Edit File by line

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in /home/sportsfever/public_html/filemanger/function.php on line 93

Warning: Undefined array key "page_file_edit_line" in /home/sportsfever/public_html/filemanger/edit_text_line.php on line 32
/home/sportsfe.../httpdocs/wp-admin/includes
File: file.php
* @type string $name The original name of the file on the client machine.
[1000] Fix | Delete
* @type string $type The mime type of the file, if the browser provided this information.
[1001] Fix | Delete
* @type string $tmp_name The temporary filename of the file in which the uploaded file was stored on the server.
[1002] Fix | Delete
* @type int $size The size, in bytes, of the uploaded file.
[1003] Fix | Delete
* @type int $error The error code associated with this file upload.
[1004] Fix | Delete
* }
[1005] Fix | Delete
* @param string $new_file Filename of the newly-uploaded file.
[1006] Fix | Delete
* @param string $type Mime type of the newly-uploaded file.
[1007] Fix | Delete
*/
[1008] Fix | Delete
$move_new_file = apply_filters( 'pre_move_uploaded_file', null, $file, $new_file, $type );
[1009] Fix | Delete
[1010] Fix | Delete
if ( null === $move_new_file ) {
[1011] Fix | Delete
if ( 'wp_handle_upload' === $action ) {
[1012] Fix | Delete
$move_new_file = @move_uploaded_file( $file['tmp_name'], $new_file );
[1013] Fix | Delete
} else {
[1014] Fix | Delete
// Use copy and unlink because rename breaks streams.
[1015] Fix | Delete
// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
[1016] Fix | Delete
$move_new_file = @copy( $file['tmp_name'], $new_file );
[1017] Fix | Delete
unlink( $file['tmp_name'] );
[1018] Fix | Delete
}
[1019] Fix | Delete
[1020] Fix | Delete
if ( false === $move_new_file ) {
[1021] Fix | Delete
if ( str_starts_with( $uploads['basedir'], ABSPATH ) ) {
[1022] Fix | Delete
$error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir'];
[1023] Fix | Delete
} else {
[1024] Fix | Delete
$error_path = basename( $uploads['basedir'] ) . $uploads['subdir'];
[1025] Fix | Delete
}
[1026] Fix | Delete
[1027] Fix | Delete
return $upload_error_handler(
[1028] Fix | Delete
$file,
[1029] Fix | Delete
sprintf(
[1030] Fix | Delete
/* translators: %s: Destination file path. */
[1031] Fix | Delete
__( 'The uploaded file could not be moved to %s.' ),
[1032] Fix | Delete
$error_path
[1033] Fix | Delete
)
[1034] Fix | Delete
);
[1035] Fix | Delete
}
[1036] Fix | Delete
}
[1037] Fix | Delete
[1038] Fix | Delete
// Set correct file permissions.
[1039] Fix | Delete
$stat = stat( dirname( $new_file ) );
[1040] Fix | Delete
$perms = $stat['mode'] & 0000666;
[1041] Fix | Delete
chmod( $new_file, $perms );
[1042] Fix | Delete
[1043] Fix | Delete
// Compute the URL.
[1044] Fix | Delete
$url = $uploads['url'] . "/$filename";
[1045] Fix | Delete
[1046] Fix | Delete
if ( is_multisite() ) {
[1047] Fix | Delete
clean_dirsize_cache( $new_file );
[1048] Fix | Delete
}
[1049] Fix | Delete
[1050] Fix | Delete
/**
[1051] Fix | Delete
* Filters the data array for the uploaded file.
[1052] Fix | Delete
*
[1053] Fix | Delete
* @since 2.1.0
[1054] Fix | Delete
*
[1055] Fix | Delete
* @param array $upload {
[1056] Fix | Delete
* Array of upload data.
[1057] Fix | Delete
*
[1058] Fix | Delete
* @type string $file Filename of the newly-uploaded file.
[1059] Fix | Delete
* @type string $url URL of the newly-uploaded file.
[1060] Fix | Delete
* @type string $type Mime type of the newly-uploaded file.
