PluginProbe ʕ •ᴥ•ʔ
EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more / 2.0.1
EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more v2.0.1
4.5.6 4.5.5 4.5.4 4.5.3 4.5.2 trunk 1.0.0 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.3.0 1.3.1 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.5.0 1.6.0 1.6.1 1.6.2 1.6.3 1.7.0 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 2.0.0 2.0.1 2.0.2 2.0.3 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.2.0 2.2.1 2.2.2 2.3.0 2.3.1 2.3.2 2.3.3 2.4.0 2.4.1 2.5.0 2.5.1 2.5.2 2.5.3 2.5.4 2.5.5 2.6.0 2.6.1 2.6.2 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.7.6 2.7.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.1.3 3.2.0 3.2.1 3.3.0 3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.4.0 3.4.1 3.4.2 3.4.3 3.5.0 3.5.1 3.5.2 3.5.3 3.6.0 3.6.1 3.6.2 3.6.3 3.6.4 3.6.5 3.6.6 3.6.7 3.6.8 3.7.0 3.7.1 3.7.2 3.7.3 3.8.0 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.9.0 3.9.1 3.9.10 3.9.11 3.9.12 3.9.13 3.9.14 3.9.15 3.9.16 3.9.17 3.9.2 3.9.3 3.9.4 3.9.5 3.9.6 3.9.7 3.9.8 3.9.9 4.0.0 4.0.1 4.0.10 4.0.11 4.0.12 4.0.13 4.0.14 4.0.2 4.0.3 4.0.4 4.0.5 4.0.6 4.0.7 4.0.8 4.0.9 4.1.0 4.1.1 4.1.10 4.1.2 4.1.3 4.1.4 4.1.5 4.1.6 4.1.7 4.1.8 4.1.9 4.2.0 4.2.1 4.2.2 4.2.3 4.2.4 4.2.5 4.2.6 4.2.7 4.2.8 4.2.9 4.3.0 4.3.1 4.4.0 4.4.1 4.4.10 4.4.11 4.4.2 4.4.3 4.4.4 4.4.5 4.4.6 4.4.7 4.4.8 4.4.9 4.5.0 4.5.1
embedpress / freemius / includes / sdk / Freemius.php
embedpress / freemius / includes / sdk Last commit date
Exceptions 9 years ago Freemius.php 9 years ago FreemiusBase.php 9 years ago LICENSE.txt 9 years ago index.php 9 years ago
Freemius.php
627 lines
1 <?php
2 /**
3 * Copyright 2014 Freemius, Inc.
4 *
5 * Licensed under the GPL v2 (the "License"); you may
6 * not use this file except in compliance with the License. You may obtain
7 * a copy of the License at
8 *
9 * http://choosealicense.com/licenses/gpl-v2/
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14 * License for the specific language governing permissions and limitations
15 * under the License.
16 */
17
18 require_once dirname( __FILE__ ) . '/FreemiusBase.php';
19
20 if ( ! defined( 'FS_SDK__USER_AGENT' ) ) {
21 define( 'FS_SDK__USER_AGENT', 'fs-php-' . Freemius_Api_Base::VERSION );
22 }
23
24 if ( ! defined( 'FS_SDK__SIMULATE_NO_CURL' ) ) {
25 define( 'FS_SDK__SIMULATE_NO_CURL', false );
26 }
27
28 if ( ! defined( 'FS_SDK__SIMULATE_NO_API_CONNECTIVITY_CLOUDFLARE' ) ) {
29 define( 'FS_SDK__SIMULATE_NO_API_CONNECTIVITY_CLOUDFLARE', false );
30 }
31
32 if ( ! defined( 'FS_SDK__SIMULATE_NO_API_CONNECTIVITY_SQUID_ACL' ) ) {
33 define( 'FS_SDK__SIMULATE_NO_API_CONNECTIVITY_SQUID_ACL', false );
34 }
35
36 if ( ! defined( 'FS_SDK__HAS_CURL' ) ) {
37 if ( FS_SDK__SIMULATE_NO_CURL ) {
38 define( 'FS_SDK__HAS_CURL', false );
39 } else {
40 $curl_required_methods = array(
41 'curl_version',
42 'curl_exec',
43 'curl_init',
44 'curl_close',
45 'curl_setopt',
46 'curl_setopt_array',
47 'curl_error',
48 );
49
50 $has_curl = true;
51 foreach ( $curl_required_methods as $m ) {
52 if ( ! function_exists( $m ) ) {
53 $has_curl = false;
54 break;
55 }
56 }
57
58 define( 'FS_SDK__HAS_CURL', $has_curl );
59 }
60 }
61
62 $curl_version = FS_SDK__HAS_CURL ?
