/class.jetpack.php

  1. <?php 
  2.  
  3. /** 
  4. Options: 
  5. jetpack_options (array) 
  6. An array of options. 
  7. @see Jetpack_Options::get_option_names() 
  8.   
  9. jetpack_register (string) 
  10. Temporary verification secrets. 
  11.   
  12. jetpack_activated (int) 
  13. 1: the plugin was activated normally 
  14. 2: the plugin was activated on this site because of a network-wide activation 
  15. 3: the plugin was auto-installed 
  16. 4: the plugin was manually disconnected (but is still installed) 
  17.   
  18. jetpack_active_modules (array) 
  19. Array of active module slugs. 
  20.   
  21. jetpack_do_activate (bool) 
  22. Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs) 
  23. */ 
  24.  
  25. class Jetpack { 
  26. public $xmlrpc_server = null; 
  27.  
  28. private $xmlrpc_verification = null; 
  29.  
  30. public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA'] 
  31.  
  32. /** 
  33. * @var array The handles of styles that are concatenated into jetpack.css 
  34. */ 
  35. public $concatenated_style_handles = array( 
  36. 'jetpack-carousel',  
  37. 'grunion.css',  
  38. 'the-neverending-homepage',  
  39. 'jetpack_likes',  
  40. 'jetpack_related-posts',  
  41. 'sharedaddy',  
  42. 'jetpack-slideshow',  
  43. 'presentations',  
  44. 'jetpack-subscriptions',  
  45. 'tiled-gallery',  
  46. 'widget-conditions',  
  47. 'jetpack_display_posts_widget',  
  48. 'gravatar-profile-widget',  
  49. 'widget-grid-and-list',  
  50. 'jetpack-widgets',  
  51. 'goodreads-widget',  
  52. ); 
  53.  
  54. public $plugins_to_deactivate = array( 
  55. 'stats' => array( 'stats/stats.php', 'WordPress.com Stats' ),  
  56. 'shortlinks' => array( 'stats/stats.php', 'WordPress.com Stats' ),  
  57. 'sharedaddy' => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),  
  58. 'twitter-widget' => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),  
  59. 'after-the-deadline' => array( 'after-the-deadline/after-the-deadline.php', 'After The Deadline' ),  
  60. 'contact-form' => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),  
  61. 'contact-form' => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),  
  62. 'custom-css' => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),  
  63. 'random-redirect' => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),  
  64. 'videopress' => array( 'video/video.php', 'VideoPress' ),  
  65. 'widget-visibility' => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),  
  66. 'widget-visibility' => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),  
  67. 'sharedaddy' => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),  
  68. 'omnisearch' => array( 'jetpack-omnisearch/omnisearch.php', 'Jetpack Omnisearch' ),  
  69. 'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),  
  70. 'latex' => array( 'wp-latex/wp-latex.php', 'WP LaTeX' ) 
  71. ); 
  72.  
  73. public $capability_translations = array( 
  74. 'administrator' => 'manage_options',  
  75. 'editor' => 'edit_others_posts',  
  76. 'author' => 'publish_posts',  
  77. 'contributor' => 'edit_posts',  
  78. 'subscriber' => 'read',  
  79. ); 
  80.  
  81. /** 
  82. * Map of modules that have conflicts with plugins and should not be auto-activated 
  83. * if the plugins are active. Used by filter_default_modules 
  84. * 
  85. * Plugin Authors: If you'd like to prevent a single module from auto-activating,  
  86. * change `module-slug` and add this to your plugin: 
  87. * 
  88. * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' ); 
  89. * function my_jetpack_get_default_modules( $modules ) { 
  90. * return array_diff( $modules, array( 'module-slug' ) ); 
  91. * } 
  92. * 
  93. * @var array 
  94. */ 
  95. private $conflicting_plugins = array( 
  96. 'comments' => array( 
  97. 'Intense Debate' => 'intensedebate/intensedebate.php',  
  98. 'Disqus' => 'disqus-comment-system/disqus.php',  
  99. 'Livefyre' => 'livefyre-comments/livefyre.php',  
  100. 'Comments Evolved for WordPress' => 'gplus-comments/comments-evolved.php',  
  101. 'Google+ Comments' => 'google-plus-comments/google-plus-comments.php',  
  102. 'WP-SpamShield Anti-Spam' => 'wp-spamshield/wp-spamshield.php',  
  103. ),  
  104. 'contact-form' => array( 
  105. 'Contact Form 7' => 'contact-form-7/wp-contact-form-7.php',  
  106. 'Gravity Forms' => 'gravityforms/gravityforms.php',  
  107. 'Contact Form Plugin' => 'contact-form-plugin/contact_form.php',  
  108. 'Easy Contact Forms' => 'easy-contact-forms/easy-contact-forms.php',  
  109. 'Fast Secure Contact Form' => 'si-contact-form/si-contact-form.php',  
  110. ),  
  111. 'minileven' => array( 
  112. 'WPtouch' => 'wptouch/wptouch.php',  
  113. ),  
  114. 'latex' => array( 
  115. 'LaTeX for WordPress' => 'latex/latex.php',  
  116. 'Youngwhans Simple Latex' => 'youngwhans-simple-latex/yw-latex.php',  
  117. 'Easy WP LaTeX' => 'easy-wp-latex-lite/easy-wp-latex-lite.php',  
  118. 'MathJax-LaTeX' => 'mathjax-latex/mathjax-latex.php',  
  119. 'Enable Latex' => 'enable-latex/enable-latex.php',  
  120. 'WP QuickLaTeX' => 'wp-quicklatex/wp-quicklatex.php',  
  121. ),  
  122. 'protect' => array( 
  123. 'Limit Login Attempts' => 'limit-login-attempts/limit-login-attempts.php',  
  124. 'Captcha' => 'captcha/captcha.php',  
  125. 'Brute Force Login Protection' => 'brute-force-login-protection/brute-force-login-protection.php',  
  126. 'Login Security Solution' => 'login-security-solution/login-security-solution.php',  
  127. 'WPSecureOps Brute Force Protect' => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',  
  128. 'BulletProof Security' => 'bulletproof-security/bulletproof-security.php',  
  129. 'SiteGuard WP Plugin' => 'siteguard/siteguard.php',  
  130. 'Security-protection' => 'security-protection/security-protection.php',  
  131. 'Login Security' => 'login-security/login-security.php',  
  132. 'Botnet Attack Blocker' => 'botnet-attack-blocker/botnet-attack-blocker.php',  
  133. 'Wordfence Security' => 'wordfence/wordfence.php',  
  134. 'All In One WP Security & Firewall' => 'all-in-one-wp-security-and-firewall/wp-security.php',  
  135. 'iThemes Security' => 'better-wp-security/better-wp-security.php',  
  136. ),  
  137. 'random-redirect' => array( 
  138. 'Random Redirect 2' => 'random-redirect-2/random-redirect.php',  
  139. ),  
  140. 'related-posts' => array( 
  141. 'YARPP' => 'yet-another-related-posts-plugin/yarpp.php',  
  142. 'WordPress Related Posts' => 'wordpress-23-related-posts-plugin/wp_related_posts.php',  
  143. 'nrelate Related Content' => 'nrelate-related-content/nrelate-related.php',  
  144. 'Contextual Related Posts' => 'contextual-related-posts/contextual-related-posts.php',  
  145. 'Related Posts for WordPress' => 'microkids-related-posts/microkids-related-posts.php',  
  146. 'outbrain' => 'outbrain/outbrain.php',  
  147. 'Shareaholic' => 'shareaholic/shareaholic.php',  
  148. 'Sexybookmarks' => 'sexybookmarks/shareaholic.php',  
  149. ),  
  150. 'sharedaddy' => array( 
  151. 'AddThis' => 'addthis/addthis_social_widget.php',  
  152. 'Add To Any' => 'add-to-any/add-to-any.php',  
  153. 'ShareThis' => 'share-this/sharethis.php',  
  154. 'Shareaholic' => 'shareaholic/shareaholic.php',  
  155. ),  
  156. 'verification-tools' => array( 
  157. 'WordPress SEO by Yoast' => 'wordpress-seo/wp-seo.php',  
  158. 'WordPress SEO Premium by Yoast' => 'wordpress-seo-premium/wp-seo-premium.php',  
  159. 'All in One SEO Pack' => 'all-in-one-seo-pack/all_in_one_seo_pack.php',  
  160. ),  
  161. 'widget-visibility' => array( 
  162. 'Widget Logic' => 'widget-logic/widget_logic.php',  
  163. 'Dynamic Widgets' => 'dynamic-widgets/dynamic-widgets.php',  
  164. ),  
  165. ); 
  166.  
  167. /** 
  168. * Plugins for which we turn off our Facebook OG Tags implementation. 
  169. * 
  170. * Note: WordPress SEO by Yoast and WordPress SEO Premium by Yoast automatically deactivate 
  171. * Jetpack's Open Graph tags via filter when their Social Meta modules are active. 
  172. * 
  173. * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter: 
  174. * add_filter( 'jetpack_enable_open_graph', '__return_false' ); 
  175. */ 
  176. private $open_graph_conflicting_plugins = array( 
  177. '2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',  
  178. // 2 Click Social Media Buttons 
  179. 'add-link-to-facebook/add-link-to-facebook.php', // Add Link to Facebook 
  180. 'add-meta-tags/add-meta-tags.php', // Add Meta Tags 
  181. 'easy-facebook-share-thumbnails/esft.php', // Easy Facebook Share Thumbnail 
  182. 'facebook/facebook.php', // Facebook (official plugin) 
  183. 'facebook-awd/AWD_facebook.php', // Facebook AWD All in one 
  184. 'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',  
  185. // Facebook Featured Image & OG Meta Tags 
  186. 'facebook-meta-tags/facebook-metatags.php', // Facebook Meta Tags 
  187. 'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',  
  188. // Facebook Open Graph Meta Tags for WordPress 
  189. 'facebook-revised-open-graph-meta-tag/index.php', // Facebook Revised Open Graph Meta Tag 
  190. 'facebook-thumb-fixer/_facebook-thumb-fixer.php', // Facebook Thumb Fixer 
  191. 'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',  
  192. // Fedmich's Facebook Open Graph Meta 
  193. 'header-footer/plugin.php', // Header and Footer 
  194. 'network-publisher/networkpub.php', // Network Publisher 
  195. 'nextgen-facebook/nextgen-facebook.php', // NextGEN Facebook OG 
  196. 'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',  
  197. // NextScripts SNAP 
  198. 'opengraph/opengraph.php', // Open Graph 
  199. 'open-graph-protocol-framework/open-graph-protocol-framework.php',  
  200. // Open Graph Protocol Framework 
  201. 'seo-facebook-comments/seofacebook.php', // SEO Facebook Comments 
  202. 'seo-ultimate/seo-ultimate.php', // SEO Ultimate 
  203. 'sexybookmarks/sexy-bookmarks.php', // Shareaholic 
  204. 'shareaholic/sexy-bookmarks.php', // Shareaholic 
  205. 'sharepress/sharepress.php', // SharePress 
  206. 'simple-facebook-connect/sfc.php', // Simple Facebook Connect 
  207. 'social-discussions/social-discussions.php', // Social Discussions 
  208. 'social-sharing-toolkit/social_sharing_toolkit.php', // Social Sharing Toolkit 
  209. 'socialize/socialize.php', // Socialize 
  210. 'only-tweet-like-share-and-google-1/tweet-like-plusone.php',  
  211. // Tweet, Like, Google +1 and Share 
  212. 'wordbooker/wordbooker.php', // Wordbooker 
  213. 'wpsso/wpsso.php', // WordPress Social Sharing Optimization 
  214. 'wp-caregiver/wp-caregiver.php', // WP Caregiver 
  215. 'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',  
  216. // WP Facebook Like Send & Open Graph Meta 
  217. 'wp-facebook-open-graph-protocol/wp-facebook-ogp.php', // WP Facebook Open Graph protocol 
  218. 'wp-ogp/wp-ogp.php', // WP-OGP 
  219. 'zoltonorg-social-plugin/zosp.php', // Zolton.org Social Plugin 
  220. 'wp-fb-share-like-button/wp_fb_share-like_widget.php' // WP Facebook Like Button 
  221. ); 
  222.  
  223. /** 
  224. * Plugins for which we turn off our Twitter Cards Tags implementation. 
  225. */ 
  226. private $twitter_cards_conflicting_plugins = array( 
  227. // 'twitter/twitter.php', // The official one handles this on its own. 
  228. // // https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php 
  229. 'eewee-twitter-card/index.php', // Eewee Twitter Card 
  230. 'ig-twitter-cards/ig-twitter-cards.php', // IG:Twitter Cards 
  231. 'jm-twitter-cards/jm-twitter-cards.php', // JM Twitter Cards 
  232. 'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',  
  233. // Pure Web Brilliant's Social Graph Twitter Cards Extension 
  234. 'twitter-cards/twitter-cards.php', // Twitter Cards 
  235. 'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta 
  236. 'wp-twitter-cards/twitter_cards.php', // WP Twitter Cards 
  237. ); 
  238.  
  239. /** 
  240. * Message to display in admin_notice 
  241. * @var string 
  242. */ 
  243. public $message = ''; 
  244.  
  245. /** 
  246. * Error to display in admin_notice 
  247. * @var string 
  248. */ 
  249. public $error = ''; 
  250.  
  251. /** 
  252. * Modules that need more privacy description. 
  253. * @var string 
  254. */ 
  255. public $privacy_checks = ''; 
  256.  
  257. /** 
  258. * Stats to record once the page loads 
  259. * 
  260. * @var array 
  261. */ 
  262. public $stats = array(); 
  263.  
  264. /** 
  265. * Allows us to build a temporary security report 
  266. * 
  267. * @var array 
  268. */ 
  269. static $security_report = array(); 
  270.  
  271. /** 
  272. * Jetpack_Sync object 
  273. */ 
  274. public $sync; 
  275.  
  276. /** 
  277. * Verified data for JSON authorization request 
  278. */ 
  279. public $json_api_authorization_request = array(); 
  280.  
  281. /** 
  282. * Holds the singleton instance of this class 
  283. * @since 2.3.3 
  284. * @var Jetpack 
  285. */ 
  286. static $instance = false; 
  287.  
  288. /** 
  289. * Singleton 
  290. * @static 
  291. */ 
  292. public static function init() { 
  293. if ( ! self::$instance ) { 
  294. if ( did_action( 'plugins_loaded' ) ) 
  295. self::plugin_textdomain(); 
  296. else 
  297. add_action( 'plugins_loaded', array( __CLASS__, 'plugin_textdomain' ), 99 ); 
  298.  
  299. self::$instance = new Jetpack; 
  300.  
  301. self::$instance->plugin_upgrade(); 
  302.  
  303. add_action( 'init', array( __CLASS__, 'perform_security_reporting' ) ); 
  304.  
  305.  
  306. return self::$instance; 
  307.  
  308. /** 
  309. * Must never be called statically 
  310. */ 
  311. function plugin_upgrade() { 
  312. // Upgrade: 1.1 -> 1.2 
  313. if ( get_option( 'jetpack_id' ) ) { 
  314. // Move individual jetpack options to single array of options 
  315. $options = array(); 
  316. foreach ( Jetpack_Options::get_option_names() as $option ) { 
  317. if ( false !== $value = get_option( "jetpack_$option" ) ) { 
  318. $options[$option] = $value; 
  319.  
  320. if ( $options ) { 
  321. Jetpack_Options::update_options( $options ); 
  322.  
  323. foreach ( array_keys( $options ) as $option ) { 
  324. delete_option( "jetpack_$option" ); 
  325.  
  326. // Add missing version and old_version options 
  327. if ( ! $version = Jetpack_Options::get_option( 'version' ) ) { 
  328. $version = $old_version = '1.1:' . time(); 
  329. /** 
  330. * Fires on update, before bumping version numbers up to a new version. 
  331. * 
  332. * @since 3.4.0 
  333. * 
  334. * @param string $version Jetpack version number. 
  335. * @param bool false Does an old version exist. Default is false. 
  336. */ 
  337. do_action( 'updating_jetpack_version', $version, false ); 
  338. Jetpack_Options::update_options( compact( 'version', 'old_version' ) ); 
  339.  
  340. // Upgrade from a single user token to a user_id-indexed array and a master_user ID 
  341. if ( ! Jetpack_Options::get_option( 'user_tokens' ) ) { 
  342. if ( $user_token = Jetpack_Options::get_option( 'user_token' ) ) { 
  343. $token_parts = explode( '.', $user_token ); 
  344. if ( isset( $token_parts[2] ) ) { 
  345. $master_user = $token_parts[2]; 
  346. $user_tokens = array( $master_user => $user_token ); 
  347. Jetpack_Options::update_options( compact( 'master_user', 'user_tokens' ) ); 
  348. Jetpack_Options::delete_option( 'user_token' ); 
  349. } else { 
  350. // @todo: is this even possible? 
  351. trigger_error( sprintf( 'Jetpack::plugin_upgrade found no user_id in user_token "%s"', $user_token ), E_USER_WARNING ); 
  352.  
  353. // Clean up legacy G+ Authorship data. 
  354. if ( get_option( 'gplus_authors' ) ) { 
  355. delete_option( 'gplus_authors' ); 
  356. delete_option( 'hide_gplus' ); 
  357. delete_metadata( 'post', 0, 'gplus_authorship_disabled', null, true ); 
  358.  
  359. if ( ! get_option( 'jetpack_private_options' ) ) { 
  360. $jetpack_options = get_option( 'jetpack_options', array() ); 
  361. foreach( Jetpack_Options::get_option_names( 'private' ) as $option_name ) { 
  362. if ( isset( $jetpack_options[ $option_name ] ) ) { 
  363. Jetpack_Options::update_option( $option_name, $jetpack_options[ $option_name ] ); 
  364. unset( $jetpack_options[ $option_name ] ); 
  365. update_option( 'jetpack_options', $jetpack_options ); 
  366.  
  367. if ( Jetpack::is_active() ) { 
  368. list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) ); 
  369. if ( JETPACK__VERSION != $version ) { 
  370. add_action( 'init', array( __CLASS__, 'activate_new_modules' ) ); 
  371. /** 
  372. * Fires when synchronizing all registered options and constants. 
  373. * 
  374. * @since 3.3.0 
  375. */ 
  376. do_action( 'jetpack_sync_all_registered_options' ); 
  377. //if Jetpack is connected check if jetpack_unique_connection exists and if not then set it 
  378. $jetpack_unique_connection = get_option( 'jetpack_unique_connection' ); 
  379. $is_unique_connection = $jetpack_unique_connection && array_key_exists( 'version', $jetpack_unique_connection ); 
  380. if ( ! $is_unique_connection ) { 
  381. $jetpack_unique_connection = array( 
  382. 'connected' => 1,  
  383. 'disconnected' => -1,  
  384. 'version' => '3.6.1' 
  385. ); 
  386. update_option( 'jetpack_unique_connection', $jetpack_unique_connection ); 
  387.  
  388. if ( get_option( 'jetpack_json_api_full_management' ) ) { 
  389. delete_option( 'jetpack_json_api_full_management' ); 
  390. self::activate_manage(); 
  391.  
  392.  
  393. static function activate_manage( ) { 
  394.  
  395. if ( did_action( 'init' ) || current_filter() == 'init' ) { 
  396. self::activate_module( 'manage', false, false ); 
  397. } else if ( ! has_action( 'init' , array( __CLASS__, 'activate_manage' ) ) ) { 
  398. add_action( 'init', array( __CLASS__, 'activate_manage' ) ); 
  399.  
  400.  
  401. /** 
  402. * Constructor. Initializes WordPress hooks 
  403. */ 
  404. private function __construct() { 
  405. /** 
  406. * Check for and alert any deprecated hooks 
  407. */ 
  408. add_action( 'init', array( $this, 'deprecated_hooks' ) ); 
  409.  
  410. /** 
  411. * Do things that should run even in the network admin 
  412. * here, before we potentially fail out. 
  413. */ 
  414. add_filter( 'jetpack_require_lib_dir', array( $this, 'require_lib_dir' ) ); 
  415.  
  416. /** 
  417. * We need sync object even in Multisite mode 
  418. */ 
  419. $this->sync = new Jetpack_Sync; 
  420.  
  421. /** 
  422. * Trigger a wp_version sync when updating WP versions 
  423. **/ 
  424. add_action( 'upgrader_process_complete', array( 'Jetpack', 'update_get_wp_version' ), 10, 2 ); 
  425. $this->sync->mock_option( 'wp_version', array( 'Jetpack', 'get_wp_version' ) ); 
  426.  
  427. add_action( 'init', array( $this, 'sync_update_data') ); 
  428.  
  429. /** 
  430. * Load things that should only be in Network Admin. 
  431. * 
  432. * For now blow away everything else until a more full 
  433. * understanding of what is needed at the network level is 
  434. * available 
  435. */ 
  436. if( is_multisite() ) { 
  437. Jetpack_Network::init(); 
  438.  
  439. // Only sync this info if we are on a multi site 
  440. // @since 3.7 
  441. $this->sync->mock_option( 'network_name', array( 'Jetpack', 'network_name' ) ); 
  442. $this->sync->mock_option( 'network_allow_new_registrations', array( 'Jetpack', 'network_allow_new_registrations' ) ); 
  443. $this->sync->mock_option( 'network_add_new_users', array( 'Jetpack', 'network_add_new_users' ) ); 
  444. $this->sync->mock_option( 'network_site_upload_space', array( 'Jetpack', 'network_site_upload_space' ) ); 
  445. $this->sync->mock_option( 'network_upload_file_types', array( 'Jetpack', 'network_upload_file_types' ) ); 
  446. $this->sync->mock_option( 'network_enable_administration_menus', array( 'Jetpack', 'network_enable_administration_menus' ) ); 
  447.  
  448. if( is_network_admin() ) { 
  449. // Sync network site data if it is updated or not. 
  450. add_action( 'update_wpmu_options', array( $this, 'update_jetpack_network_settings' ) ); 
  451. return; // End here to prevent single site actions from firing 
  452.  
  453.  
  454. $theme_slug = get_option( 'stylesheet' ); 
  455.  
  456.  
  457. // Modules should do Jetpack_Sync::sync_options( __FILE__, $option, ... ); instead 
  458. // We access the "internal" method here only because the Jetpack object isn't instantiated yet 
  459. $this->sync->options( 
  460. JETPACK__PLUGIN_DIR . 'jetpack.php',  
  461. 'home',  
  462. 'siteurl',  
  463. 'blogname',  
  464. 'gmt_offset',  
  465. 'timezone_string',  
  466. 'security_report',  
  467. 'stylesheet',  
  468. "theme_mods_{$theme_slug}",  
  469. 'jetpack_sync_non_public_post_stati',  
  470. 'jetpack_options',  
  471. 'site_icon' // (int) - ID of core's Site Icon attachment ID 
  472. ); 
  473.  
  474. foreach( Jetpack_Options::get_option_names( 'non-compact' ) as $option ) { 
  475. $this->sync->options( __FILE__, 'jetpack_' . $option ); 
  476.  
  477. /** 
  478. * Sometimes you want to sync data to .com without adding options to .org sites. 
  479. * The mock option allows you to do just that. 
  480. */ 
  481. $this->sync->mock_option( 'is_main_network', array( $this, 'is_main_network_option' ) ); 
  482. $this->sync->mock_option( 'is_multi_site', array( $this, 'is_multisite' ) ); 
  483. $this->sync->mock_option( 'main_network_site', array( $this, 'jetpack_main_network_site_option' ) ); 
  484. $this->sync->mock_option( 'single_user_site', array( 'Jetpack', 'is_single_user_site' ) ); 
  485.  
  486. $this->sync->mock_option( 'has_file_system_write_access', array( 'Jetpack', 'file_system_write_access' ) ); 
  487. $this->sync->mock_option( 'is_version_controlled', array( 'Jetpack', 'is_version_controlled' ) ); 
  488. $this->sync->mock_option( 'max_upload_size', 'wp_max_upload_size' ); 
  489. $this->sync->mock_option( 'content_width', array( 'Jetpack', 'get_content_width' ) ); 
  490.  
  491. /** 
  492. * Trigger an update to the main_network_site when we update the blogname of a site. 
  493. * 
  494. */ 
  495. add_action( 'update_option_siteurl', array( $this, 'update_jetpack_main_network_site_option' ) ); 
  496.  
  497. add_action( 'update_option', array( $this, 'log_settings_change' ), 10, 3 ); 
  498.  
  499. // Update the settings everytime the we register a new user to the site or we delete a user. 
  500. add_action( 'user_register', array( $this, 'is_single_user_site_invalidate' ) ); 
  501. add_action( 'deleted_user', array( $this, 'is_single_user_site_invalidate' ) ); 
  502.  
  503. // Unlink user before deleting the user from .com 
  504. add_action( 'deleted_user', array( $this, 'unlink_user' ), 10, 1 ); 
  505. add_action( 'remove_user_from_blog', array( $this, 'unlink_user' ), 10, 1 ); 
  506.  
  507. if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) { 
  508. @ini_set( 'display_errors', false ); // Display errors can cause the XML to be not well formed. 
  509.  
  510. require_once JETPACK__PLUGIN_DIR . 'class.jetpack-xmlrpc-server.php'; 
  511. $this->xmlrpc_server = new Jetpack_XMLRPC_Server(); 
  512.  
  513. $this->require_jetpack_authentication(); 
  514.  
  515. if ( Jetpack::is_active() ) { 
  516. // Hack to preserve $HTTP_RAW_POST_DATA 
  517. add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) ); 
  518.  
  519. $signed = $this->verify_xml_rpc_signature(); 
  520. if ( $signed && ! is_wp_error( $signed ) ) { 
  521. // The actual API methods. 
  522. add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) ); 
  523. } else { 
  524. add_filter( 'xmlrpc_methods', '__return_empty_array' ); 
  525. } else { 
  526. // The bootstrap API methods. 
  527. add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) ); 
  528.  
  529. // Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on. 
  530. add_filter( 'pre_option_enable_xmlrpc', '__return_true' ); 
  531. } elseif ( is_admin() && isset( $_POST['action'] ) && 'jetpack_upload_file' == $_POST['action'] ) { 
  532. $this->require_jetpack_authentication(); 
  533. $this->add_remote_request_handlers(); 
  534. } else { 
  535. if ( Jetpack::is_active() ) { 
  536. add_action( 'login_form_jetpack_json_api_authorization', array( &$this, 'login_form_json_api_authorization' ) ); 
  537. add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) ); 
  538.  
  539. if ( Jetpack::is_active() ) { 
  540. Jetpack_Heartbeat::init(); 
  541.  
  542. add_action( 'jetpack_clean_nonces', array( 'Jetpack', 'clean_nonces' ) ); 
  543. if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) { 
  544. wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' ); 
  545.  
  546. add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ) ); 
  547.  
  548. add_action( 'admin_init', array( $this, 'admin_init' ) ); 
  549. add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) ); 
  550.  
  551. add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) ); 
  552.  
  553. add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) ); 
  554. // Filter the dashboard meta box order to swap the new one in in place of the old one. 
  555. add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) ); 
  556.  
  557. add_action( 'wp_ajax_jetpack-sync-reindex-trigger', array( $this, 'sync_reindex_trigger' ) ); 
  558. add_action( 'wp_ajax_jetpack-sync-reindex-status', array( $this, 'sync_reindex_status' ) ); 
  559.  
  560. // Jump Start AJAX callback function 
  561. add_action( 'wp_ajax_jetpack_jumpstart_ajax', array( $this, 'jetpack_jumpstart_ajax_callback' ) ); 
  562. add_action( 'update_option', array( $this, 'jumpstart_has_updated_module_option' ) ); 
  563.  
  564. // Identity Crisis AJAX callback function 
  565. add_action( 'wp_ajax_jetpack_resolve_identity_crisis', array( $this, 'resolve_identity_crisis_ajax_callback' ) ); 
  566.  
  567. // JITM AJAX callback function 
  568. add_action( 'wp_ajax_jitm_ajax', array( $this, 'jetpack_jitm_ajax_callback' ) ); 
  569.  
  570. add_action( 'wp_ajax_jetpack_admin_ajax', array( $this, 'jetpack_admin_ajax_callback' ) ); 
  571. add_action( 'wp_ajax_jetpack_admin_ajax_refresh', array( $this, 'jetpack_admin_ajax_refresh_data' ) ); 
  572.  
  573. add_action( 'wp_loaded', array( $this, 'register_assets' ) ); 
  574. add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) ); 
  575. add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) ); 
  576. add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) ); 
  577.  
  578. add_action( 'jetpack_activate_module', array( $this, 'activate_module_actions' ) ); 
  579.  
  580. add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 ); 
  581.  
  582. add_action( 'jetpack_notices', array( $this, 'show_development_mode_notice' ) ); 
  583.  
  584. /** 
  585. * These actions run checks to load additional files. 
  586. * They check for external files or plugins, so they need to run as late as possible. 
  587. */ 
  588. add_action( 'wp_head', array( $this, 'check_open_graph' ), 1 ); 
  589. add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ), 999 ); 
  590. add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 ); 
  591.  
  592. add_filter( 'plugins_url', array( 'Jetpack', 'maybe_min_asset' ), 1, 3 ); 
  593. add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 ); 
  594.  
  595. add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 ); 
  596.  