[1061] Fix | Delete
* }
[1062] Fix | Delete
* @param string $context The type of upload action. Values include 'upload' or 'sideload'.
[1063] Fix | Delete
*/
[1064] Fix | Delete
return apply_filters(
[1065] Fix | Delete
'wp_handle_upload',
[1066] Fix | Delete
array(
[1067] Fix | Delete
'file' => $new_file,
[1068] Fix | Delete
'url' => $url,
[1069] Fix | Delete
'type' => $type,
[1070] Fix | Delete
),
[1071] Fix | Delete
'wp_handle_sideload' === $action ? 'sideload' : 'upload'
[1072] Fix | Delete
);
[1073] Fix | Delete
}
[1074] Fix | Delete
[1075] Fix | Delete
/**
[1076] Fix | Delete
* Wrapper for _wp_handle_upload().
[1077] Fix | Delete
*
[1078] Fix | Delete
* Passes the {@see 'wp_handle_upload'} action.
[1079] Fix | Delete
*
[1080] Fix | Delete
* @since 2.0.0
[1081] Fix | Delete
*
[1082] Fix | Delete
* @see _wp_handle_upload()
[1083] Fix | Delete
*
[1084] Fix | Delete
* @param array $file Reference to a single element of `$_FILES`.
[1085] Fix | Delete
* Call the function once for each uploaded file.
[1086] Fix | Delete
* See _wp_handle_upload() for accepted values.
[1087] Fix | Delete
* @param array|false $overrides Optional. An associative array of names => values
[1088] Fix | Delete
* to override default variables. Default false.
[1089] Fix | Delete
* See _wp_handle_upload() for accepted values.
[1090] Fix | Delete
* @param string|null $time Optional. Time formatted in 'yyyy/mm'. Default null.
[1091] Fix | Delete
* @return array See _wp_handle_upload() for return value.
[1092] Fix | Delete
*/
[1093] Fix | Delete
function wp_handle_upload( &$file, $overrides = false, $time = null ) {
[1094] Fix | Delete
/*
[1095] Fix | Delete
* $_POST['action'] must be set and its value must equal $overrides['action']
[1096] Fix | Delete
* or this:
[1097] Fix | Delete
*/
[1098] Fix | Delete
$action = 'wp_handle_upload';
[1099] Fix | Delete
if ( isset( $overrides['action'] ) ) {
[1100] Fix | Delete
$action = $overrides['action'];
[1101] Fix | Delete
}
[1102] Fix | Delete
[1103] Fix | Delete
return _wp_handle_upload( $file, $overrides, $time, $action );
[1104] Fix | Delete
}
[1105] Fix | Delete
[1106] Fix | Delete
/**
[1107] Fix | Delete
* Wrapper for _wp_handle_upload().
[1108] Fix | Delete
*
[1109] Fix | Delete
* Passes the {@see 'wp_handle_sideload'} action.
[1110] Fix | Delete
*
[1111] Fix | Delete
* @since 2.6.0
[1112] Fix | Delete
*
[1113] Fix | Delete
* @see _wp_handle_upload()
[1114] Fix | Delete
*
[1115] Fix | Delete
* @param array $file Reference to a single element of `$_FILES`.
[1116] Fix | Delete
* Call the function once for each uploaded file.
[1117] Fix | Delete
* See _wp_handle_upload() for accepted values.
[1118] Fix | Delete
* @param array|false $overrides Optional. An associative array of names => values
[1119] Fix | Delete
* to override default variables. Default false.
[1120] Fix | Delete
* See _wp_handle_upload() for accepted values.
[1121] Fix | Delete
* @param string|null $time Optional. Time formatted in 'yyyy/mm'. Default null.
[1122] Fix | Delete
* @return array See _wp_handle_upload() for return value.
