );
4036 wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4037 exit;
4038 case 'disconnect' :
4039 if ( ! current_user_can( 'jetpack_disconnect' ) ) {
4040 $error = 'cheatin';
4041 break;
4042 }
4043
4044 check_admin_referer( 'jetpack-disconnect' );
4045 Jetpack::log( 'disconnect' );
4046 Jetpack::disconnect();
4047 wp_safe_redirect( Jetpack::admin_url( 'disconnected=true' ) );
4048 exit;
4049 case 'reconnect' :
4050 if ( ! current_user_can( 'jetpack_reconnect' ) ) {
4051 $error = 'cheatin';
4052 break;
4053 }
4054
4055 check_admin_referer( 'jetpack-reconnect' );
4056 Jetpack::log( 'reconnect' );
4057 $this->disconnect();
4058 wp_redirect( $this->build_connect_url( true, false, 'reconnect' ) );
4059 exit;
4060 case 'deactivate' :
4061 if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
4062 $error = 'cheatin';
4063 break;
4064 }
4065
4066 $modules = stripslashes( $_GET['module'] );
4067 check_admin_referer( "jetpack_deactivate-$modules" );
4068 foreach ( explode( ',', $modules ) as $module ) {
4069 Jetpack::log( 'deactivate', $module );
4070 Jetpack::deactivate_module( $module );
4071 Jetpack::state( 'message', 'module_deactivated' );
4072 }
4073 Jetpack::state( 'module', $modules );
4074 wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4075 exit;
4076 case 'unlink' :
4077 $redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
4078 check_admin_referer( 'jetpack-unlink' );
4079 Jetpack::log( 'unlink' );
4080 $this->unlink_user();
4081 Jetpack::state( 'message', 'unlinked' );
4082 if ( 'sub-unlink' == $redirect ) {
4083 wp_safe_redirect( admin_url() );
4084 } else {
4085 wp_safe_redirect( Jetpack::admin_url( array( 'page' => $redirect ) ) );
4086 }
4087 exit;
4088 case 'onboard' :
4089 if ( ! current_user_can( 'manage_options' ) ) {
4090 wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
4091 } else {
4092 Jetpack::create_onboarding_token();
4093 $url = $this->build_connect_url( true );
4094
4095 if ( false !== ( $token = Jetpack_Options::get_option( 'onboarding' ) ) ) {
4096 $url = add_query_arg( 'onboarding', $token, $url );
4097 }
4098
4099 $calypso_env = ! empty( $_GET[ 'calypso_env' ] ) ? $_GET[ 'calypso_env' ] : false;
4100 if ( $calypso_env ) {
4101 $url = add_query_arg( 'calypso_env', $calypso_env, $url );
4102 }
4103
4104 wp_redirect( $url );
4105 exit;
4106 }
4107 exit;
4108 default:
4109 /**
4110 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
4111 *
4112 * @since 2.6.0
4113 *
4114 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
4115 */
4116 do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
4117 }
4118 }
4119
4120 if ( ! $error = $error ? $error : Jetpack::state( 'error' ) ) {
4121 self::activate_new_modules( true );
4122 }
4123
4124 $message_code = Jetpack::state( 'message' );
4125 if ( Jetpack::state( 'optin-manage' ) ) {
4126 $activated_manage = $message_code;
4127 $message_code = 'jetpack-manage';
4128 }
4129
4130 switch ( $message_code ) {
4131 case 'jetpack-manage':
4132 $this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>';
4133 if ( $activated_manage ) {
4134 $this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack' ) . '</strong>';
4135 }
4136 break;
4137
4138 }
4139
4140 $deactivated_plugins = Jetpack::state( 'deactivated_plugins' );
4141
4142 if ( ! empty( $deactivated_plugins ) ) {
4143 $deactivated_plugins = explode( ',', $deactivated_plugins );
4144 $deactivated_titles = array();
4145 foreach ( $deactivated_plugins as $deactivated_plugin ) {
4146 if ( ! isset( $this->plugins_to_deactivate[$deactivated_plugin] ) ) {
4147 continue;
4148 }
4149
4150 $deactivated_titles[] = '<strong>' . str_replace( ' ', ' ', $this->plugins_to_deactivate[$deactivated_plugin][1] ) . '</strong>';
4151 }
4152
4153 if ( $deactivated_titles ) {
4154 if ( $this->message ) {
4155 $this->message .= "<br /><br />\n";
4156 }
4157
4158 $this->message .= wp_sprintf(
4159 _n(
4160 'Jetpack contains the most recent version of the old %l plugin.',
4161 'Jetpack contains the most recent versions of the old %l plugins.',
4162 count( $deactivated_titles ),
4163 'jetpack'
4164 ),
4165 $deactivated_titles
4166 );
4167
4168 $this->message .= "<br />\n";
4169
4170 $this->message .= _n(
4171 'The old version has been deactivated and can be removed from your site.',
4172 'The old versions have been deactivated and can be removed from your site.',
4173 count( $deactivated_titles ),
4174 'jetpack'
4175 );
4176 }
4177 }
4178
4179 $this->privacy_checks = Jetpack::state( 'privacy_checks' );
4180
4181 if ( $this->message || $this->error || $this->privacy_checks ) {
4182 add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
4183 }
4184
4185 add_filter( 'jetpack_short_module_description', 'wptexturize' );
4186 }
4187
4188 function admin_notices() {
4189
4190 if ( $this->error ) {
4191?>
4192<div id="message" class="jetpack-message jetpack-err">
4193 <div class="squeezer">
4194 <h2><?php echo wp_kses( $this->error, array( 'a' => array( 'href' => array() ), 'small' => true, 'code' => true, 'strong' => true, 'br' => true, 'b' => true ) ); ?></h2>
4195<?php if ( $desc = Jetpack::state( 'error_description' ) ) : ?>
4196 <p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
4197<?php endif; ?>
4198 </div>
4199</div>
4200<?php
4201 }
4202
4203 if ( $this->message ) {
4204?>
4205<div id="message" class="jetpack-message">
4206 <div class="squeezer">
4207 <h2><?php echo wp_kses( $this->message, array( 'strong' => array(), 'a' => array( 'href' => true ), 'br' => true ) ); ?></h2>
4208 </div>
4209</div>
4210<?php
4211 }
4212
4213 if ( $this->privacy_checks ) :
4214 $module_names = $module_slugs = array();
4215
4216 $privacy_checks = explode( ',', $this->privacy_checks );
4217 $privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
4218 foreach ( $privacy_checks as $module_slug ) {
4219 $module = Jetpack::get_module( $module_slug );
4220 if ( ! $module ) {
4221 continue;
4222 }
4223
4224 $module_slugs[] = $module_slug;
4225 $module_names[] = "<strong>{$module['name']}</strong>";
4226 }
4227
4228 $module_slugs = join( ',', $module_slugs );
4229?>
4230<div id="message" class="jetpack-message jetpack-err">
4231 <div class="squeezer">
4232 <h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
4233 <p><?php
4234 echo wp_kses(
4235 wptexturize(
4236 wp_sprintf(
4237 _nx(
4238 "Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
4239 "Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
4240 count( $privacy_checks ),
4241 '%l = list of Jetpack module/feature names',
4242 'jetpack'
4243 ),
4244 $module_names
4245 )
4246 ),
4247 array( 'strong' => true )
4248 );
4249
4250 echo "\n<br />\n";
4251
4252 echo wp_kses(
4253 sprintf(
4254 _nx(
4255 'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
4256 'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
4257 count( $privacy_checks ),
4258 '%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
4259 'jetpack'
4260 ),
4261 wp_nonce_url(
4262 Jetpack::admin_url(
4263 array(
4264 'page' => 'jetpack',
4265 'action' => 'deactivate',
4266 'module' => urlencode( $module_slugs ),
4267 )
4268 ),
4269 "jetpack_deactivate-$module_slugs"
4270 ),
4271 esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
4272 ),
4273 array( 'a' => array( 'href' => true, 'title' => true ) )
4274 );
4275 ?></p>
4276 </div>
4277</div>
4278<?php endif;
4279 }
4280
4281 /**
4282 * Record a stat for later output. This will only currently output in the admin_footer.
4283 */
4284 function stat( $group, $detail ) {
4285 if ( ! isset( $this->stats[ $group ] ) )
4286 $this->stats[ $group ] = array();
4287 $this->stats[ $group ][] = $detail;
4288 }
4289
4290 /**
4291 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
4292 */
4293 function do_stats( $method = '' ) {
4294 if ( is_array( $this->stats ) && count( $this->stats ) ) {
4295 foreach ( $this->stats as $group => $stats ) {
4296 if ( is_array( $stats ) && count( $stats ) ) {
4297 $args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
4298 if ( 'server_side' === $method ) {
4299 self::do_server_side_stat( $args );
4300 } else {
4301 echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
4302 }
4303 }
4304 unset( $this->stats[ $group ] );
4305 }
4306 }
4307 }
4308
4309 /**
4310 * Runs stats code for a one-off, server-side.
4311 *
4312 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
4313 *
4314 * @return bool If it worked.
4315 */
4316 static function do_server_side_stat( $args ) {
4317 $response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
4318 if ( is_wp_error( $response ) )
4319 return false;
4320
4321 if ( 200 !== wp_remote_retrieve_response_code( $response ) )
4322 return false;
4323
4324 return true;
4325 }
4326
4327 /**
4328 * Builds the stats url.
4329 *
4330 * @param $args array|string The arguments to append to the URL.
4331 *
4332 * @return string The URL to be pinged.
4333 */
4334 static function build_stats_url( $args ) {
4335 $defaults = array(
4336 'v' => 'wpcom2',
4337 'rand' => md5( mt_rand( 0, 999 ) . time() ),
4338 );
4339 $args = wp_parse_args( $args, $defaults );
4340 /**
4341 * Filter the URL used as the Stats tracking pixel.
4342 *
4343 * @since 2.3.2
4344 *
4345 * @param string $url Base URL used as the Stats tracking pixel.
4346 */
4347 $base_url = apply_filters(
4348 'jetpack_stats_base_url',
4349 'https://pixel.wp.com/g.gif'
4350 );
4351 $url = add_query_arg( $args, $base_url );
4352 return $url;
4353 }
4354
4355 static function translate_current_user_to_role() {
4356 foreach ( self::$capability_translations as $role => $cap ) {
4357 if ( current_user_can( $role ) || current_user_can( $cap ) ) {
4358 return $role;
4359 }
4360 }
4361
4362 return false;
4363 }
4364
4365 static function translate_user_to_role( $user ) {
4366 foreach ( self::$capability_translations as $role => $cap ) {
4367 if ( user_can( $user, $role ) || user_can( $user, $cap ) ) {
4368 return $role;
4369 }
4370 }
4371
4372 return false;
4373 }
4374
4375 static function translate_role_to_cap( $role ) {
4376 if ( ! isset( self::$capability_translations[$role] ) ) {
4377 return false;
4378 }
4379
4380 return self::$capability_translations[$role];
4381 }
4382
4383 static function sign_role( $role, $user_id = null ) {
4384 if ( empty( $user_id ) ) {
4385 $user_id = (int) get_current_user_id();
4386 }
4387
4388 if ( ! $user_id ) {
4389 return false;
4390 }
4391
4392 $token = Jetpack_Data::get_access_token();
4393 if ( ! $token || is_wp_error( $token ) ) {
4394 return false;
4395 }
4396
4397 return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret );
4398 }
4399
4400
4401 /**
4402 * Builds a URL to the Jetpack connection auth page
4403 *
4404 * @since 3.9.5
4405 *
4406 * @param bool $raw If true, URL will not be escaped.
4407 * @param bool|string $redirect If true, will redirect back to Jetpack wp-admin landing page after connection.
4408 * If string, will be a custom redirect.
4409 * @param bool|string $from If not false, adds 'from=$from' param to the connect URL.
4410 * @param bool $register If true, will generate a register URL regardless of the existing token, since 4.9.0
4411 *
4412 * @return string Connect URL
4413 */
4414 function build_connect_url( $raw = false, $redirect = false, $from = false, $register = false ) {
4415 $site_id = Jetpack_Options::get_option( 'id' );
4416 $token = Jetpack_Options::get_option( 'blog_token' );
4417
4418 if ( $register || ! $token || ! $site_id ) {
4419 $url = Jetpack::nonce_url_no_esc( Jetpack::admin_url( 'action=register' ), 'jetpack-register' );
4420
4421 if ( ! empty( $redirect ) ) {
4422 $url = add_query_arg(
4423 'redirect',
4424 urlencode( wp_validate_redirect( esc_url_raw( $redirect ) ) ),
4425 $url
4426 );
4427 }
4428
4429 if( is_network_admin() ) {
4430 $url = add_query_arg( 'is_multisite', network_admin_url( 'admin.php?page=jetpack-settings' ), $url );
4431 }
4432 } else {
4433
4434 // Let's check the existing blog token to see if we need to re-register. We only check once per minute
4435 // because otherwise this logic can get us in to a loop.
4436 $last_connect_url_check = intval( Jetpack_Options::get_raw_option( 'jetpack_last_connect_url_check' ) );
4437 if ( ! $last_connect_url_check || ( time() - $last_connect_url_check ) > MINUTE_IN_SECONDS ) {
4438 Jetpack_Options::update_raw_option( 'jetpack_last_connect_url_check', time() );
4439
4440 $response = Jetpack_Client::wpcom_json_api_request_as_blog(
4441 sprintf( '/sites/%d', $site_id ) .'?force=wpcom',
4442 '1.1'
4443 );
4444
4445 if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
4446 // Generating a register URL instead to refresh the existing token
4447 return $this->build_connect_url( $raw, $redirect, $from, true );
4448 }
4449 }
4450
4451 if ( defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) && include_once JETPACK__GLOTPRESS_LOCALES_PATH ) {
4452 $gp_locale = GP_Locales::by_field( 'wp_locale', get_locale() );
4453 }
4454
4455 $role = self::translate_current_user_to_role();
4456 $signed_role = self::sign_role( $role );
4457
4458 $user = wp_get_current_user();
4459
4460 $jetpack_admin_page = esc_url_raw( admin_url( 'admin.php?page=jetpack' ) );
4461 $redirect = $redirect
4462 ? wp_validate_redirect( esc_url_raw( $redirect ), $jetpack_admin_page )
4463 : $jetpack_admin_page;
4464
4465 if( isset( $_REQUEST['is_multisite'] ) ) {
4466 $redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4467 }
4468
4469 $secrets = Jetpack::generate_secrets( 'authorize', false, 2 * HOUR_IN_SECONDS );
4470
4471 /**
4472 * Filter the type of authorization.