  597. add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) ); 
  598. add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 ); 
  599.  
  600. // A filter to control all just in time messages 
  601. add_filter( 'jetpack_just_in_time_msgs', '__return_true' ); 
  602.  
  603. /** 
  604. * This is the hack to concatinate all css files into one. 
  605. * For description and reasoning see the implode_frontend_css method 
  606. * 
  607. * Super late priority so we catch all the registered styles 
  608. */ 
  609. if( !is_admin() ) { 
  610. add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first 
  611. add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles` 
  612.  
  613. // Sync Core Icon: Detect changes in Core's Site Icon and make it syncable. 
  614. add_action( 'add_option_site_icon', array( $this, 'jetpack_sync_core_icon' ) ); 
  615. add_action( 'update_option_site_icon', array( $this, 'jetpack_sync_core_icon' ) ); 
  616. add_action( 'delete_option_site_icon', array( $this, 'jetpack_sync_core_icon' ) ); 
  617. add_action( 'jetpack_heartbeat', array( $this, 'jetpack_sync_core_icon' ) ); 
  618.  
  619.  
  620. /** 
  621. * Make sure any site icon added to core can get 
  622. * synced back to dotcom, so we can display it there. 
  623. */ 
  624. function jetpack_sync_core_icon() { 
  625. if ( function_exists( 'get_site_icon_url' ) ) { 
  626. $url = get_site_icon_url(); 
  627. } else { 
  628. return; 
  629.  
  630. require_once( JETPACK__PLUGIN_DIR . 'modules/site-icon/site-icon-functions.php' ); 
  631. // If there's a core icon, maybe update the option. If not, fall back to Jetpack's. 
  632. if ( ! empty( $url ) && $url !== jetpack_site_icon_url() ) { 
  633. // This is the option that is synced with dotcom 
  634. Jetpack_Options::update_option( 'site_icon_url', $url ); 
  635. } else if ( empty( $url ) && did_action( 'delete_option_site_icon' ) ) { 
  636. Jetpack_Options::delete_option( 'site_icon_url' ); 
  637.  
  638. function jetpack_admin_ajax_callback() { 
  639. // Check for nonce 
  640. if ( ! isset( $_REQUEST['adminNonce'] ) || ! wp_verify_nonce( $_REQUEST['adminNonce'], 'jetpack-admin-nonce' ) || ! current_user_can( 'jetpack_manage_modules' ) ) { 
  641. wp_die( 'permissions check failed' ); 
  642.  
  643. if ( isset( $_REQUEST['toggleModule'] ) && 'nux-toggle-module' == $_REQUEST['toggleModule'] ) { 
  644. $slug = $_REQUEST['thisModuleSlug']; 
  645.  
  646. if ( ! in_array( $slug, Jetpack::get_available_modules() ) ) { 
  647. wp_die( 'That is not a Jetpack module slug' ); 
  648.  
  649. if ( Jetpack::is_module_active( $slug ) ) { 
  650. Jetpack::deactivate_module( $slug ); 
  651. } else { 
  652. Jetpack::activate_module( $slug, false, false ); 
  653.  
  654. $modules = Jetpack_Admin::init()->get_modules(); 
  655. echo json_encode( $modules[ $slug ] ); 
  656.  
  657. exit; 
  658.  
  659. wp_die(); 
  660.  
  661. /** 
  662. * Sometimes we need to refresh the data,  
  663. * especially if the page is visited via a 'history' 
  664. * event like back/forward 
  665. */ 
  666. function jetpack_admin_ajax_refresh_data() { 
  667. // Check for nonce 
  668. if ( ! isset( $_REQUEST['adminNonce'] ) || ! wp_verify_nonce( $_REQUEST['adminNonce'], 'jetpack-admin-nonce' ) ) { 
  669. wp_die( 'permissions check failed' ); 
  670.  
  671. if ( isset( $_REQUEST['refreshData'] ) && 'refresh' == $_REQUEST['refreshData'] ) { 
  672. $modules = Jetpack_Admin::init()->get_modules(); 
  673. echo json_encode( $modules ); 
  674. exit; 
  675.  
  676. wp_die(); 
  677.  
  678. /** 
  679. * The callback for the Jump Start ajax requests. 
  680. */ 
  681. function jetpack_jumpstart_ajax_callback() { 
  682. // Check for nonce 
  683. if ( ! isset( $_REQUEST['jumpstartNonce'] ) || ! wp_verify_nonce( $_REQUEST['jumpstartNonce'], 'jetpack-jumpstart-nonce' ) ) 
  684. wp_die( 'permissions check failed' ); 
  685.  
  686. if ( isset( $_REQUEST['jumpStartActivate'] ) && 'jump-start-activate' == $_REQUEST['jumpStartActivate'] ) { 
  687. // Update the jumpstart option 
  688. if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) { 
  689. Jetpack_Options::update_option( 'jumpstart', 'jumpstart_activated' ); 
  690.  
  691. // Loops through the requested "Jump Start" modules, and activates them. 
  692. // Custom 'no_message' state, so that no message will be shown on reload. 
  693. $modules = $_REQUEST['jumpstartModSlug']; 
  694. $module_slugs = array(); 
  695. foreach( $modules as $module => $value ) { 
  696. $module_slugs[] = $value['module_slug']; 
  697.  
  698. // Check for possible conflicting plugins 
  699. $module_slugs_filtered = $this->filter_default_modules( $module_slugs ); 
  700.  
  701. foreach ( $module_slugs_filtered as $module_slug ) { 
  702. Jetpack::log( 'activate', $module_slug ); 
  703. Jetpack::activate_module( $module_slug, false, false ); 
  704. Jetpack::state( 'message', 'no_message' ); 
  705.  
  706. // Set the default sharing buttons and set to display on posts if none have been set. 
  707. $sharing_services = get_option( 'sharing-services' ); 
  708. $sharing_options = get_option( 'sharing-options' ); 
  709. if ( empty( $sharing_services['visible'] ) ) { 
  710. // Default buttons to set 
  711. $visible = array( 
  712. 'twitter',  
  713. 'facebook',  
  714. 'google-plus-1',  
  715. ); 
  716. $hidden = array(); 
  717.  
  718. // Set some sharing settings 
  719. $sharing = new Sharing_Service(); 
  720. $sharing_options['global'] = array( 
  721. 'button_style' => 'icon',  
  722. 'sharing_label' => $sharing->default_sharing_label,  
  723. 'open_links' => 'same',  
  724. 'show' => array( 'post' ),  
  725. 'custom' => isset( $sharing_options['global']['custom'] ) ? $sharing_options['global']['custom'] : array() 
  726. ); 
  727.  
  728. update_option( 'sharing-options', $sharing_options ); 
  729.  
  730. // Send a success response so that we can display an error message. 
  731. $success = update_option( 'sharing-services', array( 'visible' => $visible, 'hidden' => $hidden ) ); 
  732. echo json_encode( $success ); 
  733. exit; 
  734.  
  735. } elseif ( isset( $_REQUEST['disableJumpStart'] ) && true == $_REQUEST['disableJumpStart'] ) { 
  736. // If dismissed, flag the jumpstart option as such. 
  737. // Send a success response so that we can display an error message. 
  738. if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) { 
  739. $success = Jetpack_Options::update_option( 'jumpstart', 'jumpstart_dismissed' ); 
  740. echo json_encode( $success ); 
  741. exit; 
  742.  
  743. } elseif ( isset( $_REQUEST['jumpStartDeactivate'] ) && 'jump-start-deactivate' == $_REQUEST['jumpStartDeactivate'] ) { 
  744.  
  745. // FOR TESTING ONLY 
  746. // @todo remove 
  747. $modules = (array) $_REQUEST['jumpstartModSlug']; 
  748. foreach( $modules as $module => $value ) { 
  749. if ( !in_array( $value['module_slug'], Jetpack::get_default_modules() ) ) { 
  750. Jetpack::log( 'deactivate', $value['module_slug'] ); 
  751. Jetpack::deactivate_module( $value['module_slug'] ); 
  752. Jetpack::state( 'message', 'no_message' ); 
  753. } else { 
  754. Jetpack::log( 'activate', $value['module_slug'] ); 
  755. Jetpack::activate_module( $value['module_slug'], false, false ); 
  756. Jetpack::state( 'message', 'no_message' ); 
  757.  
  758. Jetpack_Options::update_option( 'jumpstart', 'new_connection' ); 
  759. echo "reload the page"; 
  760.  
  761. wp_die(); 
  762.  
  763. /** 
  764. * The callback for the JITM ajax requests. 
  765. */ 
  766. function jetpack_jitm_ajax_callback() { 
  767. // Check for nonce 
  768. if ( ! isset( $_REQUEST['jitmNonce'] ) || ! wp_verify_nonce( $_REQUEST['jitmNonce'], 'jetpack-jitm-nonce' ) ) { 
  769. wp_die( 'Module activation failed due to lack of appropriate permissions' ); 
  770. if ( isset( $_REQUEST['jitmActionToTake'] ) && 'activate' == $_REQUEST['jitmActionToTake'] ) { 
  771. $module_slug = $_REQUEST['jitmModule']; 
  772. Jetpack::log( 'activate', $module_slug ); 
  773. Jetpack::activate_module( $module_slug, false, false ); 
  774. Jetpack::state( 'message', 'no_message' ); 
  775.  
  776. //A Jetpack module is being activated through a JITM, track it 
  777. $this->stat( 'jitm', $module_slug.'-activated-' . JETPACK__VERSION ); 
  778. $this->do_stats( 'server_side' ); 
  779.  
  780. wp_send_json_success(); 
  781. if ( isset( $_REQUEST['jitmActionToTake'] ) && 'dismiss' == $_REQUEST['jitmActionToTake'] ) { 
  782. // get the hide_jitm options array 
  783. $jetpack_hide_jitm = Jetpack_Options::get_option( 'hide_jitm' ); 
  784. $module_slug = $_REQUEST['jitmModule']; 
  785.  
  786. if( ! $jetpack_hide_jitm ) { 
  787. $jetpack_hide_jitm = array( 
  788. $module_slug => 'hide' 
  789. ); 
  790. } else { 
  791. $jetpack_hide_jitm[$module_slug] = 'hide'; 
  792.  
  793. Jetpack_Options::update_option( 'hide_jitm', $jetpack_hide_jitm ); 
  794.  
  795. //jitm is being dismissed forever, track it 
  796. $this->stat( 'jitm', $module_slug.'-dismissed-' . JETPACK__VERSION ); 
  797. $this->do_stats( 'server_side' ); 
  798.  
  799. wp_send_json_success(); 
  800.  
  801. /** 
  802. * If there are any stats that need to be pushed, but haven't been, push them now. 
  803. */ 
  804. function __destruct() { 
  805. if ( ! empty( $this->stats ) ) { 
  806. $this->do_stats( 'server_side' ); 
  807.  
  808. function jetpack_custom_caps( $caps, $cap, $user_id, $args ) { 
  809. switch( $cap ) { 
  810. case 'jetpack_connect' : 
  811. case 'jetpack_reconnect' : 
  812. if ( Jetpack::is_development_mode() ) { 
  813. $caps = array( 'do_not_allow' ); 
  814. break; 
  815. /** 
  816. * Pass through. If it's not development mode, these should match disconnect. 
  817. * Let users disconnect if it's development mode, just in case things glitch. 
  818. */ 
  819. case 'jetpack_disconnect' : 
  820. /** 
  821. * In multisite, can individual site admins manage their own connection? 
  822. * 
  823. * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class. 
  824. */ 
  825. if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) { 
  826. if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) { 
  827. /** 
  828. * We need to update the option name -- it's terribly unclear which 
  829. * direction the override goes. 
  830. * 
  831. * @todo: Update the option name to `sub-sites-can-manage-own-connections` 
  832. */ 
  833. $caps = array( 'do_not_allow' ); 
  834. break; 
  835.  
  836. $caps = array( 'manage_options' ); 
  837. break; 
  838. case 'jetpack_manage_modules' : 
  839. case 'jetpack_activate_modules' : 
  840. case 'jetpack_deactivate_modules' : 
  841. $caps = array( 'manage_options' ); 
  842. break; 
  843. case 'jetpack_configure_modules' : 
  844. $caps = array( 'manage_options' ); 
  845. break; 
  846. case 'jetpack_network_admin_page': 
  847. case 'jetpack_network_settings_page': 
  848. $caps = array( 'manage_network_plugins' ); 
  849. break; 
  850. case 'jetpack_network_sites_page': 
  851. $caps = array( 'manage_sites' ); 
  852. break; 
  853. case 'jetpack_admin_page' : 
  854. if ( Jetpack::is_development_mode() ) { 
  855. $caps = array( 'manage_options' ); 
  856. break; 
  857.  
  858. // Don't ever show to subscribers, but allow access to the page if they're trying to unlink. 
  859. if ( ! current_user_can( 'edit_posts' ) ) { 
  860. if ( isset( $_GET['redirect'] ) && 'sub-unlink' == $_GET['redirect'] ) { 
  861. // We need this in order to unlink the user. 
  862. $this->admin_page_load(); 
  863. if ( ! wp_verify_nonce( 'jetpack-unlink' ) ) { 
  864. $caps = array( 'do_not_allow' ); 
  865. break; 
  866.  
  867. if ( ! self::is_active() && ! current_user_can( 'jetpack_connect' ) ) { 
  868. $caps = array( 'do_not_allow' ); 
  869. break; 
  870. /** 
  871. * Pass through. If it's not development mode, these should match the admin page. 
  872. * Let users disconnect if it's development mode, just in case things glitch. 
  873. */ 
  874. case 'jetpack_connect_user' : 
  875. if ( Jetpack::is_development_mode() ) { 
  876. $caps = array( 'do_not_allow' ); 
  877. break; 
  878. $caps = array( 'read' ); 
  879. break; 
  880. return $caps; 
  881.  
  882. function require_jetpack_authentication() { 
  883. // Don't let anyone authenticate 
  884. $_COOKIE = array(); 
  885. remove_all_filters( 'authenticate' ); 
  886.  
  887. /** 
  888. * For the moment, remove Limit Login Attempts if its xmlrpc for Jetpack. 
  889. * If Limit Login Attempts is installed as a mu-plugin, it can occasionally 
  890. * generate false-positives. 
  891. */ 
  892. remove_filter( 'wp_login_failed', 'limit_login_failed' ); 
  893.  
  894. if ( Jetpack::is_active() ) { 
  895. // Allow Jetpack authentication 
  896. add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 ); 
  897.  
  898. /** 
  899. * Load language files 
  900. */ 
  901. public static function plugin_textdomain() { 
  902. // Note to self, the third argument must not be hardcoded, to account for relocated folders. 
  903. load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' ); 
  904.  
  905. /** 
  906. * Register assets for use in various modules and the Jetpack admin page. 
  907. * 
  908. * @uses wp_script_is, wp_register_script, plugins_url 
  909. * @action wp_loaded 
  910. * @return null 
  911. */ 
  912. public function register_assets() { 
  913. if ( ! wp_script_is( 'spin', 'registered' ) ) { 
  914. wp_register_script( 'spin', plugins_url( '_inc/spin.js', JETPACK__PLUGIN_FILE ), false, '1.3' ); 
  915.  
  916. if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) { 
  917. wp_register_script( 'jquery.spin', plugins_url( '_inc/jquery.spin.js', JETPACK__PLUGIN_FILE ) , array( 'jquery', 'spin' ), '1.3' ); 
  918.  
  919. if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) { 
  920. wp_register_script( 'jetpack-gallery-settings', plugins_url( '_inc/gallery-settings.js', JETPACK__PLUGIN_FILE ), array( 'media-views' ), '20121225' ); 
  921.  
  922. /** 
  923. * As jetpack_register_genericons is by default fired off a hook,  
  924. * the hook may have already fired by this point. 
  925. * So, let's just trigger it manually. 
  926. */ 
  927. require_once( JETPACK__PLUGIN_DIR . '_inc/genericons.php' ); 
  928. jetpack_register_genericons(); 
  929.  
  930. if ( ! wp_style_is( 'jetpack-icons', 'registered' ) ) 
  931. wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION ); 
  932.  
  933. /** 
  934. * Device Pixels support 
  935. * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers. 
  936. */ 
  937. function devicepx() { 
  938. if ( Jetpack::is_active() ) { 
  939. wp_enqueue_script( 'devicepx', set_url_scheme( 'http://s0.wp.com/wp-content/js/devicepx-jetpack.js' ), array(), gmdate( 'oW' ), true ); 
  940.  
  941. /** 
  942. * Returns the location of Jetpack's lib directory. This filter is applied 
  943. * in require_lib(). 
  944. * 
  945. * @filter require_lib_dir 
  946. */ 
  947. function require_lib_dir() { 
  948. return JETPACK__PLUGIN_DIR . '_inc/lib'; 
  949.  
  950. /** 
  951. * Return the network_site_url so that .com knows what network this site is a part of. 
  952. * @param bool $option 
  953. * @return string 
  954. */ 
  955. public function jetpack_main_network_site_option( $option ) { 
  956. return network_site_url(); 
  957. /** 
  958. * Network Name. 
  959. */ 
  960. static function network_name( $option = null ) { 
  961. global $current_site; 
  962. return $current_site->site_name; 
  963. /** 
  964. * Does the network allow new user and site registrations. 
  965. * @return string 
  966. */ 
  967. static function network_allow_new_registrations( $option = null ) { 
  968. return ( in_array( get_site_option( 'registration' ), array('none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration') : 'none' ); 
  969. /** 
  970. * Does the network allow admins to add new users. 
  971. * @return boolian 
  972. */ 
  973. static function network_add_new_users( $option = null ) { 
  974. return (bool) get_site_option( 'add_new_users' ); 
  975. /** 
  976. * File upload psace left per site in MB. 
  977. * -1 means NO LIMIT. 
  978. * @return number 
  979. */ 
  980. static function network_site_upload_space( $option = null ) { 
  981. // value in MB 
  982. return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() ); 
  983.  
  984. /** 
  985. * Network allowed file types. 
  986. * @return string 
  987. */ 
  988. static function network_upload_file_types( $option = null ) { 
  989. return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' ); 
  990.  
  991. /** 
  992. * Maximum file upload size set by the network. 
  993. * @return number 
  994. */ 
  995. static function network_max_upload_file_size( $option = null ) { 
  996. // value in KB 
  997. return get_site_option( 'fileupload_maxk', 300 ); 
  998.  
  999. /** 
  1000. * Lets us know if a site allows admins to manage the network. 
  1001. * @return array 
  1002. */ 
  1003. static function network_enable_administration_menus( $option = null ) { 
  1004. return get_site_option( 'menu_items' ); 
  1005.  
  1006. /** 
  1007. * Return whether we are dealing with a multi network setup or not. 
  1008. * The reason we are type casting this is because we want to avoid the situation where 
  1009. * the result is false since when is_main_network_option return false it cases 
  1010. * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the 
  1011. * database which could be set to anything as opposed to what this function returns. 
  1012. * @param bool $option 
  1013. * 
  1014. * @return boolean 
  1015. */ 
  1016. public function is_main_network_option( $option ) { 
  1017. // return '1' or '' 
  1018. return (string) (bool) Jetpack::is_multi_network(); 
  1019.  
  1020. /** 
  1021. * Return true if we are with multi-site or multi-network false if we are dealing with single site. 
  1022. * 
  1023. * @param string $option 
  1024. * @return boolean 
  1025. */ 
  1026. public function is_multisite( $option ) { 
  1027. return (string) (bool) is_multisite(); 
  1028.  
  1029. /** 
  1030. * Implemented since there is no core is multi network function 
  1031. * Right now there is no way to tell if we which network is the dominant network on the system 
  1032. * 
  1033. * @since 3.3 
  1034. * @return boolean 
  1035. */ 
  1036. public static function is_multi_network() { 
  1037. global $wpdb; 
  1038.  
  1039. // if we don't have a multi site setup no need to do any more 
  1040. if ( ! is_multisite() ) { 
  1041. return false; 
  1042.  
  1043. $num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" ); 
  1044. if ( $num_sites > 1 ) { 
  1045. return true; 
  1046. } else { 
  1047. return false; 
  1048.  
  1049. /** 
  1050. * Trigger an update to the main_network_site when we update the siteurl of a site. 
  1051. * @return null 
  1052. */ 
  1053. function update_jetpack_main_network_site_option() { 
  1054. // do_action( 'add_option_$option', '$option', '$value-of-the-option' ); 
  1055. /** 
  1056. * Fires when the site URL is updated. 
  1057. * Determines if the site is the main site of a Mulitiste network. 
  1058. * 
  1059. * @since 3.3.0 
  1060. * 
  1061. * @param string jetpack_main_network_site. 
  1062. * @param string network_site_url() Site URL for the "main" site of the current Multisite network. 
  1063. */ 
  1064. do_action( 'add_option_jetpack_main_network_site', 'jetpack_main_network_site', network_site_url() ); 
  1065. /** 
  1066. * Fires when the site URL is updated. 
  1067. * Determines if the is part of a multi network. 
  1068. * 
  1069. * @since 3.3.0 
  1070. * 
  1071. * @param string jetpack_is_main_network. 
  1072. * @param bool Jetpack::is_multi_network() Is the site part of a multi network. 
  1073. */ 
  1074. do_action( 'add_option_jetpack_is_main_network', 'jetpack_is_main_network', (string) (bool) Jetpack::is_multi_network() ); 
  1075. /** 
  1076. * Fires when the site URL is updated. 
  1077. * Determines if the site is part of a multisite network. 
  1078. * 
  1079. * @since 3.4.0 
  1080. * 
  1081. * @param string jetpack_is_multi_site. 
  1082. * @param bool is_multisite() Is the site part of a mutlisite network. 
  1083. */ 
  1084. do_action( 'add_option_jetpack_is_multi_site', 'jetpack_is_multi_site', (string) (bool) is_multisite() ); 
  1085. /** 
  1086. * Triggered after a user updates the network settings via Network Settings Admin Page 
  1087. * 
  1088. */ 
  1089. function update_jetpack_network_settings() { 
  1090. // Only sync this info for the main network site. 
  1091. do_action( 'add_option_jetpack_network_name', 'jetpack_network_name', Jetpack::network_name() ); 
  1092. do_action( 'add_option_jetpack_network_allow_new_registrations', 'jetpack_network_allow_new_registrations', Jetpack::network_allow_new_registrations() ); 
  1093. do_action( 'add_option_jetpack_network_add_new_users', 'jetpack_network_add_new_users', Jetpack::network_add_new_users() ); 
  1094. do_action( 'add_option_jetpack_network_site_upload_space', 'jetpack_network_site_upload_space', Jetpack::network_site_upload_space() ); 
  1095. do_action( 'add_option_jetpack_network_upload_file_types', 'jetpack_network_upload_file_types', Jetpack::network_upload_file_types() ); 
  1096. do_action( 'add_option_jetpack_network_enable_administration_menus', 'jetpack_network_enable_administration_menus', Jetpack::network_enable_administration_menus() ); 
  1097.  
  1098.  
  1099. /** 
  1100. * Get back if the current site is single user site. 
  1101. * 
  1102. * @return bool 
  1103. */ 
  1104. public static function is_single_user_site() { 
  1105.  
  1106. $user_query = new WP_User_Query( array( 
  1107. 'blog_id' => get_current_blog_id(),  
  1108. 'fields' => 'ID',  
  1109. 'number' => 2 
  1110. ) ); 
  1111. return 1 === (int) $user_query->get_total(); 
  1112.  
  1113. /** 
  1114. * Returns true if the site has file write access false otherwise. 
  1115. * @return string ( '1' | '0' ) 
  1116. **/ 
  1117. public static function file_system_write_access() { 
  1118. if ( ! function_exists( 'get_filesystem_method' ) ) { 
  1119. require_once( ABSPATH . 'wp-admin/includes/file.php' ); 
  1120.  
  1121. require_once( ABSPATH . 'wp-admin/includes/template.php' ); 
  1122.  
  1123. $filesystem_method = get_filesystem_method(); 
  1124. if ( $filesystem_method === 'direct' ) { 
  1125. return 1; 
  1126.  
  1127. ob_start(); 
  1128. $filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() ); 
  1129. ob_end_clean(); 
  1130. if ( $filesystem_credentials_are_stored ) { 
  1131. return 1; 
  1132. return 0; 
  1133.  
  1134. /** 
  1135. * Finds out if a site is using a version control system. 
  1136. * @return string ( '1' | '0' ) 
  1137. **/ 
  1138. public static function is_version_controlled() { 
  1139.  
  1140. if ( !class_exists( 'WP_Automatic_Updater' ) ) { 
  1141. require_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' ); 
  1142. $updater = new WP_Automatic_Updater(); 
  1143. $is_version_controlled = strval( $updater->is_vcs_checkout( $context = ABSPATH ) ); 
  1144. // transients should not be empty 
  1145. if ( empty( $is_version_controlled ) ) { 
  1146. $is_version_controlled = '0'; 
  1147. return $is_version_controlled; 
  1148. /** 
  1149. * Sync back wp_version 
  1150. */ 
  1151. public static function get_wp_version() { 
  1152. global $wp_version; 
  1153. return $wp_version; 
  1154. /** 
  1155. * Keeps wp_version in sync with .com when WordPress core updates 
  1156. **/ 
  1157. public static function update_get_wp_version( $update, $meta_data ) { 
  1158. if ( 'update' === $meta_data['action'] && 'core' === $meta_data['type'] ) { 
  1159. /** This action is documented in wp-includes/option.php */ 
  1160. /** 
  1161. * This triggers the sync for the jetpack version 
  1162. * See Jetpack_Sync options method for more info. 
  1163. */ 
  1164. do_action( 'add_option_jetpack_wp_version', 'jetpack_wp_version', (string) Jetpack::get_wp_version() ); 
  1165.  
  1166. /** 
  1167. * Triggers a sync of update counts and update details 
  1168. */ 
  1169. function sync_update_data() { 
  1170. // Anytime WordPress saves update data, we'll want to sync update data 
  1171. add_action( 'set_site_transient_update_plugins', array( 'Jetpack', 'refresh_update_data' ) ); 
  1172. add_action( 'set_site_transient_update_themes', array( 'Jetpack', 'refresh_update_data' ) ); 
  1173. add_action( 'set_site_transient_update_core', array( 'Jetpack', 'refresh_update_data' ) ); 
  1174. // Anytime a connection to jetpack is made, sync the update data 
  1175. add_action( 'jetpack_site_registered', array( 'Jetpack', 'refresh_update_data' ) ); 
  1176. // Anytime the Jetpack Version changes, sync the the update data 
  1177. add_action( 'updating_jetpack_version', array( 'Jetpack', 'refresh_update_data' ) ); 
  1178.  
  1179. if ( current_user_can( 'update_core' ) && current_user_can( 'update_plugins' ) && current_user_can( 'update_themes' ) ) { 
  1180. $this->sync->mock_option( 'updates', array( 'Jetpack', 'get_updates' ) ); 
  1181.  
  1182. $this->sync->mock_option( 'update_details', array( 'Jetpack', 'get_update_details' ) ); 
  1183.  
  1184. /** 
  1185. * jetpack_updates is saved in the following schema: 
  1186. * 
  1187. * array ( 
  1188. * 'plugins' => (int) Number of plugin updates available. 
  1189. * 'themes' => (int) Number of theme updates available. 
  1190. * 'wordpress' => (int) Number of WordPress core updates available. 
  1191. * 'translations' => (int) Number of translation updates available. 
  1192. * 'total' => (int) Total of all available updates. 
  1193. * 'wp_update_version' => (string) The latest available version of WordPress, only present if a WordPress update is needed. 
  1194. * ) 
  1195. * @return array 
  1196. */ 
  1197. public static function get_updates() { 
  1198. $update_data = wp_get_update_data(); 
  1199.  
  1200. // Stores the individual update counts as well as the total count. 
  1201. if ( isset( $update_data['counts'] ) ) { 
  1202. $updates = $update_data['counts']; 
  1203.  
  1204. // If we need to update WordPress core, let's find the latest version number. 
  1205. if ( ! empty( $updates['wordpress'] ) ) { 
  1206. $cur = get_preferred_from_update_core(); 
  1207. if ( isset( $cur->response ) && 'upgrade' === $cur->response ) { 
  1208. $updates['wp_update_version'] = $cur->current; 
  1209. return isset( $updates ) ? $updates : array(); 
  1210.  
  1211. public static function get_update_details() { 
  1212. $update_details = array( 
  1213. 'update_core' => get_site_transient( 'update_core' ),  
  1214. 'update_plugins' => get_site_transient( 'update_plugins' ),  
  1215. 'update_themes' => get_site_transient( 'update_themes' ),  
  1216. ); 
  1217. return $update_details; 
  1218.  
  1219. public static function refresh_update_data() { 
  1220. if ( current_user_can( 'update_core' ) && current_user_can( 'update_plugins' ) && current_user_can( 'update_themes' ) ) { 
  1221. /** 
  1222. * Fires whenever the amount of updates needed for a site changes. 
  1223. * Syncs an array that includes the number of theme, plugin, and core updates available, as well as the latest core version available. 