63 curl_version() :
64 array( 'version' => '7.37' );
65
66 if ( ! defined( 'FS_API__PROTOCOL' ) ) {
67 define( 'FS_API__PROTOCOL', version_compare( $curl_version['version'], '7.37', '>=' ) ? 'https' : 'http' );
68 }
69
70 if ( ! defined( 'FS_API__LOGGER_ON' ) ) {
71 define( 'FS_API__LOGGER_ON', false );
72 }
73
74 if ( ! defined( 'FS_API__ADDRESS' ) ) {
75 define( 'FS_API__ADDRESS', '://api.freemius.com' );
76 }
77 if ( ! defined( 'FS_API__SANDBOX_ADDRESS' ) ) {
78 define( 'FS_API__SANDBOX_ADDRESS', '://sandbox-api.freemius.com' );
79 }
80
81 if ( class_exists( 'Freemius_Api' ) ) {
82 return;
83 }
84
85 class Freemius_Api extends Freemius_Api_Base {
86 private static $_logger = array();
87
88 /**
89 * @param string $pScope 'app', 'developer', 'user' or 'install'.
90 * @param number $pID Element's id.
91 * @param string $pPublic Public key.
92 * @param string|bool $pSecret Element's secret key.
93 * @param bool $pSandbox Whether or not to run API in sandbox mode.
94 */
95 public function __construct( $pScope, $pID, $pPublic, $pSecret = false, $pSandbox = false ) {
96 // If secret key not provided, use public key encryption.
97 if ( is_bool( $pSecret ) ) {
98 $pSecret = $pPublic;
99 }
100
101 parent::Init( $pScope, $pID, $pPublic, $pSecret, $pSandbox );
102 }
103
104 public static function GetUrl( $pCanonizedPath = '', $pIsSandbox = false ) {
105 $address = ( $pIsSandbox ? FS_API__SANDBOX_ADDRESS : FS_API__ADDRESS );
106
107 if ( ':' === $address[0] ) {
108 $address = self::$_protocol . $address;
109 }
110
111 return $address . $pCanonizedPath;
112 }
113
114 #----------------------------------------------------------------------------------
115 #region Servers Clock Diff
116 #----------------------------------------------------------------------------------
117
118 /**
119 * @var int Clock diff in seconds between current server to API server.
120 */
121 private static $_clock_diff = 0;
122
123 /**
124 * Set clock diff for all API calls.
125 *
126 * @since 1.0.3
127 *
128 * @param $pSeconds
129 */
130 public static function SetClockDiff( $pSeconds ) {
131 self::$_clock_diff = $pSeconds;
132 }
133
134 /**
135 * Find clock diff between current server to API server.
136 *
137 * @since 1.0.2
138 * @return int Clock diff in seconds.
139 */
140 public static function FindClockDiff() {
141 $time = time();
142 $pong = self::Ping();
143
144 return ( $time - strtotime( $pong->timestamp ) );
145 }
146
147 #endregion
148
149 /**
150 * @var string http or https
151 */
152 private static $_protocol = FS_API__PROTOCOL;
153
154 /**
155 * Set API connection protocol.