4473 * 'calypso' completes authorization on wordpress.com/jetpack/connect
4474 * while 'jetpack' ( or any other value ) completes the authorization at jetpack.wordpress.com.
4475 *
4476 * @since 4.3.3
4477 *
4478 * @param string $auth_type Defaults to 'calypso', can also be 'jetpack'.
4479 */
4480 $auth_type = apply_filters( 'jetpack_auth_type', 'calypso' );
4481
4482 $tracks_identity = jetpack_tracks_get_identity( get_current_user_id() );
4483
4484 $args = urlencode_deep(
4485 array(
4486 'response_type' => 'code',
4487 'client_id' => Jetpack_Options::get_option( 'id' ),
4488 'redirect_uri' => add_query_arg(
4489 array(
4490 'action' => 'authorize',
4491 '_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
4492 'redirect' => urlencode( $redirect ),
4493 ),
4494 esc_url( admin_url( 'admin.php?page=jetpack' ) )
4495 ),
4496 'state' => $user->ID,
4497 'scope' => $signed_role,
4498 'user_email' => $user->user_email,
4499 'user_login' => $user->user_login,
4500 'is_active' => Jetpack::is_active(),
4501 'jp_version' => JETPACK__VERSION,
4502 'auth_type' => $auth_type,
4503 'secret' => $secrets['secret_1'],
4504 'locale' => ( isset( $gp_locale ) && isset( $gp_locale->slug ) ) ? $gp_locale->slug : '',
4505 'blogname' => get_option( 'blogname' ),
4506 'site_url' => site_url(),
4507 'home_url' => home_url(),
4508 'site_icon' => get_site_icon_url(),
4509 'site_lang' => get_locale(),
4510 '_ui' => $tracks_identity['_ui'],
4511 '_ut' => $tracks_identity['_ut'],
4512 'site_created' => Jetpack::get_assumed_site_creation_date(),
4513 )
4514 );
4515
4516 self::apply_activation_source_to_args( $args );
4517
4518 $url = add_query_arg( $args, Jetpack::api_url( 'authorize' ) );
4519 }
4520
4521 if ( $from ) {
4522 $url = add_query_arg( 'from', $from, $url );
4523 }
4524
4525 // Ensure that class to get the affiliate code is loaded
4526 if ( ! class_exists( 'Jetpack_Affiliate' ) ) {
4527 require_once JETPACK__PLUGIN_DIR . 'class.jetpack-affiliate.php';
4528 }
4529 // Get affiliate code and add it to the URL
4530 $url = Jetpack_Affiliate::init()->add_code_as_query_arg( $url );
4531
4532 if ( isset( $_GET['calypso_env'] ) ) {
4533 $url = add_query_arg( 'calypso_env', sanitize_key( $_GET['calypso_env'] ), $url );
4534 }
4535
4536 return $raw ? $url : esc_url( $url );
4537 }
4538
4539 /**
4540 * Get our assumed site creation date.
4541 * Calculated based on the earlier date of either:
4542 * - Earliest admin user registration date.
4543 * - Earliest date of post of any post type.
4544 *
4545 * @since 7.2.0
4546 *
4547 * @return string Assumed site creation date and time.
4548 */
4549 public static function get_assumed_site_creation_date() {
4550 $earliest_registered_users = get_users( array(
4551 'role' => 'administrator',
4552 'orderby' => 'user_registered',
4553 'order' => 'ASC',
4554 'fields' => array( 'user_registered' ),
4555 'number' => 1,
4556 ) );
4557 $earliest_registration_date = $earliest_registered_users[0]->user_registered;
4558
4559 $earliest_posts = get_posts( array(
4560 'posts_per_page' => 1,
4561 'post_type' => 'any',
4562 'post_status' => 'any',
4563 'orderby' => 'date',
4564 'order' => 'ASC',
4565 ) );
4566
4567 // If there are no posts at all, we'll count only on user registration date.
4568 if ( $earliest_posts ) {
4569 $earliest_post_date = $earliest_posts[0]->post_date;
4570 } else {
4571 $earliest_post_date = PHP_INT_MAX;
4572 }
4573
4574 return min( $earliest_registration_date, $earliest_post_date );
4575 }
4576
4577 public static function apply_activation_source_to_args( &$args ) {
4578 list( $activation_source_name, $activation_source_keyword ) = get_option( 'jetpack_activation_source' );
4579
4580 if ( $activation_source_name ) {
4581 $args['_as'] = urlencode( $activation_source_name );
4582 }
4583
4584 if ( $activation_source_keyword ) {
4585 $args['_ak'] = urlencode( $activation_source_keyword );
4586 }
4587 }
4588
4589 function build_reconnect_url( $raw = false ) {
4590 $url = wp_nonce_url( Jetpack::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4591 return $raw ? $url : esc_url( $url );
4592 }
4593
4594 public static function admin_url( $args = null ) {
4595 $args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4596 $url = add_query_arg( $args, admin_url( 'admin.php' ) );
4597 return $url;
4598 }
4599
4600 public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4601 $actionurl = str_replace( '&', '&', $actionurl );
4602 return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4603 }
4604
4605 function dismiss_jetpack_notice() {
4606
4607 if ( ! isset( $_GET['jetpack-notice'] ) ) {
4608 return;
4609 }
4610
4611 switch( $_GET['jetpack-notice'] ) {
4612 case 'dismiss':
4613 if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4614
4615 require_once ABSPATH . 'wp-admin/includes/plugin.php';
4616 deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4617 wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4618 }
4619 break;
4620 case 'jetpack-protect-multisite-opt-out':
4621
4622 if ( check_admin_referer( 'jetpack_protect_multisite_banner_opt_out' ) ) {
4623 // Don't show the banner again
4624
4625 update_site_option( 'jetpack_dismissed_protect_multisite_banner', true );
4626 // redirect back to the page that had the notice
4627 if ( wp_get_referer() ) {
4628 wp_safe_redirect( wp_get_referer() );
4629 } else {
4630 // Take me to Jetpack
4631 wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4632 }
4633 }
4634 break;
4635 }
4636 }
4637
4638 public static function sort_modules( $a, $b ) {
4639 if ( $a['sort'] == $b['sort'] )
4640 return 0;
4641
4642 return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4643 }
4644
4645 function ajax_recheck_ssl() {
4646 check_ajax_referer( 'recheck-ssl', 'ajax-nonce' );
4647 $result = Jetpack::permit_ssl( true );
4648 wp_send_json( array(
4649 'enabled' => $result,
4650 'message' => get_transient( 'jetpack_https_test_message' )
4651 ) );
4652 }
4653
4654/* Client API */
4655
4656 /**
4657 * Returns the requested Jetpack API URL
4658 *
4659 * @return string
4660 */
4661 public static function api_url( $relative_url ) {
4662 return trailingslashit( JETPACK__API_BASE . $relative_url ) . JETPACK__API_VERSION . '/';
4663 }
4664
4665 /**
4666 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
4667 */
4668 public static function fix_url_for_bad_hosts( $url ) {
4669 if ( 0 !== strpos( $url, 'https://' ) ) {
4670 return $url;
4671 }
4672
4673 switch ( JETPACK_CLIENT__HTTPS ) {
4674 case 'ALWAYS' :
4675 return $url;
4676 case 'NEVER' :
4677 return set_url_scheme( $url, 'http' );
4678 // default : case 'AUTO' :
4679 }
4680
4681 // we now return the unmodified SSL URL by default, as a security precaution
4682 return $url;
4683 }
4684
4685 /**
4686 * Create a random secret for validating onboarding payload
4687 *
4688 * @return string Secret token
4689 */
4690 public static function create_onboarding_token() {
4691 if ( false === ( $token = Jetpack_Options::get_option( 'onboarding' ) ) ) {
4692 $token = wp_generate_password( 32, false );
4693 Jetpack_Options::update_option( 'onboarding', $token );
4694 }
4695
4696 return $token;
4697 }
4698
4699 /**
4700 * Remove the onboarding token
4701 *
4702 * @return bool True on success, false on failure
4703 */
4704 public static function invalidate_onboarding_token() {
4705 return Jetpack_Options::delete_option( 'onboarding' );
4706 }
4707
4708 /**
4709 * Validate an onboarding token for a specific action
4710 *
4711 * @return boolean True if token/action pair is accepted, false if not
4712 */
4713 public static function validate_onboarding_token_action( $token, $action ) {
4714 // Compare tokens, bail if tokens do not match
4715 if ( ! hash_equals( $token, Jetpack_Options::get_option( 'onboarding' ) ) ) {
4716 return false;
4717 }
4718
4719 // List of valid actions we can take
4720 $valid_actions = array(
4721 '/jetpack/v4/settings',
4722 );
4723
4724 // Whitelist the action
4725 if ( ! in_array( $action, $valid_actions ) ) {
4726 return false;
4727 }
4728
4729 return true;
4730 }
4731
4732 /**
4733 * Checks to see if the URL is using SSL to connect with Jetpack
4734 *
4735 * @since 2.3.3
4736 * @return boolean
4737 */
4738 public static function permit_ssl( $force_recheck = false ) {
4739 // Do some fancy tests to see if ssl is being supported
4740 if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
4741 $message = '';
4742 if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
4743 $ssl = 0;
4744 } else {
4745 switch ( JETPACK_CLIENT__HTTPS ) {
4746 case 'NEVER':
4747 $ssl = 0;
4748 $message = __( 'JETPACK_CLIENT__HTTPS is set to NEVER', 'jetpack' );
4749 break;
4750 case 'ALWAYS':
4751 case 'AUTO':
4752 default:
4753 $ssl = 1;
4754 break;
4755 }
4756
4757 // If it's not 'NEVER', test to see
4758 if ( $ssl ) {
4759 if ( ! wp_http_supports( array( 'ssl' => true ) ) ) {
4760 $ssl = 0;
4761 $message = __( 'WordPress reports no SSL support', 'jetpack' );
4762 } else {
4763 $response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
4764 if ( is_wp_error( $response ) ) {
4765 $ssl = 0;
4766 $message = __( 'WordPress reports no SSL support', 'jetpack' );
4767 } elseif ( 'OK' !== wp_remote_retrieve_body( $response ) ) {
4768 $ssl = 0;
4769 $message = __( 'Response was not OK: ', 'jetpack' ) . wp_remote_retrieve_body( $response );
4770 }
4771 }
4772 }
4773 }
4774 set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
4775 set_transient( 'jetpack_https_test_message', $message, DAY_IN_SECONDS );
4776 }
4777
4778 return (bool) $ssl;
4779 }
4780
4781 /*
4782 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'AUTO' but SSL isn't working.
4783 */
4784 public function alert_auto_ssl_fail() {
4785 if ( ! current_user_can( 'manage_options' ) )
4786 return;
4787
4788 $ajax_nonce = wp_create_nonce( 'recheck-ssl' );
4789 ?>
4790
4791 <div id="jetpack-ssl-warning" class="error jp-identity-crisis">
4792 <div class="jp-banner__content">
4793 <h2><?php _e( 'Outbound HTTPS not working', 'jetpack' ); ?></h2>
4794 <p><?php _e( 'Your site could not connect to WordPress.com via HTTPS. This could be due to any number of reasons, including faulty SSL certificates, misconfigured or missing SSL libraries, or network issues.', 'jetpack' ); ?></p>
4795 <p>
4796 <?php _e( 'Jetpack will re-test for HTTPS support once a day, but you can click here to try again immediately: ', 'jetpack' ); ?>
4797 <a href="#" id="jetpack-recheck-ssl-button"><?php _e( 'Try again', 'jetpack' ); ?></a>
4798 <span id="jetpack-recheck-ssl-output"><?php echo get_transient( 'jetpack_https_test_message' ); ?></span>
4799 </p>
4800 <p>
4801 <?php printf( __( 'For more help, try our <a href="%1$s">connection debugger</a> or <a href="%2$s" target="_blank">troubleshooting tips</a>.', 'jetpack' ),
4802 esc_url( Jetpack::admin_url( array( 'page' => 'jetpack-debugger' ) ) ),
4803 esc_url( 'https://jetpack.com/support/getting-started-with-jetpack/troubleshooting-tips/' ) ); ?>
4804 </p>
4805 </div>
4806 </div>
4807 <style>
4808 #jetpack-recheck-ssl-output { margin-left: 5px; color: red; }
4809 </style>
4810 <script type="text/javascript">
4811 jQuery( document ).ready( function( $ ) {
4812 $( '#jetpack-recheck-ssl-button' ).click( function( e ) {
4813 var $this = $( this );
4814 $this.html( <?php echo json_encode( __( 'Checking', 'jetpack' ) ); ?> );
4815 $( '#jetpack-recheck-ssl-output' ).html( '' );
4816 e.preventDefault();
4817 var data = { action: 'jetpack-recheck-ssl', 'ajax-nonce': '<?php echo $ajax_nonce; ?>' };
4818 $.post( ajaxurl, data )
4819 .done( function( response ) {
4820 if ( response.enabled ) {
4821 $( '#jetpack-ssl-warning' ).hide();
4822 } else {
4823 this.html( <?php echo json_encode( __( 'Try again', 'jetpack' ) ); ?> );
4824 $( '#jetpack-recheck-ssl-output' ).html( 'SSL Failed: ' + response.message );
4825 }
4826 }.bind( $this ) );
4827 } );
4828 } );
4829 </script>
4830
4831 <?php
4832 }
4833
4834 /**
4835 * Returns the Jetpack XML-RPC API
4836 *
4837 * @return string
4838 */
4839 public static function xmlrpc_api_url() {
4840 $base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE );
4841 return untrailingslashit( $base ) . '/xmlrpc.php';
4842 }
4843
4844 /**
4845 * Creates two secret tokens and the end of life timestamp for them.
