PluginProbe ʕ •ᴥ•ʔ
Jetpack – WP Security, Backup, Speed, & Growth / 3.7.5
Jetpack – WP Security, Backup, Speed, & Growth v3.7.5
15.9-a.7 15.9-a.5 15.9-a.3 15.9-a.1 15.8 15.8-beta 15.8-a.7 15.8-a.5 5.2.5 5.3.4 5.4.4 5.5.5 5.6.5 5.7.5 5.8.4 5.9.4 6.0.4 6.1 6.1.1 6.1.2 6.1.3 6.1.4 6.1.5 6.2 6.2.1 6.2.2 6.2.3 6.2.4 6.2.5 6.3 6.3.1 6.3.2 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.4 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 6.4.6 6.5 6.5.1 6.5.2 6.5.3 6.5.4 6.6 6.6.1 6.6.2 6.6.3 6.6.4 6.6.5 6.7 6.7.1 6.7.2 6.7.3 6.7.4 6.8 6.8.1 6.8.2 6.8.3 6.8.4 6.8.5 6.9 6.9.1 6.9.2 6.9.3 6.9.4 7.0 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1 7.1.1 7.1.2 7.1.3 7.1.4 7.1.5 7.2 7.2.1 7.2.1.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3 7.3.0.1 7.3.1 7.3.1.1 7.3.2 7.3.3 7.3.4 7.3.5 7.4 7.4.1 7.4.2 7.4.3 7.4.4 7.4.5 7.5 7.5.0.1 7.5.1 7.5.2 7.5.3 7.5.4 7.5.5 7.5.6 7.5.7 7.6 7.6.1 7.6.2 7.6.3 7.6.4 7.7 7.7.1 7.7.2 7.7.3 7.7.4 7.7.5 7.7.6 7.8 7.8.1 7.8.2 7.8.3 7.8.4 7.9 7.9.1 7.9.2 7.9.3 7.9.4 8.0 8.0.1 8.0.2 8.0.3 8.1 8.1.1 8.1.2 8.1.3 8.1.4 8.2 8.2.0.1 8.2.1 8.2.2 8.2.3 8.2.4 8.2.5 8.2.6 8.3 8.3.1 8.3.2 8.3.3 8.4 8.4.1 8.4.2 8.4.3 8.4.4 8.4.5 8.5 8.5.1 8.5.2 8.5.3 8.6 8.6.1 8.6.2 8.6.3 8.6.4 8.7 8.7.0.1 8.7.1 8.7.2 8.7.3 8.7.4 8.8 8.8.1 8.8.2 8.8.3 8.8.4 8.8.5 8.9 8.9.1 8.9.2 8.9.3 8.9.4 9.0 9.0.1 9.0.2 9.0.3 9.0.4 9.0.5 9.1 9.1.1 9.1.2 9.1.3 9.2 9.2.1 9.2.2 9.2.3 9.2.4 9.3 9.3.1 9.3.2 9.3.3 9.3.4 9.3.5 9.4 9.4.1 9.4.2 9.4.3 9.4.4 9.5 9.5.1 9.5.2 9.5.3 9.5.4 9.5.5 9.6 9.6.1 9.6.2 9.6.3 9.6.4 9.7 9.7.1 9.7.2 15.7-beta.2 9.7.3 15.7.1 9.8 15.8-a.1 9.8.1 15.8-a.3 9.8.2 2.0.9 9.8.3 2.1.7 9.9 2.2.10 9.9.1 2.3.10 9.9.2 2.4.7 9.9.3 2.5.5 2.6.6 2.7.5 2.8.5 2.9.6 3.0.6 3.1.5 3.2.5 3.3.6 3.4.6 3.5.6 3.6.4 3.7.5 3.8.5 3.9.10 4.0.7 4.1.4 4.2.5 4.3.5 4.4.5 4.5.3 4.6.3 4.7.4 4.8.5 4.9.3 5.0.3 5.1.4 trunk 10.0 10.0.1 10.0.2 10.1 10.1.1 10.1.2 10.2 10.2.1 10.2.2 10.2.3 10.3 10.3.1 10.3.2 10.4 10.4.1 10.4.2 10.5 10.5.1 10.5.2 10.5.3 10.6 10.6.1 10.6.2 10.7 10.7.1 10.7.2 10.8 10.8.1 10.8.2 10.9 10.9.1 10.9.2 10.9.3 11.0 11.0.1 11.0.2 11.1 11.1.1 11.1.2 11.1.3 11.1.4 11.2 11.2.1 11.2.2 11.3 11.3.1 11.3.2 11.3.3 11.3.4 11.4 11.4.1 11.4.2 11.5 11.5.1 11.5.2 11.5.3 11.6 11.6.1 11.6.2 11.7 11.7.1 11.7.2 11.7.3 11.8 11.8.3 11.8.4 11.8.5 11.8.6 11.9 11.9.1 11.9.2 11.9.3 12.0 12.0.1 12.0.2 12.1 12.1.1 12.1.2 12.2 12.2.1 12.2.2 12.3 12.3.1 12.4 12.4.1 12.5 12.5.1 12.6 12.6.1 12.6.2 12.6.3 12.7 12.7.1 12.7.2 12.8 12.8.1 12.8.2 12.9 12.9.1 12.9.2 12.9.3 12.9.4 13.0 13.0.1 13.1 13.1.1 13.1.2 13.1.3 13.1.4 13.2 13.2.1 13.2.2 13.2.3 13.3 13.3.1 13.3.2 13.4 13.4.1 13.4.2 13.4.3 13.4.4 13.5 13.5.1 13.6 13.6.1 13.7 13.7.1 13.8 13.8.1 13.8.2 13.9 13.9.1 14.0 14.1 14.2 14.2.1 14.3 14.4 14.4.1 14.5 14.6 14.7 14.8 14.9 14.9.1 15.0 15.0.1 15.0.2 15.1 15.1.1 15.2 15.3 15.3.1 15.4 15.5 15.6 15.7 15.7-a.1 15.7-a.3 15.7-a.5 15.7-a.7 15.7-beta