  1224. * 
  1225. * @since 3.7.0 
  1226. * 
  1227. * @param string jetpack_updates 
  1228. * @param array Update counts calculated by Jetpack::get_updates 
  1229. */ 
  1230. do_action( 'add_option_jetpack_updates', 'jetpack_updates', Jetpack::get_updates() ); 
  1231. /** 
  1232. * Fires whenever the amount of updates needed for a site changes. 
  1233. * Syncs an array of core, theme, and plugin data, and which of each is out of date 
  1234. * 
  1235. * @since 3.7.0 
  1236. * 
  1237. * @param string jetpack_update_details 
  1238. * @param array Update details calculated by Jetpack::get_update_details 
  1239. */ 
  1240. do_action( 'add_option_jetpack_update_details', 'jetpack_update_details', Jetpack::get_update_details() ); 
  1241.  
  1242. /** 
  1243. * Invalides the transient as well as triggers the update of the mock option. 
  1244. * 
  1245. * @return null 
  1246. */ 
  1247. function is_single_user_site_invalidate() { 
  1248. /** 
  1249. * Fires when a user is added or removed from a site. 
  1250. * Determines if the site is a single user site. 
  1251. * 
  1252. * @since 3.4.0 
  1253. * 
  1254. * @param string jetpack_single_user_site. 
  1255. * @param bool Jetpack::is_single_user_site() Is the current site a single user site. 
  1256. */ 
  1257. do_action( 'update_option_jetpack_single_user_site', 'jetpack_single_user_site', (bool) Jetpack::is_single_user_site() ); 
  1258.  
  1259. /** 
  1260. * Is Jetpack active? 
  1261. */ 
  1262. public static function is_active() { 
  1263. return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER ); 
  1264.  
  1265. /** 
  1266. * Is Jetpack in development (offline) mode? 
  1267. */ 
  1268. public static function is_development_mode() { 
  1269. $development_mode = false; 
  1270.  
  1271. if ( defined( 'JETPACK_DEV_DEBUG' ) ) { 
  1272. $development_mode = JETPACK_DEV_DEBUG; 
  1273.  
  1274. elseif ( site_url() && false === strpos( site_url(), '.' ) ) { 
  1275. $development_mode = true; 
  1276. /** 
  1277. * Filters Jetpack's development mode. 
  1278. * 
  1279. * @see http://jetpack.me/support/development-mode/ 
  1280. * 
  1281. * @since 2.2.1 
  1282. * 
  1283. * @param bool $development_mode Is Jetpack's development mode active. 
  1284. */ 
  1285. return apply_filters( 'jetpack_development_mode', $development_mode ); 
  1286.  
  1287. /** 
  1288. * Get Jetpack development mode notice text and notice class. 
  1289. * 
  1290. * Mirrors the checks made in Jetpack::is_development_mode 
  1291. * 
  1292. */ 
  1293. public static function show_development_mode_notice() { 
  1294. if ( Jetpack::is_development_mode() ) { 
  1295. if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) { 
  1296. $notice = sprintf( 
  1297. /** translators: %s is a URL */ 
  1298. __( 'In <a href="%s" target="_blank">Development Mode</a>, via the JETPACK_DEV_DEBUG constant being defined in wp-config.php or elsewhere.', 'jetpack' ),  
  1299. 'http://jetpack.me/support/development-mode/' 
  1300. ); 
  1301. } elseif ( site_url() && false === strpos( site_url(), '.' ) ) { 
  1302. $notice = sprintf( 
  1303. /** translators: %s is a URL */ 
  1304. __( 'In <a href="%s" target="_blank">Development Mode</a>, via site URL lacking a dot (e.g. http://localhost).', 'jetpack' ),  
  1305. 'http://jetpack.me/support/development-mode/' 
  1306. ); 
  1307. } else { 
  1308. $notice = sprintf( 
  1309. /** translators: %s is a URL */ 
  1310. __( 'In <a href="%s" target="_blank">Development Mode</a>, via the jetpack_development_mode filter.', 'jetpack' ),  
  1311. 'http://jetpack.me/support/development-mode/' 
  1312. ); 
  1313.  
  1314. echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>'; 
  1315.  
  1316. // Throw up a notice if using a development version and as for feedback. 
  1317. if ( Jetpack::is_development_version() ) { 
  1318. /** translators: %s is a URL */ 
  1319. $notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.me/contact-support/beta-group/' ); 
  1320.  
  1321. echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>'; 
  1322.  
  1323. /** 
  1324. * Whether Jetpack's version maps to a public release, or a development version. 
  1325. */ 
  1326. public static function is_development_version() { 
  1327. return ! preg_match( '/^\d+(\.\d+)+$/', JETPACK__VERSION ); 
  1328.  
  1329. /** 
  1330. * Is a given user (or the current user if none is specified) linked to a WordPress.com user? 
  1331. */ 
  1332. public static function is_user_connected( $user_id = false ) { 
  1333. $user_id = false === $user_id ? get_current_user_id() : absint( $user_id ); 
  1334. if ( ! $user_id ) { 
  1335. return false; 
  1336. return (bool) Jetpack_Data::get_access_token( $user_id ); 
  1337.  
  1338. /** 
  1339. * Get the wpcom user data of the current|specified connected user. 
  1340. */ 
  1341. public static function get_connected_user_data( $user_id = null ) { 
  1342. if ( ! $user_id ) { 
  1343. $user_id = get_current_user_id(); 
  1344. Jetpack::load_xml_rpc_client(); 
  1345. $xml = new Jetpack_IXR_Client( array( 
  1346. 'user_id' => $user_id,  
  1347. ) ); 
  1348. $xml->query( 'wpcom.getUser' ); 
  1349. if ( ! $xml->isError() ) { 
  1350. return $xml->getResponse(); 
  1351. return false; 
  1352.  
  1353. /** 
  1354. * Get the wpcom email of the current|specified connected user. 
  1355. */ 
  1356. public static function get_connected_user_email( $user_id = null ) { 
  1357. if ( ! $user_id ) { 
  1358. $user_id = get_current_user_id(); 
  1359. Jetpack::load_xml_rpc_client(); 
  1360. $xml = new Jetpack_IXR_Client( array( 
  1361. 'user_id' => $user_id,  
  1362. ) ); 
  1363. $xml->query( 'wpcom.getUserEmail' ); 
  1364. if ( ! $xml->isError() ) { 
  1365. return $xml->getResponse(); 
  1366. return false; 
  1367.  
  1368. /** 
  1369. * Get the wpcom email of the master user. 
  1370. */ 
  1371. public static function get_master_user_email() { 
  1372. $master_user_id = Jetpack_Options::get_option( 'master_user' ); 
  1373. if ( $master_user_id ) { 
  1374. return self::get_connected_user_email( $master_user_id ); 
  1375. return ''; 
  1376.  
  1377. function current_user_is_connection_owner() { 
  1378. $user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER ); 
  1379. return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && get_current_user_id() === $user_token->external_user_id; 
  1380.  
  1381. /** 
  1382. * Add any extra oEmbed providers that we know about and use on wpcom for feature parity. 
  1383. */ 
  1384. function extra_oembed_providers() { 
  1385. // Cloudup: https://dev.cloudup.com/#oembed 
  1386. wp_oembed_add_provider( 'https://cloudup.com/*' , 'https://cloudup.com/oembed' ); 
  1387. wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' ); 
  1388.  
  1389. /** 
  1390. * Synchronize connected user role changes 
  1391. */ 
  1392. function user_role_change( $user_id ) { 
  1393. if ( Jetpack::is_active() && Jetpack::is_user_connected( $user_id ) ) { 
  1394. $current_user_id = get_current_user_id(); 
  1395. wp_set_current_user( $user_id ); 
  1396. $role = $this->translate_current_user_to_role(); 
  1397. $signed_role = $this->sign_role( $role ); 
  1398. wp_set_current_user( $current_user_id ); 
  1399.  
  1400. $master_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER ); 
  1401. $master_user_id = absint( $master_token->external_user_id ); 
  1402.  
  1403. if ( ! $master_user_id ) 
  1404. return; // this shouldn't happen 
  1405.  
  1406. Jetpack::xmlrpc_async_call( 'jetpack.updateRole', $user_id, $signed_role ); 
  1407. //@todo retry on failure 
  1408.  
  1409. //try to choose a new master if we're demoting the current one 
  1410. if ( $user_id == $master_user_id && 'administrator' != $role ) { 
  1411. $query = new WP_User_Query( 
  1412. array( 
  1413. 'fields' => array( 'id' ),  
  1414. 'role' => 'administrator',  
  1415. 'orderby' => 'id',  
  1416. 'exclude' => array( $master_user_id ),  
  1417. ); 
  1418. $new_master = false; 
  1419. foreach ( $query->results as $result ) { 
  1420. $uid = absint( $result->id ); 
  1421. if ( $uid && Jetpack::is_user_connected( $uid ) ) { 
  1422. $new_master = $uid; 
  1423. break; 
  1424.  
  1425. if ( $new_master ) { 
  1426. Jetpack_Options::update_option( 'master_user', $new_master ); 
  1427. // else disconnect..? 
  1428.  
  1429. /** 
  1430. * Loads the currently active modules. 
  1431. */ 
  1432. public static function load_modules() { 
  1433. if ( ! self::is_active() && !self::is_development_mode() ) { 
  1434. if ( ! is_multisite() || ! get_site_option( 'jetpack_protect_active' ) ) { 
  1435. return; 
  1436.  
  1437. $version = Jetpack_Options::get_option( 'version' ); 
  1438. if ( ! $version ) { 
  1439. $version = $old_version = JETPACK__VERSION . ':' . time(); 
  1440. /** This action is documented in class.jetpack.php */ 
  1441. do_action( 'updating_jetpack_version', $version, false ); 
  1442. Jetpack_Options::update_options( compact( 'version', 'old_version' ) ); 
  1443. list( $version ) = explode( ':', $version ); 
  1444.  
  1445. $modules = array_filter( Jetpack::get_active_modules(), array( 'Jetpack', 'is_module' ) ); 
  1446.  
  1447. $modules_data = array(); 
  1448.  
  1449. // Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check. 
  1450. if ( version_compare( $version, JETPACK__VERSION, '<' ) ) { 
  1451. $updated_modules = array(); 
  1452. foreach ( $modules as $module ) { 
  1453. $modules_data[ $module ] = Jetpack::get_module( $module ); 
  1454. if ( ! isset( $modules_data[ $module ]['changed'] ) ) { 
  1455. continue; 
  1456.  
  1457. if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) { 
  1458. continue; 
  1459.  
  1460. $updated_modules[] = $module; 
  1461.  
  1462. $modules = array_diff( $modules, $updated_modules ); 
  1463.  
  1464. $is_development_mode = Jetpack::is_development_mode(); 
  1465.  
  1466. foreach ( $modules as $module ) { 
  1467. // If we're in dev mode, disable modules requiring a connection 
  1468. if ( $is_development_mode ) { 
  1469. // Prime the pump if we need to 
  1470. if ( empty( $modules_data[ $module ] ) ) { 
  1471. $modules_data[ $module ] = Jetpack::get_module( $module ); 
  1472. // If the module requires a connection, but we're in local mode, don't include it. 
  1473. if ( $modules_data[ $module ]['requires_connection'] ) { 
  1474. continue; 
  1475.  
  1476. if ( did_action( 'jetpack_module_loaded_' . $module ) ) { 
  1477. continue; 
  1478.  
  1479. require Jetpack::get_module_path( $module ); 
  1480. /** 
  1481. * Fires when a specific module is loaded. 
  1482. * The dynamic part of the hook, $module, is the module slug. 
  1483. * 
  1484. * @since 1.1.0 
  1485. */ 
  1486. do_action( 'jetpack_module_loaded_' . $module ); 
  1487.  
  1488. /** 
  1489. * Fires when all the modules are loaded. 
  1490. * 
  1491. * @since 1.1.0 
  1492. */ 
  1493. do_action( 'jetpack_modules_loaded' ); 
  1494.  
  1495. // Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme. 
  1496. if ( Jetpack::is_active() || Jetpack::is_development_mode() ) 
  1497. require_once( JETPACK__PLUGIN_DIR . 'modules/module-extras.php' ); 
  1498.  
  1499. /** 
  1500. * Check if Jetpack's REST API compat file should be included 
  1501. * @action plugins_loaded 
  1502. * @return null 
  1503. */ 
  1504. public function check_rest_api_compat() { 
  1505. /** 
  1506. * Filters the list of REST API compat files to be included. 
  1507. * 
  1508. * @since 2.2.5 
  1509. * 
  1510. * @param array $args Array of REST API compat files to include. 
  1511. */ 
  1512. $_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() ); 
  1513.  
  1514. if ( function_exists( 'bbpress' ) ) 
  1515. $_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php'; 
  1516.  
  1517. foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include ) 
  1518. require_once $_jetpack_rest_api_compat_include; 
  1519.  
  1520. /** 
  1521. * Gets all plugins currently active in values, regardless of whether they're 
  1522. * traditionally activated or network activated. 
  1523. * 
  1524. * @todo Store the result in core's object cache maybe? 
  1525. */ 
  1526. public static function get_active_plugins() { 
  1527. $active_plugins = (array) get_option( 'active_plugins', array() ); 
  1528.  
  1529. if ( is_multisite() ) { 
  1530. // Due to legacy code, active_sitewide_plugins stores them in the keys,  
  1531. // whereas active_plugins stores them in the values. 
  1532. $network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) ); 
  1533. if ( $network_plugins ) { 
  1534. $active_plugins = array_merge( $active_plugins, $network_plugins ); 
  1535.  
  1536. sort( $active_plugins ); 
  1537.  
  1538. return array_unique( $active_plugins ); 
  1539.  
  1540. /** 
  1541. * Checks whether a specific plugin is active. 
  1542. * 
  1543. * We don't want to store these in a static variable, in case 
  1544. * there are switch_to_blog() calls involved. 
  1545. */ 
  1546. public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) { 
  1547. return in_array( $plugin, self::get_active_plugins() ); 
  1548.  
  1549. /** 
  1550. * Check if Jetpack's Open Graph tags should be used. 
  1551. * If certain plugins are active, Jetpack's og tags are suppressed. 
  1552. * 
  1553. * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters 
  1554. * @action plugins_loaded 
  1555. * @return null 
  1556. */ 
  1557. public function check_open_graph() { 
  1558. if ( in_array( 'publicize', Jetpack::get_active_modules() ) || in_array( 'sharedaddy', Jetpack::get_active_modules() ) ) { 
  1559. add_filter( 'jetpack_enable_open_graph', '__return_true', 0 ); 
  1560.  
  1561. $active_plugins = self::get_active_plugins(); 
  1562.  
  1563. if ( ! empty( $active_plugins ) ) { 
  1564. foreach ( $this->open_graph_conflicting_plugins as $plugin ) { 
  1565. if ( in_array( $plugin, $active_plugins ) ) { 
  1566. add_filter( 'jetpack_enable_open_graph', '__return_false', 99 ); 
  1567. break; 
  1568.  
  1569. /** 
  1570. * Allow the addition of Open Graph Meta Tags to all pages. 
  1571. * 
  1572. * @since 2.0.3 
  1573. * 
  1574. * @param bool false Should Open Graph Meta tags be added. Default to false. 
  1575. */ 
  1576. if ( apply_filters( 'jetpack_enable_open_graph', false ) ) { 
  1577. require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php'; 
  1578.  
  1579. /** 
  1580. * Check if Jetpack's Twitter tags should be used. 
  1581. * If certain plugins are active, Jetpack's twitter tags are suppressed. 
  1582. * 
  1583. * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters 
  1584. * @action plugins_loaded 
  1585. * @return null 
  1586. */ 
  1587. public function check_twitter_tags() { 
  1588.  
  1589. $active_plugins = self::get_active_plugins(); 
  1590.  
  1591. if ( ! empty( $active_plugins ) ) { 
  1592. foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) { 
  1593. if ( in_array( $plugin, $active_plugins ) ) { 
  1594. add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 ); 
  1595. break; 
  1596.  
  1597. /** 
  1598. * Allow Twitter Card Meta tags to be disabled. 
  1599. * 
  1600. * @since 2.6.0 
  1601. * 
  1602. * @param bool true Should Twitter Card Meta tags be disabled. Default to true. 
  1603. */ 
  1604. if ( apply_filters( 'jetpack_disable_twitter_cards', true ) ) { 
  1605. require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php'; 
  1606.  
  1607.  
  1608.  
  1609.  
  1610. /** 
  1611. * 
  1612. * Jetpack Security Reports 
  1613. * 
  1614. * Allowed types: login_form, backup, file_scanning, spam 
  1615. * 
  1616. * Args for login_form and spam: 'blocked'=>(int)(optional), 'status'=>(string)(ok, warning, error), 'message'=>(optional, disregarded if status is ok, allowed tags: a, em, strong) 
  1617. * 
  1618. * Args for backup and file_scanning: 'last'=>(timestamp)(optional), 'next'=>(timestamp)(optional), 'status'=>(string)(ok, warning, error), 'message'=>(optional, disregarded if status is ok, allowed tags: a, em, strong) 
  1619. * 
  1620. * 
  1621. * Example code to submit a security report: 
  1622. * 
  1623. * function akismet_submit_jetpack_security_report() { 
  1624. * Jetpack::submit_security_report( 'spam', __FILE__, $args = array( 'blocked' => 138284, status => 'ok' ) ); 
  1625. * } 
  1626. * add_action( 'jetpack_security_report', 'akismet_submit_jetpack_security_report' ); 
  1627. * 
  1628. */ 
  1629.  
  1630.  
  1631. /** 
  1632. * Calls for security report submissions. 
  1633. * 
  1634. * @return null 
  1635. */ 
  1636. public static function perform_security_reporting() { 
  1637. $no_check_needed = get_site_transient( 'security_report_performed_recently' ); 
  1638.  
  1639. if ( $no_check_needed ) { 
  1640. return; 
  1641.  
  1642. /** 
  1643. * Fires before a security report is created. 
  1644. * 
  1645. * @since 3.4.0 
  1646. */ 
  1647. do_action( 'jetpack_security_report' ); 
  1648.  
  1649. Jetpack_Options::update_option( 'security_report', self::$security_report ); 
  1650. set_site_transient( 'security_report_performed_recently', 1, 15 * MINUTE_IN_SECONDS ); 
  1651.  
  1652. /** 
  1653. * Allows plugins to submit security reports. 
  1654. * 
  1655. * @param string $type Report type (login_form, backup, file_scanning, spam) 
  1656. * @param string $plugin_file Plugin __FILE__, so that we can pull plugin data 
  1657. * @param array $args See definitions above 
  1658. */ 
  1659. public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) { 
  1660.  
  1661. if( !doing_action( 'jetpack_security_report' ) ) { 
  1662. return new WP_Error( 'not_collecting_report', 'Not currently collecting security reports. Please use the jetpack_security_report hook.' ); 
  1663.  
  1664. if( !is_string( $type ) || !is_string( $plugin_file ) ) { 
  1665. return new WP_Error( 'invalid_security_report', 'Invalid Security Report' ); 
  1666.  
  1667. if( !function_exists( 'get_plugin_data' ) ) { 
  1668. include( ABSPATH . 'wp-admin/includes/plugin.php' ); 
  1669.  
  1670. //Get rid of any non-allowed args 
  1671. $args = array_intersect_key( $args, array_flip( array( 'blocked', 'last', 'next', 'status', 'message' ) ) ); 
  1672.  
  1673. $plugin = get_plugin_data( $plugin_file ); 
  1674.  
  1675. if ( !$plugin['Name'] ) { 
  1676. return new WP_Error( 'security_report_missing_plugin_name', 'Invalid Plugin File Provided' ); 
  1677.  
  1678. // Sanitize everything to make sure we're not syncing something wonky 
  1679. $type = sanitize_key( $type ); 
  1680.  
  1681. $args['plugin'] = $plugin; 
  1682.  
  1683. // Cast blocked, last and next as integers. 
  1684. // Last and next should be in unix timestamp format 
  1685. if ( isset( $args['blocked'] ) ) { 
  1686. $args['blocked'] = (int) $args['blocked']; 
  1687. if ( isset( $args['last'] ) ) { 
  1688. $args['last'] = (int) $args['last']; 
  1689. if ( isset( $args['next'] ) ) { 
  1690. $args['next'] = (int) $args['next']; 
  1691. if ( !in_array( $args['status'], array( 'ok', 'warning', 'error' ) ) ) { 
  1692. $args['status'] = 'ok'; 
  1693. if ( isset( $args['message'] ) ) { 
  1694.  
  1695. if( $args['status'] == 'ok' ) { 
  1696. unset( $args['message'] ); 
  1697.  
  1698. $allowed_html = array( 
  1699. 'a' => array( 
  1700. 'href' => array(),  
  1701. 'title' => array() 
  1702. ),  
  1703. 'em' => array(),  
  1704. 'strong' => array(),  
  1705. ); 
  1706.  
  1707. $args['message'] = wp_kses( $args['message'], $allowed_html ); 
  1708.  
  1709. $plugin_name = $plugin[ 'Name' ]; 
  1710.  
  1711. self::$security_report[ $type ][ $plugin_name ] = $args; 
  1712.  
  1713. /** 
  1714. * Collects a new report if needed, then returns it. 
  1715. */ 
  1716. public function get_security_report() { 
  1717. self::perform_security_reporting(); 
  1718. return Jetpack_Options::get_option( 'security_report' ); 
  1719.  
  1720.  
  1721. /** Jetpack Options API */ 
  1722.  
  1723. public static function get_option_names( $type = 'compact' ) { 
  1724. return Jetpack_Options::get_option_names( $type ); 
  1725.  
  1726. /** 
  1727. * Returns the requested option. Looks in jetpack_options or jetpack_$name as appropriate. 
  1728. * 
  1729. * @param string $name Option name 
  1730. * @param mixed $default (optional) 
  1731. */ 
  1732. public static function get_option( $name, $default = false ) { 
  1733. return Jetpack_Options::get_option( $name, $default ); 
  1734.  
  1735. /** 
  1736. * Stores two secrets and a timestamp so WordPress.com can make a request back and verify an action 
  1737. * Does some extra verification so urls (such as those to public-api, register, etc) can't just be crafted 
  1738. * $name must be a registered option name. 
  1739. */ 
  1740. public static function create_nonce( $name ) { 
  1741. $secret = wp_generate_password( 32, false ) . ':' . wp_generate_password( 32, false ) . ':' . ( time() + 600 ); 
  1742.  
  1743. Jetpack_Options::update_option( $name, $secret ); 
  1744. @list( $secret_1, $secret_2, $eol ) = explode( ':', Jetpack_Options::get_option( $name ) ); 
  1745. if ( empty( $secret_1 ) || empty( $secret_2 ) || $eol < time() ) 
  1746. return new Jetpack_Error( 'missing_secrets' ); 
  1747.  
  1748. return array( 
  1749. 'secret_1' => $secret_1,  
  1750. 'secret_2' => $secret_2,  
  1751. 'eol' => $eol,  
  1752. ); 
  1753.  
  1754. /** 
  1755. * Updates the single given option. Updates jetpack_options or jetpack_$name as appropriate. 
  1756. * 
  1757. * @deprecated 3.4 use Jetpack_Options::update_option() instead. 
  1758. * @param string $name Option name 
  1759. * @param mixed $value Option value 
  1760. */ 
  1761. public static function update_option( $name, $value ) { 
  1762. _deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' ); 
  1763. return Jetpack_Options::update_option( $name, $value ); 
  1764.  
  1765. /** 
  1766. * Updates the multiple given options. Updates jetpack_options and/or jetpack_$name as appropriate. 
  1767. * 
  1768. * @deprecated 3.4 use Jetpack_Options::update_options() instead. 
  1769. * @param array $array array( option name => option value, ... ) 
  1770. */ 
  1771. public static function update_options( $array ) { 
  1772. _deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' ); 
  1773. return Jetpack_Options::update_options( $array ); 
  1774.  
  1775. /** 
  1776. * Deletes the given option. May be passed multiple option names as an array. 
  1777. * Updates jetpack_options and/or deletes jetpack_$name as appropriate. 
  1778. * 
  1779. * @deprecated 3.4 use Jetpack_Options::delete_option() instead. 
  1780. * @param string|array $names 
  1781. */ 
  1782. public static function delete_option( $names ) { 
  1783. _deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' ); 
  1784. return Jetpack_Options::delete_option( $names ); 
  1785.  
  1786. /** 
  1787. * Enters a user token into the user_tokens option 
  1788. * 
  1789. * @param int $user_id 
  1790. * @param string $token 
  1791. * return bool 
  1792. */ 
  1793. public static function update_user_token( $user_id, $token, $is_master_user ) { 
  1794. // not designed for concurrent updates 
  1795. $user_tokens = Jetpack_Options::get_option( 'user_tokens' ); 
  1796. if ( ! is_array( $user_tokens ) ) 
  1797. $user_tokens = array(); 
  1798. $user_tokens[$user_id] = $token; 
  1799. if ( $is_master_user ) { 
  1800. $master_user = $user_id; 
  1801. $options = compact( 'user_tokens', 'master_user' ); 
  1802. } else { 
  1803. $options = compact( 'user_tokens' ); 
  1804. return Jetpack_Options::update_options( $options ); 
  1805.  
  1806. /** 
  1807. * Returns an array of all PHP files in the specified absolute path. 
  1808. * Equivalent to glob( "$absolute_path/**.php" ). 
  1809. * 
  1810. * @param string $absolute_path The absolute path of the directory to search. 
  1811. * @return array Array of absolute paths to the PHP files. 
  1812. */ 
  1813. public static function glob_php( $absolute_path ) { 
  1814. if ( function_exists( 'glob' ) ) { 
  1815. return glob( "$absolute_path/*.php" ); 
  1816.  
  1817. $absolute_path = untrailingslashit( $absolute_path ); 
  1818. $files = array(); 
  1819. if ( ! $dir = @opendir( $absolute_path ) ) { 
  1820. return $files; 
  1821.  
  1822. while ( false !== $file = readdir( $dir ) ) { 
  1823. if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) { 
  1824. continue; 
  1825.  
  1826. $file = "$absolute_path/$file"; 
  1827.  
  1828. if ( ! is_file( $file ) ) { 
  1829. continue; 
  1830.  
  1831. $files[] = $file; 
  1832.  
  1833. closedir( $dir ); 
  1834.  
  1835. return $files; 
  1836.  
  1837. public static function activate_new_modules( $redirect = false ) { 
  1838. if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) { 
  1839. return; 
  1840.  
  1841. $jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic] 
  1842. if ( ! $jetpack_old_version ) { 
  1843. $jetpack_old_version = $version = $old_version = '1.1:' . time(); 
  1844. /** This action is documented in class.jetpack.php */ 
  1845. do_action( 'updating_jetpack_version', $version, false ); 
  1846. Jetpack_Options::update_options( compact( 'version', 'old_version' ) ); 
  1847.  
  1848. list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic] 
  1849.  
  1850. if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) { 
  1851. return; 
  1852.  
  1853. $active_modules = Jetpack::get_active_modules(); 
  1854. $reactivate_modules = array(); 
  1855. foreach ( $active_modules as $active_module ) { 
  1856. $module = Jetpack::get_module( $active_module ); 
  1857. if ( ! isset( $module['changed'] ) ) { 
  1858. continue; 
  1859.  
  1860. if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) { 
  1861. continue; 
  1862.  
  1863. $reactivate_modules[] = $active_module; 
  1864. Jetpack::deactivate_module( $active_module ); 
  1865.  
  1866. $new_version = JETPACK__VERSION . ':' . time(); 
  1867. /** This action is documented in class.jetpack.php */ 
  1868. do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version ); 
  1869. Jetpack_Options::update_options( 
  1870. array( 
  1871. 'version' => $new_version,  
  1872. 'old_version' => $jetpack_old_version,  
  1873. ); 
  1874.  
  1875. Jetpack::state( 'message', 'modules_activated' ); 
  1876. Jetpack::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules ); 
  1877.  
  1878. if ( $redirect ) { 
  1879. $page = 'jetpack'; // make sure we redirect to either settings or the jetpack page 
  1880. if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) { 
  1881. $page = $_GET['page']; 
  1882.  
  1883. wp_safe_redirect( Jetpack::admin_url( 'page=' . $page ) ); 
  1884. exit; 
  1885.  
  1886. /** 
  1887. * List available Jetpack modules. Simply lists .php files in /modules/. 
  1888. * Make sure to tuck away module "library" files in a sub-directory. 
  1889. */ 
  1890. public static function get_available_modules( $min_version = false, $max_version = false ) { 
  1891. static $modules = null; 
  1892.  
  1893. if ( ! isset( $modules ) ) { 
  1894. $available_modules_option = Jetpack_Options::get_option( 'available_modules', array() ); 
  1895. // Use the cache if we're on the front-end and it's available... 
  1896. if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) { 
  1897. $modules = $available_modules_option[ JETPACK__VERSION ]; 
  1898. } else { 
  1899. $files = Jetpack::glob_php( JETPACK__PLUGIN_DIR . 'modules' ); 
  1900.  
  1901. $modules = array(); 
  1902.  
  1903. foreach ( $files as $file ) { 
  1904. if ( ! $headers = Jetpack::get_module( $file ) ) { 
  1905. continue; 
  1906.  
  1907. $modules[ Jetpack::get_module_slug( $file ) ] = $headers['introduced']; 
  1908.  