4846 *
4847 * Note these tokens are unique per call, NOT static per site for connecting.
4848 *
4849 * @since 2.6
4850 * @return array
4851 */
4852 public static function generate_secrets( $action, $user_id = false, $exp = 600 ) {
4853 if ( ! $user_id ) {
4854 $user_id = get_current_user_id();
4855 }
4856
4857 $secret_name = 'jetpack_' . $action . '_' . $user_id;
4858 $secrets = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
4859
4860 if (
4861 isset( $secrets[ $secret_name ] ) &&
4862 $secrets[ $secret_name ]['exp'] > time()
4863 ) {
4864 return $secrets[ $secret_name ];
4865 }
4866
4867 $secret_value = array(
4868 'secret_1' => wp_generate_password( 32, false ),
4869 'secret_2' => wp_generate_password( 32, false ),
4870 'exp' => time() + $exp,
4871 );
4872
4873 $secrets[ $secret_name ] = $secret_value;
4874
4875 Jetpack_Options::update_raw_option( 'jetpack_secrets', $secrets );
4876 return $secrets[ $secret_name ];
4877 }
4878
4879 public static function get_secrets( $action, $user_id ) {
4880 $secret_name = 'jetpack_' . $action . '_' . $user_id;
4881 $secrets = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
4882
4883 if ( ! isset( $secrets[ $secret_name ] ) ) {
4884 return new WP_Error( 'verify_secrets_missing', 'Verification secrets not found' );
4885 }
4886
4887 if ( $secrets[ $secret_name ]['exp'] < time() ) {
4888 self::delete_secrets( $action, $user_id );
4889 return new WP_Error( 'verify_secrets_expired', 'Verification took too long' );
4890 }
4891
4892 return $secrets[ $secret_name ];
4893 }
4894
4895 public static function delete_secrets( $action, $user_id ) {
4896 $secret_name = 'jetpack_' . $action . '_' . $user_id;
4897 $secrets = Jetpack_Options::get_raw_option( 'jetpack_secrets', array() );
4898 if ( isset( $secrets[ $secret_name ] ) ) {
4899 unset( $secrets[ $secret_name ] );
4900 Jetpack_Options::update_raw_option( 'jetpack_secrets', $secrets );
4901 }
4902 }
4903
4904 /**
4905 * Builds the timeout limit for queries talking with the wpcom servers.
4906 *
4907 * Based on local php max_execution_time in php.ini
4908 *
4909 * @since 2.6
4910 * @return int
4911 * @deprecated
4912 **/
4913 public function get_remote_query_timeout_limit() {
4914 _deprecated_function( __METHOD__, 'jetpack-5.4' );
4915 return Jetpack::get_max_execution_time();
4916 }
4917
4918 /**
4919 * Builds the timeout limit for queries talking with the wpcom servers.
4920 *
4921 * Based on local php max_execution_time in php.ini
4922 *
4923 * @since 5.4
4924 * @return int
4925 **/
4926 public static function get_max_execution_time() {
4927 $timeout = (int) ini_get( 'max_execution_time' );
4928
4929 // Ensure exec time set in php.ini
4930 if ( ! $timeout ) {
4931 $timeout = 30;
4932 }
4933 return $timeout;
4934 }
4935
4936 /**
4937 * Sets a minimum request timeout, and returns the current timeout
4938 *
4939 * @since 5.4
4940 **/
4941 public static function set_min_time_limit( $min_timeout ) {
4942 $timeout = self::get_max_execution_time();
4943 if ( $timeout < $min_timeout ) {
4944 $timeout = $min_timeout;
4945 set_time_limit( $timeout );
4946 }
4947 return $timeout;
4948 }
4949
4950
4951 /**
4952 * Takes the response from the Jetpack register new site endpoint and
4953 * verifies it worked properly.
4954 *
4955 * @since 2.6
4956 * @return string|Jetpack_Error A JSON object on success or Jetpack_Error on failures
4957 **/
4958 public function validate_remote_register_response( $response ) {
4959 if ( is_wp_error( $response ) ) {
4960 return new Jetpack_Error( 'register_http_request_failed', $response->get_error_message() );
4961 }
4962
4963 $code = wp_remote_retrieve_response_code( $response );
4964 $entity = wp_remote_retrieve_body( $response );
4965 if ( $entity )
4966 $registration_response = json_decode( $entity );
4967 else
4968 $registration_response = false;
4969
4970 $code_type = intval( $code / 100 );
4971 if ( 5 == $code_type ) {
4972 return new Jetpack_Error( 'wpcom_5??', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4973 } elseif ( 408 == $code ) {
4974 return new Jetpack_Error( 'wpcom_408', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4975 } elseif ( ! empty( $registration_response->error ) ) {
4976 if ( 'xml_rpc-32700' == $registration_response->error && ! function_exists( 'xml_parser_create' ) ) {
4977 $error_description = __( "PHP's XML extension is not available. Jetpack requires the XML extension to communicate with WordPress.com. Please contact your hosting provider to enable PHP's XML extension.", 'jetpack' );
4978 } else {
4979 $error_description = isset( $registration_response->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $registration_response->error_description ) : '';
4980 }
4981
4982 return new Jetpack_Error( (string) $registration_response->error, $error_description, $code );
4983 } elseif ( 200 != $code ) {
4984 return new Jetpack_Error( 'wpcom_bad_response', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4985 }
4986
4987 // Jetpack ID error block
4988 if ( empty( $registration_response->jetpack_id ) ) {
4989 return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ), $entity );
4990 } elseif ( ! is_scalar( $registration_response->jetpack_id ) ) {
4991 return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4992 } elseif ( preg_match( '/[^0-9]/', $registration_response->jetpack_id ) ) {
4993 return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4994 }
4995
4996 return $registration_response;
4997 }
4998 /**
4999 * @return bool|WP_Error
5000 */
5001 public static function register() {
5002 JetpackTracking::record_user_event( 'jpc_register_begin' );
5003 add_action( 'pre_update_jetpack_option_register', array( 'Jetpack_Options', 'delete_option' ) );
5004 $secrets = Jetpack::generate_secrets( 'register' );
5005
5006 if (
5007 empty( $secrets['secret_1'] ) ||
5008 empty( $secrets['secret_2'] ) ||
5009 empty( $secrets['exp'] )
5010 ) {
5011 return new Jetpack_Error( 'missing_secrets' );
5012 }
5013
5014 // better to try (and fail) to set a higher timeout than this system
5015 // supports than to have register fail for more users than it should
5016 $timeout = Jetpack::set_min_time_limit( 60 ) / 2;
5017
5018 $gmt_offset = get_option( 'gmt_offset' );
5019 if ( ! $gmt_offset ) {
5020 $gmt_offset = 0;
5021 }
5022
5023 $stats_options = get_option( 'stats_options' );
5024 $stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null;
5025
5026 $tracks_identity = jetpack_tracks_get_identity( get_current_user_id() );
5027
5028 $args = array(
5029 'method' => 'POST',
5030 'body' => array(
5031 'siteurl' => site_url(),
5032 'home' => home_url(),
5033 'gmt_offset' => $gmt_offset,
5034 'timezone_string' => (string) get_option( 'timezone_string' ),
5035 'site_name' => (string) get_option( 'blogname' ),
5036 'secret_1' => $secrets['secret_1'],
5037 'secret_2' => $secrets['secret_2'],
5038 'site_lang' => get_locale(),
5039 'timeout' => $timeout,
5040 'stats_id' => $stats_id,
5041 'state' => get_current_user_id(),
5042 '_ui' => $tracks_identity['_ui'],
5043 '_ut' => $tracks_identity['_ut'],
5044 'site_created' => Jetpack::get_assumed_site_creation_date(),
5045 'jetpack_version' => JETPACK__VERSION
5046 ),
5047 'headers' => array(
5048 'Accept' => 'application/json',
5049 ),
5050 'timeout' => $timeout,
5051 );
5052
5053 self::apply_activation_source_to_args( $args['body'] );
5054
5055 $response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'register' ) ), $args, true );
5056
5057 // Make sure the response is valid and does not contain any Jetpack errors
5058 $registration_details = Jetpack::init()->validate_remote_register_response( $response );
5059 if ( is_wp_error( $registration_details ) ) {
5060 return $registration_details;
5061 } elseif ( ! $registration_details ) {
5062 return new Jetpack_Error( 'unknown_error', __( 'Unknown error registering your Jetpack site', 'jetpack' ), wp_remote_retrieve_response_code( $response ) );
5063 }
5064
5065 if ( empty( $registration_details->jetpack_secret ) || ! is_string( $registration_details->jetpack_secret ) ) {
5066 return new Jetpack_Error( 'jetpack_secret', '', wp_remote_retrieve_response_code( $response ) );
5067 }
5068
5069 if ( isset( $registration_details->jetpack_public ) ) {
5070 $jetpack_public = (int) $registration_details->jetpack_public;
5071 } else {
5072 $jetpack_public = false;
5073 }
5074
5075 Jetpack_Options::update_options(
5076 array(
5077 'id' => (int) $registration_details->jetpack_id,
5078 'blog_token' => (string) $registration_details->jetpack_secret,
5079 'public' => $jetpack_public,
5080 )
5081 );
5082
5083 /**
5084 * Fires when a site is registered on WordPress.com.
5085 *
5086 * @since 3.7.0
5087 *
5088 * @param int $json->jetpack_id Jetpack Blog ID.
5089 * @param string $json->jetpack_secret Jetpack Blog Token.
5090 * @param int|bool $jetpack_public Is the site public.
5091 */
5092 do_action( 'jetpack_site_registered', $registration_details->jetpack_id, $registration_details->jetpack_secret, $jetpack_public );
5093
5094 // Initialize Jump Start for the first and only time.
5095 if ( ! Jetpack_Options::get_option( 'jumpstart' ) ) {
5096 Jetpack_Options::update_option( 'jumpstart', 'new_connection' );
5097
5098 $jetpack = Jetpack::init();
5099
5100 $jetpack->stat( 'jumpstart', 'unique-views' );
5101 $jetpack->do_stats( 'server_side' );
5102 };
5103
5104 return true;
5105 }
5106
5107 /**
5108 * If the db version is showing something other that what we've got now, bump it to current.
5109 *
5110 * @return bool: True if the option was incorrect and updated, false if nothing happened.
5111 */
5112 public static function maybe_set_version_option() {
5113 list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
5114 if ( JETPACK__VERSION != $version ) {
5115 Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
5116
5117 if ( version_compare( JETPACK__VERSION, $version, '>' ) ) {
5118 /** This action is documented in class.jetpack.php */
5119 do_action( 'updating_jetpack_version', JETPACK__VERSION, $version );
5120 }
5121
5122 return true;
5123 }
5124 return false;
5125 }
5126
5127/* Client Server API */
5128
5129 /**
5130 * Loads the Jetpack XML-RPC client
5131 */
5132 public static function load_xml_rpc_client() {
5133 require_once ABSPATH . WPINC . '/class-IXR.php';
5134 require_once JETPACK__PLUGIN_DIR . 'class.jetpack-ixr-client.php';
5135 }
5136
5137 /**
5138 * Resets the saved authentication state in between testing requests.
5139 */
5140 public function reset_saved_auth_state() {
5141 $this->xmlrpc_verification = null;
5142 $this->rest_authentication_status = null;
5143 }
5144
5145 function verify_xml_rpc_signature() {
5146 if ( $this->xmlrpc_verification ) {
5147 return $this->xmlrpc_verification;
5148 }
5149
5150 // It's not for us
5151 if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) {
5152 return false;
5153 }
5154
5155 @list( $token_key, $version, $user_id ) = explode( ':', $_GET['token'] );
5156 if (
5157 empty( $token_key )
5158 ||
5159 empty( $version ) || strval( JETPACK__API_VERSION ) !== $version
5160 ) {
5161 return false;
5162 }
5163
5164 if ( '0' === $user_id ) {
5165 $token_type = 'blog';
5166 $user_id = 0;
5167 } else {
5168 $token_type = 'user';
5169 if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) {
5170 return false;
5171 }
5172 $user_id = (int) $user_id;
5173
5174 $user = new WP_User( $user_id );
5175 if ( ! $user || ! $user->exists() ) {
5176 return false;
5177 }
5178 }
5179
5180 $token = Jetpack_Data::get_access_token( $user_id );
5181 if ( ! $token ) {
5182 return false;
5183 }
5184
5185 $token_check = "$token_key.";
5186 if ( ! hash_equals( substr( $token->secret, 0, strlen( $token_check ) ), $token_check ) ) {
5187 return false;
5188 }
5189
5190 require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5191
5192 $jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5193 if ( isset( $_POST['_jetpack_is_multipart'] ) ) {
5194 $post_data = $_POST;
5195 $file_hashes = array();
5196 foreach ( $post_data as $post_data_key => $post_data_value ) {
5197 if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) {
5198 continue;
5199 }
5200 $post_data_key = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) );
5201 $file_hashes[$post_data_key] = $post_data_value;
5202 }
5203
5204 foreach ( $file_hashes as $post_data_key => $post_data_value ) {
5205 unset( $post_data["_jetpack_file_hmac_{$post_data_key}"] );
5206 $post_data[$post_data_key] = $post_data_value;
5207 }
5208
5209 ksort( $post_data );
5210
5211 $body = http_build_query( stripslashes_deep( $post_data ) );
5212 } elseif ( is_null( $this->HTTP_RAW_POST_DATA ) ) {
5213 $body = file_get_contents( 'php://input' );
5214 } else {
5215 $body = null;
5216 }
5217
5218 $signature = $jetpack_signature->sign_current_request(
5219 array( 'body' => is_null( $body ) ? $this->HTTP_RAW_POST_DATA : $body, )
5220 );
5221
5222 if ( ! $signature ) {
5223 return false;
5224 } else if ( is_wp_error( $signature ) ) {
5225 return $signature;
5226 } else if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
5227 return false;
5228 }
5229
5230 $timestamp = (int) $_GET['timestamp'];
5231 $nonce = stripslashes( (string) $_GET['nonce'] );
5232
5233 if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5234 return false;
5235 }
5236
5237 // Let's see if this is onboarding. In such case, use user token type and the provided user id.
