PluginProbe ʕ •ᴥ•ʔ
Image Widget / 4.2
Image Widget v4.2
trunk 1.0 2.0 2.1 2.2 2.2.1 2.2.2 3.0 3.0.1 3.0.2 3.0.3 3.0.4 3.0.5 3.0.6 3.0.7 3.0.8 3.0.9 3.1 3.1.1 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.2 3.2.1 3.2.10 3.2.11 3.2.2 3.2.3 3.2.4 3.2.5 3.2.7 3.2.8 3.2.9 3.3 3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 4.0 4.0.1 4.0.2 4.0.3 4.0.4 4.0.5 4.0.6 4.0.7 4.0.8 4.0.9 4.1 4.1.1 4.1.2 4.2 4.2.1 4.2.2 4.3 4.3.1 4.4 4.4.1 4.4.11 4.4.12 4.4.2 4.4.3 4.4.4 4.4.5 4.4.6 4.4.7 4.4.8 4.4.9
image-widget / freemius / includes / sdk / Freemius.php
image-widget / freemius / includes / sdk Last commit date
Exceptions 10 years ago Freemius.php 10 years ago FreemiusBase.php 10 years ago LICENSE.txt 10 years ago
Freemius.php
403 lines
1 <?php
2 /**
3 * Copyright 2014 Freemius, Inc.
4 *
5 * Licensed under the GPL v2 (the "License"); you may
6 * not use this file except in compliance with the License. You may obtain
7 * a copy of the License at
8 *
9 * http://choosealicense.com/licenses/gpl-v2/
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14 * License for the specific language governing permissions and limitations
15 * under the License.
16 */
17
18 require_once( dirname( __FILE__ ) . '/FreemiusBase.php' );
19
20 define( 'FS_SDK__USER_AGENT', 'fs-php-' . Freemius_Api_Base::VERSION );
21
22 if ( ! defined( 'FS_SDK__SIMULATE_NO_CURL' ) ) {
23 define( 'FS_SDK__SIMULATE_NO_CURL', false );
24 }
25
26 if ( ! defined( 'FS_SDK__SIMULATE_NO_API_CONNECTIVITY_CLOUDFLARE' ) ) {
27 define( 'FS_SDK__SIMULATE_NO_API_CONNECTIVITY_CLOUDFLARE', false );
28 }
29
30 if ( ! defined( 'FS_SDK__SIMULATE_NO_API_CONNECTIVITY_SQUID_ACL' ) ) {
31 define( 'FS_SDK__SIMULATE_NO_API_CONNECTIVITY_SQUID_ACL', false );
32 }
33
34 define( 'FS_SDK__HAS_CURL', ! FS_SDK__SIMULATE_NO_CURL && function_exists( 'curl_version' ) );
35
36 if ( ! FS_SDK__HAS_CURL ) {
37 $curl_version = array( 'version' => '7.0.0' );
38 } else {
39 $curl_version = curl_version();
40 }
41
42 define( 'FS_API__PROTOCOL', version_compare( $curl_version['version'], '7.37', '>=' ) ? 'https' : 'http' );
43
44 if ( ! defined( 'FS_API__ADDRESS' ) ) {
45 define( 'FS_API__ADDRESS', '://api.freemius.com' );
46 }
47 if ( ! defined( 'FS_API__SANDBOX_ADDRESS' ) ) {
48 define( 'FS_API__SANDBOX_ADDRESS', '://sandbox-api.freemius.com' );
49 }
50
51 class Freemius_Api extends Freemius_Api_Base {
52 /**
53 * Default options for curl.
54 */
55 public static $CURL_OPTS = array(
56 CURLOPT_CONNECTTIMEOUT => 10,
57 CURLOPT_RETURNTRANSFER => true,
58 CURLOPT_TIMEOUT => 60,
59 CURLOPT_USERAGENT => FS_SDK__USER_AGENT,
60 );
61
62 /**
63 * @param string $pScope 'app', 'developer', 'user' or 'install'.
64 * @param number $pID Element's id.
65 * @param string $pPublic Public key.