  1909. Jetpack_Options::update_option( 'available_modules', array( 
  1910. JETPACK__VERSION => $modules,  
  1911. ) ); 
  1912.  
  1913. /** 
  1914. * Filters the array of modules available to be activated. 
  1915. * 
  1916. * @since 2.4.0 
  1917. * 
  1918. * @param array $modules Array of available modules. 
  1919. * @param string $min_version Minimum version number required to use modules. 
  1920. * @param string $max_version Maximum version number required to use modules. 
  1921. */ 
  1922. $mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version ); 
  1923.  
  1924. if ( ! $min_version && ! $max_version ) { 
  1925. return array_keys( $mods ); 
  1926.  
  1927. $r = array(); 
  1928. foreach ( $mods as $slug => $introduced ) { 
  1929. if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) { 
  1930. continue; 
  1931.  
  1932. if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) { 
  1933. continue; 
  1934.  
  1935. $r[] = $slug; 
  1936.  
  1937. return $r; 
  1938.  
  1939. /** 
  1940. * Default modules loaded on activation. 
  1941. */ 
  1942. public static function get_default_modules( $min_version = false, $max_version = false ) { 
  1943. $return = array(); 
  1944.  
  1945. foreach ( Jetpack::get_available_modules( $min_version, $max_version ) as $module ) { 
  1946. $module_data = Jetpack::get_module( $module ); 
  1947.  
  1948. switch ( strtolower( $module_data['auto_activate'] ) ) { 
  1949. case 'yes' : 
  1950. $return[] = $module; 
  1951. break; 
  1952. case 'public' : 
  1953. if ( Jetpack_Options::get_option( 'public' ) ) { 
  1954. $return[] = $module; 
  1955. break; 
  1956. case 'no' : 
  1957. default : 
  1958. break; 
  1959. /** 
  1960. * Filters the array of default modules. 
  1961. * 
  1962. * @since 2.5.0 
  1963. * 
  1964. * @param array $return Array of default modules. 
  1965. * @param string $min_version Minimum version number required to use modules. 
  1966. * @param string $max_version Maximum version number required to use modules. 
  1967. */ 
  1968. return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version ); 
  1969.  
  1970. /** 
  1971. * Checks activated modules during auto-activation to determine 
  1972. * if any of those modules are being deprecated. If so, close 
  1973. * them out, and add any replacement modules. 
  1974. * 
  1975. * Runs at priority 99 by default. 
  1976. * 
  1977. * This is run late, so that it can still activate a module if 
  1978. * the new module is a replacement for another that the user 
  1979. * currently has active, even if something at the normal priority 
  1980. * would kibosh everything. 
  1981. * 
  1982. * @since 2.6 
  1983. * @uses jetpack_get_default_modules filter 
  1984. * @param array $modules 
  1985. * @return array 
  1986. */ 
  1987. function handle_deprecated_modules( $modules ) { 
  1988. $deprecated_modules = array( 
  1989. 'debug' => null, // Closed out and moved to ./class.jetpack-debugger.php 
  1990. 'wpcc' => 'sso', // Closed out in 2.6 -- SSO provides the same functionality. 
  1991. 'gplus-authorship' => null, // Closed out in 3.2 -- Google dropped support. 
  1992. ); 
  1993.  
  1994. // Don't activate SSO if they never completed activating WPCC. 
  1995. if ( Jetpack::is_module_active( 'wpcc' ) ) { 
  1996. $wpcc_options = Jetpack_Options::get_option( 'wpcc_options' ); 
  1997. if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) { 
  1998. $deprecated_modules['wpcc'] = null; 
  1999.  
  2000. foreach ( $deprecated_modules as $module => $replacement ) { 
  2001. if ( Jetpack::is_module_active( $module ) ) { 
  2002. self::deactivate_module( $module ); 
  2003. if ( $replacement ) { 
  2004. $modules[] = $replacement; 
  2005.  
  2006. return array_unique( $modules ); 
  2007.  
  2008. /** 
  2009. * Checks activated plugins during auto-activation to determine 
  2010. * if any of those plugins are in the list with a corresponding module 
  2011. * that is not compatible with the plugin. The module will not be allowed 
  2012. * to auto-activate. 
  2013. * 
  2014. * @since 2.6 
  2015. * @uses jetpack_get_default_modules filter 
  2016. * @param array $modules 
  2017. * @return array 
  2018. */ 
  2019. function filter_default_modules( $modules ) { 
  2020.  
  2021. $active_plugins = self::get_active_plugins(); 
  2022.  
  2023. if ( ! empty( $active_plugins ) ) { 
  2024.  
  2025. // For each module we'd like to auto-activate... 
  2026. foreach ( $modules as $key => $module ) { 
  2027. // If there are potential conflicts for it... 
  2028. if ( ! empty( $this->conflicting_plugins[ $module ] ) ) { 
  2029. // For each potential conflict... 
  2030. foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) { 
  2031. // If that conflicting plugin is active... 
  2032. if ( in_array( $plugin, $active_plugins ) ) { 
  2033. // Remove that item from being auto-activated. 
  2034. unset( $modules[ $key ] ); 
  2035.  
  2036. return $modules; 
  2037.  
  2038. /** 
  2039. * Extract a module's slug from its full path. 
  2040. */ 
  2041. public static function get_module_slug( $file ) { 
  2042. return str_replace( '.php', '', basename( $file ) ); 
  2043.  
  2044. /** 
  2045. * Generate a module's path from its slug. 
  2046. */ 
  2047. public static function get_module_path( $slug ) { 
  2048. return JETPACK__PLUGIN_DIR . "modules/$slug.php"; 
  2049.  
  2050. /** 
  2051. * Load module data from module file. Headers differ from WordPress 
  2052. * plugin headers to avoid them being identified as standalone 
  2053. * plugins on the WordPress plugins page. 
  2054. */ 
  2055. public static function get_module( $module ) { 
  2056. $headers = array( 
  2057. 'name' => 'Module Name',  
  2058. 'description' => 'Module Description',  
  2059. 'jumpstart_desc' => 'Jumpstart Description',  
  2060. 'sort' => 'Sort Order',  
  2061. 'recommendation_order' => 'Recommendation Order',  
  2062. 'introduced' => 'First Introduced',  
  2063. 'changed' => 'Major Changes In',  
  2064. 'deactivate' => 'Deactivate',  
  2065. 'free' => 'Free',  
  2066. 'requires_connection' => 'Requires Connection',  
  2067. 'auto_activate' => 'Auto Activate',  
  2068. 'module_tags' => 'Module Tags',  
  2069. 'feature' => 'Feature',  
  2070. 'additional_search_queries' => 'Additional Search Queries',  
  2071. ); 
  2072.  
  2073. $file = Jetpack::get_module_path( Jetpack::get_module_slug( $module ) ); 
  2074.  
  2075. $mod = Jetpack::get_file_data( $file, $headers ); 
  2076. if ( empty( $mod['name'] ) ) { 
  2077. return false; 
  2078.  
  2079. $mod['jumpstart_desc'] = _x( $mod['jumpstart_desc'], 'Jumpstart Description', 'jetpack' ); 
  2080. $mod['name'] = _x( $mod['name'], 'Module Name', 'jetpack' ); 
  2081. $mod['description'] = _x( $mod['description'], 'Module Description', 'jetpack' ); 
  2082. $mod['sort'] = empty( $mod['sort'] ) ? 10 : (int) $mod['sort']; 
  2083. $mod['recommendation_order'] = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order']; 
  2084. $mod['deactivate'] = empty( $mod['deactivate'] ); 
  2085. $mod['free'] = empty( $mod['free'] ); 
  2086. $mod['requires_connection'] = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true; 
  2087.  
  2088. if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) { 
  2089. $mod['auto_activate'] = 'No'; 
  2090. } else { 
  2091. $mod['auto_activate'] = (string) $mod['auto_activate']; 
  2092.  
  2093. if ( $mod['module_tags'] ) { 
  2094. $mod['module_tags'] = explode( ', ', $mod['module_tags'] ); 
  2095. $mod['module_tags'] = array_map( 'trim', $mod['module_tags'] ); 
  2096. $mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] ); 
  2097. } else { 
  2098. $mod['module_tags'] = array( self::translate_module_tag( 'Other' ) ); 
  2099.  
  2100. if ( $mod['feature'] ) { 
  2101. $mod['feature'] = explode( ', ', $mod['feature'] ); 
  2102. $mod['feature'] = array_map( 'trim', $mod['feature'] ); 
  2103. } else { 
  2104. $mod['feature'] = array( self::translate_module_tag( 'Other' ) ); 
  2105.  
  2106. /** 
  2107. * Filters the feature array on a module. 
  2108. * 
  2109. * This filter allows you to control where each module is filtered: Recommended,  
  2110. * Jumpstart, and the default "Other" listing. 
  2111. * 
  2112. * @since 3.5.0 
  2113. * 
  2114. * @param array $mod['feature'] The areas to feature this module: 
  2115. * 'Jumpstart' adds to the "Jumpstart" option to activate many modules at once. 
  2116. * 'Recommended' shows on the main Jetpack admin screen. 
  2117. * 'Other' should be the default if no other value is in the array. 
  2118. * @param string $module The slug of the module, e.g. sharedaddy. 
  2119. * @param array $mod All the currently assembled module data. 
  2120. */ 
  2121. $mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod ); 
  2122.  
  2123. /** 
  2124. * Filter the returned data about a module. 
  2125. * 
  2126. * This filter allows overriding any info about Jetpack modules. It is dangerous,  
  2127. * so please be careful. 
  2128. * 
  2129. * @since 3.6.0 
  2130. * 
  2131. * @param array $mod The details of the requested module. 
  2132. * @param string $module The slug of the module, e.g. sharedaddy 
  2133. * @param string $file The path to the module source file. 
  2134. */ 
  2135. return apply_filters( 'jetpack_get_module', $mod, $module, $file ); 
  2136.  
  2137. /** 
  2138. * Like core's get_file_data implementation, but caches the result. 
  2139. */ 
  2140. public static function get_file_data( $file, $headers ) { 
  2141. //Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated 
  2142. $file_name = basename( $file ); 
  2143. $file_data_option = Jetpack_Options::get_option( 'file_data', array() ); 
  2144. $key = md5( $file_name . serialize( $headers ) ); 
  2145. $refresh_cache = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 ); 
  2146.  
  2147. // If we don't need to refresh the cache, and already have the value, short-circuit! 
  2148. if ( ! $refresh_cache && isset( $file_data_option[ JETPACK__VERSION ][ $key ] ) ) { 
  2149. return $file_data_option[ JETPACK__VERSION ][ $key ]; 
  2150.  
  2151. $data = get_file_data( $file, $headers ); 
  2152.  
  2153. // Strip out any old Jetpack versions that are cluttering the option. 
  2154. $file_data_option = array_intersect_key( (array) $file_data_option, array( JETPACK__VERSION => null ) ); 
  2155. $file_data_option[ JETPACK__VERSION ][ $key ] = $data; 
  2156. Jetpack_Options::update_option( 'file_data', $file_data_option ); 
  2157.  
  2158. return $data; 
  2159.  
  2160. public static function translate_module_tag( $untranslated_tag ) { 
  2161. // Tags are aggregated by tools/build-module-headings-translations.php 
  2162. // and output in modules/module-headings.php 
  2163. return _x( $untranslated_tag, 'Module Tag', 'jetpack' ); 
  2164.  
  2165. /** 
  2166. * Get a list of activated modules as an array of module slugs. 
  2167. */ 
  2168. public static function get_active_modules() { 
  2169. $active = Jetpack_Options::get_option( 'active_modules' ); 
  2170. if ( ! is_array( $active ) ) 
  2171. $active = array(); 
  2172. if ( is_admin() && ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) ) { 
  2173. $active[] = 'vaultpress'; 
  2174. } else { 
  2175. $active = array_diff( $active, array( 'vaultpress' ) ); 
  2176.  
  2177. //If protect is active on the main site of a multisite, it should be active on all sites. 
  2178. if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) { 
  2179. $active[] = 'protect'; 
  2180.  
  2181. return array_unique( $active ); 
  2182.  
  2183. /** 
  2184. * Check whether or not a Jetpack module is active. 
  2185. * 
  2186. * @param string $module The slug of a Jetpack module. 
  2187. * @return bool 
  2188. * 
  2189. * @static 
  2190. */ 
  2191. public static function is_module_active( $module ) { 
  2192. return in_array( $module, self::get_active_modules() ); 
  2193.  
  2194. public static function is_module( $module ) { 
  2195. return ! empty( $module ) && ! validate_file( $module, Jetpack::get_available_modules() ); 
  2196.  
  2197. /** 
  2198. * Catches PHP errors. Must be used in conjunction with output buffering. 
  2199. * 
  2200. * @param bool $catch True to start catching, False to stop. 
  2201. * 
  2202. * @static 
  2203. */ 
  2204. public static function catch_errors( $catch ) { 
  2205. static $display_errors, $error_reporting; 
  2206.  
  2207. if ( $catch ) { 
  2208. $display_errors = @ini_set( 'display_errors', 1 ); 
  2209. $error_reporting = @error_reporting( E_ALL ); 
  2210. add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 ); 
  2211. } else { 
  2212. @ini_set( 'display_errors', $display_errors ); 
  2213. @error_reporting( $error_reporting ); 
  2214. remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 ); 
  2215.  
  2216. /** 
  2217. * Saves any generated PHP errors in ::state( 'php_errors', {errors} ) 
  2218. */ 
  2219. public static function catch_errors_on_shutdown() { 
  2220. Jetpack::state( 'php_errors', ob_get_clean() ); 
  2221.  
  2222. public static function activate_default_modules( $min_version = false, $max_version = false, $other_modules = array() ) { 
  2223. $jetpack = Jetpack::init(); 
  2224.  
  2225. $modules = Jetpack::get_default_modules( $min_version, $max_version ); 
  2226. $modules = array_merge( $other_modules, $modules ); 
  2227.  
  2228. // Look for standalone plugins and disable if active. 
  2229.  
  2230. $to_deactivate = array(); 
  2231. foreach ( $modules as $module ) { 
  2232. if ( isset( $jetpack->plugins_to_deactivate[$module] ) ) { 
  2233. $to_deactivate[$module] = $jetpack->plugins_to_deactivate[$module]; 
  2234.  
  2235. $deactivated = array(); 
  2236. foreach ( $to_deactivate as $module => $deactivate_me ) { 
  2237. list( $probable_file, $probable_title ) = $deactivate_me; 
  2238. if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) { 
  2239. $deactivated[] = $module; 
  2240.  
  2241. if ( $deactivated ) { 
  2242. Jetpack::state( 'deactivated_plugins', join( ', ', $deactivated ) ); 
  2243.  
  2244. $url = add_query_arg( 
  2245. array( 
  2246. 'action' => 'activate_default_modules',  
  2247. '_wpnonce' => wp_create_nonce( 'activate_default_modules' ),  
  2248. ),  
  2249. add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), Jetpack::admin_url( 'page=jetpack' ) ) 
  2250. ); 
  2251. wp_safe_redirect( $url ); 
  2252. exit; 
  2253.  
  2254. /** 
  2255. * Fires before default modules are activated. 
  2256. * 
  2257. * @since 1.9.0 
  2258. * 
  2259. * @param string $min_version Minimum version number required to use modules. 
  2260. * @param string $max_version Maximum version number required to use modules. 
  2261. * @param array $other_modules Array of other modules to activate alongside the default modules. 
  2262. */ 
  2263. do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules ); 
  2264.  
  2265. // Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating 
  2266. Jetpack::restate(); 
  2267. Jetpack::catch_errors( true ); 
  2268.  
  2269. $active = Jetpack::get_active_modules(); 
  2270.  
  2271. foreach ( $modules as $module ) { 
  2272. if ( did_action( "jetpack_module_loaded_$module" ) ) { 
  2273. $active[] = $module; 
  2274. Jetpack_Options::update_option( 'active_modules', array_unique( $active ) ); 
  2275. continue; 
  2276.  
  2277. if ( in_array( $module, $active ) ) { 
  2278. $module_info = Jetpack::get_module( $module ); 
  2279. if ( ! $module_info['deactivate'] ) { 
  2280. $state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules'; 
  2281. if ( $active_state = Jetpack::state( $state ) ) { 
  2282. $active_state = explode( ', ', $active_state ); 
  2283. } else { 
  2284. $active_state = array(); 
  2285. $active_state[] = $module; 
  2286. Jetpack::state( $state, implode( ', ', $active_state ) ); 
  2287. continue; 
  2288.  
  2289. $file = Jetpack::get_module_path( $module ); 
  2290. if ( ! file_exists( $file ) ) { 
  2291. continue; 
  2292.  
  2293. // we'll override this later if the plugin can be included without fatal error 
  2294. wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) ); 
  2295. Jetpack::state( 'error', 'module_activation_failed' ); 
  2296. Jetpack::state( 'module', $module ); 
  2297. ob_start(); 
  2298. require $file; 
  2299. /** 
  2300. * Fires when a specific module is activated. 
  2301. * 
  2302. * @since 1.9.0 
  2303. * 
  2304. * @param string $module Module slug. 
  2305. */ 
  2306. do_action( 'jetpack_activate_module', $module ); 
  2307. $active[] = $module; 
  2308. $state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules'; 
  2309. if ( $active_state = Jetpack::state( $state ) ) { 
  2310. $active_state = explode( ', ', $active_state ); 
  2311. } else { 
  2312. $active_state = array(); 
  2313. $active_state[] = $module; 
  2314. Jetpack::state( $state, implode( ', ', $active_state ) ); 
  2315. Jetpack_Options::update_option( 'active_modules', array_unique( $active ) ); 
  2316. ob_end_clean(); 
  2317. Jetpack::state( 'error', false ); 
  2318. Jetpack::state( 'module', false ); 
  2319. Jetpack::catch_errors( false ); 
  2320. /** 
  2321. * Fires when default modules are activated. 
  2322. * 
  2323. * @since 1.9.0 
  2324. * 
  2325. * @param string $min_version Minimum version number required to use modules. 
  2326. * @param string $max_version Maximum version number required to use modules. 
  2327. * @param array $other_modules Array of other modules to activate alongside the default modules. 
  2328. */ 
  2329. do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules ); 
  2330.  
  2331. public static function activate_module( $module, $exit = true, $redirect = true ) { 
  2332. /** 
  2333. * Fires before a module is activated. 
  2334. * 
  2335. * @since 2.6.0 
  2336. * 
  2337. * @param string $module Module slug. 
  2338. * @param bool $exit Should we exit after the module has been activated. Default to true. 
  2339. * @param bool $redirect Should the user be redirected after module activation? Default to true. 
  2340. */ 
  2341. do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect ); 
  2342.  
  2343. $jetpack = Jetpack::init(); 
  2344.  
  2345. if ( ! strlen( $module ) ) 
  2346. return false; 
  2347.  
  2348. if ( ! Jetpack::is_module( $module ) ) 
  2349. return false; 
  2350.  
  2351. // If it's already active, then don't do it again 
  2352. $active = Jetpack::get_active_modules(); 
  2353. foreach ( $active as $act ) { 
  2354. if ( $act == $module ) 
  2355. return true; 
  2356.  
  2357. $module_data = Jetpack::get_module( $module ); 
  2358.  
  2359. if ( ! Jetpack::is_active() ) { 
  2360. if ( !Jetpack::is_development_mode() ) 
  2361. return false; 
  2362.  
  2363. // If we're not connected but in development mode, make sure the module doesn't require a connection 
  2364. if ( Jetpack::is_development_mode() && $module_data['requires_connection'] ) 
  2365. return false; 
  2366.  
  2367. // Check and see if the old plugin is active 
  2368. if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) { 
  2369. // Deactivate the old plugin 
  2370. if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) { 
  2371. // If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module 
  2372. // We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load. 
  2373. Jetpack::state( 'deactivated_plugins', $module ); 
  2374. wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) ); 
  2375. exit; 
  2376.  
  2377. // Check the file for fatal errors, a la wp-admin/plugins.php::activate 
  2378. Jetpack::state( 'module', $module ); 
  2379. Jetpack::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error 
  2380.  
  2381. Jetpack::catch_errors( true ); 
  2382. ob_start(); 
  2383. require Jetpack::get_module_path( $module ); 
  2384. /** This action is documented in class.jetpack.php */ 
  2385. do_action( 'jetpack_activate_module', $module ); 
  2386. $active[] = $module; 
  2387. Jetpack_Options::update_option( 'active_modules', array_unique( $active ) ); 
  2388. Jetpack::state( 'error', false ); // the override 
  2389. Jetpack::state( 'message', 'module_activated' ); 
  2390. Jetpack::state( 'module', $module ); 
  2391. ob_end_clean(); 
  2392. Jetpack::catch_errors( false ); 
  2393.  
  2394. // A flag for Jump Start so it's not shown again. Only set if it hasn't been yet. 
  2395. if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) { 
  2396. Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' ); 
  2397.  
  2398. //Jump start is being dismissed send data to MC Stats 
  2399. $jetpack->stat( 'jumpstart', 'manual, '.$module ); 
  2400.  
  2401. $jetpack->do_stats( 'server_side' ); 
  2402.  
  2403. if ( $redirect ) { 
  2404. wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) ); 
  2405. if ( $exit ) { 
  2406. exit; 
  2407.  
  2408. function activate_module_actions( $module ) { 
  2409. /** 
  2410. * Fires when a module is activated. 
  2411. * The dynamic part of the filter, $module, is the module slug. 
  2412. * 
  2413. * @since 1.9.0 
  2414. * 
  2415. * @param string $module Module slug. 
  2416. */ 
  2417. do_action( "jetpack_activate_module_$module", $module ); 
  2418.  
  2419. $this->sync->sync_all_module_options( $module ); 
  2420.  
  2421. public static function deactivate_module( $module ) { 
  2422. /** 
  2423. * Fires when a module is deactivated. 
  2424. * 
  2425. * @since 1.9.0 
  2426. * 
  2427. * @param string $module Module slug. 
  2428. */ 
  2429. do_action( 'jetpack_pre_deactivate_module', $module ); 
  2430.  
  2431. $jetpack = Jetpack::init(); 
  2432.  
  2433. $active = Jetpack::get_active_modules(); 
  2434. $new = array_filter( array_diff( $active, (array) $module ) ); 
  2435.  
  2436. /** 
  2437. * Fires when a module is deactivated. 
  2438. * The dynamic part of the filter, $module, is the module slug. 
  2439. * 
  2440. * @since 1.9.0 
  2441. * 
  2442. * @param string $module Module slug. 
  2443. */ 
  2444. do_action( "jetpack_deactivate_module_$module", $module ); 
  2445.  
  2446. // A flag for Jump Start so it's not shown again. 
  2447. if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) { 
  2448. Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' ); 
  2449.  
  2450. //Jump start is being dismissed send data to MC Stats 
  2451. $jetpack->stat( 'jumpstart', 'manual, deactivated-'.$module ); 
  2452.  
  2453. $jetpack->do_stats( 'server_side' ); 
  2454.  
  2455. return Jetpack_Options::update_option( 'active_modules', array_unique( $new ) ); 
  2456.  
  2457. public static function enable_module_configurable( $module ) { 
  2458. $module = Jetpack::get_module_slug( $module ); 
  2459. add_filter( 'jetpack_module_configurable_' . $module, '__return_true' ); 
  2460.  
  2461. public static function module_configuration_url( $module ) { 
  2462. $module = Jetpack::get_module_slug( $module ); 
  2463. return Jetpack::admin_url( array( 'page' => 'jetpack', 'configure' => $module ) ); 
  2464.  
  2465. public static function module_configuration_load( $module, $method ) { 
  2466. $module = Jetpack::get_module_slug( $module ); 
  2467. add_action( 'jetpack_module_configuration_load_' . $module, $method ); 
  2468.  
  2469. public static function module_configuration_head( $module, $method ) { 
  2470. $module = Jetpack::get_module_slug( $module ); 
  2471. add_action( 'jetpack_module_configuration_head_' . $module, $method ); 
  2472.  
  2473. public static function module_configuration_screen( $module, $method ) { 
  2474. $module = Jetpack::get_module_slug( $module ); 
  2475. add_action( 'jetpack_module_configuration_screen_' . $module, $method ); 
  2476.  
  2477. public static function module_configuration_activation_screen( $module, $method ) { 
  2478. $module = Jetpack::get_module_slug( $module ); 
  2479. add_action( 'display_activate_module_setting_' . $module, $method ); 
  2480.  
  2481. /** Installation */ 
  2482.  
  2483. public static function bail_on_activation( $message, $deactivate = true ) { 
  2484. ?> 
  2485. <!doctype html> 
  2486. <html> 
  2487. <head> 
  2488. <meta charset="<?php bloginfo( 'charset' ); ?>"> 
  2489. <style> 
  2490. * { 
  2491. text-align: center; 
  2492. margin: 0; 
  2493. padding: 0; 
  2494. font-family: "Lucida Grande", Verdana, Arial, "Bitstream Vera Sans", sans-serif; 
  2495. p { 
  2496. margin-top: 1em; 
  2497. font-size: 18px; 
  2498. </style> 
  2499. <body> 
  2500. <p><?php echo esc_html( $message ); ?></p> 
  2501. </body> 
  2502. </html> 
  2503. <?php 
  2504. if ( $deactivate ) { 
  2505. $plugins = get_option( 'active_plugins' ); 
  2506. $jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ); 
  2507. $update = false; 
  2508. foreach ( $plugins as $i => $plugin ) { 
  2509. if ( $plugin === $jetpack ) { 
  2510. $plugins[$i] = false; 
  2511. $update = true; 
  2512.  
  2513. if ( $update ) { 
  2514. update_option( 'active_plugins', array_filter( $plugins ) ); 
  2515. exit; 
  2516.  
  2517. /** 
  2518. * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook() 
  2519. * @static 
  2520. */ 
  2521. public static function plugin_activation( $network_wide ) { 
  2522. Jetpack_Options::update_option( 'activated', 1 ); 
  2523.  
  2524. if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) { 
  2525. Jetpack::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) ); 
  2526.  
  2527. if ( $network_wide ) 
  2528. Jetpack::state( 'network_nag', true ); 
  2529.  
  2530. Jetpack::plugin_initialize(); 
  2531. /** 
  2532. * Runs before bumping version numbers up to a new version 
  2533. * @param (string) $version Version:timestamp 
  2534. * @param (string) $old_version Old Version:timestamp or false if not set yet. 
  2535. * @return null [description] 
  2536. */ 
  2537. public static function do_version_bump( $version, $old_version ) { 
  2538.  
  2539. if ( ! $old_version ) { // For new sites 
  2540. // Setting up jetpack manage 
  2541. Jetpack::activate_manage(); 
  2542.  
  2543. /** 
  2544. * Sets the internal version number and activation state. 
  2545. * @static 
  2546. */ 
  2547. public static function plugin_initialize() { 
  2548. if ( ! Jetpack_Options::get_option( 'activated' ) ) { 
  2549. Jetpack_Options::update_option( 'activated', 2 ); 
  2550.  
  2551. if ( ! Jetpack_Options::get_option( 'version' ) ) { 
  2552. $version = $old_version = JETPACK__VERSION . ':' . time(); 
  2553. /** This action is documented in class.jetpack.php */ 
  2554. do_action( 'updating_jetpack_version', $version, false ); 
  2555. Jetpack_Options::update_options( compact( 'version', 'old_version' ) ); 
  2556.  
  2557. Jetpack::load_modules(); 
  2558.  
  2559. Jetpack_Options::delete_option( 'do_activate' ); 
  2560.  
  2561. /** 
  2562. * Removes all connection options 
  2563. * @static 
  2564. */ 
  2565. public static function plugin_deactivation( ) { 
  2566. require_once( ABSPATH . '/wp-admin/includes/plugin.php' ); 
  2567. if( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) { 
  2568. Jetpack_Network::init()->deactivate(); 
  2569. } else { 
  2570. Jetpack::disconnect( false ); 
  2571. //Jetpack_Heartbeat::init()->deactivate(); 
  2572.  
  2573. /** 
  2574. * Disconnects from the Jetpack servers. 
  2575. * Forgets all connection details and tells the Jetpack servers to do the same. 
  2576. * @static 
  2577. */ 
  2578. public static function disconnect( $update_activated_state = true ) { 
  2579. wp_clear_scheduled_hook( 'jetpack_clean_nonces' ); 
  2580. Jetpack::clean_nonces( true ); 
  2581.  
  2582. Jetpack::load_xml_rpc_client(); 
  2583. $xml = new Jetpack_IXR_Client(); 
  2584. $xml->query( 'jetpack.deregister' ); 
  2585.  
  2586. Jetpack_Options::delete_option( 
  2587. array( 
  2588. 'register',  
  2589. 'blog_token',  
  2590. 'user_token',  
  2591. 'user_tokens',  
  2592. 'master_user',  
  2593. 'time_diff',  
  2594. 'fallback_no_verify_ssl_certs',  
  2595. ); 
  2596.  
  2597. if ( $update_activated_state ) { 
  2598. Jetpack_Options::update_option( 'activated', 4 ); 
  2599.  