5238 if ( isset( $this->HTTP_RAW_POST_DATA ) || ! empty( $_GET['onboarding'] ) ) {
5239 if ( ! empty( $_GET['onboarding'] ) ) {
5240 $jpo = $_GET;
5241 } else {
5242 $jpo = json_decode( $this->HTTP_RAW_POST_DATA, true );
5243 }
5244
5245 $jpo_token = ! empty( $jpo['onboarding']['token'] ) ? $jpo['onboarding']['token'] : null;
5246 $jpo_user = ! empty( $jpo['onboarding']['jpUser'] ) ? $jpo['onboarding']['jpUser'] : null;
5247
5248 if (
5249 isset( $jpo_user ) && isset( $jpo_token ) &&
5250 is_email( $jpo_user ) && ctype_alnum( $jpo_token ) &&
5251 isset( $_GET['rest_route'] ) &&
5252 self::validate_onboarding_token_action( $jpo_token, $_GET['rest_route'] )
5253 ) {
5254 $jpUser = get_user_by( 'email', $jpo_user );
5255 if ( is_a( $jpUser, 'WP_User' ) ) {
5256 wp_set_current_user( $jpUser->ID );
5257 $user_can = is_multisite()
5258 ? current_user_can_for_blog( get_current_blog_id(), 'manage_options' )
5259 : current_user_can( 'manage_options' );
5260 if ( $user_can ) {
5261 $token_type = 'user';
5262 $token->external_user_id = $jpUser->ID;
5263 }
5264 }
5265 }
5266 }
5267
5268 $this->xmlrpc_verification = array(
5269 'type' => $token_type,
5270 'user_id' => $token->external_user_id,
5271 );
5272
5273 return $this->xmlrpc_verification;
5274 }
5275
5276 /**
5277 * Authenticates XML-RPC and other requests from the Jetpack Server
5278 */
5279 function authenticate_jetpack( $user, $username, $password ) {
5280 if ( is_a( $user, 'WP_User' ) ) {
5281 return $user;
5282 }
5283
5284 $token_details = $this->verify_xml_rpc_signature();
5285
5286 if ( ! $token_details || is_wp_error( $token_details ) ) {
5287 return $user;
5288 }
5289
5290 if ( 'user' !== $token_details['type'] ) {
5291 return $user;
5292 }
5293
5294 if ( ! $token_details['user_id'] ) {
5295 return $user;
5296 }
5297
5298 nocache_headers();
5299
5300 return new WP_User( $token_details['user_id'] );
5301 }
5302
5303 // Authenticates requests from Jetpack server to WP REST API endpoints.
5304 // Uses the existing XMLRPC request signing implementation.
5305 function wp_rest_authenticate( $user ) {
5306 if ( ! empty( $user ) ) {
5307 // Another authentication method is in effect.
5308 return $user;
5309 }
5310
5311 if ( ! isset( $_GET['_for'] ) || $_GET['_for'] !== 'jetpack' ) {
5312 // Nothing to do for this authentication method.
5313 return null;
5314 }
5315
5316 if ( ! isset( $_GET['token'] ) && ! isset( $_GET['signature'] ) ) {
5317 // Nothing to do for this authentication method.
5318 return null;
5319 }
5320
5321 // Ensure that we always have the request body available. At this
5322 // point, the WP REST API code to determine the request body has not
5323 // run yet. That code may try to read from 'php://input' later, but
5324 // this can only be done once per request in PHP versions prior to 5.6.
5325 // So we will go ahead and perform this read now if needed, and save
5326 // the request body where both the Jetpack signature verification code
5327 // and the WP REST API code can see it.
5328 if ( ! isset( $GLOBALS['HTTP_RAW_POST_DATA'] ) ) {
5329 $GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents( 'php://input' );
5330 }
5331 $this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5332
5333 // Only support specific request parameters that have been tested and
5334 // are known to work with signature verification. A different method
5335 // can be passed to the WP REST API via the '?_method=' parameter if
5336 // needed.
5337 if ( $_SERVER['REQUEST_METHOD'] !== 'GET' && $_SERVER['REQUEST_METHOD'] !== 'POST' ) {
5338 $this->rest_authentication_status = new WP_Error(
5339 'rest_invalid_request',
5340 __( 'This request method is not supported.', 'jetpack' ),
5341 array( 'status' => 400 )
5342 );
5343 return null;
5344 }
5345 if ( $_SERVER['REQUEST_METHOD'] !== 'POST' && ! empty( $this->HTTP_RAW_POST_DATA ) ) {
5346 $this->rest_authentication_status = new WP_Error(
5347 'rest_invalid_request',
5348 __( 'This request method does not support body parameters.', 'jetpack' ),
5349 array( 'status' => 400 )
5350 );
5351 return null;
5352 }
5353
5354 $verified = $this->verify_xml_rpc_signature();
5355
5356 if ( is_wp_error( $verified ) ) {
5357 $this->rest_authentication_status = $verified;
5358 return null;
5359 }
5360
5361 if (
5362 $verified &&
5363 isset( $verified['type'] ) &&
5364 'user' === $verified['type'] &&
5365 ! empty( $verified['user_id'] )
5366 ) {
5367 // Authentication successful.
5368 $this->rest_authentication_status = true;
5369 return $verified['user_id'];
5370 }
5371
5372 // Something else went wrong. Probably a signature error.
5373 $this->rest_authentication_status = new WP_Error(
5374 'rest_invalid_signature',
5375 __( 'The request is not signed correctly.', 'jetpack' ),
5376 array( 'status' => 400 )
5377 );
5378 return null;
5379 }
5380
5381 /**
5382 * Report authentication status to the WP REST API.
5383 *
5384 * @param WP_Error|mixed $result Error from another authentication handler, null if we should handle it, or another value if not
5385 * @return WP_Error|boolean|null {@see WP_JSON_Server::check_authentication}
5386 */
5387 public function wp_rest_authentication_errors( $value ) {
5388 if ( $value !== null ) {
5389 return $value;
5390 }
5391 return $this->rest_authentication_status;
5392 }
5393
5394 function add_nonce( $timestamp, $nonce ) {
5395 global $wpdb;
5396 static $nonces_used_this_request = array();
5397
5398 if ( isset( $nonces_used_this_request["$timestamp:$nonce"] ) ) {
5399 return $nonces_used_this_request["$timestamp:$nonce"];
5400 }
5401
5402 // This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce
5403 $timestamp = (int) $timestamp;
5404 $nonce = esc_sql( $nonce );
5405
5406 // Raw query so we can avoid races: add_option will also update
5407 $show_errors = $wpdb->show_errors( false );
5408
5409 $old_nonce = $wpdb->get_row(
5410 $wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" )
5411 );
5412
5413 if ( is_null( $old_nonce ) ) {
5414 $return = $wpdb->query(
5415 $wpdb->prepare(
5416 "INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",
5417 "jetpack_nonce_{$timestamp}_{$nonce}",
5418 time(),
5419 'no'
5420 )
5421 );
5422 } else {
5423 $return = false;
5424 }
5425
5426 $wpdb->show_errors( $show_errors );
5427
5428 $nonces_used_this_request["$timestamp:$nonce"] = $return;
5429
5430 return $return;
5431 }
5432
5433 /**
5434 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
5435 * Capture it here so we can verify the signature later.
5436 */
5437 function xmlrpc_methods( $methods ) {
5438 $this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5439 return $methods;
5440 }
5441
5442 function public_xmlrpc_methods( $methods ) {
5443 if ( array_key_exists( 'wp.getOptions', $methods ) ) {
5444 $methods['wp.getOptions'] = array( $this, 'jetpack_getOptions' );
5445 }
5446 return $methods;
5447 }
5448
5449 function jetpack_getOptions( $args ) {
5450 global $wp_xmlrpc_server;
5451
5452 $wp_xmlrpc_server->escape( $args );
5453
5454 $username = $args[1];
5455 $password = $args[2];
5456
5457 if ( !$user = $wp_xmlrpc_server->login($username, $password) ) {
5458 return $wp_xmlrpc_server->error;
5459 }
5460
5461 $options = array();
5462 $user_data = $this->get_connected_user_data();
5463 if ( is_array( $user_data ) ) {
5464 $options['jetpack_user_id'] = array(
5465 'desc' => __( 'The WP.com user ID of the connected user', 'jetpack' ),
5466 'readonly' => true,
5467 'value' => $user_data['ID'],
5468 );
5469 $options['jetpack_user_login'] = array(
5470 'desc' => __( 'The WP.com username of the connected user', 'jetpack' ),
5471 'readonly' => true,
5472 'value' => $user_data['login'],
5473 );
5474 $options['jetpack_user_email'] = array(
5475 'desc' => __( 'The WP.com user email of the connected user', 'jetpack' ),
5476 'readonly' => true,
5477 'value' => $user_data['email'],
5478 );
5479 $options['jetpack_user_site_count'] = array(
5480 'desc' => __( 'The number of sites of the connected WP.com user', 'jetpack' ),
5481 'readonly' => true,
5482 'value' => $user_data['site_count'],
5483 );
5484 }
5485 $wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options );
5486 $args = stripslashes_deep( $args );
5487 return $wp_xmlrpc_server->wp_getOptions( $args );
5488 }
5489
5490 function xmlrpc_options( $options ) {
5491 $jetpack_client_id = false;
5492 if ( self::is_active() ) {
5493 $jetpack_client_id = Jetpack_Options::get_option( 'id' );
5494 }
5495 $options['jetpack_version'] = array(
5496 'desc' => __( 'Jetpack Plugin Version', 'jetpack' ),
5497 'readonly' => true,
5498 'value' => JETPACK__VERSION,
5499 );
5500
5501 $options['jetpack_client_id'] = array(
5502 'desc' => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),
5503 'readonly' => true,
5504 'value' => $jetpack_client_id,
5505 );
5506 return $options;
5507 }
5508
5509 public static function clean_nonces( $all = false ) {
5510 global $wpdb;
5511
5512 $sql = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s";
5513 $sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' );
5514
5515 if ( true !== $all ) {
5516 $sql .= ' AND CAST( `option_value` AS UNSIGNED ) < %d';
5517 $sql_args[] = time() - 3600;
5518 }
5519
5520 $sql .= ' ORDER BY `option_id` LIMIT 100';
5521
5522 $sql = $wpdb->prepare( $sql, $sql_args );
5523
5524 for ( $i = 0; $i < 1000; $i++ ) {
5525 if ( ! $wpdb->query( $sql ) ) {
5526 break;
5527 }
5528 }
5529 }
5530
5531 /**
5532 * State is passed via cookies from one request to the next, but never to subsequent requests.
5533 * SET: state( $key, $value );
5534 * GET: $value = state( $key );
5535 *
5536 * @param string $key
5537 * @param string $value
5538 * @param bool $restate private
5539 */
5540 public static function state( $key = null, $value = null, $restate = false ) {
5541 static $state = array();
5542 static $path, $domain;
5543 if ( ! isset( $path ) ) {
5544 require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
5545 $admin_url = Jetpack::admin_url();
5546 $bits = wp_parse_url( $admin_url );
5547
5548 if ( is_array( $bits ) ) {
5549 $path = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
5550 $domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
5551 } else {
5552 $path = $domain = null;
5553 }
5554 }
5555
5556 // Extract state from cookies and delete cookies
5557 if ( isset( $_COOKIE[ 'jetpackState' ] ) && is_array( $_COOKIE[ 'jetpackState' ] ) ) {
5558 $yum = $_COOKIE[ 'jetpackState' ];
5559 unset( $_COOKIE[ 'jetpackState' ] );
5560 foreach ( $yum as $k => $v ) {
5561 if ( strlen( $v ) )
5562 $state[ $k ] = $v;
5563 setcookie( "jetpackState[$k]", false, 0, $path, $domain );
5564 }
5565 }
5566
5567 if ( $restate ) {
5568 foreach ( $state as $k => $v ) {
5569 setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
5570 }
5571 return;
5572 }
5573
5574 // Get a state variable
5575 if ( isset( $key ) && ! isset( $value ) ) {
5576 if ( array_key_exists( $key, $state ) )
5577 return $state[ $key ];
5578 return null;
5579 }
5580
5581 // Set a state variable
5582 if ( isset ( $key ) && isset( $value ) ) {
5583 if( is_array( $value ) && isset( $value[0] ) ) {
5584 $value = $value[0];
5585 }
5586 $state[ $key ] = $value;
5587 setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5588 }
5589 }
5590
5591 public static function restate() {
5592 Jetpack::state( null, null, true );
5593 }
5594
5595 public static function check_privacy( $file ) {
5596 static $is_site_publicly_accessible = null;
5597
5598 if ( is_null( $is_site_publicly_accessible ) ) {
5599 $is_site_publicly_accessible = false;
5600
5601 Jetpack::load_xml_rpc_client();
5602 $rpc = new Jetpack_IXR_Client();
5603
5604 $success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5605 if ( $success ) {
5606 $response = $rpc->getResponse();
5607 if ( $response ) {
5608 $is_site_publicly_accessible = true;
5609 }
5610 }
5611
5612 Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5613 }
5614
5615 if ( $is_site_publicly_accessible ) {
5616 return;
5617 }
5618
5619 $module_slug = self::get_module_slug( $file );
5620
5621 $privacy_checks = Jetpack::state( 'privacy_checks' );
5622 if ( ! $privacy_checks ) {
5623 $privacy_checks = $module_slug;
5624 } else {
5625 $privacy_checks .= ",$module_slug";
5626 }
5627
5628 Jetpack::state( 'privacy_checks', $privacy_checks );
5629 }
5630
5631 /**
5632 * Helper method for multicall XMLRPC.
