Edit File by line

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in /home/sportsfever/public_html/filemanger/function.php on line 93
/home/sportsfe.../httpdocs/wp-inclu...
File: class-wp-recovery-mode.php
<?php
[0] Fix | Delete
/**
[1] Fix | Delete
* Error Protection API: WP_Recovery_Mode class
[2] Fix | Delete
*
[3] Fix | Delete
* @package WordPress
[4] Fix | Delete
* @since 5.2.0
[5] Fix | Delete
*/
[6] Fix | Delete
[7] Fix | Delete
/**
[8] Fix | Delete
* Core class used to implement Recovery Mode.
[9] Fix | Delete
*
[10] Fix | Delete
* @since 5.2.0
[11] Fix | Delete
*/
[12] Fix | Delete
#[AllowDynamicProperties]
[13] Fix | Delete
class WP_Recovery_Mode {
[14] Fix | Delete
[15] Fix | Delete
const EXIT_ACTION = 'exit_recovery_mode';
[16] Fix | Delete
[17] Fix | Delete
/**
[18] Fix | Delete
* Service to handle cookies.
[19] Fix | Delete
*
[20] Fix | Delete
* @since 5.2.0
[21] Fix | Delete
* @var WP_Recovery_Mode_Cookie_Service
[22] Fix | Delete
*/
[23] Fix | Delete
private $cookie_service;
[24] Fix | Delete
[25] Fix | Delete
/**
[26] Fix | Delete
* Service to generate a recovery mode key.
[27] Fix | Delete
*
[28] Fix | Delete
* @since 5.2.0
[29] Fix | Delete
* @var WP_Recovery_Mode_Key_Service
[30] Fix | Delete
*/
[31] Fix | Delete
private $key_service;
[32] Fix | Delete
[33] Fix | Delete
/**
[34] Fix | Delete
* Service to generate and validate recovery mode links.
[35] Fix | Delete
*
[36] Fix | Delete
* @since 5.2.0
[37] Fix | Delete
* @var WP_Recovery_Mode_Link_Service
[38] Fix | Delete
*/
[39] Fix | Delete
private $link_service;
[40] Fix | Delete
[41] Fix | Delete
/**
[42] Fix | Delete
* Service to handle sending an email with a recovery mode link.
[43] Fix | Delete
*
[44] Fix | Delete
* @since 5.2.0
[45] Fix | Delete
* @var WP_Recovery_Mode_Email_Service
[46] Fix | Delete
*/
[47] Fix | Delete
private $email_service;
[48] Fix | Delete
[49] Fix | Delete
/**
[50] Fix | Delete
* Is recovery mode initialized.
[51] Fix | Delete
*
[52] Fix | Delete
* @since 5.2.0
[53] Fix | Delete
* @var bool
[54] Fix | Delete
*/
[55] Fix | Delete
private $is_initialized = false;
[56] Fix | Delete
[57] Fix | Delete
/**
[58] Fix | Delete
* Is recovery mode active in this session.
[59] Fix | Delete
*
[60] Fix | Delete
* @since 5.2.0
[61] Fix | Delete
* @var bool
[62] Fix | Delete
*/
[63] Fix | Delete
private $is_active = false;
[64] Fix | Delete
[65] Fix | Delete
/**
[66] Fix | Delete
* Get an ID representing the current recovery mode session.
[67] Fix | Delete
*
[68] Fix | Delete
* @since 5.2.0
[69] Fix | Delete
* @var string
[70] Fix | Delete
*/
[71] Fix | Delete
private $session_id = '';
[72] Fix | Delete
[73] Fix | Delete
/**
[74] Fix | Delete
* WP_Recovery_Mode constructor.
[75] Fix | Delete
*
[76] Fix | Delete
* @since 5.2.0
[77] Fix | Delete
*/
[78] Fix | Delete
public function __construct() {
[79] Fix | Delete
$this->cookie_service = new WP_Recovery_Mode_Cookie_Service();
[80] Fix | Delete
$this->key_service = new WP_Recovery_Mode_Key_Service();
[81] Fix | Delete
$this->link_service = new WP_Recovery_Mode_Link_Service( $this->cookie_service, $this->key_service );
[82] Fix | Delete
$this->email_service = new WP_Recovery_Mode_Email_Service( $this->link_service );
[83] Fix | Delete
}
[84] Fix | Delete
[85] Fix | Delete
/**
[86] Fix | Delete
* Initialize recovery mode for the current request.
