PluginProbe ʕ •ᴥ•ʔ
Jetpack – WP Security, Backup, Speed, & Growth / 4.6.3
Jetpack – WP Security, Backup, Speed, & Growth v4.6.3
15.9-a.7 15.9-a.5 15.9-a.3 15.9-a.1 15.8 15.8-beta 15.8-a.7 15.8-a.5 5.2.5 5.3.4 5.4.4 5.5.5 5.6.5 5.7.5 5.8.4 5.9.4 6.0.4 6.1 6.1.1 6.1.2 6.1.3 6.1.4 6.1.5 6.2 6.2.1 6.2.2 6.2.3 6.2.4 6.2.5 6.3 6.3.1 6.3.2 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.4 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 6.4.6 6.5 6.5.1 6.5.2 6.5.3 6.5.4 6.6 6.6.1 6.6.2 6.6.3 6.6.4 6.6.5 6.7 6.7.1 6.7.2 6.7.3 6.7.4 6.8 6.8.1 6.8.2 6.8.3 6.8.4 6.8.5 6.9 6.9.1 6.9.2 6.9.3 6.9.4 7.0 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1 7.1.1 7.1.2 7.1.3 7.1.4 7.1.5 7.2 7.2.1 7.2.1.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3 7.3.0.1 7.3.1 7.3.1.1 7.3.2 7.3.3 7.3.4 7.3.5 7.4 7.4.1 7.4.2 7.4.3 7.4.4 7.4.5 7.5 7.5.0.1 7.5.1 7.5.2 7.5.3 7.5.4 7.5.5 7.5.6 7.5.7 7.6 7.6.1 7.6.2 7.6.3 7.6.4 7.7 7.7.1 7.7.2 7.7.3 7.7.4 7.7.5 7.7.6 7.8 7.8.1 7.8.2 7.8.3 7.8.4 7.9 7.9.1 7.9.2 7.9.3 7.9.4 8.0 8.0.1 8.0.2 8.0.3 8.1 8.1.1 8.1.2 8.1.3 8.1.4 8.2 8.2.0.1 8.2.1 8.2.2 8.2.3 8.2.4 8.2.5 8.2.6 8.3 8.3.1 8.3.2 8.3.3 8.4 8.4.1 8.4.2 8.4.3 8.4.4 8.4.5 8.5 8.5.1 8.5.2 8.5.3 8.6 8.6.1 8.6.2 8.6.3 8.6.4 8.7 8.7.0.1 8.7.1 8.7.2 8.7.3 8.7.4 8.8 8.8.1 8.8.2 8.8.3 8.8.4 8.8.5 8.9 8.9.1 8.9.2 8.9.3 8.9.4 9.0 9.0.1 9.0.2 9.0.3 9.0.4 9.0.5 9.1 9.1.1 9.1.2 9.1.3 9.2 9.2.1 9.2.2 9.2.3 9.2.4 9.3 9.3.1 9.3.2 9.3.3 9.3.4 9.3.5 9.4 9.4.1 9.4.2 9.4.3 9.4.4 9.5 9.5.1 9.5.2 9.5.3 9.5.4 9.5.5 9.6 9.6.1 9.6.2 9.6.3 9.6.4 9.7 9.7.1 9.7.2 15.7-beta.2 9.7.3 15.7.1 9.8 15.8-a.1 9.8.1 15.8-a.3 9.8.2 2.0.9 9.8.3 2.1.7 9.9 2.2.10 9.9.1 2.3.10 9.9.2 2.4.7 9.9.3 2.5.5 2.6.6 2.7.5 2.8.5 2.9.6 3.0.6 3.1.5 3.2.5 3.3.6 3.4.6 3.5.6 3.6.4 3.7.5 3.8.5 3.9.10 4.0.7 4.1.4 4.2.5 4.3.5 4.4.5 4.5.3 4.6.3 4.7.4 4.8.5 4.9.3 5.0.3 5.1.4 trunk 10.0 10.0.1 10.0.2 10.1 10.1.1 10.1.2 10.2 10.2.1 10.2.2 10.2.3 10.3 10.3.1 10.3.2 10.4 10.4.1 10.4.2 10.5 10.5.1 10.5.2 10.5.3 10.6 10.6.1 10.6.2 10.7 10.7.1 10.7.2 10.8 10.8.1 10.8.2 10.9 10.9.1 10.9.2 10.9.3 11.0 11.0.1 11.0.2 11.1 11.1.1 11.1.2 11.1.3 11.1.4 11.2 11.2.1 11.2.2 11.3 11.3.1 11.3.2 11.3.3 11.3.4 11.4 11.4.1 11.4.2 11.5 11.5.1 11.5.2 11.5.3 11.6 11.6.1 11.6.2 11.7 11.7.1 11.7.2 11.7.3 11.8 11.8.3 11.8.4 11.8.5 11.8.6 11.9 11.9.1 11.9.2 11.9.3 12.0 12.0.1 12.0.2 12.1 12.1.1 12.1.2 12.2 12.2.1 12.2.2 12.3 12.3.1 12.4 12.4.1 12.5 12.5.1 12.6 12.6.1 12.6.2 12.6.3 12.7 12.7.1 12.7.2 12.8 12.8.1 12.8.2 12.9 12.9.1 12.9.2 12.9.3 12.9.4 13.0 13.0.1 13.1 13.1.1 13.1.2 13.1.3 13.1.4 13.2 13.2.1 13.2.2 13.2.3 13.3 13.3.1 13.3.2 13.4 13.4.1 13.4.2 13.4.3 13.4.4 13.5 13.5.1 13.6 13.6.1 13.7 13.7.1 13.8 13.8.1 13.8.2 13.9 13.9.1 14.0 14.1 14.2 14.2.1 14.3 14.4 14.4.1 14.5 14.6 14.7 14.8 14.9 14.9.1 15.0 15.0.1 15.0.2 15.1 15.1.1 15.2 15.3 15.3.1 15.4 15.5 15.6 15.7 15.7-a.1 15.7-a.3 15.7-a.5 15.7-a.7 15.7-beta
jetpack / class.jetpack-data.php
jetpack Last commit date