66 * @param string|bool $pSecret Element's secret key.
67 * @param bool $pSandbox Whether or not to run API in sandbox mode.
68 */
69 public function __construct( $pScope, $pID, $pPublic, $pSecret = false, $pSandbox = false ) {
70 // If secret key not provided, use public key encryption.
71 if ( is_bool( $pSecret ) ) {
72 $pSecret = $pPublic;
73 }
74
75 parent::Init( $pScope, $pID, $pPublic, $pSecret, $pSandbox );
76 }
77
78 public function GetUrl( $pCanonizedPath = '' ) {
79 $address = ( $this->_sandbox ? FS_API__SANDBOX_ADDRESS : FS_API__ADDRESS );
80
81 if ( ':' === $address[0] ) {
82 $address = self::$_protocol . $address;
83 }
84
85 return $address . $pCanonizedPath;
86 }
87
88 /**
89 * @var int Clock diff in seconds between current server to API server.
90 */
91 private static $_clock_diff = 0;
92
93 /**
94 * Set clock diff for all API calls.
95 *
96 * @since 1.0.3
97 *
98 * @param $pSeconds
99 */
100 public static function SetClockDiff( $pSeconds ) {
101 self::$_clock_diff = $pSeconds;
102 }
103
104 /**
105 * @var string http or https
106 */
107 private static $_protocol = FS_API__PROTOCOL;
108
109 /**
110 * Set API connection protocol.
111 *
112 * @since 1.0.4
113 */
114 public static function SetHttp() {
115 self::$_protocol = 'http';
116 }
117
118 /**
119 * @since 1.0.4
120 *
121 * @return bool
122 */
123 public static function IsHttps() {
124 return ( 'https' === self::$_protocol );
125 }
126
127 /**
128 * Sign request with the following HTTP headers:
129 * Content-MD5: MD5(HTTP Request body)
130 * Date: Current date (i.e Sat, 14 Feb 2015 20:24:46 +0000)
131 * Authorization: FS {scope_entity_id}:{scope_entity_public_key}:base64encode(sha256(string_to_sign,
132 * {scope_entity_secret_key}))
133 *
134 * @param string $pResourceUrl
135 * @param array $opts
136 */
137 protected function SignRequest( $pResourceUrl, &$opts ) {
138 $eol = "\n";
139 $content_md5 = '';
140 $now = ( time() - self::$_clock_diff );
141 $date = date( 'r', $now );
142 $content_type = '';
143
144 if ( isset( $opts[ CURLOPT_POST ] ) && 0 < $opts[ CURLOPT_POST ] ) {
145 $content_md5 = md5( $opts[ CURLOPT_POSTFIELDS ] );
146 $opts[ CURLOPT_HTTPHEADER ][] = 'Content-MD5: ' . $content_md5;
147 $content_type = 'application/json';
148 }
149
150 $opts[ CURLOPT_HTTPHEADER ][] = 'Date: ' . $date;
151
152 $string_to_sign = implode( $eol, array(
153 $opts[ CURLOPT_CUSTOMREQUEST ],
154 $content_md5,
155 $content_type,
156 $date,
157 $pResourceUrl
158 ) );
159
160 // If secret and public keys are identical, it means that
161 // the signature uses public key hash encoding.
162 $auth_type = ( $this->_secret !== $this->_public ) ? 'FS' : 'FSP';
163
164 // Add authorization header.
165 $opts[ CURLOPT_HTTPHEADER ][] = 'Authorization: ' .
166 $auth_type . ' ' .
167 $this->_id . ':' .
168 $this->_public . ':' .
169 self::Base64UrlEncode(
170 hash_hmac( 'sha256', $string_to_sign, $this->_secret )
171 );
172 }
173
174 /**
175 * Get API request URL signed via query string.