5633 */
5634 public static function xmlrpc_async_call() {
5635 global $blog_id;
5636 static $clients = array();
5637
5638 $client_blog_id = is_multisite() ? $blog_id : 0;
5639
5640 if ( ! isset( $clients[$client_blog_id] ) ) {
5641 Jetpack::load_xml_rpc_client();
5642 $clients[$client_blog_id] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER, ) );
5643 if ( function_exists( 'ignore_user_abort' ) ) {
5644 ignore_user_abort( true );
5645 }
5646 add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5647 }
5648
5649 $args = func_get_args();
5650
5651 if ( ! empty( $args[0] ) ) {
5652 call_user_func_array( array( $clients[$client_blog_id], 'addCall' ), $args );
5653 } elseif ( is_multisite() ) {
5654 foreach ( $clients as $client_blog_id => $client ) {
5655 if ( ! $client_blog_id || empty( $client->calls ) ) {
5656 continue;
5657 }
5658
5659 $switch_success = switch_to_blog( $client_blog_id, true );
5660 if ( ! $switch_success ) {
5661 continue;
5662 }
5663
5664 flush();
5665 $client->query();
5666
5667 restore_current_blog();
5668 }
5669 } else {
5670 if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5671 flush();
5672 $clients[0]->query();
5673 }
5674 }
5675 }
5676
5677 public static function staticize_subdomain( $url ) {
5678
5679 // Extract hostname from URL
5680 $host = parse_url( $url, PHP_URL_HOST );
5681
5682 // Explode hostname on '.'
5683 $exploded_host = explode( '.', $host );
5684
5685 // Retrieve the name and TLD
5686 if ( count( $exploded_host ) > 1 ) {
5687 $name = $exploded_host[ count( $exploded_host ) - 2 ];
5688 $tld = $exploded_host[ count( $exploded_host ) - 1 ];
5689 // Rebuild domain excluding subdomains
5690 $domain = $name . '.' . $tld;
5691 } else {
5692 $domain = $host;
5693 }
5694 // Array of Automattic domains
5695 $domain_whitelist = array( 'wordpress.com', 'wp.com' );
5696
5697 // Return $url if not an Automattic domain
5698 if ( ! in_array( $domain, $domain_whitelist ) ) {
5699 return $url;
5700 }
5701
5702 if ( is_ssl() ) {
5703 return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5704 }
5705
5706 srand( crc32( basename( $url ) ) );
5707 $static_counter = rand( 0, 2 );
5708 srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5709
5710 return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5711 }
5712
5713/* JSON API Authorization */
5714
5715 /**
5716 * Handles the login action for Authorizing the JSON API
5717 */
5718 function login_form_json_api_authorization() {
5719 $this->verify_json_api_authorization_request();
5720
5721 add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5722
5723 add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5724 add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5725 add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5726 }
5727
5728 // Make sure the login form is POSTed to the signed URL so we can reverify the request
5729 function post_login_form_to_signed_url( $url, $path, $scheme ) {
5730 if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5731 return $url;
5732 }
5733
5734 $parsed_url = parse_url( $url );
5735 $url = strtok( $url, '?' );
5736 $url = "$url?{$_SERVER['QUERY_STRING']}";
5737 if ( ! empty( $parsed_url['query'] ) )
5738 $url .= "&{$parsed_url['query']}";
5739
5740 return $url;
5741 }
5742
5743 // Make sure the POSTed request is handled by the same action
5744 function preserve_action_in_login_form_for_json_api_authorization() {
5745 echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
5746 echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
5747 }
5748
5749 // If someone logs in to approve API access, store the Access Code in usermeta
5750 function store_json_api_authorization_token( $user_login, $user ) {
5751 add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
5752 add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
5753 $token = wp_generate_password( 32, false );
5754 update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
5755 }
5756
5757 // Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
5758 function allow_wpcom_public_api_domain( $domains ) {
5759 $domains[] = 'public-api.wordpress.com';
5760 return $domains;
5761 }
5762
5763 static function is_redirect_encoded( $redirect_url ) {
5764 return preg_match( '/https?%3A%2F%2F/i', $redirect_url ) > 0;
5765 }
5766
5767 // Add all wordpress.com environments to the safe redirect whitelist
5768 function allow_wpcom_environments( $domains ) {
5769 $domains[] = 'wordpress.com';
5770 $domains[] = 'wpcalypso.wordpress.com';
5771 $domains[] = 'horizon.wordpress.com';
5772 $domains[] = 'calypso.localhost';
5773 return $domains;
5774 }
5775
5776 // Add the Access Code details to the public-api.wordpress.com redirect
5777 function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
5778 return add_query_arg(
5779 urlencode_deep(
5780 array(
5781 'jetpack-code' => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
5782 'jetpack-user-id' => (int) $user->ID,
5783 'jetpack-state' => $this->json_api_authorization_request['state'],
5784 )
5785 ),
5786 $redirect_to
5787 );
5788 }
5789
5790
5791 /**
5792 * Verifies the request by checking the signature
5793 *
5794 * @since 4.6.0 Method was updated to use `$_REQUEST` instead of `$_GET` and `$_POST`. Method also updated to allow
5795 * passing in an `$environment` argument that overrides `$_REQUEST`. This was useful for integrating with SSO.
5796 *
5797 * @param null|array $environment
5798 */
5799 function verify_json_api_authorization_request( $environment = null ) {
5800 require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5801
5802 $environment = is_null( $environment )
5803 ? $_REQUEST
5804 : $environment;
5805
5806 list( $envToken, $envVersion, $envUserId ) = explode( ':', $environment['token'] );
5807 $token = Jetpack_Data::get_access_token( $envUserId );
5808 if ( ! $token || empty( $token->secret ) ) {
5809 wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.' , 'jetpack' ) );
5810 }
5811
5812 $die_error = __( 'Someone may be trying to trick you into giving them access to your site. Or it could be you just encountered a bug :). Either way, please close this window.', 'jetpack' );
5813
5814 // Host has encoded the request URL, probably as a result of a bad http => https redirect
5815 if ( Jetpack::is_redirect_encoded( $_GET['redirect_to'] ) ) {
5816 JetpackTracking::record_user_event( 'error_double_encode' );
5817
5818 $die_error = sprintf(
5819 /* translators: %s is a URL */
5820 __( 'Your site is incorrectly double-encoding redirects from http to https. This is preventing Jetpack from authenticating your connection. Please visit our <a href="%s">support page</a> for details about how to resolve this.', 'jetpack' ),
5821 'https://jetpack.com/support/double-encoding/'
5822 );
5823 }
5824
5825 $jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5826
5827 if ( isset( $environment['jetpack_json_api_original_query'] ) ) {
5828 $signature = $jetpack_signature->sign_request(
5829 $environment['token'],
5830 $environment['timestamp'],
5831 $environment['nonce'],
5832 '',
5833 'GET',
5834 $environment['jetpack_json_api_original_query'],
5835 null,
5836 true
5837 );
5838 } else {
5839 $signature = $jetpack_signature->sign_current_request( array( 'body' => null, 'method' => 'GET' ) );
5840 }
5841
5842 if ( ! $signature ) {
5843 wp_die( $die_error );
5844 } else if ( is_wp_error( $signature ) ) {
5845 wp_die( $die_error );
5846 } else if ( ! hash_equals( $signature, $environment['signature'] ) ) {
5847 if ( is_ssl() ) {
5848 // If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
5849 $signature = $jetpack_signature->sign_current_request( array( 'scheme' => 'http', 'body' => null, 'method' => 'GET' ) );
5850 if ( ! $signature || is_wp_error( $signature ) || ! hash_equals( $signature, $environment['signature'] ) ) {
5851 wp_die( $die_error );
5852 }
5853 } else {
5854 wp_die( $die_error );
5855 }
5856 }
5857
5858 $timestamp = (int) $environment['timestamp'];
5859 $nonce = stripslashes( (string) $environment['nonce'] );
5860
5861 if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5862 // De-nonce the nonce, at least for 5 minutes.
5863 // We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
5864 $old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
5865 if ( $old_nonce_time < time() - 300 ) {
5866 wp_die( __( 'The authorization process expired. Please go back and try again.' , 'jetpack' ) );
5867 }
5868 }
5869
5870 $data = json_decode( base64_decode( stripslashes( $environment['data'] ) ) );
5871 $data_filters = array(
5872 'state' => 'opaque',
5873 'client_id' => 'int',
5874 'client_title' => 'string',
5875 'client_image' => 'url',
5876 );
5877
5878 foreach ( $data_filters as $key => $sanitation ) {
5879 if ( ! isset( $data->$key ) ) {
5880 wp_die( $die_error );
5881 }
5882
5883 switch ( $sanitation ) {
5884 case 'int' :
5885 $this->json_api_authorization_request[$key] = (int) $data->$key;
5886 break;
5887 case 'opaque' :
5888 $this->json_api_authorization_request[$key] = (string) $data->$key;
5889 break;
5890 case 'string' :
5891 $this->json_api_authorization_request[$key] = wp_kses( (string) $data->$key, array() );
5892 break;
5893 case 'url' :
5894 $this->json_api_authorization_request[$key] = esc_url_raw( (string) $data->$key );
5895 break;
5896 }
5897 }
5898
5899 if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
5900 wp_die( $die_error );
5901 }
5902 }
5903
5904 function login_message_json_api_authorization( $message ) {
5905 return '<p class="message">' . sprintf(
5906 esc_html__( '%s wants to access your site’s data. Log in to authorize that access.' , 'jetpack' ),
5907 '<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
5908 ) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
5909 }
5910
5911 /**
5912 * Get $content_width, but with a <s>twist</s> filter.
5913 */
5914 public static function get_content_width() {
5915 $content_width = isset( $GLOBALS['content_width'] ) ? $GLOBALS['content_width'] : false;
5916 /**
5917 * Filter the Content Width value.
5918 *
5919 * @since 2.2.3
5920 *
5921 * @param string $content_width Content Width value.
5922 */
5923 return apply_filters( 'jetpack_content_width', $content_width );
5924 }
5925
5926 /**
5927 * Pings the WordPress.com Mirror Site for the specified options.
5928 *
5929 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
5930 *
5931 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
5932 */
5933 public function get_cloud_site_options( $option_names ) {
5934 $option_names = array_filter( (array) $option_names, 'is_string' );
5935
5936 Jetpack::load_xml_rpc_client();
5937 $xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER, ) );
5938 $xml->query( 'jetpack.fetchSiteOptions', $option_names );
5939 if ( $xml->isError() ) {
5940 return array(
5941 'error_code' => $xml->getErrorCode(),
5942 'error_msg' => $xml->getErrorMessage(),
5943 );
5944 }
5945 $cloud_site_options = $xml->getResponse();
5946
5947 return $cloud_site_options;
5948 }
5949
5950 /**
5951 * Checks if the site is currently in an identity crisis.
5952 *
5953 * @return array|bool Array of options that are in a crisis, or false if everything is OK.
5954 */
5955 public static function check_identity_crisis() {
5956 if ( ! Jetpack::is_active() || Jetpack::is_development_mode() || ! self::validate_sync_error_idc_option() ) {
5957 return false;
5958 }
5959
5960 return Jetpack_Options::get_option( 'sync_error_idc' );
5961 }
5962
5963 /**
5964 * Checks whether the home and siteurl specifically are whitelisted
5965 * Written so that we don't have re-check $key and $value params every time
5966 * we want to check if this site is whitelisted, for example in footer.php
5967 *
5968 * @since 3.8.0
5969 * @return bool True = already whitelisted False = not whitelisted
5970 */
5971 public static function is_staging_site() {
5972 $is_staging = false;
5973
5974 $known_staging = array(
5975 'urls' => array(
5976 '#\.staging\.wpengine\.com$#i', // WP Engine
5977 '#\.staging\.kinsta\.com$#i', // Kinsta.com
5978 ),
5979 'constants' => array(
5980 'IS_WPE_SNAPSHOT', // WP Engine
5981 'KINSTA_DEV_ENV', // Kinsta.com
5982 'WPSTAGECOACH_STAGING', // WP Stagecoach
5983 'JETPACK_STAGING_MODE', // Generic
5984 )
5985 );
5986 /**
5987 * Filters the flags of known staging sites.
5988 *
5989 * @since 3.9.0
5990 *
5991 * @param array $known_staging {
5992 * An array of arrays that each are used to check if the current site is staging.
5993 * @type array $urls URLs of staging sites in regex to check against site_url.
5994 * @type array $constants PHP constants of known staging/developement environments.
5995 * }
5996 */
5997 $known_staging = apply_filters( 'jetpack_known_staging', $known_staging );
5998
5999 if ( isset( $known_staging['urls'] ) ) {
6000 foreach ( $known_staging['urls'] as $url ){
6001 if ( preg_match( $url, site_url() ) ) {
6002 $is_staging = true;
6003 break;
6004 }
6005 }
6006 }
6007
6008 if ( isset( $known_staging['constants'] ) ) {
6009 foreach ( $known_staging['constants'] as $constant ) {
6010 if ( defined( $constant ) && constant( $constant ) ) {
6011 $is_staging = true;
6012 }
6013 }
6014 }
6015
6016 // Last, let's check if sync is erroring due to an IDC. If so, set the site to staging mode.
6017 if ( ! $is_staging && self::validate_sync_error_idc_option() ) {
6018 $is_staging = true;
6019 }
6020
6021 /**
6022 * Filters is_staging_site check.