jetpack / class.jetpack-client-server.php
jetpack Last commit date
3rd-party 10 years ago _inc 10 years ago css 10 years ago images 10 years ago json-endpoints 10 years ago languages 10 years ago modules 5 years ago scss 10 years ago views 10 years ago .svnignore 10 years ago changelog.txt 10 years ago class.jetpack-admin.php 10 years ago class.jetpack-autoupdate.php 10 years ago class.jetpack-bbpress-json-api-compat.php 10 years ago class.jetpack-cli.php 10 years ago class.jetpack-client-server.php 10 years ago class.jetpack-client.php 10 years ago class.jetpack-data.php 10 years ago class.jetpack-debugger.php 10 years ago class.jetpack-error.php 10 years ago class.jetpack-heartbeat.php 10 years ago class.jetpack-ixr-client.php 10 years ago class.jetpack-jitm.php 10 years ago class.jetpack-modules-list-table.php 10 years ago class.jetpack-network-sites-list-table.php 10 years ago class.jetpack-network.php 10 years ago class.jetpack-options.php 10 years ago class.jetpack-post-images.php 10 years ago class.jetpack-signature.php 10 years ago class.jetpack-sync.php 10 years ago class.jetpack-twitter-cards.php 10 years ago class.jetpack-user-agent.php 10 years ago class.jetpack-xmlrpc-server.php 10 years ago class.jetpack.php 10 years ago class.json-api-endpoints.php 3 years ago class.json-api.php 10 years ago class.media-extractor.php 10 years ago class.media-summary.php 10 years ago class.photon.php 10 years ago composer.json 10 years ago functions.compat.php 10 years ago functions.gallery.php 10 years ago functions.opengraph.php 10 years ago functions.photon.php 10 years ago jetpack.php 3 years ago json-api-config.php 10 years ago json-endpoints.php 10 years ago locales.php 10 years ago readme.txt 3 years ago require-lib.php 10 years ago uninstall.php 10 years ago wpml-config.xml 10 years ago
class.jetpack-client-server.php
261 lines
1 <?php
2
3 /**
4 * Client = Plugin
5 * Client Server = API Methods the Plugin must respond to
6 */
7 class Jetpack_Client_Server {
8
9 function authorize() {
10 $data = stripslashes_deep( $_GET );
11 $args = array();
12 $redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : '';
13
14 $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' );
15 // Checking if site has been active/connected previously before recording unique connection
16 if ( ! $jetpack_unique_connection ) {
17 // jetpack_unique_connection option has never been set
18 $jetpack_unique_connection = array(
19 'connected' => 0,
20 'disconnected' => 0,
21 'version' => '3.6.1'
22 );
23
24 update_option( 'jetpack_unique_connection', $jetpack_unique_connection );
25
26 //track unique connection
27 $jetpack = Jetpack::init();
28
29 $jetpack->stat( 'connections', 'unique-connection' );
30 $jetpack->do_stats( 'server_side' );
31 }
32
33 // increment number of times connected
34 $jetpack_unique_connection['connected'] += 1;
35 Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