[1123] Fix | Delete
*/
[1124] Fix | Delete
function wp_handle_sideload( &$file, $overrides = false, $time = null ) {
[1125] Fix | Delete
/*
[1126] Fix | Delete
* $_POST['action'] must be set and its value must equal $overrides['action']
[1127] Fix | Delete
* or this:
[1128] Fix | Delete
*/
[1129] Fix | Delete
$action = 'wp_handle_sideload';
[1130] Fix | Delete
if ( isset( $overrides['action'] ) ) {
[1131] Fix | Delete
$action = $overrides['action'];
[1132] Fix | Delete
}
[1133] Fix | Delete
[1134] Fix | Delete
return _wp_handle_upload( $file, $overrides, $time, $action );
[1135] Fix | Delete
}
[1136] Fix | Delete
[1137] Fix | Delete
/**
[1138] Fix | Delete
* Downloads a URL to a local temporary file using the WordPress HTTP API.
[1139] Fix | Delete
*
[1140] Fix | Delete
* Please note that the calling function must delete or move the file.
[1141] Fix | Delete
*
[1142] Fix | Delete
* @since 2.5.0
[1143] Fix | Delete
* @since 5.2.0 Signature Verification with SoftFail was added.
[1144] Fix | Delete
* @since 5.9.0 Support for Content-Disposition filename was added.
[1145] Fix | Delete
*
[1146] Fix | Delete
* @param string $url The URL of the file to download.
[1147] Fix | Delete
* @param int $timeout The timeout for the request to download the file.
[1148] Fix | Delete
* Default 300 seconds.
[1149] Fix | Delete
* @param bool $signature_verification Whether to perform Signature Verification.
[1150] Fix | Delete
* Default false.
[1151] Fix | Delete
* @return string|WP_Error Filename on success, WP_Error on failure.
[1152] Fix | Delete
*/
[1153] Fix | Delete
function download_url( $url, $timeout = 300, $signature_verification = false ) {
[1154] Fix | Delete
// WARNING: The file is not automatically deleted, the script must delete or move the file.
[1155] Fix | Delete
if ( ! $url ) {
[1156] Fix | Delete
return new WP_Error( 'http_no_url', __( 'No URL Provided.' ) );
[1157] Fix | Delete
}
[1158] Fix | Delete
[1159] Fix | Delete
$url_path = parse_url( $url, PHP_URL_PATH );
[1160] Fix | Delete
$url_filename = '';
[1161] Fix | Delete
if ( is_string( $url_path ) && '' !== $url_path ) {
[1162] Fix | Delete
$url_filename = basename( $url_path );
[1163] Fix | Delete
}
[1164] Fix | Delete
[1165] Fix | Delete
$tmpfname = wp_tempnam( $url_filename );
[1166] Fix | Delete
if ( ! $tmpfname ) {
[1167] Fix | Delete
return new WP_Error( 'http_no_file', __( 'Could not create temporary file.' ) );
[1168] Fix | Delete
}
[1169] Fix | Delete
[1170] Fix | Delete
$response = wp_safe_remote_get(
[1171] Fix | Delete
$url,
[1172] Fix | Delete
array(
[1173] Fix | Delete
'timeout' => $timeout,
[1174] Fix | Delete
'stream' => true,
[1175] Fix | Delete
'filename' => $tmpfname,
[1176] Fix | Delete
)
[1177] Fix | Delete
);
[1178] Fix | Delete
[1179] Fix | Delete
if ( is_wp_error( $response ) ) {
[1180] Fix | Delete
unlink( $tmpfname );
[1181] Fix | Delete
return $response;
[1182] Fix | Delete
}
[1183] Fix | Delete
[1184] Fix | Delete
$response_code = wp_remote_retrieve_response_code( $response );
[1185] Fix | Delete
[1186] Fix | Delete
if ( 200 !== $response_code ) {
[1187] Fix | Delete
$data = array(
[1188] Fix | Delete
'code' => $response_code,
[1189] Fix | Delete
);
[1190] Fix | Delete
[1191] Fix | Delete
// Retrieve a sample of the response body for debugging purposes.