6023 *
6024 * @since 3.9.0
6025 *
6026 * @param bool $is_staging If the current site is a staging site.
6027 */
6028 return apply_filters( 'jetpack_is_staging_site', $is_staging );
6029 }
6030
6031 /**
6032 * Checks whether the sync_error_idc option is valid or not, and if not, will do cleanup.
6033 *
6034 * @since 4.4.0
6035 * @since 5.4.0 Do not call get_sync_error_idc_option() unless site is in IDC
6036 *
6037 * @return bool
6038 */
6039 public static function validate_sync_error_idc_option() {
6040 $is_valid = false;
6041
6042 $idc_allowed = get_transient( 'jetpack_idc_allowed' );
6043 if ( false === $idc_allowed ) {
6044 $response = wp_remote_get( 'https://jetpack.com/is-idc-allowed/' );
6045 if ( 200 === (int) wp_remote_retrieve_response_code( $response ) ) {
6046 $json = json_decode( wp_remote_retrieve_body( $response ) );
6047 $idc_allowed = isset( $json, $json->result ) && $json->result ? '1' : '0';
6048 $transient_duration = HOUR_IN_SECONDS;
6049 } else {
6050 // If the request failed for some reason, then assume IDC is allowed and set shorter transient.
6051 $idc_allowed = '1';
6052 $transient_duration = 5 * MINUTE_IN_SECONDS;
6053 }
6054
6055 set_transient( 'jetpack_idc_allowed', $idc_allowed, $transient_duration );
6056 }
6057
6058 // Is the site opted in and does the stored sync_error_idc option match what we now generate?
6059 $sync_error = Jetpack_Options::get_option( 'sync_error_idc' );
6060 if ( $idc_allowed && $sync_error && self::sync_idc_optin() ) {
6061 $local_options = self::get_sync_error_idc_option();
6062 if ( $sync_error['home'] === $local_options['home'] && $sync_error['siteurl'] === $local_options['siteurl'] ) {
6063 $is_valid = true;
6064 }
6065 }
6066
6067 /**
6068 * Filters whether the sync_error_idc option is valid.
6069 *
6070 * @since 4.4.0
6071 *
6072 * @param bool $is_valid If the sync_error_idc is valid or not.
6073 */
6074 $is_valid = (bool) apply_filters( 'jetpack_sync_error_idc_validation', $is_valid );
6075
6076 if ( ! $idc_allowed || ( ! $is_valid && $sync_error ) ) {
6077 // Since the option exists, and did not validate, delete it
6078 Jetpack_Options::delete_option( 'sync_error_idc' );
6079 }
6080
6081 return $is_valid;
6082 }
6083
6084 /**
6085 * Normalizes a url by doing three things:
6086 * - Strips protocol
6087 * - Strips www
6088 * - Adds a trailing slash
6089 *
6090 * @since 4.4.0
6091 * @param string $url
6092 * @return WP_Error|string
6093 */
6094 public static function normalize_url_protocol_agnostic( $url ) {
6095 $parsed_url = wp_parse_url( trailingslashit( esc_url_raw( $url ) ) );
6096 if ( ! $parsed_url || empty( $parsed_url['host'] ) || empty( $parsed_url['path'] ) ) {
6097 return new WP_Error( 'cannot_parse_url', sprintf( esc_html__( 'Cannot parse URL %s', 'jetpack' ), $url ) );
6098 }
6099
6100 // Strip www and protocols
6101 $url = preg_replace( '/^www\./i', '', $parsed_url['host'] . $parsed_url['path'] );
6102 return $url;
6103 }
6104
6105 /**
6106 * Gets the value that is to be saved in the jetpack_sync_error_idc option.
6107 *
6108 * @since 4.4.0
6109 * @since 5.4.0 Add transient since home/siteurl retrieved directly from DB
6110 *
6111 * @param array $response
6112 * @return array Array of the local urls, wpcom urls, and error code
6113 */
6114 public static function get_sync_error_idc_option( $response = array() ) {
6115 // Since the local options will hit the database directly, store the values
6116 // in a transient to allow for autoloading and caching on subsequent views.
6117 $local_options = get_transient( 'jetpack_idc_local' );
6118 if ( false === $local_options ) {
6119 require_once JETPACK__PLUGIN_DIR . 'sync/class.jetpack-sync-functions.php';
6120 $local_options = array(
6121 'home' => Jetpack_Sync_Functions::home_url(),
6122 'siteurl' => Jetpack_Sync_Functions::site_url(),
6123 );
6124 set_transient( 'jetpack_idc_local', $local_options, MINUTE_IN_SECONDS );
6125 }
6126
6127 $options = array_merge( $local_options, $response );
6128
6129 $returned_values = array();
6130 foreach( $options as $key => $option ) {
6131 if ( 'error_code' === $key ) {
6132 $returned_values[ $key ] = $option;
6133 continue;
6134 }
6135
6136 if ( is_wp_error( $normalized_url = self::normalize_url_protocol_agnostic( $option ) ) ) {
6137 continue;
6138 }
6139
6140 $returned_values[ $key ] = $normalized_url;
6141 }
6142
6143 set_transient( 'jetpack_idc_option', $returned_values, MINUTE_IN_SECONDS );
6144
6145 return $returned_values;
6146 }
6147
6148 /**
6149 * Returns the value of the jetpack_sync_idc_optin filter, or constant.
6150 * If set to true, the site will be put into staging mode.
6151 *
6152 * @since 4.3.2
6153 * @return bool
6154 */
6155 public static function sync_idc_optin() {
6156 if ( Jetpack_Constants::is_defined( 'JETPACK_SYNC_IDC_OPTIN' ) ) {
6157 $default = Jetpack_Constants::get_constant( 'JETPACK_SYNC_IDC_OPTIN' );
6158 } else {
6159 $default = ! Jetpack_Constants::is_defined( 'SUNRISE' ) && ! is_multisite();
6160 }
6161
6162 /**
6163 * Allows sites to optin to IDC mitigation which blocks the site from syncing to WordPress.com when the home
6164 * URL or site URL do not match what WordPress.com expects. The default value is either false, or the value of
6165 * JETPACK_SYNC_IDC_OPTIN constant if set.
6166 *
6167 * @since 4.3.2
6168 *
6169 * @param bool $default Whether the site is opted in to IDC mitigation.
6170 */
6171 return (bool) apply_filters( 'jetpack_sync_idc_optin', $default );
6172 }
6173
6174 /**
6175 * Maybe Use a .min.css stylesheet, maybe not.
6176 *
6177 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
6178 */
6179 public static function maybe_min_asset( $url, $path, $plugin ) {
6180 // Short out on things trying to find actual paths.
6181 if ( ! $path || empty( $plugin ) ) {
6182 return $url;
6183 }
6184
6185 $path = ltrim( $path, '/' );
6186
6187 // Strip out the abspath.
6188 $base = dirname( plugin_basename( $plugin ) );
6189
6190 // Short out on non-Jetpack assets.
6191 if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
6192 return $url;
6193 }
6194
6195 // File name parsing.
6196 $file = "{$base}/{$path}";
6197 $full_path = JETPACK__PLUGIN_DIR . substr( $file, 8 );
6198 $file_name = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
6199 $file_name_parts_r = array_reverse( explode( '.', $file_name ) );
6200 $extension = array_shift( $file_name_parts_r );
6201
6202 if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
6203 // Already pointing at the minified version.
6204 if ( 'min' === $file_name_parts_r[0] ) {
6205 return $url;
6206 }
6207
6208 $min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
6209 if ( file_exists( $min_full_path ) ) {
6210 $url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
6211 // If it's a CSS file, stash it so we can set the .min suffix for rtl-ing.
6212 if ( 'css' === $extension ) {
6213 $key = str_replace( JETPACK__PLUGIN_DIR, 'jetpack/', $min_full_path );
6214 self::$min_assets[ $key ] = $path;
6215 }
6216 }
6217 }
6218
6219 return $url;
6220 }
6221
6222 /**
6223 * If the asset is minified, let's flag .min as the suffix.
6224 *
6225 * Attached to `style_loader_src` filter.
6226 *
6227 * @param string $tag The tag that would link to the external asset.
6228 * @param string $handle The registered handle of the script in question.
6229 * @param string $href The url of the asset in question.
6230 */
6231 public static function set_suffix_on_min( $src, $handle ) {
6232 if ( false === strpos( $src, '.min.css' ) ) {
6233 return $src;
6234 }
6235
6236 if ( ! empty( self::$min_assets ) ) {
6237 foreach ( self::$min_assets as $file => $path ) {
6238 if ( false !== strpos( $src, $file ) ) {
6239 wp_style_add_data( $handle, 'suffix', '.min' );
6240 return $src;
6241 }
6242 }
6243 }
6244
6245 return $src;
6246 }
6247
6248 /**
6249 * Maybe inlines a stylesheet.
6250 *
6251 * If you'd like to inline a stylesheet instead of printing a link to it,
6252 * wp_style_add_data( 'handle', 'jetpack-inline', true );
6253 *
6254 * Attached to `style_loader_tag` filter.
6255 *
6256 * @param string $tag The tag that would link to the external asset.
6257 * @param string $handle The registered handle of the script in question.
6258 *
6259 * @return string
6260 */
6261 public static function maybe_inline_style( $tag, $handle ) {
6262 global $wp_styles;
6263 $item = $wp_styles->registered[ $handle ];
6264
6265 if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
6266 return $tag;
6267 }
6268
6269 if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
6270 $href = $matches[1];
6271 // Strip off query string
6272 if ( $pos = strpos( $href, '?' ) ) {
6273 $href = substr( $href, 0, $pos );
6274 }
6275 // Strip off fragment
6276 if ( $pos = strpos( $href, '#' ) ) {
6277 $href = substr( $href, 0, $pos );
6278 }
6279 } else {
6280 return $tag;
6281 }
6282
6283 $plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
6284 if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
6285 return $tag;
6286 }
6287
6288 // If this stylesheet has a RTL version, and the RTL version replaces normal...
6289 if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
6290 // And this isn't the pass that actually deals with the RTL version...
6291 if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
6292 // Short out, as the RTL version will deal with it in a moment.
6293 return $tag;
6294 }
6295 }
6296
6297 $file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
6298 $css = Jetpack::absolutize_css_urls( file_get_contents( $file ), $href );
6299 if ( $css ) {
6300 $tag = "<!-- Inline {$item->handle} -->\r\n";
6301 if ( empty( $item->extra['after'] ) ) {
6302 wp_add_inline_style( $handle, $css );
6303 } else {
6304 array_unshift( $item->extra['after'], $css );
6305 wp_style_add_data( $handle, 'after', $item->extra['after'] );
6306 }
6307 }
6308
6309 return $tag;
6310 }
6311
6312 /**
6313 * Loads a view file from the views
6314 *
6315 * Data passed in with the $data parameter will be available in the
6316 * template file as $data['value']
6317 *
6318 * @param string $template - Template file to load
6319 * @param array $data - Any data to pass along to the template
6320 * @return boolean - If template file was found
6321 **/
6322 public function load_view( $template, $data = array() ) {
6323 $views_dir = JETPACK__PLUGIN_DIR . 'views/';
6324
6325 if( file_exists( $views_dir . $template ) ) {
6326 require_once( $views_dir . $template );
6327 return true;
6328 }
6329
6330 error_log( "Jetpack: Unable to find view file $views_dir$template" );
6331 return false;
6332 }
6333
6334 /**
6335 * Throws warnings for deprecated hooks to be removed from Jetpack
6336 */
6337 public function deprecated_hooks() {
6338 global $wp_filter;
6339
6340 /*
6341 * Format:
6342 * deprecated_filter_name => replacement_name
6343 *
6344 * If there is no replacement, use null for replacement_name
6345 */
6346 $deprecated_list = array(
6347 'jetpack_bail_on_shortcode' => 'jetpack_shortcodes_to_include',
6348 'wpl_sharing_2014_1' => null,
6349 'jetpack-tools-to-include' => 'jetpack_tools_to_include',
6350 'jetpack_identity_crisis_options_to_check' => null,
6351 'update_option_jetpack_single_user_site' => null,
6352 'audio_player_default_colors' => null,
6353 'add_option_jetpack_featured_images_enabled' => null,
6354 'add_option_jetpack_update_details' => null,
6355 'add_option_jetpack_updates' => null,
6356 'add_option_jetpack_network_name' => null,
6357 'add_option_jetpack_network_allow_new_registrations' => null,
6358 'add_option_jetpack_network_add_new_users' => null,
6359 'add_option_jetpack_network_site_upload_space' => null,
6360 'add_option_jetpack_network_upload_file_types' => null,
6361 'add_option_jetpack_network_enable_administration_menus' => null,
6362 'add_option_jetpack_is_multi_site' => null,
6363 'add_option_jetpack_is_main_network' => null,
6364 'add_option_jetpack_main_network_site' => null,
6365 'jetpack_sync_all_registered_options' => null,
6366 'jetpack_has_identity_crisis' => 'jetpack_sync_error_idc_validation',
6367 'jetpack_is_post_mailable' => null,
6368 'jetpack_seo_site_host' => null,
6369 'jetpack_installed_plugin' => 'jetpack_plugin_installed',
6370 'jetpack_holiday_snow_option_name' => null,
6371 'jetpack_holiday_chance_of_snow' => null,
6372 'jetpack_holiday_snow_js_url' => null,
6373 'jetpack_is_holiday_snow_season' => null,
6374 'jetpack_holiday_snow_option_updated' => null,
6375 'jetpack_holiday_snowing' => null,
6376 'jetpack_sso_auth_cookie_expirtation' => 'jetpack_sso_auth_cookie_expiration',
6377 'jetpack_cache_plans' => null,
6378 'jetpack_updated_theme' => 'jetpack_updated_themes',
6379 'jetpack_lazy_images_skip_image_with_atttributes' => 'jetpack_lazy_images_skip_image_with_attributes',
6380 'jetpack_enable_site_verification' => null,
6381 'can_display_jetpack_manage_notice' => null,
6382 // Removed in Jetpack 7.3.0
6383 'atd_load_scripts' => null,
6384 'atd_http_post_timeout' => null,
6385 'atd_http_post_error' => null,
6386 'atd_service_domain' => null,
6387 );
6388
6389 // This is a silly loop depth. Better way?