3rd-party 9 years ago _inc 1 year ago bin 9 years ago css 9 years ago images 1 year ago json-endpoints 9 years ago languages 9 years ago modules 1 year ago sal 9 years ago scss 9 years ago sync 9 years ago views 9 years ago .svnignore 12 years ago changelog.txt 9 years ago class.frame-nonce-preview.php 9 years ago class.jetpack-admin.php 9 years ago class.jetpack-autoupdate.php 9 years ago class.jetpack-bbpress-json-api-compat.php 9 years ago class.jetpack-cli.php 9 years ago class.jetpack-client-server.php 9 years ago class.jetpack-client.php 9 years ago class.jetpack-connection-banner.php 9 years ago class.jetpack-constants.php 9 years ago class.jetpack-data.php 9 years ago class.jetpack-debugger.php 9 years ago class.jetpack-error.php 10 years ago class.jetpack-heartbeat.php 9 years ago class.jetpack-idc.php 9 years ago class.jetpack-ixr-client.php 10 years ago class.jetpack-jitm.php 9 years ago class.jetpack-modules-list-table.php 9 years ago class.jetpack-network-sites-list-table.php 9 years ago class.jetpack-network.php 9 years ago class.jetpack-options.php 9 years ago class.jetpack-post-images.php 9 years ago class.jetpack-signature.php 9 years ago class.jetpack-tracks.php 9 years ago class.jetpack-twitter-cards.php 9 years ago class.jetpack-user-agent.php 9 years ago class.jetpack-xmlrpc-server.php 9 years ago class.jetpack.php 9 years ago class.json-api-endpoints.php 3 years ago class.json-api.php 10 years ago class.photon.php 9 years ago composer.json 10 years ago functions.compat.php 9 years ago functions.gallery.php 10 years ago functions.global.php 9 years ago functions.opengraph.php 9 years ago functions.photon.php 9 years ago jetpack.php 1 year ago json-api-config.php 10 years ago json-endpoints.php 9 years ago locales.php 9 years ago readme.txt 1 year ago require-lib.php 10 years ago rest-api.md 9 years ago uninstall.php 9 years ago webpack.config.js 9 years ago wpml-config.xml 10 years ago
class.jetpack-data.php
139 lines
1 <?php
2
3 class Jetpack_Data {
4 /**
5 * Gets locally stored token
6 *
7 * @return object|false
8 */
9 public static function get_access_token( $user_id = false ) {
10 if ( $user_id ) {
11 if ( !$tokens = Jetpack_Options::get_option( 'user_tokens' ) ) {
12 return false;
13 }
14 if ( $user_id === JETPACK_MASTER_USER ) {
15 if ( !$user_id = Jetpack_Options::get_option( 'master_user' ) ) {
16 return false;
17 }
18 }
19 if ( !isset( $tokens[$user_id] ) || !$token = $tokens[$user_id] ) {
20 return false;
21 }
22 $token_chunks = explode( '.', $token );
23 if ( empty( $token_chunks[1] ) || empty( $token_chunks[2] ) ) {
24 return false;
25 }
26 if ( $user_id != $token_chunks[2] ) {
27 return false;
28 }
29 $token = "{$token_chunks[0]}.{$token_chunks[1]}";
30 } else {
31 $token = Jetpack_Options::get_option( 'blog_token' );
32 if ( empty( $token ) ) {
33 return false;
34 }
35 }
36
37 return (object) array(
38 'secret' => $token,
39 'external_user_id' => (int) $user_id,
40 );
41 }
42
43 /**
44 * This function mirrors Jetpack_Data::is_usable_domain() in the WPCOM codebase.