[1192] Fix | Delete
$tmpf = fopen( $tmpfname, 'rb' );
[1193] Fix | Delete
[1194] Fix | Delete
if ( $tmpf ) {
[1195] Fix | Delete
/**
[1196] Fix | Delete
* Filters the maximum error response body size in `download_url()`.
[1197] Fix | Delete
*
[1198] Fix | Delete
* @since 5.1.0
[1199] Fix | Delete
*
[1200] Fix | Delete
* @see download_url()
[1201] Fix | Delete
*
[1202] Fix | Delete
* @param int $size The maximum error response body size. Default 1 KB.
[1203] Fix | Delete
*/
[1204] Fix | Delete
$response_size = apply_filters( 'download_url_error_max_body_size', KB_IN_BYTES );
[1205] Fix | Delete
[1206] Fix | Delete
$data['body'] = fread( $tmpf, $response_size );
[1207] Fix | Delete
fclose( $tmpf );
[1208] Fix | Delete
}
[1209] Fix | Delete
[1210] Fix | Delete
unlink( $tmpfname );
[1211] Fix | Delete
[1212] Fix | Delete
return new WP_Error( 'http_404', trim( wp_remote_retrieve_response_message( $response ) ), $data );
[1213] Fix | Delete
}
[1214] Fix | Delete
[1215] Fix | Delete
$content_disposition = wp_remote_retrieve_header( $response, 'Content-Disposition' );
[1216] Fix | Delete
[1217] Fix | Delete
if ( $content_disposition ) {
[1218] Fix | Delete
$content_disposition = strtolower( $content_disposition );
[1219] Fix | Delete
[1220] Fix | Delete
if ( str_starts_with( $content_disposition, 'attachment; filename=' ) ) {
[1221] Fix | Delete
$tmpfname_disposition = sanitize_file_name( substr( $content_disposition, 21 ) );
[1222] Fix | Delete
} else {
[1223] Fix | Delete
$tmpfname_disposition = '';
[1224] Fix | Delete
}
[1225] Fix | Delete
[1226] Fix | Delete
// Potential file name must be valid string.
[1227] Fix | Delete
if ( $tmpfname_disposition && is_string( $tmpfname_disposition )
[1228] Fix | Delete
&& ( 0 === validate_file( $tmpfname_disposition ) )
[1229] Fix | Delete
) {
[1230] Fix | Delete
$tmpfname_disposition = dirname( $tmpfname ) . '/' . $tmpfname_disposition;
[1231] Fix | Delete
[1232] Fix | Delete
if ( rename( $tmpfname, $tmpfname_disposition ) ) {
[1233] Fix | Delete
$tmpfname = $tmpfname_disposition;
[1234] Fix | Delete
}
[1235] Fix | Delete
[1236] Fix | Delete
if ( ( $tmpfname !== $tmpfname_disposition ) && file_exists( $tmpfname_disposition ) ) {
[1237] Fix | Delete
unlink( $tmpfname_disposition );
[1238] Fix | Delete
}
[1239] Fix | Delete
}
[1240] Fix | Delete
}
[1241] Fix | Delete
[1242] Fix | Delete
$content_md5 = wp_remote_retrieve_header( $response, 'Content-MD5' );
[1243] Fix | Delete
[1244] Fix | Delete
if ( $content_md5 ) {
[1245] Fix | Delete
$md5_check = verify_file_md5( $tmpfname, $content_md5 );
[1246] Fix | Delete
[1247] Fix | Delete
if ( is_wp_error( $md5_check ) ) {
[1248] Fix | Delete
unlink( $tmpfname );
[1249] Fix | Delete
return $md5_check;
[1250] Fix | Delete
}
[1251] Fix | Delete
}
[1252] Fix | Delete
[1253] Fix | Delete
// If the caller expects signature verification to occur, check to see if this URL supports it.
[1254] Fix | Delete
if ( $signature_verification ) {
[1255] Fix | Delete
/**
[1256] Fix | Delete
* Filters the list of hosts which should have Signature Verification attempted on.
[1257] Fix | Delete
*
[1258] Fix | Delete
* @since 5.2.0
[1259] Fix | Delete
*
[1260] Fix | Delete
* @param string[] $hostnames List of hostnames.