[87] Fix | Delete
*
[88] Fix | Delete
* @since 5.2.0
[89] Fix | Delete
*/
[90] Fix | Delete
public function initialize() {
[91] Fix | Delete
$this->is_initialized = true;
[92] Fix | Delete
[93] Fix | Delete
add_action( 'wp_logout', array( $this, 'exit_recovery_mode' ) );
[94] Fix | Delete
add_action( 'login_form_' . self::EXIT_ACTION, array( $this, 'handle_exit_recovery_mode' ) );
[95] Fix | Delete
add_action( 'recovery_mode_clean_expired_keys', array( $this, 'clean_expired_keys' ) );
[96] Fix | Delete
[97] Fix | Delete
if ( ! wp_next_scheduled( 'recovery_mode_clean_expired_keys' ) && ! wp_installing() ) {
[98] Fix | Delete
wp_schedule_event( time(), 'daily', 'recovery_mode_clean_expired_keys' );
[99] Fix | Delete
}
[100] Fix | Delete
[101] Fix | Delete
if ( defined( 'WP_RECOVERY_MODE_SESSION_ID' ) ) {
[102] Fix | Delete
$this->is_active = true;
[103] Fix | Delete
$this->session_id = WP_RECOVERY_MODE_SESSION_ID;
[104] Fix | Delete
[105] Fix | Delete
return;
[106] Fix | Delete
}
[107] Fix | Delete
[108] Fix | Delete
if ( $this->cookie_service->is_cookie_set() ) {
[109] Fix | Delete
$this->handle_cookie();
[110] Fix | Delete
[111] Fix | Delete
return;
[112] Fix | Delete
}
[113] Fix | Delete
[114] Fix | Delete
$this->link_service->handle_begin_link( $this->get_link_ttl() );
[115] Fix | Delete
}
[116] Fix | Delete
[117] Fix | Delete
/**
[118] Fix | Delete
* Checks whether recovery mode is active.
[119] Fix | Delete
*
[120] Fix | Delete
* This will not change after recovery mode has been initialized. {@see WP_Recovery_Mode::run()}.
[121] Fix | Delete
*
[122] Fix | Delete
* @since 5.2.0
[123] Fix | Delete
*
[124] Fix | Delete
* @return bool True if recovery mode is active, false otherwise.
[125] Fix | Delete
*/
[126] Fix | Delete
public function is_active() {
[127] Fix | Delete
return $this->is_active;
[128] Fix | Delete
}
[129] Fix | Delete
[130] Fix | Delete
/**
[131] Fix | Delete
* Gets the recovery mode session ID.
[132] Fix | Delete
*
[133] Fix | Delete
* @since 5.2.0
[134] Fix | Delete
*
[135] Fix | Delete
* @return string The session ID if recovery mode is active, empty string otherwise.
[136] Fix | Delete
*/
[137] Fix | Delete
public function get_session_id() {
[138] Fix | Delete
return $this->session_id;
[139] Fix | Delete
}
[140] Fix | Delete
[141] Fix | Delete
/**
[142] Fix | Delete
* Checks whether recovery mode has been initialized.
[143] Fix | Delete
*
[144] Fix | Delete
* Recovery mode should not be used until this point. Initialization happens immediately before loading plugins.
[145] Fix | Delete
*
[146] Fix | Delete
* @since 5.2.0
[147] Fix | Delete
*
[148] Fix | Delete
* @return bool
[149] Fix | Delete
*/
[150] Fix | Delete
public function is_initialized() {
[151] Fix | Delete
return $this->is_initialized;
[152] Fix | Delete
}
[153] Fix | Delete
[154] Fix | Delete
/**
[155] Fix | Delete
* Handles a fatal error occurring.
[156] Fix | Delete
*
[157] Fix | Delete
* The calling API should immediately die() after calling this function.