156 *
157 * @since 1.0.4
158 */
159 public static function SetHttp() {
160 self::$_protocol = 'http';
161 }
162
163 /**
164 * @since 1.0.4
165 *
166 * @return bool
167 */
168 public static function IsHttps() {
169 return ( 'https' === self::$_protocol );
170 }
171
172 /**
173 * Sign request with the following HTTP headers:
174 * Content-MD5: MD5(HTTP Request body)
175 * Date: Current date (i.e Sat, 14 Feb 2015 20:24:46 +0000)
176 * Authorization: FS {scope_entity_id}:{scope_entity_public_key}:base64encode(sha256(string_to_sign,
177 * {scope_entity_secret_key}))
178 *
179 * @param string $pResourceUrl
180 * @param array $pCurlOptions
181 *
182 * @return array
183 */
184 function SignRequest( $pResourceUrl, $pCurlOptions ) {
185 $eol = "\n";
186 $content_md5 = '';
187 $now = ( time() - self::$_clock_diff );
188 $date = date( 'r', $now );
189 $content_type = '';
190
191 if ( isset( $pCurlOptions[ CURLOPT_POST ] ) && 0 < $pCurlOptions[ CURLOPT_POST ] ) {
192 $content_md5 = md5( $pCurlOptions[ CURLOPT_POSTFIELDS ] );
193 $pCurlOptions[ CURLOPT_HTTPHEADER ][] = 'Content-MD5: ' . $content_md5;
194 $content_type = 'application/json';
195 }
196
197 $pCurlOptions[ CURLOPT_HTTPHEADER ][] = 'Date: ' . $date;
198
199 $string_to_sign = implode( $eol, array(
200 $pCurlOptions[ CURLOPT_CUSTOMREQUEST ],
201 $content_md5,
202 $content_type,
203 $date,
204 $pResourceUrl
205 ) );
206
207 // If secret and public keys are identical, it means that
208 // the signature uses public key hash encoding.
209 $auth_type = ( $this->_secret !== $this->_public ) ? 'FS' : 'FSP';
210
211 // Add authorization header.
212 $pCurlOptions[ CURLOPT_HTTPHEADER ][] = 'Authorization: ' .
213 $auth_type . ' ' .
214 $this->_id . ':' .
215 $this->_public . ':' .
216 self::Base64UrlEncode(
217 hash_hmac( 'sha256', $string_to_sign, $this->_secret )
218 );
219
220 return $pCurlOptions;
221 }
222
223 /**
224 * Get API request URL signed via query string.
225 *
226 * @param string $pPath
227 *
228 * @throws Freemius_Exception
229 *
230 * @return string
231 */
232 function GetSignedUrl( $pPath ) {
233 $resource = explode( '?', $this->CanonizePath( $pPath ) );
234 $pResourceUrl = $resource[0];
235
236 $eol = "\n";
237 $content_md5 = '';
238 $content_type = '';
239 $now = ( time() - self::$_clock_diff );
240 $date = date( 'r', $now );
241
242 $string_to_sign = implode( $eol, array(
243 'GET',
244 $content_md5,
245 $content_type,
246 $date,
247 $pResourceUrl
248 ) );
249
250 // If secret and public keys are identical, it means that
251 // the signature uses public key hash encoding.
252 $auth_type = ( $this->_secret !== $this->_public ) ? 'FS' : 'FSP';
253
254 return Freemius_Api::GetUrl(
255 $pResourceUrl . '?' .
256 ( 1 < count( $resource ) && ! empty( $resource[1] ) ? $resource[1] . '&' : '' ) .
257 http_build_query( array(
258 'auth_date' => $date,
259 'authorization' => $auth_type . ' ' . $this->_id . ':' .
260 $this->_public . ':' .