[1261] Fix | Delete
*/
[1262] Fix | Delete
$signed_hostnames = apply_filters( 'wp_signature_hosts', array( 'wordpress.org', 'downloads.wordpress.org', 's.w.org' ) );
[1263] Fix | Delete
[1264] Fix | Delete
$signature_verification = in_array( parse_url( $url, PHP_URL_HOST ), $signed_hostnames, true );
[1265] Fix | Delete
}
[1266] Fix | Delete
[1267] Fix | Delete
// Perform signature validation if supported.
[1268] Fix | Delete
if ( $signature_verification ) {
[1269] Fix | Delete
$signature = wp_remote_retrieve_header( $response, 'X-Content-Signature' );
[1270] Fix | Delete
[1271] Fix | Delete
if ( ! $signature ) {
[1272] Fix | Delete
/*
[1273] Fix | Delete
* Retrieve signatures from a file if the header wasn't included.
[1274] Fix | Delete
* WordPress.org stores signatures at $package_url.sig.
[1275] Fix | Delete
*/
[1276] Fix | Delete
[1277] Fix | Delete
$signature_url = false;
[1278] Fix | Delete
[1279] Fix | Delete
if ( is_string( $url_path ) && ( str_ends_with( $url_path, '.zip' ) || str_ends_with( $url_path, '.tar.gz' ) ) ) {
[1280] Fix | Delete
$signature_url = str_replace( $url_path, $url_path . '.sig', $url );
[1281] Fix | Delete
}
[1282] Fix | Delete
[1283] Fix | Delete
/**
[1284] Fix | Delete
* Filters the URL where the signature for a file is located.
[1285] Fix | Delete
*
[1286] Fix | Delete
* @since 5.2.0
[1287] Fix | Delete
*
[1288] Fix | Delete
* @param false|string $signature_url The URL where signatures can be found for a file, or false if none are known.
[1289] Fix | Delete
* @param string $url The URL being verified.
[1290] Fix | Delete
*/
[1291] Fix | Delete
$signature_url = apply_filters( 'wp_signature_url', $signature_url, $url );
[1292] Fix | Delete
[1293] Fix | Delete
if ( $signature_url ) {
[1294] Fix | Delete
$signature_request = wp_safe_remote_get(
[1295] Fix | Delete
$signature_url,
[1296] Fix | Delete
array(
[1297] Fix | Delete
'limit_response_size' => 10 * KB_IN_BYTES, // 10KB should be large enough for quite a few signatures.
[1298] Fix | Delete
)
[1299] Fix | Delete
);
[1300] Fix | Delete
[1301] Fix | Delete
if ( ! is_wp_error( $signature_request ) && 200 === wp_remote_retrieve_response_code( $signature_request ) ) {
[1302] Fix | Delete
$signature = explode( "\n", wp_remote_retrieve_body( $signature_request ) );
[1303] Fix | Delete
}
[1304] Fix | Delete
}
[1305] Fix | Delete
}
[1306] Fix | Delete
[1307] Fix | Delete
// Perform the checks.
[1308] Fix | Delete
$signature_verification = verify_file_signature( $tmpfname, $signature, $url_filename );
[1309] Fix | Delete
}
[1310] Fix | Delete
[1311] Fix | Delete
if ( is_wp_error( $signature_verification ) ) {
[1312] Fix | Delete
if (
[1313] Fix | Delete
/**
[1314] Fix | Delete
* Filters whether Signature Verification failures should be allowed to soft fail.
[1315] Fix | Delete
*
[1316] Fix | Delete
* WARNING: This may be removed from a future release.
[1317] Fix | Delete
*
[1318] Fix | Delete
* @since 5.2.0
[1319] Fix | Delete
*
[1320] Fix | Delete
* @param bool $signature_softfail If a softfail is allowed.
[1321] Fix | Delete
* @param string $url The url being accessed.