45 *
46 * @param $domain
47 * @param array $extra
48 *
49 * @return bool|WP_Error
50 */
51 public static function is_usable_domain( $domain, $extra = array() ) {
52
53 // If it's empty, just fail out.
54 if ( ! $domain ) {
55 return new WP_Error( 'fail_domain_empty', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is empty.', 'jetpack' ), $domain ) );
56 }
57
58 /**
59 * Skips the usuable domain check when connecting a site.
60 *
61 * Allows site administrators with domains that fail gethostname-based checks to pass the request to WP.com
62 *
63 * @since 4.1.0
64 *
65 * @param bool If the check should be skipped. Default false.
66 */
67 if ( apply_filters( 'jetpack_skip_usuable_domain_check', false ) ) {
68 return true;
69 }
70
71 // None of the explicit localhosts.
72 $forbidden_domains = array(
73 'wordpress.com',
74 'localhost',
75 'localhost.localdomain',
76 '127.0.0.1',
77 'local.wordpress.dev', // VVV
78 'local.wordpress-trunk.dev', // VVV
79 'src.wordpress-develop.dev', // VVV
80 'build.wordpress-develop.dev', // VVV
81 );
82 if ( in_array( $domain, $forbidden_domains ) ) {
83 return new WP_Error( 'fail_domain_forbidden', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is in the forbidden array.', 'jetpack' ), $domain ) );
84 }
85
86 // No .dev or .local domains
87 if ( preg_match( '#\.(dev|local)$#i', $domain ) ) {
88 return new WP_Error( 'fail_domain_tld', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it uses an invalid top level domain.', 'jetpack' ), $domain ) );
89 }
90
91 // No WPCOM subdomains
92 if ( preg_match( '#\.wordpress\.com$#i', $domain ) ) {
93 return new WP_Error( 'fail_subdomain_wpcom', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is a subdomain of WordPress.com.', 'jetpack' ), $domain ) );
94 }
95
96 // If PHP was compiled without support for the Filter module (very edge case)
97 if ( ! function_exists( 'filter_var' ) ) {
98 // Just pass back true for now, and let wpcom sort it out.
99 return true;
100 }
101
102 // Check the IP to make sure it's pingable.
103 $ip = gethostbyname( $domain );
104
105 // Doing this again as I was getting some false positives when gethostbyname() flaked out and returned the domain.
106 $ip = filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ? $ip : gethostbyname( $ip );
107
108 if ( ! filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_IPV4 ) && ! self::php_bug_66229_check( $ip ) ) {
109 return new WP_Error( 'fail_domain_bad_ip_range', sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as its IP `%2$s` is either invalid, or in a reserved or private range.', 'jetpack' ), $domain, $ip ) );
110 }
111
112 return true;
113 }
114
115 /**
116 * Returns true if the IP address passed in should not be in a reserved range, even if PHP says that it is.
117 * See: https://bugs.php.net/bug.php?id=66229 and https://github.com/php/php-src/commit/d1314893fd1325ca6aa0831101896e31135a2658
118 *
119 * This function mirrors Jetpack_Data::php_bug_66229_check() in the WPCOM codebase.
120 */
121 public static function php_bug_66229_check( $ip ) {
122 if ( ! filter_var( $ip, FILTER_VALIDATE_IP ) ) {
123 return false;
124 }
125
126 $ip_arr = array_map( 'intval', explode( '.', $ip ) );
127
128 if ( 128 == $ip_arr[0] && 0 == $ip_arr[1] ) {
129 return true;
130 }
131
132 if ( 191 == $ip_arr[0] && 255 == $ip_arr[1] ) {
133 return true;
134 }
135
136 return false;
137 }
138 }
139