36
37 do {
38 $jetpack = $this->get_jetpack();
39 $role = $jetpack->translate_current_user_to_role();
40
41 if ( !$role ) {
42 Jetpack::state( 'error', 'no_role' );
43 break;
44 }
45
46 $cap = $jetpack->translate_role_to_cap( $role );
47 if ( !$cap ) {
48 Jetpack::state( 'error', 'no_cap' );
49 break;
50 }
51
52 $this->check_admin_referer( "jetpack-authorize_{$role}_{$redirect}" );
53
54 if ( !empty( $data['error'] ) ) {
55 Jetpack::state( 'error', $data['error'] );
56 break;
57 }
58
59 if ( empty( $data['state'] ) ) {
60 Jetpack::state( 'error', 'no_state' );
61 break;
62 }
63
64 if ( !ctype_digit( $data['state'] ) ) {
65 Jetpack::state( 'error', 'invalid_state' );
66 break;
67 }
68
69 $current_user_id = get_current_user_id();
70 if ( $current_user_id != $data['state'] ) {
71 Jetpack::state( 'error', 'wrong_state' );
72 break;
73 }
74
75 if ( empty( $data['code'] ) ) {
76 Jetpack::state( 'error', 'no_code' );
77 break;
78 }
79
80 $token = $this->get_token( $data );
81
82 if ( is_wp_error( $token ) ) {
83 if ( $error = $token->get_error_code() )
84 Jetpack::state( 'error', $error );
85 else
86 Jetpack::state( 'error', 'invalid_token' );
87
88 Jetpack::state( 'error_description', $token->get_error_message() );
89
90 break;
91 }
92
93 if ( !$token ) {
94 Jetpack::state( 'error', 'no_token' );
95 break;
96 }
97
98 $is_master_user = ! Jetpack::is_active();
99
100 Jetpack::update_user_token( $current_user_id, sprintf( '%s.%d', $token, $current_user_id ), $is_master_user );
101
102
103 if ( $is_master_user ) {
104 Jetpack::state( 'message', 'authorized' );
105 } else {
106 Jetpack::state( 'message', 'linked' );
107 // Don't activate anything since we are just connecting a user.
108 break;
109 }
110
111 if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
112 Jetpack_Options::delete_option( 'active_modules' );
113
114 Jetpack::activate_default_modules( 999, 1, $active_modules );
115 } else {
116 Jetpack::activate_default_modules();
117 }
118
119 // Sync all registers options and constants
120 /** This action is documented in class.jetpack.php */
121 do_action( 'jetpack_sync_all_registered_options' );
122
123 // Start nonce cleaner
124 wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
125 wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
126 } while ( false );
127
128 if ( wp_validate_redirect( $redirect ) ) {
129 $this->wp_safe_redirect( $redirect );
130 } else {
131 $this->wp_safe_redirect( Jetpack::admin_url() );
132 }
133
134 $this->do_exit();
135 }
136
137 public static function deactivate_plugin( $probable_file, $probable_title ) {
138 include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
139 if ( is_plugin_active( $probable_file ) ) {
140 deactivate_plugins( $probable_file );
141 return 1;
142 } else {
143 // If the plugin is not in the usual place, try looking through all active plugins.