  2600. $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' ); 
  2601. // Check then record unique disconnection if site has never been disconnected previously 
  2602. if ( -1 == $jetpack_unique_connection['disconnected'] ) { 
  2603. $jetpack_unique_connection['disconnected'] = 1; 
  2604. else { 
  2605. if ( 0 == $jetpack_unique_connection['disconnected'] ) { 
  2606. //track unique disconnect 
  2607. $jetpack = Jetpack::init(); 
  2608.  
  2609. $jetpack->stat( 'connections', 'unique-disconnect' ); 
  2610. $jetpack->do_stats( 'server_side' ); 
  2611. // increment number of times disconnected 
  2612. $jetpack_unique_connection['disconnected'] += 1; 
  2613.  
  2614. Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection ); 
  2615.  
  2616. // Disable the Heartbeat cron 
  2617. Jetpack_Heartbeat::init()->deactivate(); 
  2618.  
  2619. /** 
  2620. * Unlinks the current user from the linked WordPress.com user 
  2621. */ 
  2622. public static function unlink_user( $user_id = null ) { 
  2623. if ( ! $tokens = Jetpack_Options::get_option( 'user_tokens' ) ) 
  2624. return false; 
  2625.  
  2626. $user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id ); 
  2627.  
  2628. if ( Jetpack_Options::get_option( 'master_user' ) == $user_id ) 
  2629. return false; 
  2630.  
  2631. if ( ! isset( $tokens[ $user_id ] ) ) 
  2632. return false; 
  2633.  
  2634. Jetpack::load_xml_rpc_client(); 
  2635. $xml = new Jetpack_IXR_Client( compact( 'user_id' ) ); 
  2636. $xml->query( 'jetpack.unlink_user', $user_id ); 
  2637.  
  2638. unset( $tokens[ $user_id ] ); 
  2639.  
  2640. Jetpack_Options::update_option( 'user_tokens', $tokens ); 
  2641.  
  2642. return true; 
  2643.  
  2644. /** 
  2645. * Attempts Jetpack registration. If it fail, a state flag is set: @see ::admin_page_load() 
  2646. */ 
  2647. public static function try_registration() { 
  2648. // Let's get some testing in beta versions and such. 
  2649. if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) { 
  2650. // Before attempting to connect, let's make sure that the domains are viable. 
  2651. $domains_to_check = array_unique( array( 
  2652. 'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),  
  2653. 'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),  
  2654. ) ); 
  2655. foreach ( $domains_to_check as $domain ) { 
  2656. $result = Jetpack_Data::is_usable_domain( $domain ); 
  2657. if ( is_wp_error( $result ) ) { 
  2658. return $result; 
  2659.  
  2660. $result = Jetpack::register(); 
  2661.  
  2662. // If there was an error with registration and the site was not registered, record this so we can show a message. 
  2663. if ( ! $result || is_wp_error( $result ) ) { 
  2664. return $result; 
  2665. } else { 
  2666. return true; 
  2667.  
  2668. /** 
  2669. * Tracking an internal event log. Try not to put too much chaff in here. 
  2670. * 
  2671. * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA) 
  2672. */ 
  2673. public static function log( $code, $data = null ) { 
  2674. $log = Jetpack_Options::get_option( 'log', array() ); 
  2675.  
  2676. // Append our event to the log 
  2677. $log_entry = array( 
  2678. 'time' => time(),  
  2679. 'user_id' => get_current_user_id(),  
  2680. 'blog_id' => Jetpack_Options::get_option( 'id' ),  
  2681. 'code' => $code,  
  2682. ); 
  2683. // Don't bother storing it unless we've got some. 
  2684. if ( ! is_null( $data ) ) { 
  2685. $log_entry['data'] = $data; 
  2686. $log[] = $log_entry; 
  2687.  
  2688. // Try add_option first, to make sure it's not autoloaded. 
  2689. // @todo: Add an add_option method to Jetpack_Options 
  2690. if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) { 
  2691. Jetpack_Options::update_option( 'log', $log ); 
  2692.  
  2693. /** 
  2694. * Fires when Jetpack logs an internal event. 
  2695. * 
  2696. * @since 3.0.0 
  2697. * 
  2698. * @param array $log_entry { 
  2699. * Array of details about the log entry. 
  2700. * 
  2701. * @param string time Time of the event. 
  2702. * @param int user_id ID of the user who trigerred the event. 
  2703. * @param int blog_id Jetpack Blog ID. 
  2704. * @param string code Unique name for the event. 
  2705. * @param string data Data about the event. 
  2706. * } 
  2707. */ 
  2708. do_action( 'jetpack_log_entry', $log_entry ); 
  2709.  
  2710. /** 
  2711. * Get the internal event log. 
  2712. * 
  2713. * @param $event (string) - only return the specific log events 
  2714. * @param $num (int) - get specific number of latest results 
  2715. * 
  2716. * @return array of log events || WP_Error for invalid params 
  2717. */ 
  2718. public static function get_log( $event = false, $num = false ) { 
  2719. if ( $event && ! is_string( $event ) ) { 
  2720. return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) ); 
  2721.  
  2722. if ( $num && ! is_numeric( $num ) ) { 
  2723. return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) ); 
  2724.  
  2725. $entire_log = Jetpack_Options::get_option( 'log', array() ); 
  2726.  
  2727. // If nothing set - act as it did before, otherwise let's start customizing the output 
  2728. if ( ! $num && ! $event ) { 
  2729. return $entire_log; 
  2730. } else { 
  2731. $entire_log = array_reverse( $entire_log ); 
  2732.  
  2733. $custom_log_output = array(); 
  2734.  
  2735. if ( $event ) { 
  2736. foreach ( $entire_log as $log_event ) { 
  2737. if ( $event == $log_event[ 'code' ] ) { 
  2738. $custom_log_output[] = $log_event; 
  2739. } else { 
  2740. $custom_log_output = $entire_log; 
  2741.  
  2742. if ( $num ) { 
  2743. $custom_log_output = array_slice( $custom_log_output, 0, $num ); 
  2744.  
  2745. return $custom_log_output; 
  2746.  
  2747. /** 
  2748. * Log modification of important settings. 
  2749. */ 
  2750. public static function log_settings_change( $option, $old_value, $value ) { 
  2751. switch( $option ) { 
  2752. case 'jetpack_sync_non_public_post_stati': 
  2753. self::log( $option, $value ); 
  2754. break; 
  2755.  
  2756. /** Admin Pages */ 
  2757.  
  2758. function admin_init() { 
  2759. // If the plugin is not connected, display a connect message. 
  2760. if ( 
  2761. // the plugin was auto-activated and needs its candy 
  2762. Jetpack_Options::get_option( 'do_activate' ) 
  2763. || 
  2764. // the plugin is active, but was never activated. Probably came from a site-wide network activation 
  2765. ! Jetpack_Options::get_option( 'activated' ) 
  2766. ) { 
  2767. Jetpack::plugin_initialize(); 
  2768.  
  2769. if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) { 
  2770. if ( 4 != Jetpack_Options::get_option( 'activated' ) ) { 
  2771. // Show connect notice on dashboard and plugins pages 
  2772. add_action( 'load-index.php', array( $this, 'prepare_connect_notice' ) ); 
  2773. add_action( 'load-plugins.php', array( $this, 'prepare_connect_notice' ) ); 
  2774. } elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) { 
  2775. // Upgrade: 1.1 -> 1.1.1 
  2776. // Check and see if host can verify the Jetpack servers' SSL certificate 
  2777. $args = array(); 
  2778. Jetpack_Client::_wp_remote_request( 
  2779. Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'test' ) ),  
  2780. $args,  
  2781. true 
  2782. ); 
  2783. } else { 
  2784. // Show the notice on the Dashboard only for now 
  2785.  
  2786. add_action( 'load-index.php', array( $this, 'prepare_manage_jetpack_notice' ) ); 
  2787.  
  2788. // Identity crisis notices 
  2789. add_action( 'jetpack_notices', array( $this, 'alert_identity_crisis' ) ); 
  2790. add_action( 'admin_notices', array( $this, 'alert_identity_crisis' ) ); 
  2791.  
  2792. // If the plugin has just been disconnected from WP.com, show the survey notice 
  2793. if ( isset( $_GET['disconnected'] ) && 'true' === $_GET['disconnected'] ) { 
  2794. add_action( 'jetpack_notices', array( $this, 'disconnect_survey_notice' ) ); 
  2795.  
  2796. if ( current_user_can( 'manage_options' ) && 'ALWAYS' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) { 
  2797. add_action( 'admin_notices', array( $this, 'alert_required_ssl_fail' ) ); 
  2798.  
  2799. add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) ); 
  2800. add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) ); 
  2801. add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) ); 
  2802.  
  2803. if ( Jetpack::is_active() || Jetpack::is_development_mode() ) { 
  2804. // Artificially throw errors in certain whitelisted cases during plugin activation 
  2805. add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) ); 
  2806.  
  2807. // Kick off synchronization of user role when it changes 
  2808. add_action( 'set_user_role', array( $this, 'user_role_change' ) ); 
  2809.  
  2810. // Jetpack Manage Activation Screen from .com 
  2811. Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) ); 
  2812.  
  2813. function admin_body_class( $admin_body_class = '' ) { 
  2814. $classes = explode( ' ', trim( $admin_body_class ) ); 
  2815.  
  2816. $classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected'; 
  2817.  
  2818. $admin_body_class = implode( ' ', array_unique( $classes ) ); 
  2819. return " $admin_body_class "; 
  2820.  
  2821. static function add_jetpack_pagestyles( $admin_body_class = '' ) { 
  2822. return $admin_body_class . ' jetpack-pagestyles '; 
  2823.  
  2824. function prepare_connect_notice() { 
  2825. add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) ); 
  2826.  
  2827. add_action( 'admin_notices', array( $this, 'admin_connect_notice' ) ); 
  2828.  
  2829. if ( Jetpack::state( 'network_nag' ) ) 
  2830. add_action( 'network_admin_notices', array( $this, 'network_connect_notice' ) ); 
  2831. /** 
  2832. * Call this function if you want the Big Jetpack Manage Notice to show up. 
  2833. * 
  2834. * @return null 
  2835. */ 
  2836. function prepare_manage_jetpack_notice() { 
  2837.  
  2838. add_action( 'admin_print_styles', array( $this, 'admin_banner_styles' ) ); 
  2839. add_action( 'admin_notices', array( $this, 'admin_jetpack_manage_notice' ) ); 
  2840.  
  2841. function manage_activate_screen() { 
  2842. include ( JETPACK__PLUGIN_DIR . 'modules/manage/activate-admin.php' ); 
  2843. /** 
  2844. * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load. 
  2845. * This function artificially throws errors for such cases (whitelisted). 
  2846. * 
  2847. * @param string $plugin The activated plugin. 
  2848. */ 
  2849. function throw_error_on_activate_plugin( $plugin ) { 
  2850. $active_modules = Jetpack::get_active_modules(); 
  2851.  
  2852. // The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks. 
  2853. if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) { 
  2854. $throw = false; 
  2855.  
  2856. // Try and make sure it really was the stats plugin 
  2857. if ( ! class_exists( 'ReflectionFunction' ) ) { 
  2858. if ( 'stats.php' == basename( $plugin ) ) { 
  2859. $throw = true; 
  2860. } else { 
  2861. $reflection = new ReflectionFunction( 'stats_get_api_key' ); 
  2862. if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) { 
  2863. $throw = true; 
  2864.  
  2865. if ( $throw ) { 
  2866. trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old “%1$s” plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR ); 
  2867.  
  2868. function intercept_plugin_error_scrape_init() { 
  2869. add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 ); 
  2870.  
  2871. function intercept_plugin_error_scrape( $action, $result ) { 
  2872. if ( ! $result ) { 
  2873. return; 
  2874.  
  2875. foreach ( $this->plugins_to_deactivate as $deactivate_me ) { 
  2876. if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) { 
  2877. Jetpack::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old “%1$s” plugin.', 'jetpack' ), $deactivate_me[1] ), false ); 
  2878.  
  2879. function add_remote_request_handlers() { 
  2880. add_action( 'wp_ajax_nopriv_jetpack_upload_file', array( $this, 'remote_request_handlers' ) ); 
  2881.  
  2882. function remote_request_handlers() { 
  2883. switch ( current_filter() ) { 
  2884. case 'wp_ajax_nopriv_jetpack_upload_file' : 
  2885. $response = $this->upload_handler(); 
  2886. break; 
  2887. default : 
  2888. $response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 ); 
  2889. break; 
  2890.  
  2891. if ( ! $response ) { 
  2892. $response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 ); 
  2893.  
  2894. if ( is_wp_error( $response ) ) { 
  2895. $status_code = $response->get_error_data(); 
  2896. $error = $response->get_error_code(); 
  2897. $error_description = $response->get_error_message(); 
  2898.  
  2899. if ( ! is_int( $status_code ) ) { 
  2900. $status_code = 400; 
  2901.  
  2902. status_header( $status_code ); 
  2903. die( json_encode( (object) compact( 'error', 'error_description' ) ) ); 
  2904.  
  2905. status_header( 200 ); 
  2906. if ( true === $response ) { 
  2907. exit; 
  2908.  
  2909. die( json_encode( (object) $response ) ); 
  2910.  
  2911. function upload_handler() { 
  2912. if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { 
  2913. return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 ); 
  2914.  
  2915. $user = wp_authenticate( '', '' ); 
  2916. if ( ! $user || is_wp_error( $user ) ) { 
  2917. return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 ); 
  2918.  
  2919. wp_set_current_user( $user->ID ); 
  2920.  
  2921. if ( ! current_user_can( 'upload_files' ) ) { 
  2922. return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 ); 
  2923.  
  2924. if ( empty( $_FILES ) ) { 
  2925. return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 ); 
  2926.  
  2927. foreach ( array_keys( $_FILES ) as $files_key ) { 
  2928. if ( ! isset( $_POST["_jetpack_file_hmac_{$files_key}"] ) ) { 
  2929. return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 ); 
  2930.  
  2931. $media_keys = array_keys( $_FILES['media'] ); 
  2932.  
  2933. $token = Jetpack_Data::get_access_token( get_current_user_id() ); 
  2934. if ( ! $token || is_wp_error( $token ) ) { 
  2935. return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 ); 
  2936.  
  2937. $uploaded_files = array(); 
  2938. $global_post = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null; 
  2939. unset( $GLOBALS['post'] ); 
  2940. foreach ( $_FILES['media']['name'] as $index => $name ) { 
  2941. $file = array(); 
  2942. foreach ( $media_keys as $media_key ) { 
  2943. $file[$media_key] = $_FILES['media'][$media_key][$index]; 
  2944.  
  2945. list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][$index] ); 
  2946.  
  2947. $hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret ); 
  2948. if ( $hmac_provided !== $hmac_file ) { 
  2949. $uploaded_files[$index] = (object) array( 'error' => 'invalid_hmac', 'error_description' => 'The corresponding HMAC for this file does not match' ); 
  2950. continue; 
  2951.  
  2952. $_FILES['.jetpack.upload.'] = $file; 
  2953. $post_id = isset( $_POST['post_id'][$index] ) ? absint( $_POST['post_id'][$index] ) : 0; 
  2954. if ( ! current_user_can( 'edit_post', $post_id ) ) { 
  2955. $post_id = 0; 
  2956. $attachment_id = media_handle_upload( 
  2957. '.jetpack.upload.',  
  2958. $post_id,  
  2959. array(),  
  2960. array( 
  2961. 'action' => 'jetpack_upload_file',  
  2962. ); 
  2963.  
  2964. if ( ! $attachment_id ) { 
  2965. $uploaded_files[$index] = (object) array( 'error' => 'unknown', 'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site' ); 
  2966. } elseif ( is_wp_error( $attachment_id ) ) { 
  2967. $uploaded_files[$index] = (object) array( 'error' => 'attachment_' . $attachment_id->get_error_code(), 'error_description' => $attachment_id->get_error_message() ); 
  2968. } else { 
  2969. $attachment = get_post( $attachment_id ); 
  2970. $uploaded_files[$index] = (object) array( 
  2971. 'id' => (string) $attachment_id,  
  2972. 'file' => $attachment->post_title,  
  2973. 'url' => wp_get_attachment_url( $attachment_id ),  
  2974. 'type' => $attachment->post_mime_type,  
  2975. 'meta' => wp_get_attachment_metadata( $attachment_id ),  
  2976. ); 
  2977. if ( ! is_null( $global_post ) ) { 
  2978. $GLOBALS['post'] = $global_post; 
  2979.  
  2980. return $uploaded_files; 
  2981.  
  2982. /** 
  2983. * Add help to the Jetpack page 
  2984. * 
  2985. * @since Jetpack (1.2.3) 
  2986. * @return false if not the Jetpack page 
  2987. */ 
  2988. function admin_help() { 
  2989. $current_screen = get_current_screen(); 
  2990.  
  2991. // Overview 
  2992. $current_screen->add_help_tab( 
  2993. array( 
  2994. 'id' => 'home',  
  2995. 'title' => __( 'Home', 'jetpack' ),  
  2996. 'content' => 
  2997. '<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' . 
  2998. '<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' . 
  2999. '<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',  
  3000. ); 
  3001.  
  3002. // Screen Content 
  3003. if ( current_user_can( 'manage_options' ) ) { 
  3004. $current_screen->add_help_tab( 
  3005. array( 
  3006. 'id' => 'settings',  
  3007. 'title' => __( 'Settings', 'jetpack' ),  
  3008. 'content' => 
  3009. '<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' . 
  3010. '<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' . 
  3011. '<ol>' . 
  3012. '<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.', 'jetpack' ) . '</li>' . 
  3013. '<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.', 'jetpack' ) . '</li>' . 
  3014. '</ol>' . 
  3015. '<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>' 
  3016. ); 
  3017.  
  3018. // Help Sidebar 
  3019. $current_screen->set_help_sidebar( 
  3020. '<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' . 
  3021. '<p><a href="http://jetpack.me/faq/" target="_blank">' . __( 'Jetpack FAQ', 'jetpack' ) . '</a></p>' . 
  3022. '<p><a href="http://jetpack.me/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' . 
  3023. '<p><a href="' . Jetpack::admin_url( array( 'page' => 'jetpack-debugger' ) ) .'">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>' 
  3024. ); 
  3025.  
  3026. function admin_menu_css() { 
  3027. wp_enqueue_style( 'jetpack-icons' ); 
  3028.  
  3029. function admin_menu_order() { 
  3030. return true; 
  3031.  
  3032. function jetpack_menu_order( $menu_order ) { 
  3033. $jp_menu_order = array(); 
  3034.  
  3035. foreach ( $menu_order as $index => $item ) { 
  3036. if ( $item != 'jetpack' ) { 
  3037. $jp_menu_order[] = $item; 
  3038.  
  3039. if ( $index == 0 ) { 
  3040. $jp_menu_order[] = 'jetpack'; 
  3041.  
  3042. return $jp_menu_order; 
  3043.  
  3044. function admin_head() { 
  3045. if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) ) 
  3046. /** This action is documented in class.jetpack-admin-page.php */ 
  3047. do_action( 'jetpack_module_configuration_head_' . $_GET['configure'] ); 
  3048.  
  3049. function admin_banner_styles() { 
  3050. $min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min'; 
  3051.  
  3052. wp_enqueue_style( 'jetpack', plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION . '-20121016' ); 
  3053. wp_style_add_data( 'jetpack', 'rtl', 'replace' ); 
  3054. wp_style_add_data( 'jetpack', 'suffix', $min ); 
  3055.  
  3056. function admin_scripts() { 
  3057. wp_enqueue_script( 'jetpack-js', plugins_url( '_inc/jp.js', JETPACK__PLUGIN_FILE ), array( 'jquery', 'wp-util' ), JETPACK__VERSION . '-20121111' ); 
  3058. wp_localize_script( 
  3059. 'jetpack-js',  
  3060. 'jetpackL10n',  
  3061. array( 
  3062. 'ays_disconnect' => "This will deactivate all Jetpack modules.\nAre you sure you want to disconnect?",  
  3063. 'ays_unlink' => "This will prevent user-specific modules such as Publicize, Notifications and Post By Email from working.\nAre you sure you want to unlink?",  
  3064. 'ays_dismiss' => "This will deactivate Jetpack.\nAre you sure you want to deactivate Jetpack?",  
  3065. ); 
  3066. add_action( 'admin_footer', array( $this, 'do_stats' ) ); 
  3067.  
  3068. function plugin_action_links( $actions ) { 
  3069.  
  3070. $jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack' ), __( 'Jetpack', 'jetpack' ) ) ); 
  3071.  
  3072. if( current_user_can( 'jetpack_manage_modules' ) && ( Jetpack::is_active() || Jetpack::is_development_mode() ) ) { 
  3073. return array_merge( 
  3074. $jetpack_home,  
  3075. array( 'settings' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack_modules' ), __( 'Settings', 'jetpack' ) ) ),  
  3076. array( 'support' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack-debugger '), __( 'Support', 'jetpack' ) ) ),  
  3077. $actions 
  3078. ); 
  3079.  
  3080. return array_merge( $jetpack_home, $actions ); 
  3081.  
  3082. function admin_connect_notice() { 
  3083. // Don't show the connect notice anywhere but the plugins.php after activating 
  3084. $current = get_current_screen(); 
  3085. if ( 'plugins' !== $current->parent_base ) 
  3086. return; 
  3087.  
  3088. if ( ! current_user_can( 'jetpack_connect' ) ) 
  3089. return; 
  3090.  
  3091. $dismiss_and_deactivate_url = wp_nonce_url( Jetpack::admin_url( '?page=jetpack&jetpack-notice=dismiss' ), 'jetpack-deactivate' ); 
  3092. ?> 
  3093. <div id="message" class="updated jetpack-message jp-banner" style="display:block !important;"> 
  3094. <a class="jp-banner__dismiss" href="<?php echo esc_url( $dismiss_and_deactivate_url ); ?>" title="<?php esc_attr_e( 'Dismiss this notice and deactivate Jetpack.', 'jetpack' ); ?>"></a> 
  3095. <?php if ( in_array( Jetpack_Options::get_option( 'activated' ) , array( 1, 2, 3 ) ) ) : ?> 
  3096. <div class="jp-banner__content is-connection"> 
  3097. <h4><?php _e( 'Your Jetpack is almost ready!', 'jetpack' ); ?></h4> 
  3098. <p><?php _e( 'Connect now to enable features like Stats, Likes, and Social Sharing.', 'jetpack' ); ?></p> 
  3099. </div> 
  3100. <div class="jp-banner__action-container is-connection"> 
  3101. <a href="<?php echo $this->build_connect_url() ?>" class="jp-banner__button" id="wpcom-connect"><?php _e( 'Connect to WordPress.com', 'jetpack' ); ?></a> 
  3102. </div> 
  3103. <?php else : ?> 
  3104. <div class="jp-banner__content"> 
  3105. <h4><?php _e( 'Jetpack is installed!', 'jetpack' ) ?></h4> 
  3106. <p><?php _e( 'It\'s ready to bring awesome, WordPress.com cloud-powered features to your site.', 'jetpack' ) ?></p> 
  3107. </div> 
  3108. <div class="jp-banner__action-container"> 
  3109. <a href="<?php echo Jetpack::admin_url() ?>" class="jp-banner__button" id="wpcom-connect"><?php _e( 'Learn More', 'jetpack' ); ?></a> 
  3110. </div> 
  3111. <?php endif; ?> 
  3112. </div> 
  3113.  
  3114. <?php 
  3115.  
  3116. /** 
  3117. * This is the first banner 
  3118. * It should be visible only to user that can update the option 
  3119. * Are not connected 
  3120. * 
  3121. * @return null 
  3122. */ 
  3123. function admin_jetpack_manage_notice() { 
  3124. $screen = get_current_screen(); 
  3125.  
  3126. // Don't show the connect notice on the jetpack settings page. 
  3127. if ( ! in_array( $screen->base, array( 'dashboard' ) ) || $screen->is_network || $screen->action ) 
  3128. return; 
  3129.  
  3130. // Only show it if don't have the managment option set. 
  3131. // And not dismissed it already. 
  3132. if ( ! $this->can_display_jetpack_manage_notice() || Jetpack_Options::get_option( 'dismissed_manage_banner' ) ) { 
  3133. return; 
  3134.  
  3135. $opt_out_url = $this->opt_out_jetpack_manage_url(); 
  3136. $opt_in_url = $this->opt_in_jetpack_manage_url(); 
  3137. /** 
  3138. * I think it would be great to have different wordsing depending on where you are 
  3139. * for example if we show the notice on dashboard and a different one if we show it on Plugins screen 
  3140. * etc.. 
  3141. */ 
  3142.  
  3143. ?> 
  3144. <div id="message" class="updated jetpack-message jp-banner is-opt-in" style="display:block !important;"> 
  3145. <a class="jp-banner__dismiss" href="<?php echo esc_url( $opt_out_url ); ?>" title="<?php esc_attr_e( 'Dismiss this notice for now.', 'jetpack' ); ?>"></a> 
  3146. <div class="jp-banner__content"> 
  3147. <h4><?php esc_html_e( 'New in Jetpack: Centralized Site Management', 'jetpack' ); ?></h4> 
  3148. <p><?php printf( __( 'Manage multiple sites from one dashboard at wordpress.com/sites. Enabling allows all existing, connected Administrators to modify your site from WordPress.com. <a href="%s" target="_blank">Learn More</a>.', 'jetpack' ), 'http://jetpack.me/support/site-management' ); ?></p> 
  3149. </div> 
  3150. <div class="jp-banner__action-container is-opt-in"> 
  3151. <a href="<?php echo esc_url( $opt_in_url ); ?>" class="jp-banner__button" id="wpcom-connect"><?php _e( 'Activate now', 'jetpack' ); ?></a> 
  3152. </div> 
  3153. </div> 
  3154. <?php 
  3155.  
  3156. /** 
  3157. * Returns the url that the user clicks to remove the notice for the big banner 
  3158. * @return (string) 
  3159. */ 
  3160. function opt_out_jetpack_manage_url() { 
  3161. $referer = '&_wp_http_referer=' . add_query_arg( '_wp_http_referer', null ); 
  3162. return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-out' . $referer ), 'jetpack_manage_banner_opt_out' ); 
  3163. /** 
  3164. * Returns the url that the user clicks to opt in to Jetpack Manage 
  3165. * @return (string) 
  3166. */ 
  3167. function opt_in_jetpack_manage_url() { 
  3168. return wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=jetpack-manage-opt-in' ), 'jetpack_manage_banner_opt_in' ); 
  3169.  
  3170. function opt_in_jetpack_manage_notice() { 
  3171. ?> 
  3172. <div class="wrap"> 
  3173. <div id="message" class="jetpack-message is-opt-in"> 
  3174. <?php echo sprintf( __( '<p><a href="%1$s" title="Opt in to WordPress.com Site Management" >Activate Site Management</a> to manage multiple sites from our centralized dashboard at wordpress.com/sites. <a href="%2$s" target="_blank">Learn more</a>.</p><a href="%1$s" class="jp-button">Activate Now</a>', 'jetpack' ), $this->opt_in_jetpack_manage_url(), 'http://jetpack.me/support/site-management' ); ?> 
  3175. </div> 
  3176. </div> 
  3177. <?php 
  3178.  
  3179. /** 
  3180. * Determines whether to show the notice of not true = display notice 
  3181. * @return (bool) 
  3182. */ 
  3183. function can_display_jetpack_manage_notice() { 
  3184. // never display the notice to users that can't do anything about it anyways 
  3185. if( ! current_user_can( 'jetpack_manage_modules' ) ) 
  3186. return false; 
  3187.  
  3188. // don't display if we are in development more 
  3189. if( Jetpack::is_development_mode() ) { 
  3190. return false; 
  3191. // don't display if the site is private 
  3192. if( ! Jetpack_Options::get_option( 'public' ) ) 
  3193. return false; 
  3194.  
  3195. /** 
  3196. * Should the Jetpack Remote Site Management notice be displayed. 
  3197. * 
  3198. * @since 3.3.0 
  3199. * 
  3200. * @param bool ! self::is_module_active( 'manage' ) Is the Manage module inactive. 
  3201. */ 
  3202. return apply_filters( 'can_display_jetpack_manage_notice', ! self::is_module_active( 'manage' ) ); 
  3203.  
  3204. function network_connect_notice() { 
  3205. ?> 
  3206. <div id="message" class="updated jetpack-message"> 
  3207. <div class="squeezer"> 
  3208. <h4><?php _e( '<strong>Jetpack is activated!</strong> Each site on your network must be connected individually by an admin on that site.', 'jetpack' ) ?></h4> 
  3209. </div> 
  3210. </div> 
  3211. <?php 
  3212.  
  3213. public static function jetpack_comment_notice() { 
  3214. if ( in_array( 'comments', Jetpack::get_active_modules() ) ) { 
  3215. return ''; 
  3216.  
  3217. $jetpack_old_version = explode( ':', Jetpack_Options::get_option( 'old_version' ) ); 
  3218. $jetpack_new_version = explode( ':', Jetpack_Options::get_option( 'version' ) ); 
  3219.  
  3220. if ( $jetpack_old_version ) { 
  3221. if ( version_compare( $jetpack_old_version[0], '1.4', '>=' ) ) { 
  3222. return ''; 
  3223.  
  3224. if ( $jetpack_new_version ) { 
  3225. if ( version_compare( $jetpack_new_version[0], '1.4-something', '<' ) ) { 
  3226. return ''; 
  3227.  
