options.php — UpdraftPlus: WP Backup & Migration Plugin 1.26.4

updraftplus / options.php

updraftplus Last commit date

central 3 weeks ago css 3 weeks ago images 1 month ago includes 3 weeks ago js 3 weeks ago languages 3 weeks ago methods 3 weeks ago templates 1 month ago vendor 3 weeks ago SECURITY.md 1 year ago admin.php 3 weeks ago backup.php 3 weeks ago changelog-old.txt 2 years ago class-updraftplus.php 3 weeks ago example-decrypt.php 1 month ago index.html 4 years ago options.php 3 weeks ago readme.txt 3 weeks ago restorer.php 3 weeks ago updraftplus.php 3 weeks ago

options.php

289 lines

1	<?php
2	/**
3	* Options handling
4	*/
5	if (!defined('ABSPATH')) die('No direct access allowed');
6
7	class UpdraftPlus_Options {
8
9	/**
10	* The url for UprdraftPlus page
11	*/
12	const PARENT_FILE = 'options-general.php?page=updraftplus';
13
14	/**
15	* Whether or not the current user has permission to manage UpdraftPlus
16	*
17	* @return Boolean
18	*/
19	public static function user_can_manage() {
20	$user_can_manage = current_user_can(apply_filters('option_page_capability_updraft-options-group', 'manage_options'));
21	// false: allows the filter to know that the request is not coming from the multisite add-on
22	return apply_filters('updraft_user_can_manage', $user_can_manage, false);
23	}
24
25	public static function options_table() {
26	return 'options';
27	}
28
29	/**
30	* Get the URL to the dashboard admin page
31	*
32	* @return String
33	*/
34	public static function admin_page_url() {
35	return admin_url('options-general.php');
36	}
37
38	/**
39	* Get the base-name for the dashboard admin page
40	*
41	* @return String
42	*/
43	public static function admin_page() {
44	return 'options-general.php';
45	}
46
47	/**
48	* Extracts the last logged message from updraftplus last process
49	*
50	* @return Mixed - Value set for the option or the default message
51	*/
52	public static function get_updraft_lastmessage() {
53	return UpdraftPlus_Options::get_updraft_option('updraft_lastmessage', __('(Nothing has been logged yet)', 'updraftplus'));
54	}
55
56	/**
57	* Get the value for a specified option
58	*
59	* @param String $option option name
60	* @param Mixed $default default value of option
61	*
62	* @return Mixed
63	*/
64	public static function get_updraft_option($option, $default = null) {
65	$ret = get_option($option, $default);
66	return apply_filters('updraftplus_get_option', $ret, $option, $default);
67	}
68
69	/**
70	* The apparently unused parameter is used in the alternative class in the Multisite add-on
71	*
72	* @param String $option specify option name
73	* @param String $value specify option value
74	* @param Boolean $use_cache whether or not to use the WP options cache
75	* @param String $autoload whether to autoload (only takes effect on a change of value)
76	*
77	* @return Boolean - as from update_option()
78	*/
79	public static function update_updraft_option($option, $value, $use_cache = true, $autoload = 'yes') {
80	return update_option($option, apply_filters('updraftplus_update_option', $value, $option, $use_cache), $autoload);
81	}
82
83	/**
84	* Delete an option
85	*
86	* @param String $option - the option name
87	*/
88	public static function delete_updraft_option($option) {
89	delete_option($option);
90	}
91
92	/**
93	* Register the UpdraftPlus admin menu entry
94	*/
95	public static function add_admin_pages() {
96	$capability = apply_filters('option_page_capability_updraft-options-group', 'manage_options');
97
98	if (!defined('UPDRAFTPLUS_DISABLE_TOP_LEVEL_MENU_ENTRY') \|\| !UPDRAFTPLUS_DISABLE_TOP_LEVEL_MENU_ENTRY) {
99	// Check user capability to manage options before proceeding
100	if (!current_user_can($capability)) return;
101
102	global $submenu, $title, $plugin_page;
103
104	if ('updraftplus' == $plugin_page) $title = 'UpdraftPlus';
105
106	// Add "UpdraftPlus" as the main menu item
107	add_menu_page(
108	'UpdraftPlus',
109	'UpdraftPlus',
110	$capability,
111	'options-general.php?page=updraftplus',
112	'', // Set the callback to empty string because it's unused
113	trailingslashit(UPDRAFTPLUS_URL).'images/dashicon-white.png'
114	);
115
116	UpdraftPlus_Options::add_submenu();
117
118	foreach ($submenu['options-general.php'] as $key => $item) {
119	if ('updraftplus' != $item[2]) continue;
120	unset($submenu['options-general.php'][$key]);
121	}
122	} else {
123	UpdraftPlus_Options::add_submenu();
124	}
125	}
126
127	/**
128	* Adds a submenu page under the "Settings" menu in the WordPress admin.
129	*
130	* The capability required to access this submenu is filtered through the
131	* 'option_page_capability_updraft-options-group' filter, with a default value of 'manage_options'.
132	*/
133	public static function add_submenu() {
134	global $updraftplus_admin;
135