6390 foreach( $deprecated_list AS $hook => $hook_alt ) {
6391 if ( has_action( $hook ) ) {
6392 foreach( $wp_filter[ $hook ] AS $func => $values ) {
6393 foreach( $values AS $hooked ) {
6394 if ( is_callable( $hooked['function'] ) ) {
6395 $function_name = 'an anonymous function';
6396 } else {
6397 $function_name = $hooked['function'];
6398 }
6399 _deprecated_function( $hook . ' used for ' . $function_name, null, $hook_alt );
6400 }
6401 }
6402 }
6403 }
6404 }
6405
6406 /**
6407 * Converts any url in a stylesheet, to the correct absolute url.
6408 *
6409 * Considerations:
6410 * - Normal, relative URLs `feh.png`
6411 * - Data URLs `data:image/gif;base64,eh129ehiuehjdhsa==`
6412 * - Schema-agnostic URLs `//domain.com/feh.png`
6413 * - Absolute URLs `http://domain.com/feh.png`
6414 * - Domain root relative URLs `/feh.png`
6415 *
6416 * @param $css string: The raw CSS -- should be read in directly from the file.
6417 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
6418 *
6419 * @return mixed|string
6420 */
6421 public static function absolutize_css_urls( $css, $css_file_url ) {
6422 $pattern = '#url\((?P<path>[^)]*)\)#i';
6423 $css_dir = dirname( $css_file_url );
6424 $p = parse_url( $css_dir );
6425 $domain = sprintf(
6426 '%1$s//%2$s%3$s%4$s',
6427 isset( $p['scheme'] ) ? "{$p['scheme']}:" : '',
6428 isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
6429 $p['host'],
6430 isset( $p['port'] ) ? ":{$p['port']}" : ''
6431 );
6432
6433 if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
6434 $find = $replace = array();
6435 foreach ( $matches as $match ) {
6436 $url = trim( $match['path'], "'\" \t" );
6437
6438 // If this is a data url, we don't want to mess with it.
6439 if ( 'data:' === substr( $url, 0, 5 ) ) {
6440 continue;
6441 }
6442
6443 // If this is an absolute or protocol-agnostic url,
6444 // we don't want to mess with it.
6445 if ( preg_match( '#^(https?:)?//#i', $url ) ) {
6446 continue;
6447 }
6448
6449 switch ( substr( $url, 0, 1 ) ) {
6450 case '/':
6451 $absolute = $domain . $url;
6452 break;
6453 default:
6454 $absolute = $css_dir . '/' . $url;
6455 }
6456
6457 $find[] = $match[0];
6458 $replace[] = sprintf( 'url("%s")', $absolute );
6459 }
6460 $css = str_replace( $find, $replace, $css );
6461 }
6462
6463 return $css;
6464 }
6465
6466 /**
6467 * This methods removes all of the registered css files on the front end
6468 * from Jetpack in favor of using a single file. In effect "imploding"
6469 * all the files into one file.
6470 *
6471 * Pros:
6472 * - Uses only ONE css asset connection instead of 15
6473 * - Saves a minimum of 56k
6474 * - Reduces server load
6475 * - Reduces time to first painted byte
6476 *
6477 * Cons:
6478 * - Loads css for ALL modules. However all selectors are prefixed so it
6479 * should not cause any issues with themes.
6480 * - Plugins/themes dequeuing styles no longer do anything. See
6481 * jetpack_implode_frontend_css filter for a workaround
6482 *
6483 * For some situations developers may wish to disable css imploding and
6484 * instead operate in legacy mode where each file loads seperately and
6485 * can be edited individually or dequeued. This can be accomplished with
6486 * the following line:
6487 *
6488 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
6489 *
6490 * @since 3.2
6491 **/
6492 public function implode_frontend_css( $travis_test = false ) {
6493 $do_implode = true;
6494 if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
6495 $do_implode = false;
6496 }
6497
6498 // Do not implode CSS when the page loads via the AMP plugin.
6499 if ( Jetpack_AMP_Support::is_amp_request() ) {
6500 $do_implode = false;
6501 }
6502
6503 /**
6504 * Allow CSS to be concatenated into a single jetpack.css file.
6505 *
6506 * @since 3.2.0
6507 *
6508 * @param bool $do_implode Should CSS be concatenated? Default to true.
6509 */
6510 $do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
6511
6512 // Do not use the imploded file when default behavior was altered through the filter
6513 if ( ! $do_implode ) {
6514 return;
6515 }
6516
6517 // We do not want to use the imploded file in dev mode, or if not connected
6518 if ( Jetpack::is_development_mode() || ! self::is_active() ) {
6519 if ( ! $travis_test ) {
6520 return;
6521 }
6522 }
6523
6524 // Do not use the imploded file if sharing css was dequeued via the sharing settings screen
6525 if ( get_option( 'sharedaddy_disable_resources' ) ) {
6526 return;
6527 }
6528
6529 /*
6530 * Now we assume Jetpack is connected and able to serve the single
6531 * file.
6532 *
6533 * In the future there will be a check here to serve the file locally
6534 * or potentially from the Jetpack CDN
6535 *
6536 * For now:
6537 * - Enqueue a single imploded css file
6538 * - Zero out the style_loader_tag for the bundled ones
6539 * - Be happy, drink scotch
6540 */
6541
6542 add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
6543
6544 $version = Jetpack::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
6545
6546 wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
6547 wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
6548 }
6549
6550 function concat_remove_style_loader_tag( $tag, $handle ) {
6551 if ( in_array( $handle, $this->concatenated_style_handles ) ) {
6552 $tag = '';
6553 if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
6554 $tag = "<!-- `" . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
6555 }
6556 }
6557
6558 return $tag;
6559 }
6560
6561 /*
6562 * Check the heartbeat data
6563 *
6564 * Organizes the heartbeat data by severity. For example, if the site
6565 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
6566 *
6567 * Data will be added to "caution" array, if it either:
6568 * - Out of date Jetpack version
6569 * - Out of date WP version
6570 * - Out of date PHP version
6571 *
6572 * $return array $filtered_data
6573 */
6574 public static function jetpack_check_heartbeat_data() {
6575 $raw_data = Jetpack_Heartbeat::generate_stats_array();
6576
6577 $good = array();
6578 $caution = array();
6579 $bad = array();
6580
6581 foreach ( $raw_data as $stat => $value ) {
6582
6583 // Check jetpack version
6584 if ( 'version' == $stat ) {
6585 if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
6586 $caution[ $stat ] = $value . " - min supported is " . JETPACK__VERSION;
6587 continue;
6588 }
6589 }
6590
6591 // Check WP version
6592 if ( 'wp-version' == $stat ) {
6593 if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
6594 $caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_WP_VERSION;
6595 continue;
6596 }
6597 }
6598
6599 // Check PHP version
6600 if ( 'php-version' == $stat ) {
6601 if ( version_compare( PHP_VERSION, '5.2.4', '<' ) ) {
6602 $caution[ $stat ] = $value . " - min supported is 5.2.4";
6603 continue;
6604 }
6605 }
6606
6607 // Check ID crisis
6608 if ( 'identitycrisis' == $stat ) {
6609 if ( 'yes' == $value ) {
6610 $bad[ $stat ] = $value;
6611 continue;
6612 }
6613 }
6614
6615 // The rest are good :)
6616 $good[ $stat ] = $value;
6617 }
6618
6619 $filtered_data = array(
6620 'good' => $good,
6621 'caution' => $caution,
6622 'bad' => $bad
6623 );
6624
6625 return $filtered_data;
6626 }
6627
6628
6629 /*
6630 * This method is used to organize all options that can be reset
6631 * without disconnecting Jetpack.
6632 *
6633 * It is used in class.jetpack-cli.php to reset options
6634 *
6635 * @since 5.4.0 Logic moved to Jetpack_Options class. Method left in Jetpack class for backwards compat.
6636 *
6637 * @return array of options to delete.
6638 */
6639 public static function get_jetpack_options_for_reset() {
6640 return Jetpack_Options::get_options_for_reset();
6641 }
6642
6643 /*
6644 * Strip http:// or https:// from a url, replaces forward slash with ::,
6645 * so we can bring them directly to their site in calypso.
6646 *
6647 * @param string | url
6648 * @return string | url without the guff
6649 */
6650 public static function build_raw_urls( $url ) {
6651 $strip_http = '/.*?:\/\//i';
6652 $url = preg_replace( $strip_http, '', $url );
6653 $url = str_replace( '/', '::', $url );
6654 return $url;
6655 }
6656
6657 /**
6658 * Stores and prints out domains to prefetch for page speed optimization.
6659 *
6660 * @param mixed $new_urls
6661 */
6662 public static function dns_prefetch( $new_urls = null ) {
6663 static $prefetch_urls = array();
6664 if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6665 echo "\r\n";
6666 foreach ( $prefetch_urls as $this_prefetch_url ) {
6667 printf( "<link rel='dns-prefetch' href='%s'/>\r\n", esc_attr( $this_prefetch_url ) );
6668 }
6669 } elseif ( ! empty( $new_urls ) ) {
6670 if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6671 add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6672 }
6673 foreach ( (array) $new_urls as $this_new_url ) {
6674 $prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6675 }
6676 $prefetch_urls = array_unique( $prefetch_urls );
6677 }
6678 }
6679
6680 public function wp_dashboard_setup() {
6681 if ( self::is_active() ) {
6682 add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6683 }
6684
6685 if ( has_action( 'jetpack_dashboard_widget' ) ) {
6686 $widget_title = sprintf(
6687 wp_kses(
6688 /* translators: Placeholder is a Jetpack logo. */
6689 __( 'Stats <span>by %s</span>', 'jetpack' ),
6690 array( 'span' => array() )
6691 ),
6692 Jetpack::get_jp_emblem( true )
6693 );
6694
6695 wp_add_dashboard_widget(
6696 'jetpack_summary_widget',
6697 $widget_title,
6698 array( __CLASS__, 'dashboard_widget' )
6699 );
6700 wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6701
6702 // If we're inactive and not in development mode, sort our box to the top.
6703 if ( ! self::is_active() && ! self::is_development_mode() ) {
6704 global $wp_meta_boxes;
6705
6706 $dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6707 $ours = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6708
6709 $wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6710 }
6711 }
6712 }
6713
6714 /**
6715 * @param mixed $result Value for the user's option
6716 * @return mixed
6717 */
6718 function get_user_option_meta_box_order_dashboard( $sorted ) {
6719 if ( ! is_array( $sorted ) ) {
6720 return $sorted;
6721 }
6722
6723 foreach ( $sorted as $box_context => $ids ) {
6724 if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6725 // If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6726 continue;
6727 }
6728
6729 $ids_array = explode( ',', $ids );
6730 $key = array_search( 'dashboard_stats', $ids_array );
6731
6732 if ( false !== $key ) {
6733 // If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6734 $ids_array[ $key ] = 'jetpack_summary_widget';
6735 $sorted[ $box_context ] = implode( ',', $ids_array );
6736 // We've found it, stop searching, and just return.
6737 break;
6738 }
6739 }
6740
6741 return $sorted;
6742 }
6743
6744 public static function dashboard_widget() {
6745 /**
6746 * Fires when the dashboard is loaded.
6747 *
6748 * @since 3.4.0
6749 */
6750 do_action( 'jetpack_dashboard_widget' );
6751 }
6752
6753 public static function dashboard_widget_footer() {
6754 ?>
6755 <footer>
6756
6757 <div class="protect">
6758 <?php if ( Jetpack::is_module_active( 'protect' ) ) : ?>
6759 <h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3>
6760 <p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6761 <?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?>
6762 <a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( array( 'action' => 'activate', 'module' => 'protect' ) ), 'jetpack_activate-protect' ) ); ?>" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
6763 <?php esc_html_e( 'Activate Protect', 'jetpack' ); ?>
6764 </a>
6765 <?php else : ?>
6766 <?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?>
6767 <?php endif; ?>
6768 </div>
6769
6770 <div class="akismet">
6771 <?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
6772 <h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3>
6773 <p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6774 <?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
6775 <a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => 'akismet/akismet.php' ), admin_url( 'plugins.php' ) ), 'activate-plugin_akismet/akismet.php' ) ); ?>" class="button button-jetpack">
6776 <?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?>
6777 </a>
6778 <?php else : ?>
6779 <p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
6780 <?php endif; ?>
6781 </div>
6782
6783 </footer>
6784 <?php
6785 }
6786
6787 /**
6788 * Return string containing the Jetpack logo.
6789 *
6790 * @since 3.9.0
6791 *
6792 * @param bool $logotype Should we use the full logotype (logo + text). Default to false.