176 *
177 * @param string $pPath
178 *
179 * @throws Freemius_Exception
180 *
181 * @return string
182 */
183 function GetSignedUrl( $pPath ) {
184 $resource = explode( '?', $this->CanonizePath( $pPath ) );
185 $pResourceUrl = $resource[0];
186
187 $eol = "\n";
188 $content_md5 = '';
189 $content_type = '';
190 $now = ( time() - self::$_clock_diff );
191 $date = date( 'r', $now );
192
193 $string_to_sign = implode( $eol, array(
194 'GET',
195 $content_md5,
196 $content_type,
197 $date,
198 $pResourceUrl
199 ) );
200
201 // If secret and public keys are identical, it means that
202 // the signature uses public key hash encoding.
203 $auth_type = ( $this->_secret !== $this->_public ) ? 'FS' : 'FSP';
204
205 return $this->GetUrl(
206 $pResourceUrl . '?' .
207 ( 1 < count( $resource ) && ! empty( $resource[1] ) ? $resource[1] . '&' : '' ) .
208 http_build_query( array(
209 'auth_date' => $date,
210 'authorization' => $auth_type . ' ' . $this->_id . ':' .
211 $this->_public . ':' .
212 self::Base64UrlEncode( hash_hmac(
213 'sha256', $string_to_sign, $this->_secret
214 ) )
215 ) ) );
216 }
217
218 /**
219 * Makes an HTTP request. This method can be overridden by subclasses if
220 * developers want to do fancier things or use something other than curl to
221 * make the request.
222 *
223 * @param string $pCanonizedPath The URL to make the request to
224 * @param string $pMethod HTTP method
225 * @param array $params The parameters to use for the POST body
226 * @param null|resource $ch Initialized curl handle
227 *
228 * @return object[]|object|null
229 *
230 * @throws Freemius_Exception
231 */
232 public function MakeRequest( $pCanonizedPath, $pMethod = 'GET', $params = array(), $ch = null ) {
233 if ( !FS_SDK__HAS_CURL ) {
234 $this->ThrowNoCurlException();
235 }
236
237 // Connectivity errors simulation.
238 if ( FS_SDK__SIMULATE_NO_API_CONNECTIVITY_CLOUDFLARE ) {
239 $this->ThrowCloudFlareDDoSException();
240 } else if ( FS_SDK__SIMULATE_NO_API_CONNECTIVITY_SQUID_ACL ) {
241 $this->ThrowSquidAclException();
242 }
243
244 if ( ! $ch ) {
245 $ch = curl_init();
246 }
247
248 $opts = self::$CURL_OPTS;
249
250 if ( ! isset( $opts[ CURLOPT_HTTPHEADER ] ) || ! is_array( $opts[ CURLOPT_HTTPHEADER ] ) ) {
251 $opts[ CURLOPT_HTTPHEADER ] = array();
252 }
253
254 if ( 'POST' === $pMethod || 'PUT' === $pMethod ) {
255 if ( is_array( $params ) && 0 < count( $params ) ) {
256 $opts[ CURLOPT_HTTPHEADER ][] = 'Content-Type: application/json';
257 $opts[ CURLOPT_POST ] = count( $params );
258 $opts[ CURLOPT_POSTFIELDS ] = json_encode( $params );
259 }
260
261 $opts[ CURLOPT_RETURNTRANSFER ] = true;
262 }
263
264 $opts[ CURLOPT_URL ] = $this->GetUrl( $pCanonizedPath );
265 $opts[ CURLOPT_CUSTOMREQUEST ] = $pMethod;
266
267 $resource = explode( '?', $pCanonizedPath );
268
269 // Only sign request if not ping.json connectivity test.
270 if ( '/v1/ping.json' !== strtolower( substr( $resource[0], - strlen( '/v1/ping.json' ) ) ) ) {
271 $this->SignRequest( $resource[0], $opts );
272 }
273
274 // disable the 'Expect: 100-continue' behaviour. This causes CURL to wait
275 // for 2 seconds if the server does not support this header.