[1322] Fix | Delete
*/
[1323] Fix | Delete
apply_filters( 'wp_signature_softfail', true, $url )
[1324] Fix | Delete
) {
[1325] Fix | Delete
$signature_verification->add_data( $tmpfname, 'softfail-filename' );
[1326] Fix | Delete
} else {
[1327] Fix | Delete
// Hard-fail.
[1328] Fix | Delete
unlink( $tmpfname );
[1329] Fix | Delete
}
[1330] Fix | Delete
[1331] Fix | Delete
return $signature_verification;
[1332] Fix | Delete
}
[1333] Fix | Delete
[1334] Fix | Delete
return $tmpfname;
[1335] Fix | Delete
}
[1336] Fix | Delete
[1337] Fix | Delete
/**
[1338] Fix | Delete
* Calculates and compares the MD5 of a file to its expected value.
[1339] Fix | Delete
*
[1340] Fix | Delete
* @since 3.7.0
[1341] Fix | Delete
*
[1342] Fix | Delete
* @param string $filename The filename to check the MD5 of.
[1343] Fix | Delete
* @param string $expected_md5 The expected MD5 of the file, either a base64-encoded raw md5,
[1344] Fix | Delete
* or a hex-encoded md5.
[1345] Fix | Delete
* @return bool|WP_Error True on success, false when the MD5 format is unknown/unexpected,
[1346] Fix | Delete
* WP_Error on failure.
[1347] Fix | Delete
*/
[1348] Fix | Delete
function verify_file_md5( $filename, $expected_md5 ) {
[1349] Fix | Delete
if ( 32 === strlen( $expected_md5 ) ) {
[1350] Fix | Delete
$expected_raw_md5 = pack( 'H*', $expected_md5 );
[1351] Fix | Delete
} elseif ( 24 === strlen( $expected_md5 ) ) {
[1352] Fix | Delete
$expected_raw_md5 = base64_decode( $expected_md5 );
[1353] Fix | Delete
} else {
[1354] Fix | Delete
return false; // Unknown format.
[1355] Fix | Delete
}
[1356] Fix | Delete
[1357] Fix | Delete
$file_md5 = md5_file( $filename, true );
[1358] Fix | Delete
[1359] Fix | Delete
if ( $file_md5 === $expected_raw_md5 ) {
[1360] Fix | Delete
return true;
[1361] Fix | Delete
}
[1362] Fix | Delete
[1363] Fix | Delete
return new WP_Error(
[1364] Fix | Delete
'md5_mismatch',
[1365] Fix | Delete
sprintf(
[1366] Fix | Delete
/* translators: 1: File checksum, 2: Expected checksum value. */
[1367] Fix | Delete
__( 'The checksum of the file (%1$s) does not match the expected checksum value (%2$s).' ),
[1368] Fix | Delete
bin2hex( $file_md5 ),
[1369] Fix | Delete
bin2hex( $expected_raw_md5 )
[1370] Fix | Delete
)
[1371] Fix | Delete
);
[1372] Fix | Delete
}
[1373] Fix | Delete
[1374] Fix | Delete
/**
[1375] Fix | Delete
* Verifies the contents of a file against its ED25519 signature.
[1376] Fix | Delete
*
[1377] Fix | Delete
* @since 5.2.0
[1378] Fix | Delete
*
[1379] Fix | Delete
* @param string $filename The file to validate.
[1380] Fix | Delete
* @param string|array $signatures A Signature provided for the file.
[1381] Fix | Delete
* @param string|false $filename_for_errors Optional. A friendly filename for errors.
[1382] Fix | Delete
* @return bool|WP_Error True on success, false if verification not attempted,
[1383] Fix | Delete
* or WP_Error describing an error condition.
[1384] Fix | Delete
*/
[1385] Fix | Delete
function verify_file_signature( $filename, $signatures, $filename_for_errors = false ) {
[1386] Fix | Delete
if ( ! $filename_for_errors ) {
[1387] Fix | Delete
$filename_for_errors = wp_basename( $filename );
[1388] Fix | Delete
}
[1389] Fix | Delete
[1390] Fix | Delete
// Check we can process signatures.