261 self::Base64UrlEncode( hash_hmac(
262 'sha256', $string_to_sign, $this->_secret
263 ) )
264 ) ), $this->_isSandbox );
265 }
266
267 /**
268 * @param resource $pCurlHandler
269 * @param array $pCurlOptions
270 *
271 * @return mixed
272 */
273 private static function ExecuteRequest( &$pCurlHandler, &$pCurlOptions ) {
274 $start = microtime( true );
275
276 $result = curl_exec( $pCurlHandler );
277
278 if ( FS_API__LOGGER_ON ) {
279 $end = microtime( true );
280
281 $has_body = ( isset( $pCurlOptions[ CURLOPT_POST ] ) && 0 < $pCurlOptions[ CURLOPT_POST ] );
282
283 self::$_logger[] = array(
284 'id' => count( self::$_logger ),
285 'start' => $start,
286 'end' => $end,
287 'total' => ( $end - $start ),
288 'method' => $pCurlOptions[ CURLOPT_CUSTOMREQUEST ],
289 'path' => $pCurlOptions[ CURLOPT_URL ],
290 'body' => $has_body ? $pCurlOptions[ CURLOPT_POSTFIELDS ] : null,
291 'result' => $result,
292 'code' => curl_getinfo( $pCurlHandler, CURLINFO_HTTP_CODE ),
293 'backtrace' => debug_backtrace(),
294 );
295 }
296
297 return $result;
298 }
299
300 /**
301 * @return array
302 */
303 static function GetLogger() {
304 return self::$_logger;
305 }
306
307 /**
308 * @param string $pCanonizedPath
309 * @param string $pMethod
310 * @param array $pParams
311 * @param null|resource $pCurlHandler
312 * @param bool $pIsSandbox
313 * @param null|callable $pBeforeExecutionFunction
314 *
315 * @return object[]|object|null
316 *
317 * @throws \Freemius_Exception
318 */
319 private static function MakeStaticRequest(
320 $pCanonizedPath,
321 $pMethod = 'GET',
322 $pParams = array(),
323 $pCurlHandler = null,
324 $pIsSandbox = false,
325 $pBeforeExecutionFunction = null
326 ) {
327 if ( ! FS_SDK__HAS_CURL ) {
328 self::ThrowNoCurlException();
329 }
330
331 // Connectivity errors simulation.
332 if ( FS_SDK__SIMULATE_NO_API_CONNECTIVITY_CLOUDFLARE ) {
333 self::ThrowCloudFlareDDoSException();
334 } else if ( FS_SDK__SIMULATE_NO_API_CONNECTIVITY_SQUID_ACL ) {
335 self::ThrowSquidAclException();
336 }
337
338 if ( ! $pCurlHandler ) {
339 $pCurlHandler = curl_init();
340 }
341
342 $opts = array(
343 CURLOPT_CONNECTTIMEOUT => 10,
344 CURLOPT_RETURNTRANSFER => true,
345 CURLOPT_TIMEOUT => 60,
346 CURLOPT_USERAGENT => FS_SDK__USER_AGENT,
347 CURLOPT_HTTPHEADER => array(),
348 );
349
350 if ( 'POST' === $pMethod || 'PUT' === $pMethod ) {
351 if ( is_array( $pParams ) && 0 < count( $pParams ) ) {
352 $opts[ CURLOPT_HTTPHEADER ][] = 'Content-Type: application/json';
353 $opts[ CURLOPT_POST ] = count( $pParams );
354 $opts[ CURLOPT_POSTFIELDS ] = json_encode( $pParams );
355 }
356
357 $opts[ CURLOPT_RETURNTRANSFER ] = true;
358 }
359
360 $request_url = self::GetUrl( $pCanonizedPath, $pIsSandbox );
361
362 $opts[ CURLOPT_URL ] = $request_url;
363 $opts[ CURLOPT_CUSTOMREQUEST ] = $pMethod;
364
365 $resource = explode( '?', $pCanonizedPath );
366
367 // Disable the 'Expect: 100-continue' behaviour. This causes CURL to wait
368 // for 2 seconds if the server does not support this header.