276 $opts[ CURLOPT_HTTPHEADER ][] = 'Expect:';
277
278 if ( 'https' === substr( strtolower( $pCanonizedPath ), 0, 5 ) ) {
279 $opts[ CURLOPT_SSL_VERIFYHOST ] = false;
280 $opts[ CURLOPT_SSL_VERIFYPEER ] = false;
281 }
282
283 curl_setopt_array( $ch, $opts );
284 $result = curl_exec( $ch );
285
286 /*if (curl_errno($ch) == 60) // CURLE_SSL_CACERT
287 {
288 self::errorLog('Invalid or no certificate authority found, using bundled information');
289 curl_setopt($ch, CURLOPT_CAINFO,
290 dirname(__FILE__) . '/fb_ca_chain_bundle.crt');
291 $result = curl_exec($ch);
292 }*/
293
294 // With dual stacked DNS responses, it's possible for a server to
295 // have IPv6 enabled but not have IPv6 connectivity. If this is
296 // the case, curl will try IPv4 first and if that fails, then it will
297 // fall back to IPv6 and the error EHOSTUNREACH is returned by the
298 // operating system.
299 if ( false === $result && empty( $opts[ CURLOPT_IPRESOLVE ] ) ) {
300 $matches = array();
301 $regex = '/Failed to connect to ([^:].*): Network is unreachable/';
302 if ( preg_match( $regex, curl_error( $ch ), $matches ) ) {
303 if ( strlen( @inet_pton( $matches[1] ) ) === 16 ) {
304 // self::errorLog('Invalid IPv6 configuration on server, Please disable or get native IPv6 on your server.');
305 self::$CURL_OPTS[ CURLOPT_IPRESOLVE ] = CURL_IPRESOLVE_V4;
306 curl_setopt( $ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 );
307 $result = curl_exec( $ch );
308 }
309 }
310 }
311
312 if ( $result === false ) {
313 $e = new Freemius_Exception( array(
314 'error' => array(
315 'code' => curl_errno( $ch ),
316 'message' => curl_error( $ch ),
317 'type' => 'CurlException',
318 ),
319 ) );
320
321 curl_close( $ch );
322 throw $e;
323 }
324
325 curl_close( $ch );
326
327 if (empty($result))
328 return null;
329
330 $decoded = json_decode( $result );
331
332 if ( is_null( $decoded ) ) {
333 if ( preg_match( '/Please turn JavaScript on/i', $result ) &&
334 preg_match( '/text\/javascript/', $result )
335 ) {
336 $this->ThrowCloudFlareDDoSException( $result );
337 } else if ( preg_match( '/Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect./', $result ) &&
338 preg_match( '/squid/', $result )
339 ) {
340 $this->ThrowSquidAclException( $result );
341 } else {
342 $decoded = (object) array(
343 'error' => (object) array(
344 'type' => 'Unknown',
345 'message' => $result,
346 'code' => 'unknown',
347 'http' => 402
348 )
349 );
350 }
351 }
352
353 return $decoded;
354 }
355
356 /**
357 * @param string $pResult
358 *
359 * @throws Freemius_Exception
360 */
361 private function ThrowNoCurlException( $pResult = '' ) {
362 throw new Freemius_Exception( array(
363 'error' => (object) array(
364 'type' => 'cUrlMissing',
365 'message' => $pResult,
366 'code' => 'curl_missing',
367 'http' => 402
368 )
369 ) );
370 }
371
372 /**
373 * @param string $pResult
374 *
375 * @throws Freemius_Exception
376 */
377 private function ThrowCloudFlareDDoSException( $pResult = '' ) {
378 throw new Freemius_Exception( array(
379 'error' => (object) array(
380 'type' => 'CloudFlareDDoSProtection',
381 'message' => $pResult,
382 'code' => 'cloudflare_ddos_protection',
383 'http' => 402
384 )
385 ) );
386 }
387
388 /**
389 * @param string $pResult
390 *
391 * @throws Freemius_Exception
392 */
393 private function ThrowSquidAclException( $pResult = '' ) {
394 throw new Freemius_Exception( array(
395 'error' => (object) array(
396 'type' => 'SquidCacheBlock',
397 'message' => $pResult,
398 'code' => 'squid_cache_block',
399 'http' => 402
400 )
401 ) );
402 }
403 }