[158] Fix | Delete
*
[159] Fix | Delete
* @since 5.2.0
[160] Fix | Delete
*
[161] Fix | Delete
* @param array $error Error details from `error_get_last()`.
[162] Fix | Delete
* @return true|WP_Error True if the error was handled and headers have already been sent.
[163] Fix | Delete
* Or the request will exit to try and catch multiple errors at once.
[164] Fix | Delete
* WP_Error if an error occurred preventing it from being handled.
[165] Fix | Delete
*/
[166] Fix | Delete
public function handle_error( array $error ) {
[167] Fix | Delete
[168] Fix | Delete
$extension = $this->get_extension_for_error( $error );
[169] Fix | Delete
[170] Fix | Delete
if ( ! $extension || $this->is_network_plugin( $extension ) ) {
[171] Fix | Delete
return new WP_Error( 'invalid_source', __( 'Error not caused by a plugin or theme.' ) );
[172] Fix | Delete
}
[173] Fix | Delete
[174] Fix | Delete
if ( ! $this->is_active() ) {
[175] Fix | Delete
if ( ! is_protected_endpoint() ) {
[176] Fix | Delete
return new WP_Error( 'non_protected_endpoint', __( 'Error occurred on a non-protected endpoint.' ) );
[177] Fix | Delete
}
[178] Fix | Delete
[179] Fix | Delete
if ( ! function_exists( 'wp_generate_password' ) ) {
[180] Fix | Delete
require_once ABSPATH . WPINC . '/pluggable.php';
[181] Fix | Delete
}
[182] Fix | Delete
[183] Fix | Delete
return $this->email_service->maybe_send_recovery_mode_email( $this->get_email_rate_limit(), $error, $extension );
[184] Fix | Delete
}
[185] Fix | Delete
[186] Fix | Delete
if ( ! $this->store_error( $error ) ) {
[187] Fix | Delete
return new WP_Error( 'storage_error', __( 'Failed to store the error.' ) );
[188] Fix | Delete
}
[189] Fix | Delete
[190] Fix | Delete
if ( headers_sent() ) {
[191] Fix | Delete
return true;
[192] Fix | Delete
}
[193] Fix | Delete
[194] Fix | Delete
$this->redirect_protected();
[195] Fix | Delete
}
[196] Fix | Delete
[197] Fix | Delete
/**
[198] Fix | Delete
* Ends the current recovery mode session.
[199] Fix | Delete
*
[200] Fix | Delete
* @since 5.2.0
[201] Fix | Delete
*
[202] Fix | Delete
* @return bool True on success, false on failure.
[203] Fix | Delete
*/
[204] Fix | Delete
public function exit_recovery_mode() {
[205] Fix | Delete
if ( ! $this->is_active() ) {
[206] Fix | Delete
return false;
[207] Fix | Delete
}
[208] Fix | Delete
[209] Fix | Delete
$this->email_service->clear_rate_limit();
[210] Fix | Delete
$this->cookie_service->clear_cookie();
[211] Fix | Delete
[212] Fix | Delete
wp_paused_plugins()->delete_all();
[213] Fix | Delete
wp_paused_themes()->delete_all();
[214] Fix | Delete
[215] Fix | Delete
return true;
[216] Fix | Delete
}
[217] Fix | Delete
[218] Fix | Delete
/**
[219] Fix | Delete
* Handles a request to exit Recovery Mode.
[220] Fix | Delete
*
[221] Fix | Delete
* @since 5.2.0
[222] Fix | Delete
*/
[223] Fix | Delete
public function handle_exit_recovery_mode() {
[224] Fix | Delete
$redirect_to = wp_get_referer();
[225] Fix | Delete
[226] Fix | Delete
// Safety check in case referrer returns false.
