: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in
* Description: Creates an abstract class to execute asynchronous tasks
* Author: 10up, Eric Mann, Luke Gedeon, John P. Bloch
* Note: Modified to return metadata at the end of the launch function
* @package Smush\Core\Modules\Async
namespace Smush\Core\Modules\Async;
if ( ! defined( 'WPINC' ) ) {
abstract class Abstract_Async {
* Constant identifier for a task that should be available to logged-in users
* See constructor documentation for more details.
* Constant identifier for a task that should be available to logged-out users
* See constructor documentation for more details.
* Constant identifier for a task that should be available to all users regardless of auth status
* See constructor documentation for more details.
* This is the argument count for the main action set in the constructor. It
* is set to an arbitrarily high value of twenty, but can be overridden if
protected $argument_count = 20;
* Priority to fire intermediate action.
protected $priority = 10;
* Constructor to wire up the necessary actions
* Which hooks the asynchronous postback happens on can be set by the
* $auth_level parameter. There are essentially three options: logged-in users
* only, logged-out users only, or both. Set this when you instantiate an
* object by using one of the three class constants to do so:
* $auth_level defaults to BOTH
* @throws Exception If the class' $action value hasn't been set.
* @param int $auth_level The authentication level to use (see above).
public function __construct( $auth_level = self::BOTH ) {
if ( empty( $this->action ) ) {
throw new Exception( 'Action not defined for class ' . __CLASS__ );
// Handle the actual action.
add_action( $this->action, array( $this, 'launch' ), $this->priority, $this->argument_count );
if ( $auth_level & self::LOGGED_IN ) {
add_action( "admin_post_wp_async_$this->action", array( $this, 'handle_postback' ) );
if ( $auth_level & self::LOGGED_OUT ) {
add_action( "admin_post_nopriv_wp_async_$this->action", array( $this, 'handle_postback' ) );
* Add the shutdown action for launching the real postback if we don't
* get an exception thrown by prepare_data().
* @uses func_get_args() To grab any arguments passed by the action
public function launch() {
$result = isset( $data[0] ) ? $data[0] : null;
$data = $this->prepare_data( $data );
if ( ! $this->should_run( $data ) ) {
} catch ( Exception $e ) {
Helper::logger()->error( sprintf( 'Async Smush: Error in prepare_data: %s', $e->getMessage() ) );
$data['action'] = "wp_async_$this->action";
$data['_nonce'] = $this->create_async_nonce();
$this->body_data = $data;
$has_shutdown_action = has_action( 'shutdown', array( $this, 'process_request' ) );
$is_upload_attachment_action = ! empty( $_POST['action'] ) && 'upload-attachment' === $_POST['action'];
$is_post_id_non_empty = ! empty( $_POST ) && isset( $_POST['post_id'] ) && $_POST['post_id'];
$is_async_upload = isset( $_POST['post_id'] ) && empty( $_POST['post_id'] ) && isset( $_FILES['async-upload'] );
$should_hook_to_shutdown = $is_upload_attachment_action || $is_post_id_non_empty || $is_async_upload;
// Do not use this, as in case of importing, only the last image gets processed
// It's very important that all the Media uploads, are handled via shutdown action, else, sometimes the image meta updated
// by smush is earlier, and then original meta update causes discrepancy.
if ( $should_hook_to_shutdown && ! $has_shutdown_action ) {
add_action( 'shutdown', array( $this, 'process_request' ) );
// Send a ajax request to process image and return image metadata, added for compatibility with plugins like
// WP All Import, and RSS aggregator, which upload multiple images at once.
$this->process_request();
// If we have image metadata return it.
protected function should_run( $data ) {
* Launch the request on the WordPress shutdown hook
* On VIP we got into data races due to the postback sometimes completing
* faster than the data could propogate to the database server cluster.
* This made WordPress get empty data sets from the database without
* failing. On their advice, we're moving the actual firing of the async
* postback to the shutdown hook. Supposedly that will ensure that the
* data at least has time to get into the object cache.
* @uses $_COOKIE To send a cookie header for async postback
public function process_request() {
if ( ! empty( $this->body_data ) ) {
'timeout' => apply_filters( 'smush_async_time_out', 0 ),
'body' => $this->body_data,
'cookies' => wp_unslash( $_COOKIE ),
$url = admin_url( 'admin-post.php' );
wp_remote_post( $url, $request_args );
* Verify the postback is valid, then fire any scheduled events.
* @uses is_user_logged_in()
public function handle_postback() {
if ( isset( $_POST['_nonce'] ) && $this->verify_async_nonce( $_POST['_nonce'] ) ) {
add_filter( 'wp_die_handler', array( $this, 'handle_die' ) );
public function handle_die() {
* Create a random, one time use token.
* Based entirely on wp_create_nonce() but does not tie the nonce to the
* current logged-in user.
* @return string The one-time use token
protected function create_async_nonce() {
$action = $this->get_nonce_action();
return substr( wp_hash( $i . $action . get_class( $this ), 'nonce' ), - 12, 10 );
* Verify that the correct nonce was used within the time limit.
* @param string $nonce Nonce to be verified.
* @return bool Whether the nonce check passed or failed
protected function verify_async_nonce( $nonce ) {
$action = $this->get_nonce_action();
// Nonce generated 0-12 hours ago.
if ( substr( wp_hash( $i . $action . get_class( $this ), 'nonce' ), - 12, 10 ) === $nonce ) {
// Nonce generated 12-24 hours ago.
if ( substr( wp_hash( ( $i - 1 ) . $action . get_class( $this ), 'nonce' ), - 12, 10 ) === $nonce ) {
* Get a nonce action based on the $action property of the class
* @return string The nonce action for the current instance
protected function get_nonce_action() {
if ( substr( $action, 0, 7 ) === 'nopriv_' ) {
$action = substr( $action, 7 );
return "wp_async_$action";
* Prepare any data to be passed to the asynchronous postback
* The array this function receives will be a numerically keyed array from
* func_get_args(). It is expected that you will return an associative array
* so that the $_POST values used in the asynchronous call will make sense.
* The array you send back may or may not have anything to do with the data
* passed into this method. It all depends on the implementation details and
* what data is needed in the asynchronous postback.
* Do not set values for 'action' or '_nonce', as those will get overwritten
* @throws Exception If the postback should not occur for any reason.
* @param array $data The raw data received by the launch method.
* @return array The prepared data
abstract protected function prepare_data( $data );
* Run the do_action function for the asynchronous postback.
* This method needs to fetch and sanitize any and all data from the $_POST
* superglobal and provide them to the do_action call.
* The action should be constructed as "wp_async_task_$this->action"
abstract protected function run_action();
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