  3228. return '<br /><br />' . sprintf( 
  3229. __( 'Jetpack now includes Comments, which enables your visitors to use their WordPress.com, Twitter, or Facebook accounts when commenting on your site. To activate Comments, <a href="%s">%s</a>.', 'jetpack' ),  
  3230. wp_nonce_url( 
  3231. Jetpack::admin_url( 
  3232. array( 
  3233. 'page' => 'jetpack',  
  3234. 'action' => 'activate',  
  3235. 'module' => 'comments',  
  3236. ),  
  3237. 'jetpack_activate-comments' 
  3238. ),  
  3239. __( 'click here', 'jetpack' ) 
  3240. ); 
  3241.  
  3242. /** 
  3243. * Show the survey link when the user has just disconnected Jetpack. 
  3244. */ 
  3245. function disconnect_survey_notice() { 
  3246. ?> 
  3247. <div class="wrap"> 
  3248. <div id="message" class="jetpack-message stay-visible"> 
  3249. <div class="squeezer"> 
  3250. <h4> 
  3251. <?php _e( 'You have successfully disconnected Jetpack.', 'jetpack' ); ?> 
  3252. <br /> 
  3253. <?php echo sprintf( 
  3254. __( 'Would you tell us why? Just <a href="%1$s" target="%2$s">answering two simple questions</a> would help us improve Jetpack.', 'jetpack' ),  
  3255. 'https://jetpack.me/survey-disconnected/',  
  3256. '_blank' 
  3257. ); ?> 
  3258. </h4> 
  3259. </div> 
  3260. </div> 
  3261. </div> 
  3262. <?php 
  3263.  
  3264. /** 
  3265. * Registration flow: 
  3266. * 1 - ::admin_page_load() action=register 
  3267. * 2 - ::try_registration() 
  3268. * 3 - ::register() 
  3269. * - Creates jetpack_register option containing two secrets and a timestamp 
  3270. * - Calls https://jetpack.wordpress.com/jetpack.register/1/ with 
  3271. * siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id 
  3272. * - That request to jetpack.wordpress.com does not immediately respond. It first makes a request BACK to this site's 
  3273. * xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1 
  3274. * - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2 
  3275. * - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with 
  3276. * jetpack_id, jetpack_secret, jetpack_public 
  3277. * - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret 
  3278. * 4 - redirect to https://jetpack.wordpress.com/jetpack.authorize/1/ 
  3279. * 5 - user logs in with WP.com account 
  3280. * 6 - redirect to this site's wp-admin/index.php?page=jetpack&action=authorize with 
  3281. * code <-- OAuth2 style authorization code 
  3282. * 7 - ::admin_page_load() action=authorize 
  3283. * 8 - Jetpack_Client_Server::authorize() 
  3284. * 9 - Jetpack_Client_Server::get_token() 
  3285. * 10- GET https://jetpack.wordpress.com/jetpack.token/1/ with 
  3286. * client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login 
  3287. * 11- which responds with 
  3288. * access_token, token_type, scope 
  3289. * 12- Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id 
  3290. * 13- Jetpack::activate_default_modules() 
  3291. * Deactivates deprecated plugins 
  3292. * Activates all default modules 
  3293. * Catches errors: redirects to wp-admin/index.php?page=jetpack state:error=something 
  3294. * 14- redirect to this site's wp-admin/index.php?page=jetpack with state:message=authorized 
  3295. * Done! 
  3296. */ 
  3297.  
  3298. /** 
  3299. * Handles the page load events for the Jetpack admin page 
  3300. */ 
  3301. function admin_page_load() { 
  3302. $error = false; 
  3303.  
  3304. // Make sure we have the right body class to hook stylings for subpages off of. 
  3305. add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ) ); 
  3306.  
  3307. if ( ! empty( $_GET['jetpack_restate'] ) ) { 
  3308. // Should only be used in intermediate redirects to preserve state across redirects 
  3309. Jetpack::restate(); 
  3310.  
  3311. if ( isset( $_GET['connect_url_redirect'] ) ) { 
  3312. // User clicked in the iframe to link their accounts 
  3313. if ( ! Jetpack::is_user_connected() ) { 
  3314. $connect_url = $this->build_connect_url( true ); 
  3315. if ( isset( $_GET['notes_iframe'] ) ) 
  3316. $connect_url .= '¬es_iframe'; 
  3317. wp_redirect( $connect_url ); 
  3318. exit; 
  3319. } else { 
  3320. Jetpack::state( 'message', 'already_authorized' ); 
  3321. wp_safe_redirect( Jetpack::admin_url() ); 
  3322. exit; 
  3323.  
  3324.  
  3325. if ( isset( $_GET['action'] ) ) { 
  3326. switch ( $_GET['action'] ) { 
  3327. case 'authorize' : 
  3328. if ( Jetpack::is_active() && Jetpack::is_user_connected() ) { 
  3329. Jetpack::state( 'message', 'already_authorized' ); 
  3330. wp_safe_redirect( Jetpack::admin_url() ); 
  3331. exit; 
  3332. Jetpack::log( 'authorize' ); 
  3333. $client_server = new Jetpack_Client_Server; 
  3334. $client_server->authorize(); 
  3335. exit; 
  3336. case 'register' : 
  3337. if ( ! current_user_can( 'jetpack_connect' ) ) { 
  3338. $error = 'cheatin'; 
  3339. break; 
  3340. check_admin_referer( 'jetpack-register' ); 
  3341. Jetpack::log( 'register' ); 
  3342. Jetpack::maybe_set_version_option(); 
  3343. $registered = Jetpack::try_registration(); 
  3344. if ( is_wp_error( $registered ) ) { 
  3345. $error = $registered->get_error_code(); 
  3346. Jetpack::state( 'error_description', $registered->get_error_message() ); 
  3347. break; 
  3348.  
  3349. wp_redirect( $this->build_connect_url( true ) ); 
  3350. exit; 
  3351. case 'activate' : 
  3352. if ( ! current_user_can( 'jetpack_activate_modules' ) ) { 
  3353. $error = 'cheatin'; 
  3354. break; 
  3355.  
  3356. $module = stripslashes( $_GET['module'] ); 
  3357. check_admin_referer( "jetpack_activate-$module" ); 
  3358. Jetpack::log( 'activate', $module ); 
  3359. Jetpack::activate_module( $module ); 
  3360. // The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end. 
  3361. wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) ); 
  3362. exit; 
  3363. case 'activate_default_modules' : 
  3364. check_admin_referer( 'activate_default_modules' ); 
  3365. Jetpack::log( 'activate_default_modules' ); 
  3366. Jetpack::restate(); 
  3367. $min_version = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false; 
  3368. $max_version = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false; 
  3369. $other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array(); 
  3370. Jetpack::activate_default_modules( $min_version, $max_version, $other_modules ); 
  3371. wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) ); 
  3372. exit; 
  3373. case 'disconnect' : 
  3374. if ( ! current_user_can( 'jetpack_disconnect' ) ) { 
  3375. $error = 'cheatin'; 
  3376. break; 
  3377.  
  3378. check_admin_referer( 'jetpack-disconnect' ); 
  3379. Jetpack::log( 'disconnect' ); 
  3380. Jetpack::disconnect(); 
  3381. wp_safe_redirect( Jetpack::admin_url( 'disconnected=true' ) ); 
  3382. exit; 
  3383. case 'reconnect' : 
  3384. if ( ! current_user_can( 'jetpack_reconnect' ) ) { 
  3385. $error = 'cheatin'; 
  3386. break; 
  3387.  
  3388. check_admin_referer( 'jetpack-reconnect' ); 
  3389. Jetpack::log( 'reconnect' ); 
  3390. $this->disconnect(); 
  3391. wp_redirect( $this->build_connect_url( true ) ); 
  3392. exit; 
  3393. case 'deactivate' : 
  3394. if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) { 
  3395. $error = 'cheatin'; 
  3396. break; 
  3397.  
  3398. $modules = stripslashes( $_GET['module'] ); 
  3399. check_admin_referer( "jetpack_deactivate-$modules" ); 
  3400. foreach ( explode( ', ', $modules ) as $module ) { 
  3401. Jetpack::log( 'deactivate', $module ); 
  3402. Jetpack::deactivate_module( $module ); 
  3403. Jetpack::state( 'message', 'module_deactivated' ); 
  3404. Jetpack::state( 'module', $modules ); 
  3405. wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) ); 
  3406. exit; 
  3407. case 'unlink' : 
  3408. $redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : ''; 
  3409. check_admin_referer( 'jetpack-unlink' ); 
  3410. Jetpack::log( 'unlink' ); 
  3411. $this->unlink_user(); 
  3412. Jetpack::state( 'message', 'unlinked' ); 
  3413. if ( 'sub-unlink' == $redirect ) { 
  3414. wp_safe_redirect( admin_url() ); 
  3415. } else { 
  3416. wp_safe_redirect( Jetpack::admin_url( array( 'page' => $redirect ) ) ); 
  3417. exit; 
  3418. default: 
  3419. /** 
  3420. * Fires when a Jetpack admin page is loaded with an unrecognized parameter. 
  3421. * 
  3422. * @since 2.6.0 
  3423. * 
  3424. * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter. 
  3425. */ 
  3426. do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) ); 
  3427.  
  3428. if ( ! $error = $error ? $error : Jetpack::state( 'error' ) ) { 
  3429. self::activate_new_modules( true ); 
  3430.  
  3431. switch ( $error ) { 
  3432. case 'cheatin' : 
  3433. $this->error = __( 'Cheatin’ uh?', 'jetpack' ); 
  3434. break; 
  3435. case 'access_denied' : 
  3436. $this->error = __( 'You need to authorize the Jetpack connection between your site and WordPress.com to enable the awesome features.', 'jetpack' ); 
  3437. break; 
  3438. case 'wrong_state' : 
  3439. $this->error = __( 'Don’t cross the streams! You need to stay logged in to your WordPress blog while you authorize Jetpack.', 'jetpack' ); 
  3440. break; 
  3441. case 'invalid_client' : 
  3442. // @todo re-register instead of deactivate/reactivate 
  3443. $this->error = __( 'Return to sender. Whoops! It looks like you got the wrong Jetpack in the mail; deactivate then reactivate the Jetpack plugin to get a new one.', 'jetpack' ); 
  3444. break; 
  3445. case 'invalid_grant' : 
  3446. $this->error = __( 'Wrong size. Hm… it seems your Jetpack doesn’t quite fit. Have you lost weight? Click “Connect to WordPress.com” again to get your Jetpack adjusted.', 'jetpack' ); 
  3447. break; 
  3448. case 'site_inaccessible' : 
  3449. case 'site_requires_authorization' : 
  3450. $this->error = sprintf( __( 'Your website needs to be publicly accessible to use Jetpack: %s', 'jetpack' ), "<code>$error</code>" ); 
  3451. break; 
  3452. case 'module_activation_failed' : 
  3453. $module = Jetpack::state( 'module' ); 
  3454. if ( ! empty( $module ) && $mod = Jetpack::get_module( $module ) ) { 
  3455. $this->error = sprintf( __( '%s could not be activated because it triggered a <strong>fatal error</strong>. Perhaps there is a conflict with another plugin you have installed?', 'jetpack' ), $mod['name'] ); 
  3456. if ( isset( $this->plugins_to_deactivate[$module] ) ) { 
  3457. $this->error .= ' ' . sprintf( __( 'Do you still have the %s plugin installed?', 'jetpack' ), $this->plugins_to_deactivate[$module][1] ); 
  3458. } else { 
  3459. $this->error = __( 'Module could not be activated because it triggered a <strong>fatal error</strong>. Perhaps there is a conflict with another plugin you have installed?', 'jetpack' ); 
  3460. if ( $php_errors = Jetpack::state( 'php_errors' ) ) { 
  3461. $this->error .= "<br />\n"; 
  3462. $this->error .= $php_errors; 
  3463. break; 
  3464. case 'master_user_required' : 
  3465. $module = Jetpack::state( 'module' ); 
  3466. $module_name = ''; 
  3467. if ( ! empty( $module ) && $mod = Jetpack::get_module( $module ) ) { 
  3468. $module_name = $mod['name']; 
  3469.  
  3470. $master_user = Jetpack_Options::get_option( 'master_user' ); 
  3471. $master_userdata = get_userdata( $master_user ) ; 
  3472. if ( $master_userdata ) { 
  3473. if ( ! in_array( $module, Jetpack::get_active_modules() ) ) { 
  3474. $this->error = sprintf( __( '%s was not activated.' , 'jetpack' ), $module_name ); 
  3475. } else { 
  3476. $this->error = sprintf( __( '%s was not deactivated.' , 'jetpack' ), $module_name ); 
  3477. $this->error .= ' ' . sprintf( __( 'This module can only be altered by %s, the user who initiated the Jetpack connection on this site.' , 'jetpack' ), esc_html( $master_userdata->display_name ) ); 
  3478.  
  3479. } else { 
  3480. $this->error = sprintf( __( 'Only the user who initiated the Jetpack connection on this site can toggle %s, but that user no longer exists. This should not happen.', 'jetpack' ), $module_name ); 
  3481. break; 
  3482. case 'not_public' : 
  3483. $this->error = __( '<strong>Your Jetpack has a glitch.</strong> Connecting this site with WordPress.com is not possible. This usually means your site is not publicly accessible (localhost).', 'jetpack' ); 
  3484. break; 
  3485. case 'wpcom_408' : 
  3486. case 'wpcom_5??' : 
  3487. case 'wpcom_bad_response' : 
  3488. case 'wpcom_outage' : 
  3489. $this->error = __( 'WordPress.com is currently having problems and is unable to fuel up your Jetpack. Please try again later.', 'jetpack' ); 
  3490. break; 
  3491. case 'register_http_request_failed' : 
  3492. case 'token_http_request_failed' : 
  3493. $this->error = sprintf( __( 'Jetpack could not contact WordPress.com: %s. This usually means something is incorrectly configured on your web host.', 'jetpack' ), "<code>$error</code>" ); 
  3494. break; 
  3495. default : 
  3496. if ( empty( $error ) ) { 
  3497. break; 
  3498. $error = trim( substr( strip_tags( $error ), 0, 20 ) ); 
  3499. // no break: fall through 
  3500. case 'no_role' : 
  3501. case 'no_cap' : 
  3502. case 'no_code' : 
  3503. case 'no_state' : 
  3504. case 'invalid_state' : 
  3505. case 'invalid_request' : 
  3506. case 'invalid_scope' : 
  3507. case 'unsupported_response_type' : 
  3508. case 'invalid_token' : 
  3509. case 'no_token' : 
  3510. case 'missing_secrets' : 
  3511. case 'home_missing' : 
  3512. case 'siteurl_missing' : 
  3513. case 'gmt_offset_missing' : 
  3514. case 'site_name_missing' : 
  3515. case 'secret_1_missing' : 
  3516. case 'secret_2_missing' : 
  3517. case 'site_lang_missing' : 
  3518. case 'home_malformed' : 
  3519. case 'siteurl_malformed' : 
  3520. case 'gmt_offset_malformed' : 
  3521. case 'timezone_string_malformed' : 
  3522. case 'site_name_malformed' : 
  3523. case 'secret_1_malformed' : 
  3524. case 'secret_2_malformed' : 
  3525. case 'site_lang_malformed' : 
  3526. case 'secrets_mismatch' : 
  3527. case 'verify_secret_1_missing' : 
  3528. case 'verify_secret_1_malformed' : 
  3529. case 'verify_secrets_missing' : 
  3530. case 'verify_secrets_mismatch' : 
  3531. $error = esc_html( $error ); 
  3532. $this->error = sprintf( __( '<strong>Your Jetpack has a glitch.</strong> Something went wrong that’s never supposed to happen. Guess you’re just lucky: %s', 'jetpack' ), "<code>$error</code>" ); 
  3533. if ( ! Jetpack::is_active() ) { 
  3534. $this->error .= '<br />'; 
  3535. $this->error .= sprintf( __( 'Try connecting again.', 'jetpack' ) ); 
  3536. break; 
  3537.  
  3538. $message_code = Jetpack::state( 'message' ); 
  3539.  
  3540. $active_state = Jetpack::state( 'activated_modules' ); 
  3541. if ( ! empty( $active_state ) ) { 
  3542. $available = Jetpack::get_available_modules(); 
  3543. $active_state = explode( ', ', $active_state ); 
  3544. $active_state = array_intersect( $active_state, $available ); 
  3545. if ( count( $active_state ) ) { 
  3546. foreach ( $active_state as $mod ) { 
  3547. $this->stat( 'module-activated', $mod ); 
  3548. } else { 
  3549. $active_state = false; 
  3550. if( Jetpack::state( 'optin-manage' ) ) { 
  3551. $activated_manage = $message_code; 
  3552. $message_code = 'jetpack-manage'; 
  3553.  
  3554. switch ( $message_code ) { 
  3555. case 'modules_activated' : 
  3556. $this->message = sprintf( 
  3557. __( 'Welcome to <strong>Jetpack %s</strong>!', 'jetpack' ),  
  3558. JETPACK__VERSION 
  3559. ); 
  3560.  
  3561. if ( $active_state ) { 
  3562. $titles = array(); 
  3563. foreach ( $active_state as $mod ) { 
  3564. if ( $mod_headers = Jetpack::get_module( $mod ) ) { 
  3565. $titles[] = '<strong>' . preg_replace( '/\s+(?![^<>]++>)/', ' ', $mod_headers['name'] ) . '</strong>'; 
  3566. if ( $titles ) { 
  3567. $this->message .= '<br /><br />' . wp_sprintf( __( 'The following new modules have been activated: %l.', 'jetpack' ), $titles ); 
  3568.  
  3569. if ( $reactive_state = Jetpack::state( 'reactivated_modules' ) ) { 
  3570. $titles = array(); 
  3571. foreach ( explode( ', ', $reactive_state ) as $mod ) { 
  3572. if ( $mod_headers = Jetpack::get_module( $mod ) ) { 
  3573. $titles[] = '<strong>' . preg_replace( '/\s+(?![^<>]++>)/', ' ', $mod_headers['name'] ) . '</strong>'; 
  3574. if ( $titles ) { 
  3575. $this->message .= '<br /><br />' . wp_sprintf( __( 'The following modules have been updated: %l.', 'jetpack' ), $titles ); 
  3576.  
  3577. $this->message .= Jetpack::jetpack_comment_notice(); 
  3578. break; 
  3579. case 'jetpack-manage': 
  3580. $this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>'; 
  3581. if ( $activated_manage ) { 
  3582. $this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack' ) . '</strong>'; 
  3583. break; 
  3584. case 'module_activated' : 
  3585. if ( $module = Jetpack::get_module( Jetpack::state( 'module' ) ) ) { 
  3586. $this->message = sprintf( __( '<strong>%s Activated!</strong> You can deactivate at any time by clicking the Deactivate link next to each module.', 'jetpack' ), $module['name'] ); 
  3587. $this->stat( 'module-activated', Jetpack::state( 'module' ) ); 
  3588. break; 
  3589.  
  3590. case 'module_deactivated' : 
  3591. $modules = Jetpack::state( 'module' ); 
  3592. if ( ! $modules ) { 
  3593. break; 
  3594.  
  3595. $module_names = array(); 
  3596. foreach ( explode( ', ', $modules ) as $module_slug ) { 
  3597. $module = Jetpack::get_module( $module_slug ); 
  3598. if ( $module ) { 
  3599. $module_names[] = $module['name']; 
  3600.  
  3601. $this->stat( 'module-deactivated', $module_slug ); 
  3602.  
  3603. if ( ! $module_names ) { 
  3604. break; 
  3605.  
  3606. $this->message = wp_sprintf( 
  3607. _nx( 
  3608. '<strong>%l Deactivated!</strong> You can activate it again at any time using the activate link next to each module.',  
  3609. '<strong>%l Deactivated!</strong> You can activate them again at any time using the activate links next to each module.',  
  3610. count( $module_names ),  
  3611. '%l = list of Jetpack module/feature names',  
  3612. 'jetpack' 
  3613. ),  
  3614. $module_names 
  3615. ); 
  3616. break; 
  3617.  
  3618. case 'module_configured' : 
  3619. $this->message = __( '<strong>Module settings were saved.</strong> ', 'jetpack' ); 
  3620. break; 
  3621.  
  3622. case 'already_authorized' : 
  3623. $this->message = __( '<strong>Your Jetpack is already connected.</strong> ', 'jetpack' ); 
  3624. break; 
  3625.  
  3626. case 'authorized' : 
  3627. $this->message = __( '<strong>You’re fueled up and ready to go, Jetpack is now active.</strong> ', 'jetpack' ); 
  3628. $this->message .= Jetpack::jetpack_comment_notice(); 
  3629. break; 
  3630.  
  3631. case 'linked' : 
  3632. $this->message = __( '<strong>You’re fueled up and ready to go.</strong> ', 'jetpack' ); 
  3633. $this->message .= Jetpack::jetpack_comment_notice(); 
  3634. break; 
  3635.  
  3636. case 'unlinked' : 
  3637. $user = wp_get_current_user(); 
  3638. $this->message = sprintf( __( '<strong>You have unlinked your account (%s) from WordPress.com.</strong>', 'jetpack' ), $user->user_login ); 
  3639. break; 
  3640.  
  3641. case 'switch_master' : 
  3642. global $current_user; 
  3643. $is_master_user = $current_user->ID == Jetpack_Options::get_option( 'master_user' ); 
  3644. $master_userdata = get_userdata( Jetpack_Options::get_option( 'master_user' ) ); 
  3645. if ( $is_master_user ) { 
  3646. $this->message = __( 'You have successfully set yourself as Jetpack*s primary user.', 'jetpack' ); 
  3647. } else { 
  3648. $this->message = sprintf( _x( 'You have successfully set %s as Jetpack*s primary user.', '%s is a username', 'jetpack' ), $master_userdata->user_login ); 
  3649. break; 
  3650.  
  3651. $deactivated_plugins = Jetpack::state( 'deactivated_plugins' ); 
  3652.  
  3653. if ( ! empty( $deactivated_plugins ) ) { 
  3654. $deactivated_plugins = explode( ', ', $deactivated_plugins ); 
  3655. $deactivated_titles = array(); 
  3656. foreach ( $deactivated_plugins as $deactivated_plugin ) { 
  3657. if ( ! isset( $this->plugins_to_deactivate[$deactivated_plugin] ) ) { 
  3658. continue; 
  3659.  
  3660. $deactivated_titles[] = '<strong>' . str_replace( ' ', ' ', $this->plugins_to_deactivate[$deactivated_plugin][1] ) . '</strong>'; 
  3661.  
  3662. if ( $deactivated_titles ) { 
  3663. if ( $this->message ) { 
  3664. $this->message .= "<br /><br />\n"; 
  3665.  
  3666. $this->message .= wp_sprintf( 
  3667. _n( 
  3668. 'Jetpack contains the most recent version of the old %l plugin.',  
  3669. 'Jetpack contains the most recent versions of the old %l plugins.',  
  3670. count( $deactivated_titles ),  
  3671. 'jetpack' 
  3672. ),  
  3673. $deactivated_titles 
  3674. ); 
  3675.  
  3676. $this->message .= "<br />\n"; 
  3677.  
  3678. $this->message .= _n( 
  3679. 'The old version has been deactivated and can be removed from your site.',  
  3680. 'The old versions have been deactivated and can be removed from your site.',  
  3681. count( $deactivated_titles ),  
  3682. 'jetpack' 
  3683. ); 
  3684.  
  3685. $this->privacy_checks = Jetpack::state( 'privacy_checks' ); 
  3686.  
  3687. if ( $this->message || $this->error || $this->privacy_checks || $this->can_display_jetpack_manage_notice() ) { 
  3688. add_action( 'jetpack_notices', array( $this, 'admin_notices' ) ); 
  3689.  
  3690. if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) ) { 
  3691. /** 
  3692. * Fires when a module configuration page is loaded. 
  3693. * The dynamic part of the hook is the configure parameter from the URL. 
  3694. * 
  3695. * @since 1.1.0 
  3696. */ 
  3697. do_action( 'jetpack_module_configuration_load_' . $_GET['configure'] ); 
  3698.  
  3699. add_filter( 'jetpack_short_module_description', 'wptexturize' ); 
  3700.  
  3701. function admin_notices() { 
  3702.  
  3703. if ( $this->error ) { 
  3704. ?> 
  3705. <div id="message" class="jetpack-message jetpack-err"> 
  3706. <div class="squeezer"> 
  3707. <h4><?php echo wp_kses( $this->error, array( 'code' => true, 'strong' => true, 'br' => true, 'b' => true ) ); ?></h4> 
  3708. <?php if ( $desc = Jetpack::state( 'error_description' ) ) : ?> 
  3709. <p><?php echo esc_html( stripslashes( $desc ) ); ?></p> 
  3710. <?php endif; ?> 
  3711. </div> 
  3712. </div> 
  3713. <?php 
  3714.  
  3715. if ( $this->message ) { 
  3716. ?> 
  3717. <div id="message" class="jetpack-message"> 
  3718. <div class="squeezer"> 
  3719. <h4><?php echo wp_kses( $this->message, array( 'strong' => array(), 'a' => array( 'href' => true ), 'br' => true ) ); ?></h4> 
  3720. </div> 
  3721. </div> 
  3722. <?php 
  3723.  
  3724. if ( $this->privacy_checks ) : 
  3725. $module_names = $module_slugs = array(); 
  3726.  
  3727. $privacy_checks = explode( ', ', $this->privacy_checks ); 
  3728. $privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) ); 
  3729. foreach ( $privacy_checks as $module_slug ) { 
  3730. $module = Jetpack::get_module( $module_slug ); 
  3731. if ( ! $module ) { 
  3732. continue; 
  3733.  
  3734. $module_slugs[] = $module_slug; 
  3735. $module_names[] = "<strong>{$module['name']}</strong>"; 
  3736.  
  3737. $module_slugs = join( ', ', $module_slugs ); 
  3738. ?> 
  3739. <div id="message" class="jetpack-message jetpack-err"> 
  3740. <div class="squeezer"> 
  3741. <h4><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h4><br /> 
  3742. <p><?php 
  3743. echo wp_kses( 
  3744. wptexturize( 
  3745. wp_sprintf( 
  3746. _nx( 
  3747. "Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",  
  3748. "Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",  
  3749. count( $privacy_checks ),  
  3750. '%l = list of Jetpack module/feature names',  
  3751. 'jetpack' 
  3752. ),  
  3753. $module_names 
  3754. ),  
  3755. array( 'strong' => true ) 
  3756. ); 
  3757.  
  3758. echo "\n<br />\n"; 
  3759.  
  3760. echo wp_kses( 
  3761. sprintf( 
  3762. _nx( 
  3763. 'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',  
  3764. 'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',  
  3765. count( $privacy_checks ),  
  3766. '%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',  
  3767. 'jetpack' 
  3768. ),  
  3769. wp_nonce_url( 
  3770. Jetpack::admin_url( 
  3771. array( 
  3772. 'page' => 'jetpack',  
  3773. 'action' => 'deactivate',  
  3774. 'module' => urlencode( $module_slugs ),  
  3775. ),  
  3776. "jetpack_deactivate-$module_slugs" 
  3777. ),  
  3778. esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) ) 
  3779. ),  
  3780. array( 'a' => array( 'href' => true, 'title' => true ) ) 
  3781. ); 
  3782. ?></p> 
  3783. </div> 
  3784. </div> 
  3785. <?php endif; 
  3786. // only display the notice if the other stuff is not there 
  3787. if( $this->can_display_jetpack_manage_notice() && ! $this->error && ! $this->message && ! $this->privacy_checks ) { 
  3788. if( isset( $_GET['page'] ) && 'jetpack' != $_GET['page'] ) 
  3789. $this->opt_in_jetpack_manage_notice(); 
  3790.  
  3791. /** 
  3792. * Record a stat for later output. This will only currently output in the admin_footer. 
  3793. */ 
  3794. function stat( $group, $detail ) { 
  3795. if ( ! isset( $this->stats[ $group ] ) ) 
  3796. $this->stats[ $group ] = array(); 
  3797. $this->stats[ $group ][] = $detail; 
  3798.  
  3799. /** 
  3800. * Load stats pixels. $group is auto-prefixed with "x_jetpack-" 
  3801. */ 
  3802. function do_stats( $method = '' ) { 
  3803. if ( is_array( $this->stats ) && count( $this->stats ) ) { 
  3804. foreach ( $this->stats as $group => $stats ) { 
  3805. if ( is_array( $stats ) && count( $stats ) ) { 
  3806. $args = array( "x_jetpack-{$group}" => implode( ', ', $stats ) ); 
  3807. if ( 'server_side' === $method ) { 
  3808. self::do_server_side_stat( $args ); 
  3809. } else { 
  3810. echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />'; 
  3811. unset( $this->stats[ $group ] ); 
  3812.  
  3813. /** 
  3814. * Runs stats code for a one-off, server-side. 
  3815. * 
  3816. * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store. 
  3817. * 
  3818. * @return bool If it worked. 
  3819. */ 
  3820. static function do_server_side_stat( $args ) { 
  3821. $response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) ); 
  3822. if ( is_wp_error( $response ) ) 
  3823. return false; 
  3824.  