369 $opts[ CURLOPT_HTTPHEADER ][] = 'Expect:';
370
371 if ( 'https' === substr( strtolower( $request_url ), 0, 5 ) ) {
372 $opts[ CURLOPT_SSL_VERIFYHOST ] = false;
373 $opts[ CURLOPT_SSL_VERIFYPEER ] = false;
374 }
375
376 if ( false !== $pBeforeExecutionFunction &&
377 is_callable( $pBeforeExecutionFunction )
378 ) {
379 $opts = call_user_func( $pBeforeExecutionFunction, $resource[0], $opts );
380 }
381
382 curl_setopt_array( $pCurlHandler, $opts );
383 $result = self::ExecuteRequest( $pCurlHandler, $opts );
384
385 /*if (curl_errno($ch) == 60) // CURLE_SSL_CACERT
386 {
387 self::errorLog('Invalid or no certificate authority found, using bundled information');
388 curl_setopt($ch, CURLOPT_CAINFO,
389 dirname(__FILE__) . '/fb_ca_chain_bundle.crt');
390 $result = curl_exec($ch);
391 }*/
392
393 // With dual stacked DNS responses, it's possible for a server to
394 // have IPv6 enabled but not have IPv6 connectivity. If this is
395 // the case, curl will try IPv4 first and if that fails, then it will
396 // fall back to IPv6 and the error EHOSTUNREACH is returned by the
397 // operating system.
398 if ( false === $result && empty( $opts[ CURLOPT_IPRESOLVE ] ) ) {
399 $matches = array();
400 $regex = '/Failed to connect to ([^:].*): Network is unreachable/';
401 if ( preg_match( $regex, curl_error( $pCurlHandler ), $matches ) ) {
402 if ( strlen( @inet_pton( $matches[1] ) ) === 16 ) {
403 // self::errorLog('Invalid IPv6 configuration on server, Please disable or get native IPv6 on your server.');
404 $opts[ CURLOPT_IPRESOLVE ] = CURL_IPRESOLVE_V4;
405 curl_setopt( $pCurlHandler, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 );
406 $result = self::ExecuteRequest( $pCurlHandler, $opts );
407 }
408 }
409 }
410
411 if ( $result === false ) {
412 self::ThrowCurlException( $pCurlHandler );
413 }
414
415 curl_close( $pCurlHandler );
416
417 if ( empty( $result ) ) {
418 return null;
419 }
420
421 $decoded = json_decode( $result );
422
423 if ( is_null( $decoded ) ) {
424 if ( preg_match( '/Please turn JavaScript on/i', $result ) &&
425 preg_match( '/text\/javascript/', $result )
426 ) {
427 self::ThrowCloudFlareDDoSException( $result );
428 } else if ( preg_match( '/Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect./', $result ) &&
429 preg_match( '/squid/', $result )
430 ) {
431 self::ThrowSquidAclException( $result );
432 } else {
433 $decoded = (object) array(
434 'error' => (object) array(
435 'type' => 'Unknown',
436 'message' => $result,
437 'code' => 'unknown',
438 'http' => 402
439 )
440 );
441 }
442 }
443
444 return $decoded;
445 }
446
447
448 /**
449 * Makes an HTTP request. This method can be overridden by subclasses if
450 * developers want to do fancier things or use something other than curl to
451 * make the request.
452 *
453 * @param string $pCanonizedPath The URL to make the request to
454 * @param string $pMethod HTTP method
455 * @param array $pParams The parameters to use for the POST body
456 * @param null|resource $pCurlHandler Initialized curl handle
457 *
458 * @return object[]|object|null
459 *
460 * @throws Freemius_Exception
461 */
462 public function MakeRequest(
463 $pCanonizedPath,
464 $pMethod = 'GET',
465 $pParams = array(),
466 $pCurlHandler = null
467 ) {
468 $resource = explode( '?', $pCanonizedPath );
469
470 // Only sign request if not ping.json connectivity test.
471 $sign_request = ( '/v1/ping.json' !== strtolower( substr( $resource[0], - strlen( '/v1/ping.json' ) ) ) );
472
473 return self::MakeStaticRequest(
474 $pCanonizedPath,
475 $pMethod,
476 $pParams,
477 $pCurlHandler,
478 $this->_isSandbox,
479 $sign_request ? array( &$this, 'SignRequest' ) : null
480 );
481 }
482
483 #----------------------------------------------------------------------------------
484 #region Connectivity Test
485 #----------------------------------------------------------------------------------
486 /**
487 * If successful connectivity to the API endpoint using ping.json endpoint.
