PluginProbe ʕ •ᴥ•ʔ
Jetpack – WP Security, Backup, Speed, & Growth / 3.7.5
Jetpack – WP Security, Backup, Speed, & Growth v3.7.5
15.9-a.7 15.9-a.5 15.9-a.3 15.9-a.1 15.8 15.8-beta 15.8-a.7 15.8-a.5 5.2.5 5.3.4 5.4.4 5.5.5 5.6.5 5.7.5 5.8.4 5.9.4 6.0.4 6.1 6.1.1 6.1.2 6.1.3 6.1.4 6.1.5 6.2 6.2.1 6.2.2 6.2.3 6.2.4 6.2.5 6.3 6.3.1 6.3.2 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.4 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 6.4.6 6.5 6.5.1 6.5.2 6.5.3 6.5.4 6.6 6.6.1 6.6.2 6.6.3 6.6.4 6.6.5 6.7 6.7.1 6.7.2 6.7.3 6.7.4 6.8 6.8.1 6.8.2 6.8.3 6.8.4 6.8.5 6.9 6.9.1 6.9.2 6.9.3 6.9.4 7.0 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1 7.1.1 7.1.2 7.1.3 7.1.4 7.1.5 7.2 7.2.1 7.2.1.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3 7.3.0.1 7.3.1 7.3.1.1 7.3.2 7.3.3 7.3.4 7.3.5 7.4 7.4.1 7.4.2 7.4.3 7.4.4 7.4.5 7.5 7.5.0.1 7.5.1 7.5.2 7.5.3 7.5.4 7.5.5 7.5.6 7.5.7 7.6 7.6.1 7.6.2 7.6.3 7.6.4 7.7 7.7.1 7.7.2 7.7.3 7.7.4 7.7.5 7.7.6 7.8 7.8.1 7.8.2 7.8.3 7.8.4 7.9 7.9.1 7.9.2 7.9.3 7.9.4 8.0 8.0.1 8.0.2 8.0.3 8.1 8.1.1 8.1.2 8.1.3 8.1.4 8.2 8.2.0.1 8.2.1 8.2.2 8.2.3 8.2.4 8.2.5 8.2.6 8.3 8.3.1 8.3.2 8.3.3 8.4 8.4.1 8.4.2 8.4.3 8.4.4 8.4.5 8.5 8.5.1 8.5.2 8.5.3 8.6 8.6.1 8.6.2 8.6.3 8.6.4 8.7 8.7.0.1 8.7.1 8.7.2 8.7.3 8.7.4 8.8 8.8.1 8.8.2 8.8.3 8.8.4 8.8.5 8.9 8.9.1 8.9.2 8.9.3 8.9.4 9.0 9.0.1 9.0.2 9.0.3 9.0.4 9.0.5 9.1 9.1.1 9.1.2 9.1.3 9.2 9.2.1 9.2.2 9.2.3 9.2.4 9.3 9.3.1 9.3.2 9.3.3 9.3.4 9.3.5 9.4 9.4.1 9.4.2 9.4.3 9.4.4 9.5 9.5.1 9.5.2 9.5.3 9.5.4 9.5.5 9.6 9.6.1 9.6.2 9.6.3 9.6.4 9.7 9.7.1 9.7.2 15.7-beta.2 9.7.3 15.7.1 9.8 15.8-a.1 9.8.1 15.8-a.3 9.8.2 2.0.9 9.8.3 2.1.7 9.9 2.2.10 9.9.1 2.3.10 9.9.2 2.4.7 9.9.3 2.5.5 2.6.6 2.7.5 2.8.5 2.9.6 3.0.6 3.1.5 3.2.5 3.3.6 3.4.6 3.5.6 3.6.4 3.7.5 3.8.5 3.9.10 4.0.7 4.1.4 4.2.5 4.3.5 4.4.5 4.5.3 4.6.3 4.7.4 4.8.5 4.9.3 5.0.3 5.1.4 trunk 10.0 10.0.1 10.0.2 10.1 10.1.1 10.1.2 10.2 10.2.1 10.2.2 10.2.3 10.3 10.3.1 10.3.2 10.4 10.4.1 10.4.2 10.5 10.5.1 10.5.2 10.5.3 10.6 10.6.1 10.6.2 10.7 10.7.1 10.7.2 10.8 10.8.1 10.8.2 10.9 10.9.1 10.9.2 10.9.3 11.0 11.0.1 11.0.2 11.1 11.1.1 11.1.2 11.1.3 11.1.4 11.2 11.2.1 11.2.2 11.3 11.3.1 11.3.2 11.3.3 11.3.4 11.4 11.4.1 11.4.2 11.5 11.5.1 11.5.2 11.5.3 11.6 11.6.1 11.6.2 11.7 11.7.1 11.7.2 11.7.3 11.8 11.8.3 11.8.4 11.8.5 11.8.6 11.9 11.9.1 11.9.2 11.9.3 12.0 12.0.1 12.0.2 12.1 12.1.1 12.1.2 12.2 12.2.1 12.2.2 12.3 12.3.1 12.4 12.4.1 12.5 12.5.1 12.6 12.6.1 12.6.2 12.6.3 12.7 12.7.1 12.7.2 12.8 12.8.1 12.8.2 12.9 12.9.1 12.9.2 12.9.3 12.9.4 13.0 13.0.1 13.1 13.1.1 13.1.2 13.1.3 13.1.4 13.2 13.2.1 13.2.2 13.2.3 13.3 13.3.1 13.3.2 13.4 13.4.1 13.4.2 13.4.3 13.4.4 13.5 13.5.1 13.6 13.6.1 13.7 13.7.1 13.8 13.8.1 13.8.2 13.9 13.9.1 14.0 14.1 14.2 14.2.1 14.3 14.4 14.4.1 14.5 14.6 14.7 14.8 14.9 14.9.1 15.0 15.0.1 15.0.2 15.1 15.1.1 15.2 15.3 15.3.1 15.4 15.5 15.6 15.7 15.7-a.1 15.7-a.3 15.7-a.5 15.7-a.7 15.7-beta
jetpack / class.jetpack-data.php