  3825. if ( 200 !== wp_remote_retrieve_response_code( $response ) ) 
  3826. return false; 
  3827.  
  3828. return true; 
  3829.  
  3830. /** 
  3831. * Builds the stats url. 
  3832. * 
  3833. * @param $args array|string The arguments to append to the URL. 
  3834. * 
  3835. * @return string The URL to be pinged. 
  3836. */ 
  3837. static function build_stats_url( $args ) { 
  3838. $defaults = array( 
  3839. 'v' => 'wpcom2',  
  3840. 'rand' => md5( mt_rand( 0, 999 ) . time() ),  
  3841. ); 
  3842. $args = wp_parse_args( $args, $defaults ); 
  3843. /** 
  3844. * Filter the URL used as the Stats tracking pixel. 
  3845. * 
  3846. * @since 2.3.2 
  3847. * 
  3848. * @param string $url Base URL used as the Stats tracking pixel. 
  3849. */ 
  3850. $base_url = apply_filters( 
  3851. 'jetpack_stats_base_url',  
  3852. set_url_scheme( 'http://pixel.wp.com/g.gif' ) 
  3853. ); 
  3854. $url = add_query_arg( $args, $base_url ); 
  3855. return $url; 
  3856.  
  3857. function translate_current_user_to_role() { 
  3858. foreach ( $this->capability_translations as $role => $cap ) { 
  3859. if ( current_user_can( $role ) || current_user_can( $cap ) ) { 
  3860. return $role; 
  3861.  
  3862. return false; 
  3863.  
  3864. function translate_role_to_cap( $role ) { 
  3865. if ( ! isset( $this->capability_translations[$role] ) ) { 
  3866. return false; 
  3867.  
  3868. return $this->capability_translations[$role]; 
  3869.  
  3870. function sign_role( $role ) { 
  3871. if ( ! $user_id = (int) get_current_user_id() ) { 
  3872. return false; 
  3873.  
  3874. $token = Jetpack_Data::get_access_token(); 
  3875. if ( ! $token || is_wp_error( $token ) ) { 
  3876. return false; 
  3877.  
  3878. return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret ); 
  3879.  
  3880. function build_connect_url( $raw = false, $redirect = false ) { 
  3881. if ( ! Jetpack_Options::get_option( 'blog_token' ) || ! Jetpack_Options::get_option( 'id' ) ) { 
  3882. $url = Jetpack::nonce_url_no_esc( Jetpack::admin_url( 'action=register' ), 'jetpack-register' ); 
  3883. if( is_network_admin() ) { 
  3884. $url = add_query_arg( 'is_multisite', network_admin_url( 
  3885. 'admin.php?page=jetpack-settings' ), $url ); 
  3886. } else { 
  3887. $role = $this->translate_current_user_to_role(); 
  3888. $signed_role = $this->sign_role( $role ); 
  3889.  
  3890. $user = wp_get_current_user(); 
  3891.  
  3892. $redirect = $redirect ? esc_url_raw( $redirect ) : ''; 
  3893.  
  3894. if( isset( $_REQUEST['is_multisite'] ) ) { 
  3895. $redirect = Jetpack_Network::init()->get_url( 'network_admin_page' ); 
  3896.  
  3897. $args = urlencode_deep( 
  3898. array( 
  3899. 'response_type' => 'code',  
  3900. 'client_id' => Jetpack_Options::get_option( 'id' ),  
  3901. 'redirect_uri' => add_query_arg( 
  3902. array( 
  3903. 'action' => 'authorize',  
  3904. '_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),  
  3905. 'redirect' => $redirect ? urlencode( $redirect ) : false,  
  3906. ),  
  3907. menu_page_url( 'jetpack', false ) 
  3908. ),  
  3909. 'state' => $user->ID,  
  3910. 'scope' => $signed_role,  
  3911. 'user_email' => $user->user_email,  
  3912. 'user_login' => $user->user_login,  
  3913. 'is_active' => Jetpack::is_active(),  
  3914. 'jp_version' => JETPACK__VERSION,  
  3915. ); 
  3916.  
  3917. $url = add_query_arg( $args, Jetpack::api_url( 'authorize' ) ); 
  3918.  
  3919. return $raw ? $url : esc_url( $url ); 
  3920.  
  3921. function build_reconnect_url( $raw = false ) { 
  3922. $url = wp_nonce_url( Jetpack::admin_url( 'action=reconnect' ), 'jetpack-reconnect' ); 
  3923. return $raw ? $url : esc_url( $url ); 
  3924.  
  3925. public static function admin_url( $args = null ) { 
  3926. $args = wp_parse_args( $args, array( 'page' => 'jetpack' ) ); 
  3927. $url = add_query_arg( $args, admin_url( 'admin.php' ) ); 
  3928. return $url; 
  3929.  
  3930. public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) { 
  3931. $actionurl = str_replace( '&', '&', $actionurl ); 
  3932. return add_query_arg( $name, wp_create_nonce( $action ), $actionurl ); 
  3933.  
  3934. function dismiss_jetpack_notice() { 
  3935.  
  3936. if ( ! isset( $_GET['jetpack-notice'] ) ) { 
  3937. return; 
  3938.  
  3939. switch( $_GET['jetpack-notice'] ) { 
  3940. case 'dismiss': 
  3941. if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) { 
  3942.  
  3943. require_once ABSPATH . 'wp-admin/includes/plugin.php'; 
  3944. deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false ); 
  3945. wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' ); 
  3946. break; 
  3947. case 'jetpack-manage-opt-out': 
  3948.  
  3949. if ( check_admin_referer( 'jetpack_manage_banner_opt_out' ) ) { 
  3950. // Don't show the banner again 
  3951.  
  3952. Jetpack_Options::update_option( 'dismissed_manage_banner', true ); 
  3953. // redirect back to the page that had the notice 
  3954. if ( wp_get_referer() ) { 
  3955. wp_safe_redirect( wp_get_referer() ); 
  3956. } else { 
  3957. // Take me to Jetpack 
  3958. wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) ); 
  3959. break; 
  3960. case 'jetpack-protect-multisite-opt-out': 
  3961.  
  3962. if ( check_admin_referer( 'jetpack_protect_multisite_banner_opt_out' ) ) { 
  3963. // Don't show the banner again 
  3964.  
  3965. update_site_option( 'jetpack_dismissed_protect_multisite_banner', true ); 
  3966. // redirect back to the page that had the notice 
  3967. if ( wp_get_referer() ) { 
  3968. wp_safe_redirect( wp_get_referer() ); 
  3969. } else { 
  3970. // Take me to Jetpack 
  3971. wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) ); 
  3972. break; 
  3973. case 'jetpack-manage-opt-in': 
  3974. if ( check_admin_referer( 'jetpack_manage_banner_opt_in' ) ) { 
  3975. // This makes sure that we are redirect to jetpack home so that we can see the Success Message. 
  3976.  
  3977. $redirection_url = Jetpack::admin_url(); 
  3978. remove_action( 'jetpack_pre_activate_module', array( Jetpack_Admin::init(), 'fix_redirect' ) ); 
  3979.  
  3980. // Don't redirect form the Jetpack Setting Page 
  3981. $referer_parsed = parse_url ( wp_get_referer() ); 
  3982. // check that we do have a wp_get_referer and the query paramater is set orderwise go to the Jetpack Home 
  3983. if ( isset( $referer_parsed['query'] ) && false !== strpos( $referer_parsed['query'], 'page=jetpack_modules' ) ) { 
  3984. // Take the user to Jetpack home except when on the setting page 
  3985. $redirection_url = wp_get_referer(); 
  3986. add_action( 'jetpack_pre_activate_module', array( Jetpack_Admin::init(), 'fix_redirect' ) ); 
  3987. // Also update the JSON API FULL MANAGEMENT Option 
  3988. Jetpack::activate_module( 'manage', false, false ); 
  3989.  
  3990. // Special Message when option in. 
  3991. Jetpack::state( 'optin-manage', 'true' ); 
  3992. // Activate the Module if not activated already 
  3993.  
  3994. // Redirect properly 
  3995. wp_safe_redirect( $redirection_url ); 
  3996.  
  3997. break; 
  3998.  
  3999. function debugger_page() { 
  4000. nocache_headers(); 
  4001. if ( ! current_user_can( 'manage_options' ) ) { 
  4002. die( '-1' ); 
  4003. Jetpack_Debugger::jetpack_debug_display_handler(); 
  4004. exit; 
  4005.  
  4006. public static function admin_screen_configure_module( $module_id ) { 
  4007.  
  4008. // User that doesn't have 'jetpack_configure_modules' will never end up here since Jetpack Landing Page woun't let them. 
  4009. if ( ! in_array( $module_id, Jetpack::get_active_modules() ) && current_user_can( 'manage_options' ) ) { 
  4010. if ( has_action( 'display_activate_module_setting_' . $module_id ) ) { 
  4011. /** 
  4012. * Fires to diplay a custom module activation screen. 
  4013. * 
  4014. * To add a module actionation screen use Jetpack::module_configuration_activation_screen method. 
  4015. * Example: Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) ); 
  4016. * 
  4017. * @module manage 
  4018. * 
  4019. * @since 3.8.0 
  4020. * 
  4021. * @param int $module_id Module ID. 
  4022. */ 
  4023. do_action( 'display_activate_module_setting_' . $module_id ); 
  4024. } else { 
  4025. self::display_activate_module_link( $module_id ); 
  4026.  
  4027. return false; 
  4028. } ?> 
  4029.  
  4030. <div id="jp-settings-screen" style="position: relative"> 
  4031. <h3> 
  4032. <?php 
  4033. $module = Jetpack::get_module( $module_id ); 
  4034. echo '<a href="' . Jetpack::admin_url( 'page=jetpack_modules' ) . '">' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</a> → '; 
  4035. printf( __( 'Configure %s', 'jetpack' ), $module['name'] ); 
  4036. ?> 
  4037. </h3> 
  4038. <?php 
  4039. /** 
  4040. * Fires within the displayed message when a feature configuation is updated. 
  4041. * 
  4042. * @since 3.4.0 
  4043. * 
  4044. * @param int $module_id Module ID. 
  4045. */ 
  4046. do_action( 'jetpack_notices_update_settings', $module_id ); 
  4047. /** 
  4048. * Fires when a feature configuation screen is loaded. 
  4049. * The dynamic part of the hook, $module_id, is the module ID. 
  4050. * 
  4051. * @since 1.1.0 
  4052. */ 
  4053. do_action( 'jetpack_module_configuration_screen_' . $module_id ); 
  4054. ?> 
  4055. </div><?php 
  4056.  
  4057. /** 
  4058. * Display link to activate the module to see the settings screen. 
  4059. * @param string $module_id 
  4060. * @return null 
  4061. */ 
  4062. public static function display_activate_module_link( $module_id ) { 
  4063.  
  4064. $info = Jetpack::get_module( $module_id ); 
  4065. $extra = ''; 
  4066. $activate_url = wp_nonce_url( 
  4067. Jetpack::admin_url( 
  4068. array( 
  4069. 'page' => 'jetpack',  
  4070. 'action' => 'activate',  
  4071. 'module' => $module_id,  
  4072. ),  
  4073. "jetpack_activate-$module_id" 
  4074. ); 
  4075.  
  4076. ?> 
  4077.  
  4078. <div class="wrap configure-module"> 
  4079. <div id="jp-settings-screen"> 
  4080. <?php 
  4081. if ( $module_id == 'json-api' ) { 
  4082.  
  4083. $info['name'] = esc_html__( 'Activate Site Management and JSON API', 'jetpack' ); 
  4084.  
  4085. $activate_url = Jetpack::init()->opt_in_jetpack_manage_url(); 
  4086.  
  4087. $info['description'] = sprintf( __( 'Manage your multiple Jetpack sites from our centralized dashboard at wordpress.com/sites. <a href="%s" target="_blank">Learn more</a>.', 'jetpack' ), 'http://jetpack.me/support/site-management' ); 
  4088.  
  4089. // $extra = __( 'To use Site Management, you need to first activate JSON API to allow remote management of your site. ', 'jetpack' ); 
  4090. } ?> 
  4091.  
  4092. <h3><?php echo esc_html( $info['name'] ); ?></h3> 
  4093. <div class="narrow"> 
  4094. <p><?php echo $info['description']; ?></p> 
  4095. <?php if( $extra ) { ?> 
  4096. <p><?php echo esc_html( $extra ); ?></p> 
  4097. <?php } ?> 
  4098. <p> 
  4099. <?php 
  4100. if( wp_get_referer() ) { 
  4101. printf( __( '<a class="button-primary" href="%s">Activate Now</a> or <a href="%s" >return to previous page</a>.', 'jetpack' ) , $activate_url, wp_get_referer() ); 
  4102. } else { 
  4103. printf( __( '<a class="button-primary" href="%s">Activate Now</a>', 'jetpack' ) , $activate_url ); 
  4104. } ?> 
  4105. </p> 
  4106. </div> 
  4107.  
  4108. </div> 
  4109. </div> 
  4110.  
  4111. <?php 
  4112.  
  4113. public static function sort_modules( $a, $b ) { 
  4114. if ( $a['sort'] == $b['sort'] ) 
  4115. return 0; 
  4116.  
  4117. return ( $a['sort'] < $b['sort'] ) ? -1 : 1; 
  4118.  
  4119. function sync_reindex_trigger() { 
  4120. if ( $this->current_user_is_connection_owner() && current_user_can( 'manage_options' ) ) { 
  4121. echo json_encode( $this->sync->reindex_trigger() ); 
  4122. } else { 
  4123. echo '{"status":"ERROR"}'; 
  4124. exit; 
  4125.  
  4126. function sync_reindex_status() { 
  4127. if ( $this->current_user_is_connection_owner() && current_user_can( 'manage_options' ) ) { 
  4128. echo json_encode( $this->sync->reindex_status() ); 
  4129. } else { 
  4130. echo '{"status":"ERROR"}'; 
  4131. exit; 
  4132.  
  4133. /** Client API */ 
  4134.  
  4135. /** 
  4136. * Returns the requested Jetpack API URL 
  4137. * 
  4138. * @return string 
  4139. */ 
  4140. public static function api_url( $relative_url ) { 
  4141. return trailingslashit( JETPACK__API_BASE . $relative_url ) . JETPACK__API_VERSION . '/'; 
  4142.  
  4143. /** 
  4144. * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets 
  4145. */ 
  4146. public static function fix_url_for_bad_hosts( $url ) { 
  4147. if ( 0 !== strpos( $url, 'https://' ) ) { 
  4148. return $url; 
  4149.  
  4150. switch ( JETPACK_CLIENT__HTTPS ) { 
  4151. case 'ALWAYS' : 
  4152. return $url; 
  4153. case 'NEVER' : 
  4154. return set_url_scheme( $url, 'http' ); 
  4155. // default : case 'AUTO' : 
  4156.  
  4157. // Yay! Your host is good! 
  4158. if ( self::permit_ssl() && wp_http_supports( array( 'ssl' => true ) ) ) { 
  4159. return $url; 
  4160.  
  4161. // Boo! Your host is bad and makes Jetpack cry! 
  4162. return set_url_scheme( $url, 'http' ); 
  4163.  
  4164. /** 
  4165. * Checks to see if the URL is using SSL to connect with Jetpack 
  4166. * 
  4167. * @since 2.3.3 
  4168. * @return boolean 
  4169. */ 
  4170. public static function permit_ssl( $force_recheck = false ) { 
  4171. // Do some fancy tests to see if ssl is being supported 
  4172. if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) { 
  4173. if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) { 
  4174. $ssl = 0; 
  4175. } else { 
  4176. switch ( JETPACK_CLIENT__HTTPS ) { 
  4177. case 'NEVER': 
  4178. $ssl = 0; 
  4179. break; 
  4180. case 'ALWAYS': 
  4181. case 'AUTO': 
  4182. default: 
  4183. $ssl = 1; 
  4184. break; 
  4185.  
  4186. // If it's not 'NEVER', test to see 
  4187. if ( $ssl ) { 
  4188. $response = wp_remote_get( JETPACK__API_BASE . 'test/1/' ); 
  4189. if ( is_wp_error( $response ) || ( 'OK' !== wp_remote_retrieve_body( $response ) ) ) { 
  4190. $ssl = 0; 
  4191. set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS ); 
  4192.  
  4193. return (bool) $ssl; 
  4194.  
  4195. /** 
  4196. * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'ALWAYS' but SSL isn't working. 
  4197. */ 
  4198. public function alert_required_ssl_fail() { 
  4199. if ( ! current_user_can( 'manage_options' ) ) 
  4200. return; 
  4201. ?> 
  4202.  
  4203. <div id="message" class="error jetpack-message jp-identity-crisis"> 
  4204. <div class="jp-banner__content"> 
  4205. <h4><?php _e( 'Something is being cranky!', 'jetpack' ); ?></h4> 
  4206. <p><?php _e( 'Your site is configured to only permit SSL connections to Jetpack, but SSL connections don\'t seem to be functional!', 'jetpack' ); ?></p> 
  4207. </div> 
  4208. </div> 
  4209.  
  4210. <?php 
  4211.  
  4212. /** 
  4213. * Returns the Jetpack XML-RPC API 
  4214. * 
  4215. * @return string 
  4216. */ 
  4217. public static function xmlrpc_api_url() { 
  4218. $base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE ); 
  4219. return untrailingslashit( $base ) . '/xmlrpc.php'; 
  4220.  
  4221. /** 
  4222. * Creates two secret tokens and the end of life timestamp for them. 
  4223. * 
  4224. * Note these tokens are unique per call, NOT static per site for connecting. 
  4225. * 
  4226. * @since 2.6 
  4227. * @return array 
  4228. */ 
  4229. public function generate_secrets() { 
  4230. $secrets = array( 
  4231. wp_generate_password( 32, false ), // secret_1 
  4232. wp_generate_password( 32, false ), // secret_2 
  4233. ( time() + 600 ), // eol ( End of Life ) 
  4234. ); 
  4235.  
  4236. return $secrets; 
  4237.  
  4238. /** 
  4239. * Builds the timeout limit for queries talking with the wpcom servers. 
  4240. * 
  4241. * Based on local php max_execution_time in php.ini 
  4242. * 
  4243. * @since 2.6 
  4244. * @return int 
  4245. **/ 
  4246. public function get_remote_query_timeout_limit() { 
  4247. $timeout = (int) ini_get( 'max_execution_time' ); 
  4248. if ( ! $timeout ) // Ensure exec time set in php.ini 
  4249. $timeout = 30; 
  4250. return intval( $timeout / 2 ); 
  4251.  
  4252.  
  4253. /** 
  4254. * Takes the response from the Jetpack register new site endpoint and 
  4255. * verifies it worked properly. 
  4256. * 
  4257. * @since 2.6 
  4258. * @return true or Jetpack_Error 
  4259. **/ 
  4260. public function validate_remote_register_response( $response ) { 
  4261. if ( is_wp_error( $response ) ) { 
  4262. return new Jetpack_Error( 'register_http_request_failed', $response->get_error_message() ); 
  4263.  
  4264. $code = wp_remote_retrieve_response_code( $response ); 
  4265. $entity = wp_remote_retrieve_body( $response ); 
  4266. if ( $entity ) 
  4267. $json = json_decode( $entity ); 
  4268. else 
  4269. $json = false; 
  4270.  
  4271. $code_type = intval( $code / 100 ); 
  4272. if ( 5 == $code_type ) { 
  4273. return new Jetpack_Error( 'wpcom_5??', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code ); 
  4274. } elseif ( 408 == $code ) { 
  4275. return new Jetpack_Error( 'wpcom_408', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code ); 
  4276. } elseif ( ! empty( $json->error ) ) { 
  4277. $error_description = isset( $json->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $json->error_description ) : ''; 
  4278. return new Jetpack_Error( (string) $json->error, $error_description, $code ); 
  4279. } elseif ( 200 != $code ) { 
  4280. return new Jetpack_Error( 'wpcom_bad_response', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code ); 
  4281.  
  4282. // Jetpack ID error block 
  4283. if ( empty( $json->jetpack_id ) ) { 
  4284. return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ), $entity ); 
  4285. } elseif ( ! is_scalar( $json->jetpack_id ) ) { 
  4286. return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity ); 
  4287. } elseif ( preg_match( '/[^0-9]/', $json->jetpack_id ) ) { 
  4288. return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity ); 
  4289.  
  4290. return true; 
  4291. /** 
  4292. * @return bool|WP_Error 
  4293. */ 
  4294. public static function register() { 
  4295. add_action( 'pre_update_jetpack_option_register', array( 'Jetpack_Options', 'delete_option' ) ); 
  4296. $secrets = Jetpack::init()->generate_secrets(); 
  4297.  
  4298. Jetpack_Options::update_option( 'register', $secrets[0] . ':' . $secrets[1] . ':' . $secrets[2] ); 
  4299.  
  4300. @list( $secret_1, $secret_2, $secret_eol ) = explode( ':', Jetpack_Options::get_option( 'register' ) ); 
  4301. if ( empty( $secret_1 ) || empty( $secret_2 ) || empty( $secret_eol ) || $secret_eol < time() ) { 
  4302. return new Jetpack_Error( 'missing_secrets' ); 
  4303.  
  4304. $timeout = Jetpack::init()->get_remote_query_timeout_limit(); 
  4305.  
  4306. $gmt_offset = get_option( 'gmt_offset' ); 
  4307. if ( ! $gmt_offset ) { 
  4308. $gmt_offset = 0; 
  4309.  
  4310. $stats_options = get_option( 'stats_options' ); 
  4311. $stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null; 
  4312.  
  4313. $args = array( 
  4314. 'method' => 'POST',  
  4315. 'body' => array( 
  4316. 'siteurl' => site_url(),  
  4317. 'home' => home_url(),  
  4318. 'gmt_offset' => $gmt_offset,  
  4319. 'timezone_string' => (string) get_option( 'timezone_string' ),  
  4320. 'site_name' => (string) get_option( 'blogname' ),  
  4321. 'secret_1' => $secret_1,  
  4322. 'secret_2' => $secret_2,  
  4323. 'site_lang' => get_locale(),  
  4324. 'timeout' => $timeout,  
  4325. 'stats_id' => $stats_id,  
  4326. ),  
  4327. 'headers' => array( 
  4328. 'Accept' => 'application/json',  
  4329. ),  
  4330. 'timeout' => $timeout,  
  4331. ); 
  4332. $response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'register' ) ), $args, true ); 
  4333.  
  4334.  
  4335. // Make sure the response is valid and does not contain any Jetpack errors 
  4336. $valid_response = Jetpack::init()->validate_remote_register_response( $response ); 
  4337. if( is_wp_error( $valid_response ) || !$valid_response ) { 
  4338. return $valid_response; 
  4339.  
  4340.  
  4341. // Grab the response values to work with 
  4342. $code = wp_remote_retrieve_response_code( $response ); 
  4343. $entity = wp_remote_retrieve_body( $response ); 
  4344.  
  4345. if ( $entity ) 
  4346. $json = json_decode( $entity ); 
  4347. else 
  4348. $json = false; 
  4349.  
  4350. if ( empty( $json->jetpack_secret ) || ! is_string( $json->jetpack_secret ) ) 
  4351. return new Jetpack_Error( 'jetpack_secret', '', $code ); 
  4352.  
  4353. if ( isset( $json->jetpack_public ) ) { 
  4354. $jetpack_public = (int) $json->jetpack_public; 
  4355. } else { 
  4356. $jetpack_public = false; 
  4357.  
  4358. Jetpack_Options::update_options( 
  4359. array( 
  4360. 'id' => (int) $json->jetpack_id,  
  4361. 'blog_token' => (string) $json->jetpack_secret,  
  4362. 'public' => $jetpack_public,  
  4363. ); 
  4364.  
  4365. /** 
  4366. * Fires when a site is registered on WordPress.com. 
  4367. * 
  4368. * @since 3.7.0 
  4369. * 
  4370. * @param int $json->jetpack_id Jetpack Blog ID. 
  4371. * @param string $json->jetpack_secret Jetpack Blog Token. 
  4372. * @param int|bool $jetpack_public Is the site public. 
  4373. */ 
  4374. do_action( 'jetpack_site_registered', $json->jetpack_id, $json->jetpack_secret, $jetpack_public ); 
  4375.  
  4376. // Initialize Jump Start for the first and only time. 
  4377. if ( ! Jetpack_Options::get_option( 'jumpstart' ) ) { 
  4378. Jetpack_Options::update_option( 'jumpstart', 'new_connection' ); 
  4379.  
  4380. $jetpack = Jetpack::init(); 
  4381.  
  4382. $jetpack->stat( 'jumpstart', 'unique-views' ); 
  4383. $jetpack->do_stats( 'server_side' ); 
  4384. }; 
  4385.  
  4386. return true; 
  4387.  
  4388. /** 
  4389. * If the db version is showing something other that what we've got now, bump it to current. 
  4390. * 
  4391. * @return bool: True if the option was incorrect and updated, false if nothing happened. 
  4392. */ 
  4393. public static function maybe_set_version_option() { 
  4394. list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) ); 
  4395. if ( JETPACK__VERSION != $version ) { 
  4396. Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() ); 
  4397. return true; 
  4398. return false; 
  4399.  
  4400. /** Client Server API */ 
  4401.  
  4402. /** 
  4403. * Loads the Jetpack XML-RPC client 
  4404. */ 
  4405. public static function load_xml_rpc_client() { 
  4406. require_once ABSPATH . WPINC . '/class-IXR.php'; 
  4407. require_once JETPACK__PLUGIN_DIR . 'class.jetpack-ixr-client.php'; 
  4408.  
  4409. function verify_xml_rpc_signature() { 
  4410. if ( $this->xmlrpc_verification ) { 
  4411. return $this->xmlrpc_verification; 
  4412.  
  4413. // It's not for us 
  4414. if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) { 
  4415. return false; 
  4416.  
  4417. @list( $token_key, $version, $user_id ) = explode( ':', $_GET['token'] ); 
  4418. if ( 
  4419. empty( $token_key ) 
  4420. || 
  4421. empty( $version ) || strval( JETPACK__API_VERSION ) !== $version 
  4422. ) { 
  4423. return false; 
  4424.  
  4425. if ( '0' === $user_id ) { 
  4426. $token_type = 'blog'; 
  4427. $user_id = 0; 
  4428. } else { 
  4429. $token_type = 'user'; 
  4430. if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) { 
  4431. return false; 
  4432. $user_id = (int) $user_id; 
  4433.  
  4434. $user = new WP_User( $user_id ); 
  4435. if ( ! $user || ! $user->exists() ) { 
  4436. return false; 
  4437.  
  4438. $token = Jetpack_Data::get_access_token( $user_id ); 
  4439. if ( ! $token ) { 
  4440. return false; 
  4441.  
  4442. $token_check = "$token_key."; 
  4443. if ( ! hash_equals( substr( $token->secret, 0, strlen( $token_check ) ), $token_check ) ) { 
  4444. return false; 
  4445.  
  4446. require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php'; 
  4447.  
  4448. $jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) ); 
  4449. if ( isset( $_POST['_jetpack_is_multipart'] ) ) { 
  4450. $post_data = $_POST; 
  4451. $file_hashes = array(); 
  4452. foreach ( $post_data as $post_data_key => $post_data_value ) { 
  4453. if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) { 
  4454. continue; 
  4455. $post_data_key = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) ); 
  4456. $file_hashes[$post_data_key] = $post_data_value; 
  4457.  
  4458. foreach ( $file_hashes as $post_data_key => $post_data_value ) { 
  4459. unset( $post_data["_jetpack_file_hmac_{$post_data_key}"] ); 
  4460. $post_data[$post_data_key] = $post_data_value; 
  4461.  
  4462. ksort( $post_data ); 
  4463.  
  4464. $body = http_build_query( stripslashes_deep( $post_data ) ); 
  4465. } elseif ( is_null( $this->HTTP_RAW_POST_DATA ) ) { 
  4466. $body = file_get_contents( 'php://input' ); 
  4467. } else { 
  4468. $body = null; 
  4469. $signature = $jetpack_signature->sign_current_request( 
  4470. array( 'body' => is_null( $body ) ? $this->HTTP_RAW_POST_DATA : $body, ) 
  4471. ); 
  4472.  
  4473. if ( ! $signature ) { 
  4474. return false; 
  4475. } else if ( is_wp_error( $signature ) ) { 
  4476. return $signature; 
  4477. } else if ( ! hash_equals( $signature, $_GET['signature'] ) ) { 
  4478. return false; 
  4479.  
  4480. $timestamp = (int) $_GET['timestamp']; 
  4481. $nonce = stripslashes( (string) $_GET['nonce'] ); 
  4482.  
  4483. if ( ! $this->add_nonce( $timestamp, $nonce ) ) { 
  4484. return false; 
  4485.  
  4486. $this->xmlrpc_verification = array( 
  4487. 'type' => $token_type,  
  4488. 'user_id' => $token->external_user_id,  
  4489. ); 
  4490.  
  4491. return $this->xmlrpc_verification; 
  4492.  
  4493. /** 
  4494. * Authenticates XML-RPC and other requests from the Jetpack Server 
  4495. */ 
  4496. function authenticate_jetpack( $user, $username, $password ) { 
  4497. if ( is_a( $user, 'WP_User' ) ) { 
  4498. return $user; 
  4499.  