[227] Fix | Delete
if ( ! $redirect_to ) {
[228] Fix | Delete
$redirect_to = is_user_logged_in() ? admin_url() : home_url();
[229] Fix | Delete
}
[230] Fix | Delete
[231] Fix | Delete
if ( ! $this->is_active() ) {
[232] Fix | Delete
wp_safe_redirect( $redirect_to );
[233] Fix | Delete
die;
[234] Fix | Delete
}
[235] Fix | Delete
[236] Fix | Delete
if ( ! isset( $_GET['action'] ) || self::EXIT_ACTION !== $_GET['action'] ) {
[237] Fix | Delete
return;
[238] Fix | Delete
}
[239] Fix | Delete
[240] Fix | Delete
if ( ! isset( $_GET['_wpnonce'] ) || ! wp_verify_nonce( $_GET['_wpnonce'], self::EXIT_ACTION ) ) {
[241] Fix | Delete
wp_die( __( 'Exit recovery mode link expired.' ), 403 );
[242] Fix | Delete
}
[243] Fix | Delete
[244] Fix | Delete
if ( ! $this->exit_recovery_mode() ) {
[245] Fix | Delete
wp_die( __( 'Failed to exit recovery mode. Please try again later.' ) );
[246] Fix | Delete
}
[247] Fix | Delete
[248] Fix | Delete
wp_safe_redirect( $redirect_to );
[249] Fix | Delete
die;
[250] Fix | Delete
}
[251] Fix | Delete
[252] Fix | Delete
/**
[253] Fix | Delete
* Cleans any recovery mode keys that have expired according to the link TTL.
[254] Fix | Delete
*
[255] Fix | Delete
* Executes on a daily cron schedule.
[256] Fix | Delete
*
[257] Fix | Delete
* @since 5.2.0
[258] Fix | Delete
*/
[259] Fix | Delete
public function clean_expired_keys() {
[260] Fix | Delete
$this->key_service->clean_expired_keys( $this->get_link_ttl() );
[261] Fix | Delete
}
[262] Fix | Delete
[263] Fix | Delete
/**
[264] Fix | Delete
* Handles checking for the recovery mode cookie and validating it.
[265] Fix | Delete
*
[266] Fix | Delete
* @since 5.2.0
[267] Fix | Delete
*/
[268] Fix | Delete
protected function handle_cookie() {
[269] Fix | Delete
$validated = $this->cookie_service->validate_cookie();
[270] Fix | Delete
[271] Fix | Delete
if ( is_wp_error( $validated ) ) {
[272] Fix | Delete
$this->cookie_service->clear_cookie();
[273] Fix | Delete
[274] Fix | Delete
$validated->add_data( array( 'status' => 403 ) );
[275] Fix | Delete
wp_die( $validated );
[276] Fix | Delete
}
[277] Fix | Delete
[278] Fix | Delete
$session_id = $this->cookie_service->get_session_id_from_cookie();
[279] Fix | Delete
if ( is_wp_error( $session_id ) ) {
[280] Fix | Delete
$this->cookie_service->clear_cookie();
[281] Fix | Delete
[282] Fix | Delete
$session_id->add_data( array( 'status' => 403 ) );
[283] Fix | Delete
wp_die( $session_id );
[284] Fix | Delete
}
[285] Fix | Delete
[286] Fix | Delete
$this->is_active = true;
[287] Fix | Delete
$this->session_id = $session_id;
[288] Fix | Delete
}
[289] Fix | Delete
[290] Fix | Delete
/**
[291] Fix | Delete
* Gets the rate limit between sending new recovery mode email links.
[292] Fix | Delete
*
[293] Fix | Delete
* @since 5.2.0
[294] Fix | Delete
*
[295] Fix | Delete
* @return int Rate limit in seconds.
[296] Fix | Delete
*/
[297] Fix | Delete
protected function get_email_rate_limit() {
[298] Fix | Delete
/**
[299] Fix | Delete
* Filters the rate limit between sending new recovery mode email links.
[300] Fix | Delete
*
[301] Fix | Delete
* @since 5.2.0
[302] Fix | Delete
*
[303] Fix | Delete
* @param int $rate_limit Time to wait in seconds. Defaults to 1 day.
[304] Fix | Delete
*/
[305] Fix | Delete
return apply_filters( 'recovery_mode_email_rate_limit', DAY_IN_SECONDS );
[306] Fix | Delete
}
[307] Fix | Delete
[308] Fix | Delete
/**
[309] Fix | Delete
* Gets the number of seconds the recovery mode link is valid for.