488 *
489 * - OR -
490 *
491 * Validate if ping result object is valid.
492 *
493 * @param mixed $pPong
494 *
495 * @return bool
496 */
497 public static function Test( $pPong = null ) {
498 $pong = is_null( $pPong ) ?
499 self::Ping() :
500 $pPong;
501
502 return (
503 is_object( $pong ) &&
504 isset( $pong->api ) &&
505 'pong' === $pong->api
506 );
507 }
508
509 /**
510 * Ping API to test connectivity.
511 *
512 * @return object
513 */
514 public static function Ping() {
515 try {
516 $result = self::MakeStaticRequest( '/v' . FS_API__VERSION . '/ping.json' );
517 } catch ( Freemius_Exception $e ) {
518 // Map to error object.
519 $result = (object) $e->getResult();
520 } catch ( Exception $e ) {
521 // Map to error object.
522 $result = (object) array(
523 'error' => array(
524 'type' => 'Unknown',
525 'message' => $e->getMessage() . ' (' . $e->getFile() . ': ' . $e->getLine() . ')',
526 'code' => 'unknown',
527 'http' => 402
528 )
529 );
530 }
531
532 return $result;
533 }
534
535 #endregion
536
537 #----------------------------------------------------------------------------------
538 #region Connectivity Exceptions
539 #----------------------------------------------------------------------------------
540
541 /**
542 * @param resource $pCurlHandler
543 *
544 * @throws Freemius_Exception
545 */
546 private static function ThrowCurlException( $pCurlHandler ) {
547 $e = new Freemius_Exception( array(
548 'error' => array(
549 'code' => curl_errno( $pCurlHandler ),
550 'message' => curl_error( $pCurlHandler ),
551 'type' => 'CurlException',
552 ),
553 ) );
554
555 curl_close( $pCurlHandler );
556 throw $e;
557 }
558
559 /**
560 * @param string $pResult
561 *
562 * @throws Freemius_Exception
563 */
564 private static function ThrowNoCurlException( $pResult = '' ) {
565 $curl_required_methods = array(
566 'curl_version',
567 'curl_exec',
568 'curl_init',
569 'curl_close',
570 'curl_setopt',
571 'curl_setopt_array',
572 'curl_error',
573 );
574
575 // Find all missing methods.
576 $missing_methods = array();
577 foreach ( $curl_required_methods as $m ) {
578 if ( ! function_exists( $m ) ) {
579 $missing_methods[] = $m;
580 }
581 }
582
583 throw new Freemius_Exception( array(
584 'error' => (object) array(
585 'type' => 'cUrlMissing',
586 'message' => $pResult,
587 'code' => 'curl_missing',
588 'http' => 402
589 ),
590 'missing_methods' => $missing_methods,
591 ) );
592 }
593
594 /**
595 * @param string $pResult
596 *
597 * @throws Freemius_Exception
598 */
599 private static function ThrowCloudFlareDDoSException( $pResult = '' ) {
600 throw new Freemius_Exception( array(
601 'error' => (object) array(
602 'type' => 'CloudFlareDDoSProtection',
603 'message' => $pResult,
604 'code' => 'cloudflare_ddos_protection',
605 'http' => 402
606 )
607 ) );
608 }
609
610 /**
611 * @param string $pResult
612 *
613 * @throws Freemius_Exception
614 */
615 private static function ThrowSquidAclException( $pResult = '' ) {
616 throw new Freemius_Exception( array(
617 'error' => (object) array(
618 'type' => 'SquidCacheBlock',
619 'message' => $pResult,
620 'code' => 'squid_cache_block',
621 'http' => 402
622 )
623 ) );
624 }
625
626 #endregion
627 }