136	$capability = apply_filters('option_page_capability_updraft-options-group', 'manage_options');
137
138	add_submenu_page(
139	'options-general.php',
140	'UpdraftPlus',
141	__('UpdraftPlus Backups', 'updraftplus'),
142	$capability,
143	'updraftplus',
144	array($updraftplus_admin, 'settings_output')
145	);
146	}
147
148	public static function options_form_begin($settings_fields = 'updraft-options-group', $allow_autocomplete = true, $get_params = array(), $classes = '') {
149	global $pagenow;
150	echo '<form method="post"';
151
152	if ('' != $classes) echo ' class="'.esc_attr($classes).'"';
153
154	$page = '';
155	if ('options-general.php' == $pagenow) $page = "options.php";
156
157	if (!empty($get_params)) {
158	$page .= '?';
159	$first_one = true;
160	foreach ($get_params as $k => $v) {
161	if ($first_one) {
162	$first_one = false;
163	} else {
164	$page .= '&';
165	}
166	$page .= urlencode($k).'='.urlencode($v);
167	}
168	}
169
170	if ($page) echo ' action="'.esc_url($page).'"';
171
172	if (!$allow_autocomplete) echo ' autocomplete="off"';
173	echo '>';
174	if ($settings_fields) {
175	// This is settings_fields('updraft-options-group'), but with the referer pruned
176	echo "<input type='hidden' name='option_page' value='" . esc_attr('updraft-options-group') . "' />";
177	echo '<input type="hidden" name="action" value="update" />';
178	wp_nonce_field("updraft-options-group-options", '_wpnonce', false);
179
180	$remove_query_args = array('state', 'action', 'oauth_verifier');
181
182	$referer = UpdraftPlus_Manipulation_Functions::wp_unslash(remove_query_arg($remove_query_args, $_SERVER['REQUEST_URI'])); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput -- To be executed on server only, hence this superglobal not to be empty, sanitization and unslashing is done by custom function.
183
184	// Add back the page parameter if it looks like we were on the settings page via an OAuth callback that has now had all parameters removed. This is likely unnecessarily conservative, but there's nothing requiring more than this at the current time.
185	if (substr($referer, -19, 19) == 'options-general.php' && false !== strpos($_SERVER['REQUEST_URI'], '?')) $referer .= '?page=updraftplus'; // phpcs:ignore WordPress.Security.ValidatedSanitizedInput -- To be executed on server only, hence this superglobal will not to be empty, sanitization and unslashing are not required as this superglobal is used directly.
186
187	echo '<input type="hidden" name="_wp_http_referer" value="'. esc_attr($referer) . '" />';
188	}
189	}
190
191	/**
192	* Runs upon the WordPress action admin_init
193	*/
194	public static function admin_init() {
195
196	static $already_inited = false;
197	if ($already_inited) return;
198
199	$already_inited = true;
200
201	// If being called outside of the admin context, this may not be loaded yet
202	if (!function_exists('register_setting')) include_once(ABSPATH.'wp-admin/includes/plugin.php');
203
204	global $updraftplus, $updraftplus_admin;
205	register_setting('updraft-options-group', 'updraft_interval', array($updraftplus, 'schedule_backup'));
206	register_setting('updraft-options-group', 'updraft_interval_database', array($updraftplus, 'schedule_backup_database'));
207	register_setting('updraft-options-group', 'updraft_interval_increments', array($updraftplus, 'schedule_backup_increments'));
208	register_setting('updraft-options-group', 'updraft_retain', array('UpdraftPlus_Manipulation_Functions', 'retain_range'));
209	register_setting('updraft-options-group', 'updraft_retain_db', array('UpdraftPlus_Manipulation_Functions', 'retain_range'));
210	register_setting('updraft-options-group', 'updraft_retain_extrarules', array($updraftplus_admin, 'return_array'));
211
212	register_setting('updraft-options-group', 'updraft_encryptionphrase', 'strval');
213	register_setting('updraft-options-group', 'updraft_service', array($updraftplus, 'just_one'));
214
215	$services_to_register = array_keys($updraftplus->backup_methods);
216	foreach ($services_to_register as $service) {
217	register_setting('updraft-options-group', 'updraft_'.$service); // phpcs:ignore PluginCheck.CodeAnalysis.SettingSanitization.register_settingMissing -- Sanitize callback added below to avail two params.
218	// We have to add the filter manually in order to get the second parameter passed through (register_setting() only registers with one parameter)
219	add_filter('sanitize_option_updraft_'.$service, array($updraftplus, 'storage_options_filter'), 10, 2);
220	}
221
222	register_setting('updraft-options-group', 'updraft_auto_updates', 'absint');
223	register_setting('updraft-options-group', 'updraft_ssl_nossl', 'absint');
224	register_setting('updraft-options-group', 'updraft_log_syslog', 'absint');
225	register_setting('updraft-options-group', 'updraft_ssl_useservercerts', 'absint');