[1391] Fix | Delete
if ( ! function_exists( 'sodium_crypto_sign_verify_detached' ) || ! in_array( 'sha384', array_map( 'strtolower', hash_algos() ), true ) ) {
[1392] Fix | Delete
return new WP_Error(
[1393] Fix | Delete
'signature_verification_unsupported',
[1394] Fix | Delete
sprintf(
[1395] Fix | Delete
/* translators: %s: The filename of the package. */
[1396] Fix | Delete
__( 'The authenticity of %s could not be verified as signature verification is unavailable on this system.' ),
[1397] Fix | Delete
'<span class="code">' . esc_html( $filename_for_errors ) . '</span>'
[1398] Fix | Delete
),
[1399] Fix | Delete
( ! function_exists( 'sodium_crypto_sign_verify_detached' ) ? 'sodium_crypto_sign_verify_detached' : 'sha384' )
[1400] Fix | Delete
);
[1401] Fix | Delete
}
[1402] Fix | Delete
[1403] Fix | Delete
// Check for an edge-case affecting PHP Maths abilities.
[1404] Fix | Delete
if (
[1405] Fix | Delete
! extension_loaded( 'sodium' ) &&
[1406] Fix | Delete
in_array( PHP_VERSION_ID, array( 70200, 70201, 70202 ), true ) &&
[1407] Fix | Delete
extension_loaded( 'opcache' )
[1408] Fix | Delete
) {
[1409] Fix | Delete
/*
[1410] Fix | Delete
* Sodium_Compat isn't compatible with PHP 7.2.0~7.2.2 due to a bug in the PHP Opcache extension, bail early as it'll fail.
[1411] Fix | Delete
* https://bugs.php.net/bug.php?id=75938
[1412] Fix | Delete
*/
[1413] Fix | Delete
return new WP_Error(
[1414] Fix | Delete
'signature_verification_unsupported',
[1415] Fix | Delete
sprintf(
[1416] Fix | Delete
/* translators: %s: The filename of the package. */
[1417] Fix | Delete
__( 'The authenticity of %s could not be verified as signature verification is unavailable on this system.' ),
[1418] Fix | Delete
'<span class="code">' . esc_html( $filename_for_errors ) . '</span>'
[1419] Fix | Delete
),
[1420] Fix | Delete
array(
[1421] Fix | Delete
'php' => PHP_VERSION,
[1422] Fix | Delete
'sodium' => defined( 'SODIUM_LIBRARY_VERSION' ) ? SODIUM_LIBRARY_VERSION : ( defined( 'ParagonIE_Sodium_Compat::VERSION_STRING' ) ? ParagonIE_Sodium_Compat::VERSION_STRING : false ),
[1423] Fix | Delete
)
[1424] Fix | Delete
);
[1425] Fix | Delete
}
[1426] Fix | Delete
[1427] Fix | Delete
// Verify runtime speed of Sodium_Compat is acceptable.
[1428] Fix | Delete
if ( ! extension_loaded( 'sodium' ) && ! ParagonIE_Sodium_Compat::polyfill_is_fast() ) {
[1429] Fix | Delete
$sodium_compat_is_fast = false;
[1430] Fix | Delete
[1431] Fix | Delete
// Allow for an old version of Sodium_Compat being loaded before the bundled WordPress one.
[1432] Fix | Delete
if ( method_exists( 'ParagonIE_Sodium_Compat', 'runtime_speed_test' ) ) {
[1433] Fix | Delete
/*
[1434] Fix | Delete
* Run `ParagonIE_Sodium_Compat::runtime_speed_test()` in optimized integer mode,
[1435] Fix | Delete
* as that's what WordPress utilizes during signing verifications.