6793 *
6794 * @return string
6795 */
6796 public static function get_jp_emblem( $logotype = false ) {
6797 $logo = '<path fill="#00BE28" d="M16,0C7.2,0,0,7.2,0,16s7.2,16,16,16c8.8,0,16-7.2,16-16S24.8,0,16,0z M15.2,18.7h-8l8-15.5V18.7z M16.8,28.8 V13.3h8L16.8,28.8z"/>';
6798 $text = '
6799<path d="M41.3,26.6c-0.5-0.7-0.9-1.4-1.3-2.1c2.3-1.4,3-2.5,3-4.6V8h-3V6h6v13.4C46,22.8,45,24.8,41.3,26.6z" />
6800<path d="M65,18.4c0,1.1,0.8,1.3,1.4,1.3c0.5,0,2-0.2,2.6-0.4v2.1c-0.9,0.3-2.5,0.5-3.7,0.5c-1.5,0-3.2-0.5-3.2-3.1V12H60v-2h2.1V7.1 H65V10h4v2h-4V18.4z" />
6801<path d="M71,10h3v1.3c1.1-0.8,1.9-1.3,3.3-1.3c2.5,0,4.5,1.8,4.5,5.6s-2.2,6.3-5.8,6.3c-0.9,0-1.3-0.1-2-0.3V28h-3V10z M76.5,12.3 c-0.8,0-1.6,0.4-2.5,1.2v5.9c0.6,0.1,0.9,0.2,1.8,0.2c2,0,3.2-1.3,3.2-3.9C79,13.4,78.1,12.3,76.5,12.3z" />
6802<path d="M93,22h-3v-1.5c-0.9,0.7-1.9,1.5-3.5,1.5c-1.5,0-3.1-1.1-3.1-3.2c0-2.9,2.5-3.4,4.2-3.7l2.4-0.3v-0.3c0-1.5-0.5-2.3-2-2.3 c-0.7,0-2.3,0.5-3.7,1.1L84,11c1.2-0.4,3-1,4.4-1c2.7,0,4.6,1.4,4.6,4.7L93,22z M90,16.4l-2.2,0.4c-0.7,0.1-1.4,0.5-1.4,1.6 c0,0.9,0.5,1.4,1.3,1.4s1.5-0.5,2.3-1V16.4z" />
6803<path d="M104.5,21.3c-1.1,0.4-2.2,0.6-3.5,0.6c-4.2,0-5.9-2.4-5.9-5.9c0-3.7,2.3-6,6.1-6c1.4,0,2.3,0.2,3.2,0.5V13 c-0.8-0.3-2-0.6-3.2-0.6c-1.7,0-3.2,0.9-3.2,3.6c0,2.9,1.5,3.8,3.3,3.8c0.9,0,1.9-0.2,3.2-0.7V21.3z" />
6804<path d="M110,15.2c0.2-0.3,0.2-0.8,3.8-5.2h3.7l-4.6,5.7l5,6.3h-3.7l-4.2-5.8V22h-3V6h3V15.2z" />
6805<path d="M58.5,21.3c-1.5,0.5-2.7,0.6-4.2,0.6c-3.6,0-5.8-1.8-5.8-6c0-3.1,1.9-5.9,5.5-5.9s4.9,2.5,4.9,4.9c0,0.8,0,1.5-0.1,2h-7.3 c0.1,2.5,1.5,2.8,3.6,2.8c1.1,0,2.2-0.3,3.4-0.7C58.5,19,58.5,21.3,58.5,21.3z M56,15c0-1.4-0.5-2.9-2-2.9c-1.4,0-2.3,1.3-2.4,2.9 C51.6,15,56,15,56,15z" />
6806 ';
6807
6808 return sprintf(
6809 '<svg id="jetpack-logo__icon" xmlns="http://www.w3.org/2000/svg" x="0px" y="0px" viewBox="0 0 %1$s 32">%2$s</svg>',
6810 ( true === $logotype ? '118' : '32' ),
6811 ( true === $logotype ? $logo . $text : $logo )
6812 );
6813 }
6814
6815 /*
6816 * Adds a "blank" column in the user admin table to display indication of user connection.
6817 */
6818 function jetpack_icon_user_connected( $columns ) {
6819 $columns['user_jetpack'] = '';
6820 return $columns;
6821 }
6822
6823 /*
6824 * Show Jetpack icon if the user is linked.
6825 */
6826 function jetpack_show_user_connected_icon( $val, $col, $user_id ) {
6827 if ( 'user_jetpack' == $col && Jetpack::is_user_connected( $user_id ) ) {
6828 $emblem_html = sprintf(
6829 '<a title="%1$s" class="jp-emblem-user-admin">%2$s</a>',
6830 esc_attr__( 'This user is linked and ready to fly with Jetpack.', 'jetpack' ),
6831 Jetpack::get_jp_emblem()
6832 );
6833 return $emblem_html;
6834 }
6835
6836 return $val;
6837 }
6838
6839 /*
6840 * Style the Jetpack user column
6841 */
6842 function jetpack_user_col_style() {
6843 global $current_screen;
6844 if ( ! empty( $current_screen->base ) && 'users' == $current_screen->base ) { ?>
6845 <style>
6846 .fixed .column-user_jetpack {
6847 width: 21px;
6848 }
6849 .jp-emblem-user-admin svg {
6850 width: 20px;
6851 height: 20px;
6852 }
6853 .jp-emblem-user-admin path {
6854 fill: #00BE28;
6855 }
6856 </style>
6857 <?php }
6858 }
6859
6860 /**
6861 * Checks if Akismet is active and working.
6862 *
6863 * We dropped support for Akismet 3.0 with Jetpack 6.1.1 while introducing a check for an Akismet valid key
6864 * that implied usage of methods present since more recent version.
6865 * See https://github.com/Automattic/jetpack/pull/9585
6866 *
6867 * @since 5.1.0
6868 *
6869 * @return bool True = Akismet available. False = Aksimet not available.
6870 */
6871 public static function is_akismet_active() {
6872 static $status = null;
6873
6874 if ( ! is_null( $status ) ) {
6875 return $status;
6876 }
6877
6878 // Check if a modern version of Akismet is active.
6879 if ( ! method_exists( 'Akismet', 'http_post' ) ) {
6880 $status = false;
6881 return $status;
6882 }
6883
6884 // Make sure there is a key known to Akismet at all before verifying key.
6885 $akismet_key = Akismet::get_api_key();
6886 if ( ! $akismet_key ) {
6887 $status = false;
6888 return $status;
6889 }
6890
6891 // Possible values: valid, invalid, failure via Akismet. false if no status is cached.
6892 $akismet_key_state = get_transient( 'jetpack_akismet_key_is_valid' );
6893
6894 // Do not used the cache result in wp-admin or REST API requests if the key isn't valid, in case someone is actively renewing, etc.
6895 $recheck = ( is_admin() || ( defined( 'REST_REQUEST' ) && REST_REQUEST ) ) && 'valid' !== $akismet_key_state;
6896 // We cache the result of the Akismet key verification for ten minutes.
6897 if ( ! $akismet_key_state || $recheck ) {
6898 $akismet_key_state = Akismet::verify_key( $akismet_key );
6899 set_transient( 'jetpack_akismet_key_is_valid', $akismet_key_state, 10 * MINUTE_IN_SECONDS );
6900 }
6901
6902 $status = 'valid' === $akismet_key_state;
6903
6904 return $status;
6905 }
6906
6907 /**
6908 * Checks if one or more function names is in debug_backtrace
6909 *
6910 * @param $names Mixed string name of function or array of string names of functions
6911 *
6912 * @return bool
6913 */
6914 public static function is_function_in_backtrace( $names ) {
6915 $backtrace = debug_backtrace( false ); // phpcs:ignore PHPCompatibility.FunctionUse.NewFunctionParameters.debug_backtrace_optionsFound
6916 if ( ! is_array( $names ) ) {
6917 $names = array( $names );
6918 }
6919 $names_as_keys = array_flip( $names );
6920
6921 //Do check in constant O(1) time for PHP5.5+
6922 if ( function_exists( 'array_column' ) ) {
6923 $backtrace_functions = array_column( $backtrace, 'function' ); // phpcs:ignore PHPCompatibility.FunctionUse.NewFunctions.array_columnFound
6924 $backtrace_functions_as_keys = array_flip( $backtrace_functions );
6925 $intersection = array_intersect_key( $backtrace_functions_as_keys, $names_as_keys );
6926 return ! empty ( $intersection );
6927 }
6928
6929 //Do check in linear O(n) time for < PHP5.5 ( using isset at least prevents O(n^2) )
6930 foreach ( $backtrace as $call ) {
6931 if ( isset( $names_as_keys[ $call['function'] ] ) ) {
6932 return true;
6933 }
6934 }
6935 return false;
6936 }
6937
6938 /**
6939 * Given a minified path, and a non-minified path, will return
6940 * a minified or non-minified file URL based on whether SCRIPT_DEBUG is set and truthy.
6941 *
6942 * Both `$min_base` and `$non_min_base` are expected to be relative to the
6943 * root Jetpack directory.
6944 *
6945 * @since 5.6.0
6946 *
6947 * @param string $min_path
6948 * @param string $non_min_path
6949 * @return string The URL to the file
6950 */
6951 public static function get_file_url_for_environment( $min_path, $non_min_path ) {
6952 $path = ( Jetpack_Constants::is_defined( 'SCRIPT_DEBUG' ) && Jetpack_Constants::get_constant( 'SCRIPT_DEBUG' ) )
6953 ? $non_min_path
6954 : $min_path;
6955
6956 return plugins_url( $path, JETPACK__PLUGIN_FILE );
6957 }
6958
6959 /**
6960 * Checks for whether Jetpack Backup & Scan is enabled.
6961 * Will return true if the state of Backup & Scan is anything except "unavailable".
6962 * @return bool|int|mixed
6963 */
6964 public static function is_rewind_enabled() {
6965 if ( ! Jetpack::is_active() ) {
6966 return false;
6967 }
6968
6969 $rewind_enabled = get_transient( 'jetpack_rewind_enabled' );
6970 if ( false === $rewind_enabled ) {
6971 jetpack_require_lib( 'class.core-rest-api-endpoints' );
6972 $rewind_data = (array) Jetpack_Core_Json_Api_Endpoints::rewind_data();
6973 $rewind_enabled = ( ! is_wp_error( $rewind_data )
6974 && ! empty( $rewind_data['state'] )
6975 && 'active' === $rewind_data['state'] )
6976 ? 1
6977 : 0;
6978
6979 set_transient( 'jetpack_rewind_enabled', $rewind_enabled, 10 * MINUTE_IN_SECONDS );
6980 }
6981 return $rewind_enabled;
6982 }
6983
6984 /**
6985 * Checks whether or not TOS has been agreed upon.
6986 * Will return true if a user has clicked to register, or is already connected.
6987 */
6988 public static function jetpack_tos_agreed() {
6989 return Jetpack_Options::get_option( 'tos_agreed' ) || Jetpack::is_active();
6990 }
6991
6992 /**
6993 * Handles activating default modules as well general cleanup for the new connection.
6994 *
6995 * @param boolean $activate_sso Whether to activate the SSO module when activating default modules.
6996 * @param boolean $redirect_on_activation_error Whether to redirect on activation error.
6997 * @param boolean $send_state_messages Whether to send state messages.
6998 * @return void
6999 */
7000 public static function handle_post_authorization_actions(
7001 $activate_sso = false,
7002 $redirect_on_activation_error = false,
7003 $send_state_messages = true
7004 ) {
7005 $other_modules = $activate_sso
7006 ? array( 'sso' )
7007 : array();
7008
7009 if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
7010 Jetpack::delete_active_modules();
7011
7012 Jetpack::activate_default_modules( 999, 1, array_merge( $active_modules, $other_modules ), $redirect_on_activation_error, $send_state_messages );
7013 } else {
7014 Jetpack::activate_default_modules( false, false, $other_modules, $redirect_on_activation_error, $send_state_messages );
7015 }
7016
7017 // Since this is a fresh connection, be sure to clear out IDC options
7018 Jetpack_IDC::clear_all_idc_options();
7019 Jetpack_Options::delete_raw_option( 'jetpack_last_connect_url_check' );
7020
7021 // Start nonce cleaner
7022 wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
7023 wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
7024
7025 if ( $send_state_messages ) {
7026 Jetpack::state( 'message', 'authorized' );
7027 }
7028 }
7029
7030 /**
7031 * Returns a boolean for whether backups UI should be displayed or not.
7032 *
7033 * @return bool Should backups UI be displayed?
7034 */
7035 public static function show_backups_ui() {
7036 /**
7037 * Whether UI for backups should be displayed.
7038 *
7039 * @since 6.5.0
7040 *
7041 * @param bool $show_backups Should UI for backups be displayed? True by default.
7042 */
7043 return Jetpack::is_plugin_active( 'vaultpress/vaultpress.php' ) || apply_filters( 'jetpack_show_backups', true );
7044 }
7045
7046 /*
7047 * Deprecated manage functions
7048 */
7049 function prepare_manage_jetpack_notice() {
7050 _deprecated_function( __METHOD__, 'jetpack-7.3' );
7051 }
7052 function manage_activate_screen() {
7053 _deprecated_function( __METHOD__, 'jetpack-7.3' );
7054 }
7055 function admin_jetpack_manage_notice() {
7056 _deprecated_function( __METHOD__, 'jetpack-7.3' );
7057 }
7058 function opt_out_jetpack_manage_url() {
7059 _deprecated_function( __METHOD__, 'jetpack-7.3' );
7060 }
7061 function opt_in_jetpack_manage_url() {
7062 _deprecated_function( __METHOD__, 'jetpack-7.3' );
7063 }
7064 function opt_in_jetpack_manage_notice() {
7065 _deprecated_function( __METHOD__, 'jetpack-7.3' );
7066 }
7067 function can_display_jetpack_manage_notice() {
7068 _deprecated_function( __METHOD__, 'jetpack-7.3' );
7069 }
7070
7071 /**
7072 * Clean leftoveruser meta.
7073 *
7074 * Delete Jetpack-related user meta when it is no longer needed.
7075 *
7076 * @since 7.3.0
7077 *
7078 * @param int $user_id User ID being updated.
7079 */
7080 public static function user_meta_cleanup( $user_id ) {
7081 $meta_keys = array(
7082 // AtD removed from Jetpack 7.3
7083 'AtD_options',
7084 'AtD_check_when',
7085 'AtD_guess_lang',
7086 'AtD_ignored_phrases',
7087 );
7088
7089 foreach ( $meta_keys as $meta_key ) {
7090 if ( get_user_meta( $user_id, $meta_key ) ) {
7091 delete_user_meta( $user_id, $meta_key );
7092 }
7093 }
7094 }
7095}