226	register_setting('updraft-options-group', 'updraft_ssl_disableverify', 'absint');
227
228	register_setting('updraft-options-group', 'updraft_split_every', array($updraftplus_admin, 'optionfilter_split_every'));
229
230	register_setting('updraft-options-group', 'updraft_dir', array('UpdraftPlus_Manipulation_Functions', 'prune_updraft_dir_prefix'));
231
232	register_setting('updraft-options-group', 'updraft_report_warningsonly', array($updraftplus_admin, 'return_array'));
233	register_setting('updraft-options-group', 'updraft_report_wholebackup', array($updraftplus_admin, 'return_array'));
234	register_setting('updraft-options-group', 'updraft_report_dbbackup', array($updraftplus_admin, 'return_array'));
235
236	register_setting('updraft-options-group', 'updraft_autobackup_default', 'absint');
237	register_setting('updraft-options-group', 'updraft_delete_local', 'absint');
238	register_setting('updraft-options-group', 'updraft_debug_mode', 'absint');
239	register_setting('updraft-options-group', 'updraft_extradbs', array($updraftplus_admin, 'return_array'));
240	register_setting('updraft-options-group', 'updraft_backupdb_nonwp', 'absint');
241
242	register_setting('updraft-options-group', 'updraft_include_plugins', 'absint');
243	register_setting('updraft-options-group', 'updraft_include_themes', 'absint');
244	register_setting('updraft-options-group', 'updraft_include_uploads', 'absint');
245	register_setting('updraft-options-group', 'updraft_include_others', 'absint');
246	register_setting('updraft-options-group', 'updraft_include_wpcore', 'absint');
247	register_setting('updraft-options-group', 'updraft_include_wpcore_exclude', array('UpdraftPlus_Manipulation_Functions', 'strip_dirslash'));
248	register_setting('updraft-options-group', 'updraft_include_more', 'absint');
249	register_setting('updraft-options-group', 'updraft_include_more_path', array('UpdraftPlus_Manipulation_Functions', 'remove_empties'));
250	register_setting('updraft-options-group', 'updraft_include_uploads_exclude', array('UpdraftPlus_Manipulation_Functions', 'strip_dirslash'));
251	register_setting('updraft-options-group', 'updraft_include_others_exclude', array('UpdraftPlus_Manipulation_Functions', 'strip_dirslash'));
252
253	register_setting('updraft-options-group', 'updraft_starttime_files', array('UpdraftPlus_Options', 'hourminute'));
254	register_setting('updraft-options-group', 'updraft_starttime_db', array('UpdraftPlus_Options', 'hourminute'));
255
256	register_setting('updraft-options-group', 'updraft_startday_files', array('UpdraftPlus_Options', 'week_or_month_day'));
257	register_setting('updraft-options-group', 'updraft_startday_db', array('UpdraftPlus_Options', 'week_or_month_day'));
258
259	global $pagenow;
260	$page = UpdraftPlus_Manipulation_Functions::fetch_superglobal('request', 'page', '');
261	if ('options-general.php' == $pagenow && 'updraftplus' == substr($page, 0, 11)) {
262	if (!defined('UPDRAFTPLUS_DISABLE_TOP_LEVEL_MENU_ENTRY') \|\| !UPDRAFTPLUS_DISABLE_TOP_LEVEL_MENU_ENTRY) add_filter('parent_file', array('UpdraftPlus', 'parent_file'), 99);
263	if (is_multisite()) add_action('all_admin_notices', array('UpdraftPlus_Options', 'show_admin_warning_multisite'));
264	}
265	}
266
267	public static function hourminute($pot) {
268	if (preg_match("/^([0-2]?[0-9]):([0-5][0-9])$/", $pot, $matches)) return sprintf("%02d:%s", $matches[1], $matches[2]);
269	if ('' == $pot) return gmdate('H:i', time()+300);
270	return '00:00';
271	}
272
273	public static function week_or_month_day($pot) {
274	$pot = absint($pot);
275	return ($pot>28) ? 1 : $pot;
276	}
277
278	/**
279	* Output information about the multisite add-on when relevant
280	*/
281	public static function show_admin_warning_multisite() {
282	global $updraftplus_admin;
283	$updraftplus_admin->show_admin_warning('<strong>'.__('UpdraftPlus warning:', 'updraftplus').'</strong> '.__('This is a WordPress multi-site (a.k.a. network) installation.', 'updraftplus').' <a href="https://updraftplus.com/shop/" target="_blank">'.__('WordPress Multisite is supported, with extra features, by UpdraftPlus Premium.', 'updraftplus').'</a> '.__('Without upgrading, UpdraftPlus allows <strong>every</strong> blog admin who can modify plugin settings to backup (and hence access the data, including passwords, from) and restore (including with customized modifications, e.g. changed passwords) <strong>the entire network</strong>.', 'updraftplus').' '.__('(This applies to all WordPress backup plugins unless they have been explicitly coded for multisite compatibility).', 'updraftplus'), 'error');
284	}
285	}
286
287	add_action('admin_init', array('UpdraftPlus_Options', 'admin_init'));
288	add_action('admin_menu', array('UpdraftPlus_Options', 'add_admin_pages'));
289