[310] Fix | Delete
*
[311] Fix | Delete
* @since 5.2.0
[312] Fix | Delete
*
[313] Fix | Delete
* @return int Interval in seconds.
[314] Fix | Delete
*/
[315] Fix | Delete
protected function get_link_ttl() {
[316] Fix | Delete
[317] Fix | Delete
$rate_limit = $this->get_email_rate_limit();
[318] Fix | Delete
$valid_for = $rate_limit;
[319] Fix | Delete
[320] Fix | Delete
/**
[321] Fix | Delete
* Filters the amount of time the recovery mode email link is valid for.
[322] Fix | Delete
*
[323] Fix | Delete
* The ttl must be at least as long as the email rate limit.
[324] Fix | Delete
*
[325] Fix | Delete
* @since 5.2.0
[326] Fix | Delete
*
[327] Fix | Delete
* @param int $valid_for The number of seconds the link is valid for.
[328] Fix | Delete
*/
[329] Fix | Delete
$valid_for = apply_filters( 'recovery_mode_email_link_ttl', $valid_for );
[330] Fix | Delete
[331] Fix | Delete
return max( $valid_for, $rate_limit );
[332] Fix | Delete
}
[333] Fix | Delete
[334] Fix | Delete
/**
[335] Fix | Delete
* Gets the extension that the error occurred in.
[336] Fix | Delete
*
[337] Fix | Delete
* @since 5.2.0
[338] Fix | Delete
*
[339] Fix | Delete
* @global array $wp_theme_directories
[340] Fix | Delete
*
[341] Fix | Delete
* @param array $error Error details from `error_get_last()`.
[342] Fix | Delete
* @return array|false {
[343] Fix | Delete
* Extension details.
[344] Fix | Delete
*
[345] Fix | Delete
* @type string $slug The extension slug. This is the plugin or theme's directory.
[346] Fix | Delete
* @type string $type The extension type. Either 'plugin' or 'theme'.
[347] Fix | Delete
* }
[348] Fix | Delete
*/
[349] Fix | Delete
protected function get_extension_for_error( $error ) {
[350] Fix | Delete
global $wp_theme_directories;
[351] Fix | Delete
[352] Fix | Delete
if ( ! isset( $error['file'] ) ) {
[353] Fix | Delete
return false;
[354] Fix | Delete
}
[355] Fix | Delete
[356] Fix | Delete
if ( ! defined( 'WP_PLUGIN_DIR' ) ) {
[357] Fix | Delete
return false;
[358] Fix | Delete
}
[359] Fix | Delete
[360] Fix | Delete
$error_file = wp_normalize_path( $error['file'] );
[361] Fix | Delete
$wp_plugin_dir = wp_normalize_path( WP_PLUGIN_DIR );
[362] Fix | Delete
[363] Fix | Delete
if ( str_starts_with( $error_file, $wp_plugin_dir ) ) {
[364] Fix | Delete
$path = str_replace( $wp_plugin_dir . '/', '', $error_file );
[365] Fix | Delete
$parts = explode( '/', $path );
[366] Fix | Delete
[367] Fix | Delete
return array(
[368] Fix | Delete
'type' => 'plugin',
[369] Fix | Delete
'slug' => $parts[0],
[370] Fix | Delete
);
[371] Fix | Delete
}
[372] Fix | Delete
[373] Fix | Delete
if ( empty( $wp_theme_directories ) ) {
[374] Fix | Delete
return false;
[375] Fix | Delete
}
[376] Fix | Delete
[377] Fix | Delete
foreach ( $wp_theme_directories as $theme_directory ) {
[378] Fix | Delete
$theme_directory = wp_normalize_path( $theme_directory );
[379] Fix | Delete
[380] Fix | Delete
if ( str_starts_with( $error_file, $theme_directory ) ) {
[381] Fix | Delete
$path = str_replace( $theme_directory . '/', '', $error_file );
[382] Fix | Delete
$parts = explode( '/', $path );
[383] Fix | Delete
[384] Fix | Delete
return array(
[385] Fix | Delete
'type' => 'theme',
[386] Fix | Delete
'slug' => $parts[0],
[387] Fix | Delete
);
[388] Fix | Delete
}
[389] Fix | Delete
}
[390] Fix | Delete
[391] Fix | Delete
return false;
[392] Fix | Delete
}
[393] Fix | Delete
[394] Fix | Delete
/**
[395] Fix | Delete
* Checks whether the given extension a network activated plugin.