jetpack Last commit date
3rd-party 10 years ago _inc 10 years ago css 10 years ago images 10 years ago json-endpoints 10 years ago languages 10 years ago modules 5 years ago scss 10 years ago views 10 years ago .svnignore 10 years ago changelog.txt 10 years ago class.jetpack-admin.php 10 years ago class.jetpack-autoupdate.php 10 years ago class.jetpack-bbpress-json-api-compat.php 10 years ago class.jetpack-cli.php 10 years ago class.jetpack-client-server.php 10 years ago class.jetpack-client.php 10 years ago class.jetpack-data.php 10 years ago class.jetpack-debugger.php 10 years ago class.jetpack-error.php 10 years ago class.jetpack-heartbeat.php 10 years ago class.jetpack-ixr-client.php 10 years ago class.jetpack-jitm.php 10 years ago class.jetpack-modules-list-table.php 10 years ago class.jetpack-network-sites-list-table.php 10 years ago class.jetpack-network.php 10 years ago class.jetpack-options.php 10 years ago class.jetpack-post-images.php 10 years ago class.jetpack-signature.php 10 years ago class.jetpack-sync.php 10 years ago class.jetpack-twitter-cards.php 10 years ago class.jetpack-user-agent.php 10 years ago class.jetpack-xmlrpc-server.php 10 years ago class.jetpack.php 10 years ago class.json-api-endpoints.php 3 years ago class.json-api.php 10 years ago class.media-extractor.php 10 years ago class.media-summary.php 10 years ago class.photon.php 10 years ago composer.json 10 years ago functions.compat.php 10 years ago functions.gallery.php 10 years ago functions.opengraph.php 10 years ago functions.photon.php 10 years ago jetpack.php 3 years ago json-api-config.php 10 years ago json-endpoints.php 10 years ago locales.php 10 years ago readme.txt 3 years ago require-lib.php 10 years ago uninstall.php 10 years ago wpml-config.xml 10 years ago
class.jetpack-data.php
126 lines
1 <?php
2
3 class Jetpack_Data {
4 /**
5 * Gets locally stored token
6 *
7 * @return object|false
8 */
9 public static function get_access_token( $user_id = false ) {
10 if ( $user_id ) {
11 if ( !$tokens = Jetpack_Options::get_option( 'user_tokens' ) ) {
12 return false;
13 }
14 if ( $user_id === JETPACK_MASTER_USER ) {
15 if ( !$user_id = Jetpack_Options::get_option( 'master_user' ) ) {
16 return false;
17 }
18 }
19 if ( !isset( $tokens[$user_id] ) || !$token = $tokens[$user_id] ) {
20 return false;
21 }
22 $token_chunks = explode( '.', $token );
23 if ( empty( $token_chunks[1] ) || empty( $token_chunks[2] ) ) {
24 return false;
25 }
26 if ( $user_id != $token_chunks[2] ) {
27 return false;
28 }
29 $token = "{$token_chunks[0]}.{$token_chunks[1]}";
30 } else {
31 $token = Jetpack_Options::get_option( 'blog_token' );
32 if ( empty( $token ) ) {
33 return false;
34 }
35 }
36
37 return (object) array(
38 'secret' => $token,
39 'external_user_id' => (int) $user_id,
40 );
41 }
42
43 /**
44 * This function mirrors Jetpack_Data::is_usable_domain() in the WPCOM codebase.