[1436] Fix | Delete
*/
[1437] Fix | Delete
// phpcs:disable WordPress.NamingConventions.ValidVariableName
[1438] Fix | Delete
$old_fastMult = ParagonIE_Sodium_Compat::$fastMult;
[1439] Fix | Delete
ParagonIE_Sodium_Compat::$fastMult = true;
[1440] Fix | Delete
$sodium_compat_is_fast = ParagonIE_Sodium_Compat::runtime_speed_test( 100, 10 );
[1441] Fix | Delete
ParagonIE_Sodium_Compat::$fastMult = $old_fastMult;
[1442] Fix | Delete
// phpcs:enable
[1443] Fix | Delete
}
[1444] Fix | Delete
[1445] Fix | Delete
/*
[1446] Fix | Delete
* This cannot be performed in a reasonable amount of time.
[1447] Fix | Delete
* https://github.com/paragonie/sodium_compat#help-sodium_compat-is-slow-how-can-i-make-it-fast
[1448] Fix | Delete
*/
[1449] Fix | Delete
if ( ! $sodium_compat_is_fast ) {
[1450] Fix | Delete
return new WP_Error(
[1451] Fix | Delete
'signature_verification_unsupported',
[1452] Fix | Delete
sprintf(
[1453] Fix | Delete
/* translators: %s: The filename of the package. */
[1454] Fix | Delete
__( 'The authenticity of %s could not be verified as signature verification is unavailable on this system.' ),
[1455] Fix | Delete
'<span class="code">' . esc_html( $filename_for_errors ) . '</span>'
[1456] Fix | Delete
),
[1457] Fix | Delete
array(
[1458] Fix | Delete
'php' => PHP_VERSION,
[1459] Fix | Delete
'sodium' => defined( 'SODIUM_LIBRARY_VERSION' ) ? SODIUM_LIBRARY_VERSION : ( defined( 'ParagonIE_Sodium_Compat::VERSION_STRING' ) ? ParagonIE_Sodium_Compat::VERSION_STRING : false ),
[1460] Fix | Delete
'polyfill_is_fast' => false,
[1461] Fix | Delete
'max_execution_time' => ini_get( 'max_execution_time' ),
[1462] Fix | Delete
)
[1463] Fix | Delete
);
[1464] Fix | Delete
}
[1465] Fix | Delete
}
[1466] Fix | Delete
[1467] Fix | Delete
if ( ! $signatures ) {
[1468] Fix | Delete
return new WP_Error(
[1469] Fix | Delete
'signature_verification_no_signature',
[1470] Fix | Delete
sprintf(
[1471] Fix | Delete
/* translators: %s: The filename of the package. */
[1472] Fix | Delete
__( 'The authenticity of %s could not be verified as no signature was found.' ),
[1473] Fix | Delete
'<span class="code">' . esc_html( $filename_for_errors ) . '</span>'
[1474] Fix | Delete
),
[1475] Fix | Delete
array(
[1476] Fix | Delete
'filename' => $filename_for_errors,
[1477] Fix | Delete
)
[1478] Fix | Delete
);
[1479] Fix | Delete
}
[1480] Fix | Delete
[1481] Fix | Delete
$trusted_keys = wp_trusted_keys();
[1482] Fix | Delete
$file_hash = hash_file( 'sha384', $filename, true );
[1483] Fix | Delete
[1484] Fix | Delete
mbstring_binary_safe_encoding();
[1485] Fix | Delete
[1486] Fix | Delete
$skipped_key = 0;
[1487] Fix | Delete
$skipped_signature = 0;
[1488] Fix | Delete
[1489] Fix | Delete
foreach ( (array) $signatures as $signature ) {
[1490] Fix | Delete
$signature_raw = base64_decode( $signature );
[1491] Fix | Delete
[1492] Fix | Delete
// Ensure only valid-length signatures are considered.
[1493] Fix | Delete
if ( SODIUM_CRYPTO_SIGN_BYTES !== strlen( $signature_raw ) ) {
[1494] Fix | Delete
++$skipped_signature;
[1495] Fix | Delete
continue;
[1496] Fix | Delete
}
[1497] Fix | Delete
[1498] Fix | Delete
foreach ( (array) $trusted_keys as $key ) {
[1499] Fix | Delete
123456
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function