[396] Fix | Delete
*
[397] Fix | Delete
* @since 5.2.0
[398] Fix | Delete
*
[399] Fix | Delete
* @param array $extension Extension data.
[400] Fix | Delete
* @return bool True if network plugin, false otherwise.
[401] Fix | Delete
*/
[402] Fix | Delete
protected function is_network_plugin( $extension ) {
[403] Fix | Delete
if ( 'plugin' !== $extension['type'] ) {
[404] Fix | Delete
return false;
[405] Fix | Delete
}
[406] Fix | Delete
[407] Fix | Delete
if ( ! is_multisite() ) {
[408] Fix | Delete
return false;
[409] Fix | Delete
}
[410] Fix | Delete
[411] Fix | Delete
$network_plugins = wp_get_active_network_plugins();
[412] Fix | Delete
[413] Fix | Delete
foreach ( $network_plugins as $plugin ) {
[414] Fix | Delete
if ( str_starts_with( $plugin, $extension['slug'] . '/' ) ) {
[415] Fix | Delete
return true;
[416] Fix | Delete
}
[417] Fix | Delete
}
[418] Fix | Delete
[419] Fix | Delete
return false;
[420] Fix | Delete
}
[421] Fix | Delete
[422] Fix | Delete
/**
[423] Fix | Delete
* Stores the given error so that the extension causing it is paused.
[424] Fix | Delete
*
[425] Fix | Delete
* @since 5.2.0
[426] Fix | Delete
*
[427] Fix | Delete
* @param array $error Error details from `error_get_last()`.
[428] Fix | Delete
* @return bool True if the error was stored successfully, false otherwise.
[429] Fix | Delete
*/
[430] Fix | Delete
protected function store_error( $error ) {
[431] Fix | Delete
$extension = $this->get_extension_for_error( $error );
[432] Fix | Delete
[433] Fix | Delete
if ( ! $extension ) {
[434] Fix | Delete
return false;
[435] Fix | Delete
}
[436] Fix | Delete
[437] Fix | Delete
switch ( $extension['type'] ) {
[438] Fix | Delete
case 'plugin':
[439] Fix | Delete
return wp_paused_plugins()->set( $extension['slug'], $error );
[440] Fix | Delete
case 'theme':
[441] Fix | Delete
return wp_paused_themes()->set( $extension['slug'], $error );
[442] Fix | Delete
default:
[443] Fix | Delete
return false;
[444] Fix | Delete
}
[445] Fix | Delete
}
[446] Fix | Delete
[447] Fix | Delete
/**
[448] Fix | Delete
* Redirects the current request to allow recovering multiple errors in one go.
[449] Fix | Delete
*
[450] Fix | Delete
* The redirection will only happen when on a protected endpoint.
[451] Fix | Delete
*
[452] Fix | Delete
* It must be ensured that this method is only called when an error actually occurred and will not occur on the
[453] Fix | Delete
* next request again. Otherwise it will create a redirect loop.
[454] Fix | Delete
*
[455] Fix | Delete
* @since 5.2.0
[456] Fix | Delete
*/
[457] Fix | Delete
protected function redirect_protected() {
[458] Fix | Delete
// Pluggable is usually loaded after plugins, so we manually include it here for redirection functionality.
[459] Fix | Delete
if ( ! function_exists( 'wp_safe_redirect' ) ) {
[460] Fix | Delete
require_once ABSPATH . WPINC . '/pluggable.php';
[461] Fix | Delete
}
[462] Fix | Delete
[463] Fix | Delete
$scheme = is_ssl() ? 'https://' : 'http://';
[464] Fix | Delete
[465] Fix | Delete
$url = "{$scheme}{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
[466] Fix | Delete
wp_safe_redirect( $url );
[467] Fix | Delete
exit;
[468] Fix | Delete
}
[469] Fix | Delete
}
[470] Fix | Delete
[471] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function