144 $active_plugins = Jetpack::get_active_plugins();
145 foreach ( $active_plugins as $plugin ) {
146 $data = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin );
147 if ( $data['Name'] == $probable_title ) {
148 deactivate_plugins( $plugin );
149 return 1;
150 }
151 }
152 }
153
154 return 0;
155 }
156
157 /**
158 * @return object|WP_Error
159 */
160 function get_token( $data ) {
161 $jetpack = $this->get_jetpack();
162 $role = $jetpack->translate_current_user_to_role();
163
164 if ( !$role ) {
165 return new Jetpack_Error( 'role', __( 'An administrator for this blog must set up the Jetpack connection.', 'jetpack' ) );
166 }
167
168 $client_secret = Jetpack_Data::get_access_token();
169 if ( !$client_secret ) {
170 return new Jetpack_Error( 'client_secret', __( 'You need to register your Jetpack before connecting it.', 'jetpack' ) );
171 }
172
173 $redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : '';
174
175 $body = array(
176 'client_id' => Jetpack_Options::get_option( 'id' ),
177 'client_secret' => $client_secret->secret,
178 'grant_type' => 'authorization_code',
179 'code' => $data['code'],
180 'redirect_uri' => add_query_arg( array(
181 'action' => 'authorize',
182 '_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
183 'redirect' => $redirect ? urlencode( $redirect ) : false,
184 ), menu_page_url( 'jetpack', false ) ),
185 );
186
187 $args = array(
188 'method' => 'POST',
189 'body' => $body,
190 'headers' => array(
191 'Accept' => 'application/json',
192 ),
193 );
194 $response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'token' ) ), $args );
195
196 if ( is_wp_error( $response ) ) {
197 return new Jetpack_Error( 'token_http_request_failed', $response->get_error_message() );
198 }
199
200 $code = wp_remote_retrieve_response_code( $response );
201 $entity = wp_remote_retrieve_body( $response );
202
203 if ( $entity )
204 $json = json_decode( $entity );
205 else
206 $json = false;
207
208 if ( 200 != $code || !empty( $json->error ) ) {
209 if ( empty( $json->error ) )
210 return new Jetpack_Error( 'unknown', '', $code );
211
212 $error_description = isset( $json->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $json->error_description ) : '';
213
214 return new Jetpack_Error( (string) $json->error, $error_description, $code );
215 }
216
217 if ( empty( $json->access_token ) || !is_scalar( $json->access_token ) ) {
218 return new Jetpack_Error( 'access_token', '', $code );
219 }
220
221 if ( empty( $json->token_type ) || 'X_JETPACK' != strtoupper( $json->token_type ) ) {
222 return new Jetpack_Error( 'token_type', '', $code );
223 }
224
225 if ( empty( $json->scope ) ) {
226 return new Jetpack_Error( 'scope', 'No Scope', $code );
227 }
228 @list( $role, $hmac ) = explode( ':', $json->scope );
229 if ( empty( $role ) || empty( $hmac ) ) {
230 return new Jetpack_Error( 'scope', 'Malformed Scope', $code );
231 }
232 if ( $jetpack->sign_role( $role ) !== $json->scope ) {
233 return new Jetpack_Error( 'scope', 'Invalid Scope', $code );
234 }
235
236 if ( !$cap = $jetpack->translate_role_to_cap( $role ) )
237 return new Jetpack_Error( 'scope', 'No Cap', $code );
238 if ( !current_user_can( $cap ) )
239 return new Jetpack_Error( 'scope', 'current_user_cannot', $code );
240
241 return (string) $json->access_token;
242 }
243
244 public function get_jetpack() {
245 return Jetpack::init();
246 }
247
248 public function check_admin_referer( $action ) {
249 return check_admin_referer( $action );
250 }
251
252 public function wp_safe_redirect( $redirect ) {
253 return wp_safe_redirect( $redirect );
254 }
255
256 public function do_exit() {
257 exit;
258 }
259
260 }
261