45 *
46 * @param $domain
47 * @param array $extra
48 *
49 * @return bool|WP_Error
50 */
51 public static function is_usable_domain( $domain, $extra = array() ) {
52
53 // If it's empty, just fail out.
54 if ( ! $domain ) {
55 return new WP_Error( 'fail_domain_empty', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is empty.', 'jetpack' ), $domain ) );
56 }
57
58 // None of the explicit localhosts.
59 $forbidden_domains = array(
60 'wordpress.com',
61 'localhost',
62 'localhost.localdomain',
63 '127.0.0.1',
64 'local.wordpress.dev', // VVV
65 'local.wordpress-trunk.dev', // VVV
66 'src.wordpress-develop.dev', // VVV
67 'build.wordpress-develop.dev', // VVV
68 );
69 if ( in_array( $domain, $forbidden_domains ) ) {
70 return new WP_Error( 'fail_domain_forbidden', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is in the forbidden array.', 'jetpack' ), $domain ) );
71 }
72
73 // No .dev or .local domains
74 if ( preg_match( '#\.(dev|local)$#i', $domain ) ) {
75 return new WP_Error( 'fail_domain_tld', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it uses an invalid top level domain.', 'jetpack' ), $domain ) );
76 }
77
78 // No WPCOM subdomains
79 if ( preg_match( '#\.wordpress\.com$#i', $domain ) ) {
80 return new WP_Error( 'fail_subdomain_wpcom', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is a subdomain of WordPress.com.', 'jetpack' ), $domain ) );
81 }
82
83 // If PHP was compiled without support for the Filter module (very edge case)
84 if ( ! function_exists( 'filter_var' ) ) {
85 // Just pass back true for now, and let wpcom sort it out.
86 return true;
87 }
88
89 // Check the IP to make sure it's pingable.
90 $ip = gethostbyname( $domain );
91
92 // Doing this again as I was getting some false positives when gethostbyname() flaked out and returned the domain.
93 $ip = filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ? $ip : gethostbyname( $ip );
94
95 if ( ! filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_IPV4 ) && ! self::php_bug_66229_check( $ip ) ) {
96 return new WP_Error( 'fail_domain_bad_ip_range', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as its IP `%2$s` is either invalid, or in a reserved or private range.', 'jetpack' ), $domain, $ip ) );
97 }
98
99 return true;
100 }
101
102 /**
103 * Returns true if the IP address passed in should not be in a reserved range, even if PHP says that it is.
104 * See: https://bugs.php.net/bug.php?id=66229 and https://github.com/php/php-src/commit/d1314893fd1325ca6aa0831101896e31135a2658
105 *
106 * This function mirrors Jetpack_Data::php_bug_66229_check() in the WPCOM codebase.
107 */
108 public static function php_bug_66229_check( $ip ) {
109 if ( ! filter_var( $ip, FILTER_VALIDATE_IP ) ) {
110 return false;
111 }
112
113 $ip_arr = array_map( 'intval', explode( '.', $ip ) );
114
115 if ( 128 == $ip_arr[0] && 0 == $ip_arr[1] ) {
116 return true;
117 }
118
119 if ( 191 == $ip_arr[0] && 255 == $ip_arr[1] ) {
120 return true;
121 }
122
123 return false;
124 }
125 }
126