  4500. $token_details = $this->verify_xml_rpc_signature(); 
  4501.  
  4502. if ( ! $token_details || is_wp_error( $token_details ) ) { 
  4503. return $user; 
  4504.  
  4505. if ( 'user' !== $token_details['type'] ) { 
  4506. return $user; 
  4507.  
  4508. if ( ! $token_details['user_id'] ) { 
  4509. return $user; 
  4510.  
  4511. nocache_headers(); 
  4512.  
  4513. return new WP_User( $token_details['user_id'] ); 
  4514.  
  4515. function add_nonce( $timestamp, $nonce ) { 
  4516. global $wpdb; 
  4517. static $nonces_used_this_request = array(); 
  4518.  
  4519. if ( isset( $nonces_used_this_request["$timestamp:$nonce"] ) ) { 
  4520. return $nonces_used_this_request["$timestamp:$nonce"]; 
  4521.  
  4522. // This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce 
  4523. $timestamp = (int) $timestamp; 
  4524. $nonce = esc_sql( $nonce ); 
  4525.  
  4526. // Raw query so we can avoid races: add_option will also update 
  4527. $show_errors = $wpdb->show_errors( false ); 
  4528.  
  4529. $old_nonce = $wpdb->get_row( 
  4530. $wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" ) 
  4531. ); 
  4532.  
  4533. if ( is_null( $old_nonce ) ) { 
  4534. $return = $wpdb->query( 
  4535. $wpdb->prepare( 
  4536. "INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",  
  4537. "jetpack_nonce_{$timestamp}_{$nonce}",  
  4538. time(),  
  4539. 'no' 
  4540. ); 
  4541. } else { 
  4542. $return = false; 
  4543.  
  4544. $wpdb->show_errors( $show_errors ); 
  4545.  
  4546. $nonces_used_this_request["$timestamp:$nonce"] = $return; 
  4547.  
  4548. return $return; 
  4549.  
  4550. /** 
  4551. * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods. 
  4552. * Capture it here so we can verify the signature later. 
  4553. */ 
  4554. function xmlrpc_methods( $methods ) { 
  4555. $this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA']; 
  4556. return $methods; 
  4557.  
  4558. function public_xmlrpc_methods( $methods ) { 
  4559. if ( array_key_exists( 'wp.getOptions', $methods ) ) { 
  4560. $methods['wp.getOptions'] = array( $this, 'jetpack_getOptions' ); 
  4561. return $methods; 
  4562.  
  4563. function jetpack_getOptions( $args ) { 
  4564. global $wp_xmlrpc_server; 
  4565.  
  4566. $wp_xmlrpc_server->escape( $args ); 
  4567.  
  4568. $username = $args[1]; 
  4569. $password = $args[2]; 
  4570.  
  4571. if ( !$user = $wp_xmlrpc_server->login($username, $password) ) { 
  4572. return $wp_xmlrpc_server->error; 
  4573.  
  4574. $options = array(); 
  4575. $user_data = $this->get_connected_user_data(); 
  4576. if ( is_array( $user_data ) ) { 
  4577. $options['jetpack_user_id'] = array( 
  4578. 'desc' => __( 'The WP.com user ID of the connected user', 'jetpack' ),  
  4579. 'readonly' => true,  
  4580. 'value' => $user_data['ID'],  
  4581. ); 
  4582. $options['jetpack_user_login'] = array( 
  4583. 'desc' => __( 'The WP.com username of the connected user', 'jetpack' ),  
  4584. 'readonly' => true,  
  4585. 'value' => $user_data['login'],  
  4586. ); 
  4587. $options['jetpack_user_email'] = array( 
  4588. 'desc' => __( 'The WP.com user email of the connected user', 'jetpack' ),  
  4589. 'readonly' => true,  
  4590. 'value' => $user_data['email'],  
  4591. ); 
  4592. $options['jetpack_user_site_count'] = array( 
  4593. 'desc' => __( 'The number of sites of the connected WP.com user', 'jetpack' ),  
  4594. 'readonly' => true,  
  4595. 'value' => $user_data['site_count'],  
  4596. ); 
  4597. $wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options ); 
  4598. $args = stripslashes_deep( $args ); 
  4599. return $wp_xmlrpc_server->wp_getOptions( $args ); 
  4600.  
  4601. function xmlrpc_options( $options ) { 
  4602. $jetpack_client_id = false; 
  4603. if ( self::is_active() ) { 
  4604. $jetpack_client_id = Jetpack_Options::get_option( 'id' ); 
  4605. $options['jetpack_version'] = array( 
  4606. 'desc' => __( 'Jetpack Plugin Version', 'jetpack' ),  
  4607. 'readonly' => true,  
  4608. 'value' => JETPACK__VERSION,  
  4609. ); 
  4610.  
  4611. $options['jetpack_client_id'] = array( 
  4612. 'desc' => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),  
  4613. 'readonly' => true,  
  4614. 'value' => $jetpack_client_id,  
  4615. ); 
  4616. return $options; 
  4617.  
  4618. public static function clean_nonces( $all = false ) { 
  4619. global $wpdb; 
  4620.  
  4621. $sql = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s"; 
  4622. if ( method_exists ( $wpdb , 'esc_like' ) ) { 
  4623. $sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' ); 
  4624. } else { 
  4625. $sql_args = array( like_escape( 'jetpack_nonce_' ) . '%' ); 
  4626.  
  4627. if ( true !== $all ) { 
  4628. $sql .= ' AND CAST( `option_value` AS UNSIGNED ) < %d'; 
  4629. $sql_args[] = time() - 3600; 
  4630.  
  4631. $sql .= ' ORDER BY `option_id` LIMIT 100'; 
  4632.  
  4633. $sql = $wpdb->prepare( $sql, $sql_args ); 
  4634.  
  4635. for ( $i = 0; $i < 1000; $i++ ) { 
  4636. if ( ! $wpdb->query( $sql ) ) { 
  4637. break; 
  4638.  
  4639. /** 
  4640. * State is passed via cookies from one request to the next, but never to subsequent requests. 
  4641. * SET: state( $key, $value ); 
  4642. * GET: $value = state( $key ); 
  4643. * 
  4644. * @param string $key 
  4645. * @param string $value 
  4646. * @param bool $restate private 
  4647. */ 
  4648. public static function state( $key = null, $value = null, $restate = false ) { 
  4649. static $state = array(); 
  4650. static $path, $domain; 
  4651. if ( ! isset( $path ) ) { 
  4652. require_once( ABSPATH . 'wp-admin/includes/plugin.php' ); 
  4653. $admin_url = Jetpack::admin_url(); 
  4654. $bits = parse_url( $admin_url ); 
  4655.  
  4656. if ( is_array( $bits ) ) { 
  4657. $path = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null; 
  4658. $domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null; 
  4659. } else { 
  4660. $path = $domain = null; 
  4661.  
  4662. // Extract state from cookies and delete cookies 
  4663. if ( isset( $_COOKIE[ 'jetpackState' ] ) && is_array( $_COOKIE[ 'jetpackState' ] ) ) { 
  4664. $yum = $_COOKIE[ 'jetpackState' ]; 
  4665. unset( $_COOKIE[ 'jetpackState' ] ); 
  4666. foreach ( $yum as $k => $v ) { 
  4667. if ( strlen( $v ) ) 
  4668. $state[ $k ] = $v; 
  4669. setcookie( "jetpackState[$k]", false, 0, $path, $domain ); 
  4670.  
  4671. if ( $restate ) { 
  4672. foreach ( $state as $k => $v ) { 
  4673. setcookie( "jetpackState[$k]", $v, 0, $path, $domain ); 
  4674. return; 
  4675.  
  4676. // Get a state variable 
  4677. if ( isset( $key ) && ! isset( $value ) ) { 
  4678. if ( array_key_exists( $key, $state ) ) 
  4679. return $state[ $key ]; 
  4680. return null; 
  4681.  
  4682. // Set a state variable 
  4683. if ( isset ( $key ) && isset( $value ) ) { 
  4684. if( is_array( $value ) && isset( $value[0] ) ) { 
  4685. $value = $value[0]; 
  4686. $state[ $key ] = $value; 
  4687. setcookie( "jetpackState[$key]", $value, 0, $path, $domain ); 
  4688.  
  4689. public static function restate() { 
  4690. Jetpack::state( null, null, true ); 
  4691.  
  4692. public static function check_privacy( $file ) { 
  4693. static $is_site_publicly_accessible = null; 
  4694.  
  4695. if ( is_null( $is_site_publicly_accessible ) ) { 
  4696. $is_site_publicly_accessible = false; 
  4697.  
  4698. Jetpack::load_xml_rpc_client(); 
  4699. $rpc = new Jetpack_IXR_Client(); 
  4700.  
  4701. $success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() ); 
  4702. if ( $success ) { 
  4703. $response = $rpc->getResponse(); 
  4704. if ( $response ) { 
  4705. $is_site_publicly_accessible = true; 
  4706.  
  4707. Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible ); 
  4708.  
  4709. if ( $is_site_publicly_accessible ) { 
  4710. return; 
  4711.  
  4712. $module_slug = self::get_module_slug( $file ); 
  4713.  
  4714. $privacy_checks = Jetpack::state( 'privacy_checks' ); 
  4715. if ( ! $privacy_checks ) { 
  4716. $privacy_checks = $module_slug; 
  4717. } else { 
  4718. $privacy_checks .= ", $module_slug"; 
  4719.  
  4720. Jetpack::state( 'privacy_checks', $privacy_checks ); 
  4721.  
  4722. /** 
  4723. * Helper method for multicall XMLRPC. 
  4724. */ 
  4725. public static function xmlrpc_async_call() { 
  4726. global $blog_id; 
  4727. static $clients = array(); 
  4728.  
  4729. $client_blog_id = is_multisite() ? $blog_id : 0; 
  4730.  
  4731. if ( ! isset( $clients[$client_blog_id] ) ) { 
  4732. Jetpack::load_xml_rpc_client(); 
  4733. $clients[$client_blog_id] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER, ) ); 
  4734. if ( function_exists( 'ignore_user_abort' ) ) { 
  4735. ignore_user_abort( true ); 
  4736. add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) ); 
  4737.  
  4738. $args = func_get_args(); 
  4739.  
  4740. if ( ! empty( $args[0] ) ) { 
  4741. call_user_func_array( array( $clients[$client_blog_id], 'addCall' ), $args ); 
  4742. } elseif ( is_multisite() ) { 
  4743. foreach ( $clients as $client_blog_id => $client ) { 
  4744. if ( ! $client_blog_id || empty( $client->calls ) ) { 
  4745. continue; 
  4746.  
  4747. $switch_success = switch_to_blog( $client_blog_id, true ); 
  4748. if ( ! $switch_success ) { 
  4749. continue; 
  4750.  
  4751. flush(); 
  4752. $client->query(); 
  4753.  
  4754. restore_current_blog(); 
  4755. } else { 
  4756. if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) { 
  4757. flush(); 
  4758. $clients[0]->query(); 
  4759.  
  4760. public static function staticize_subdomain( $url ) { 
  4761.  
  4762. // Extract hostname from URL 
  4763. $host = parse_url( $url, PHP_URL_HOST ); 
  4764.  
  4765. // Explode hostname on '.' 
  4766. $exploded_host = explode( '.', $host ); 
  4767.  
  4768. // Retrieve the name and TLD 
  4769. if ( count( $exploded_host ) > 1 ) { 
  4770. $name = $exploded_host[ count( $exploded_host ) - 2 ]; 
  4771. $tld = $exploded_host[ count( $exploded_host ) - 1 ]; 
  4772. // Rebuild domain excluding subdomains 
  4773. $domain = $name . '.' . $tld; 
  4774. } else { 
  4775. $domain = $host; 
  4776. // Array of Automattic domains 
  4777. $domain_whitelist = array( 'wordpress.com', 'wp.com' ); 
  4778.  
  4779. // Return $url if not an Automattic domain 
  4780. if ( ! in_array( $domain, $domain_whitelist ) ) { 
  4781. return $url; 
  4782.  
  4783. if ( is_ssl() ) { 
  4784. return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url ); 
  4785.  
  4786. srand( crc32( basename( $url ) ) ); 
  4787. $static_counter = rand( 0, 2 ); 
  4788. srand(); // this resets everything that relies on this, like array_rand() and shuffle() 
  4789.  
  4790. return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url ); 
  4791.  
  4792. /** JSON API Authorization */ 
  4793.  
  4794. /** 
  4795. * Handles the login action for Authorizing the JSON API 
  4796. */ 
  4797. function login_form_json_api_authorization() { 
  4798. $this->verify_json_api_authorization_request(); 
  4799.  
  4800. add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 ); 
  4801.  
  4802. add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) ); 
  4803. add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) ); 
  4804. add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 ); 
  4805.  
  4806. // Make sure the login form is POSTed to the signed URL so we can reverify the request 
  4807. function post_login_form_to_signed_url( $url, $path, $scheme ) { 
  4808. if ( 'wp-login.php' !== $path || 'login_post' !== $scheme ) { 
  4809. return $url; 
  4810.  
  4811. $parsed_url = parse_url( $url ); 
  4812. $url = strtok( $url, '?' ); 
  4813. $url = "$url?{$_SERVER['QUERY_STRING']}"; 
  4814. if ( ! empty( $parsed_url['query'] ) ) 
  4815. $url .= "&{$parsed_url['query']}"; 
  4816.  
  4817. return $url; 
  4818.  
  4819. // Make sure the POSTed request is handled by the same action 
  4820. function preserve_action_in_login_form_for_json_api_authorization() { 
  4821. echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n"; 
  4822. echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n"; 
  4823.  
  4824. // If someone logs in to approve API access, store the Access Code in usermeta 
  4825. function store_json_api_authorization_token( $user_login, $user ) { 
  4826. add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 ); 
  4827. add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) ); 
  4828. $token = wp_generate_password( 32, false ); 
  4829. update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token ); 
  4830.  
  4831. // Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access 
  4832. function allow_wpcom_public_api_domain( $domains ) { 
  4833. $domains[] = 'public-api.wordpress.com'; 
  4834. return $domains; 
  4835.  
  4836. // Add the Access Code details to the public-api.wordpress.com redirect 
  4837. function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) { 
  4838. return add_query_arg( 
  4839. urlencode_deep( 
  4840. array( 
  4841. 'jetpack-code' => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),  
  4842. 'jetpack-user-id' => (int) $user->ID,  
  4843. 'jetpack-state' => $this->json_api_authorization_request['state'],  
  4844. ),  
  4845. $redirect_to 
  4846. ); 
  4847.  
  4848. // Verifies the request by checking the signature 
  4849. function verify_json_api_authorization_request() { 
  4850. require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php'; 
  4851.  
  4852. $token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER ); 
  4853. if ( ! $token || empty( $token->secret ) ) { 
  4854. wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.' , 'jetpack' ) ); 
  4855.  
  4856. $die_error = __( 'Someone may be trying to trick you into giving them access to your site. Or it could be you just encountered a bug :). Either way, please close this window.', 'jetpack' ); 
  4857.  
  4858. $jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) ); 
  4859.  
  4860. if ( isset( $_POST['jetpack_json_api_original_query'] ) ) { 
  4861. $signature = $jetpack_signature->sign_request( $_GET['token'], $_GET['timestamp'], $_GET['nonce'], '', 'GET', $_POST['jetpack_json_api_original_query'], null, true ); 
  4862. } else { 
  4863. $signature = $jetpack_signature->sign_current_request( array( 'body' => null, 'method' => 'GET' ) ); 
  4864.  
  4865. if ( ! $signature ) { 
  4866. wp_die( $die_error ); 
  4867. } else if ( is_wp_error( $signature ) ) { 
  4868. wp_die( $die_error ); 
  4869. } else if ( $signature !== $_GET['signature'] ) { 
  4870. if ( is_ssl() ) { 
  4871. // If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well 
  4872. $signature = $jetpack_signature->sign_current_request( array( 'scheme' => 'http', 'body' => null, 'method' => 'GET' ) ); 
  4873. if ( ! $signature || is_wp_error( $signature ) || $signature !== $_GET['signature'] ) { 
  4874. wp_die( $die_error ); 
  4875. } else { 
  4876. wp_die( $die_error ); 
  4877.  
  4878. $timestamp = (int) $_GET['timestamp']; 
  4879. $nonce = stripslashes( (string) $_GET['nonce'] ); 
  4880.  
  4881. if ( ! $this->add_nonce( $timestamp, $nonce ) ) { 
  4882. // De-nonce the nonce, at least for 5 minutes. 
  4883. // We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed) 
  4884. $old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" ); 
  4885. if ( $old_nonce_time < time() - 300 ) { 
  4886. wp_die( __( 'The authorization process expired. Please go back and try again.' , 'jetpack' ) ); 
  4887.  
  4888. $data = json_decode( base64_decode( stripslashes( $_GET['data'] ) ) ); 
  4889. $data_filters = array( 
  4890. 'state' => 'opaque',  
  4891. 'client_id' => 'int',  
  4892. 'client_title' => 'string',  
  4893. 'client_image' => 'url',  
  4894. ); 
  4895.  
  4896. foreach ( $data_filters as $key => $sanitation ) { 
  4897. if ( ! isset( $data->$key ) ) { 
  4898. wp_die( $die_error ); 
  4899.  
  4900. switch ( $sanitation ) { 
  4901. case 'int' : 
  4902. $this->json_api_authorization_request[$key] = (int) $data->$key; 
  4903. break; 
  4904. case 'opaque' : 
  4905. $this->json_api_authorization_request[$key] = (string) $data->$key; 
  4906. break; 
  4907. case 'string' : 
  4908. $this->json_api_authorization_request[$key] = wp_kses( (string) $data->$key, array() ); 
  4909. break; 
  4910. case 'url' : 
  4911. $this->json_api_authorization_request[$key] = esc_url_raw( (string) $data->$key ); 
  4912. break; 
  4913.  
  4914. if ( empty( $this->json_api_authorization_request['client_id'] ) ) { 
  4915. wp_die( $die_error ); 
  4916.  
  4917. function login_message_json_api_authorization( $message ) { 
  4918. return '<p class="message">' . sprintf( 
  4919. esc_html__( '%s wants to access your site’s data. Log in to authorize that access.' , 'jetpack' ),  
  4920. '<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>' 
  4921. ) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>'; 
  4922.  
  4923. /** 
  4924. * Get $content_width, but with a <s>twist</s> filter. 
  4925. */ 
  4926. public static function get_content_width() { 
  4927. $content_width = isset( $GLOBALS['content_width'] ) ? $GLOBALS['content_width'] : false; 
  4928. /** 
  4929. * Filter the Content Width value. 
  4930. * 
  4931. * @since 2.2.3 
  4932. * 
  4933. * @param string $content_width Content Width value. 
  4934. */ 
  4935. return apply_filters( 'jetpack_content_width', $content_width ); 
  4936.  
  4937. /** 
  4938. * Centralize the function here until it gets added to core. 
  4939. * 
  4940. * @param int|string|object $id_or_email A user ID, email address, or comment object 
  4941. * @param int $size Size of the avatar image 
  4942. * @param string $default URL to a default image to use if no avatar is available 
  4943. * @param bool $force_display Whether to force it to return an avatar even if show_avatars is disabled 
  4944. * 
  4945. * @return array First element is the URL, second is the class. 
  4946. */ 
  4947. public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) { 
  4948. // Don't bother adding the __return_true filter if it's already there. 
  4949. $has_filter = has_filter( 'pre_option_show_avatars', '__return_true' ); 
  4950.  
  4951. if ( $force_display && ! $has_filter ) 
  4952. add_filter( 'pre_option_show_avatars', '__return_true' ); 
  4953.  
  4954. $avatar = get_avatar( $id_or_email, $size, $default ); 
  4955.  
  4956. if ( $force_display && ! $has_filter ) 
  4957. remove_filter( 'pre_option_show_avatars', '__return_true' ); 
  4958.  
  4959. // If no data, fail out. 
  4960. if ( is_wp_error( $avatar ) || ! $avatar ) 
  4961. return array( null, null ); 
  4962.  
  4963. // Pull out the URL. If it's not there, fail out. 
  4964. if ( ! preg_match( '/src=["\']([^"\']+)["\']/', $avatar, $url_matches ) ) 
  4965. return array( null, null ); 
  4966. $url = wp_specialchars_decode( $url_matches[1], ENT_QUOTES ); 
  4967.  
  4968. // Pull out the class, but it's not a big deal if it's missing. 
  4969. $class = ''; 
  4970. if ( preg_match( '/class=["\']([^"\']+)["\']/', $avatar, $class_matches ) ) 
  4971. $class = wp_specialchars_decode( $class_matches[1], ENT_QUOTES ); 
  4972.  
  4973. return array( $url, $class ); 
  4974.  
  4975. /** 
  4976. * Pings the WordPress.com Mirror Site for the specified options. 
  4977. * 
  4978. * @param string|array $option_names The option names to request from the WordPress.com Mirror Site 
  4979. * 
  4980. * @return array An associative array of the option values as stored in the WordPress.com Mirror Site 
  4981. */ 
  4982. public function get_cloud_site_options( $option_names ) { 
  4983. $option_names = array_filter( (array) $option_names, 'is_string' ); 
  4984.  
  4985. Jetpack::load_xml_rpc_client(); 
  4986. $xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER, ) ); 
  4987. $xml->query( 'jetpack.fetchSiteOptions', $option_names ); 
  4988. if ( $xml->isError() ) { 
  4989. return array( 
  4990. 'error_code' => $xml->getErrorCode(),  
  4991. 'error_msg' => $xml->getErrorMessage(),  
  4992. ); 
  4993. $cloud_site_options = $xml->getResponse(); 
  4994.  
  4995. return $cloud_site_options; 
  4996.  
  4997. /** 
  4998. * Fetch the filtered array of options that we should compare to determine an identity crisis. 
  4999. * 
  5000. * @return array An array of options to check. 
  5001. */ 
  5002. public static function identity_crisis_options_to_check() { 
  5003. $options = array( 
  5004. 'siteurl',  
  5005. 'home',  
  5006. ); 
  5007. /** 
  5008. * Filter the options that we should compare to determine an identity crisis. 
  5009. * 
  5010. * @since 2.5.0 
  5011. * 
  5012. * @param array $options Array of options to compare to determine an identity crisis. 
  5013. */ 
  5014. return apply_filters( 'jetpack_identity_crisis_options_to_check', $options ); 
  5015.  
  5016. /** 
  5017. * Checks to make sure that local options have the same values as remote options. Will cache the results for up to 24 hours. 
  5018. * 
  5019. * @param bool $force_recheck Whether to ignore any cached transient and manually re-check. 
  5020. * 
  5021. * @return array An array of options that do not match. If everything is good, it will evaluate to false. 
  5022. */ 
  5023. public static function check_identity_crisis( $force_recheck = false ) { 
  5024. if ( ! Jetpack::is_active() || Jetpack::is_development_mode() ) 
  5025. return false; 
  5026.  
  5027. if ( $force_recheck || false === ( $errors = get_transient( 'jetpack_has_identity_crisis' ) ) ) { 
  5028. $options_to_check = self::identity_crisis_options_to_check(); 
  5029. $cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check ); 
  5030. $errors = array(); 
  5031.  
  5032. foreach ( $cloud_options as $cloud_key => $cloud_value ) { 
  5033.  
  5034. // If it's not the same as the local value... 
  5035. if ( $cloud_value !== get_option( $cloud_key ) ) { 
  5036.  
  5037. // Break out if we're getting errors. We are going to check the error keys later when we alert. 
  5038. if ( 'error_code' == $cloud_key ) { 
  5039. $errors[ $cloud_key ] = $cloud_value; 
  5040. break; 
  5041.  
  5042. $parsed_cloud_value = parse_url( $cloud_value ); 
  5043. // If the current options is an IP address 
  5044. if ( filter_var( $parsed_cloud_value['host'], FILTER_VALIDATE_IP ) ) { 
  5045. // Give the new value a Jetpack to fly in to the clouds 
  5046. Jetpack::resolve_identity_crisis( $cloud_key ); 
  5047. continue; 
  5048.  
  5049. // And it's not been added to the whitelist... 
  5050. if ( ! self::is_identity_crisis_value_whitelisted( $cloud_key, $cloud_value ) ) { 
  5051. /** 
  5052. * This should be a temporary hack until a cleaner solution is found. 
  5053. * 
  5054. * The siteurl and home can be set to use http in General > Settings 
  5055. * however some constants can be defined that can force https in wp-admin 
  5056. * when this happens wpcom can confuse wporg with a fake identity 
  5057. * crisis with a mismatch of http vs https when it should be allowed. 
  5058. * we need to check that here. 
  5059. * 
  5060. * @see https://github.com/Automattic/jetpack/issues/1006 
  5061. */ 
  5062. if ( ( 'home' == $cloud_key || 'siteurl' == $cloud_key ) 
  5063. && ( substr( $cloud_value, 0, 8 ) == "https://" ) 
  5064. && Jetpack::init()->is_ssl_required_to_visit_site() ) { 
  5065. // Ok, we found a mismatch of http and https because of wp-config, not an invalid url 
  5066. continue; 
  5067.  
  5068.  
  5069. // Then kick an error! 
  5070. $errors[ $cloud_key ] = $cloud_value; 
  5071.  
  5072. /** 
  5073. * Filters the errors returned when checking for an Identity Crisis. 
  5074. * 
  5075. * @since 2.3.2 
  5076. * 
  5077. * @param array $errors Array of Identity Crisis errors. 
  5078. * @param bool $force_recheck Ignore any cached transient and manually re-check. Default to false. 
  5079. */ 
  5080. return apply_filters( 'jetpack_has_identity_crisis', $errors, $force_recheck ); 
  5081.  
  5082. /** 
  5083. * Resolve ID crisis 
  5084. * 
  5085. * If the URL has changed, but the rest of the options are the same (i.e. blog/user tokens) 
  5086. * The user has the option to update the shadow site with the new URL before a new 
  5087. * token is created. 
  5088. * 
  5089. * @param $key : Which option to sync. null defautlts to home and siteurl 
  5090. */ 
  5091. public static function resolve_identity_crisis( $key = null ) { 
  5092. if ( $key ) { 
  5093. $identity_options = array( $key ); 
  5094. } else { 
  5095. $identity_options = self::identity_crisis_options_to_check(); 
  5096.  
  5097. if ( is_array( $identity_options ) ) { 
  5098. foreach( $identity_options as $identity_option ) { 
  5099. Jetpack_Sync::sync_options( __FILE__, $identity_option ); 
  5100.  
  5101. /** 
  5102. * Fires when a shadow site option is updated. 
  5103. * These options are updated via the Identity Crisis UI. 
  5104. * $identity_option is the option that gets updated. 
  5105. * 
  5106. * @since 3.7.0 
  5107. */ 
  5108. do_action( "update_option_{$identity_option}" ); 
  5109.  
  5110. /** 
  5111. * Whitelist URL 
  5112. * 
  5113. * Ignore the URL differences between the blog and the shadow site. 
  5114. */ 
  5115. public static function whitelist_current_url() { 
  5116. $options_to_check = Jetpack::identity_crisis_options_to_check(); 
  5117. $cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check ); 
  5118.  
  5119. foreach ( $cloud_options as $cloud_key => $cloud_value ) { 
  5120. Jetpack::whitelist_identity_crisis_value( $cloud_key, $cloud_value ); 
  5121.  
  5122. /** 
  5123. * Ajax callbacks for ID crisis resolutions 
  5124. * 
  5125. * Things that could happen here: 
  5126. * - site_migrated : Update the URL on the shadow blog to match new domain 
  5127. * - whitelist : Ignore the URL difference 
  5128. * - default : Error message 
  5129. */ 
  5130. public static function resolve_identity_crisis_ajax_callback() { 
  5131. check_ajax_referer( 'resolve-identity-crisis', 'ajax-nonce' ); 
  5132.  
  5133. switch ( $_POST[ 'crisis_resolution_action' ] ) { 
  5134. case 'site_migrated': 
  5135. Jetpack::resolve_identity_crisis(); 
  5136. echo 'resolved'; 
  5137. break; 
  5138.  
  5139. case 'whitelist': 
  5140. Jetpack::whitelist_current_url(); 
  5141. echo 'whitelisted'; 
  5142. break; 
  5143.  
  5144. case 'reset_connection': 
  5145. // Delete the options first so it doesn't get confused which site to disconnect dotcom-side 
  5146. Jetpack_Options::delete_option( 
  5147. array( 
  5148. 'register',  
  5149. 'blog_token',  
  5150. 'user_token',  
  5151. 'user_tokens',  
  5152. 'master_user',  
  5153. 'time_diff',  
  5154. 'fallback_no_verify_ssl_certs',  
  5155. 'id',  
  5156. ); 
  5157. delete_transient( 'jetpack_has_identity_crisis' ); 
  5158.  
  5159. echo 'reset-connection-success'; 
  5160. break; 
  5161.  
  5162. default: 
  5163. echo 'missing action'; 
  5164. break; 
  5165.  
  5166. wp_die(); 
  5167.  
  5168. /** 
  5169. * Adds a value to the whitelist for the specified key. 
  5170. * 
  5171. * @param string $key The option name that we're whitelisting the value for. 
  5172. * @param string $value The value that we're intending to add to the whitelist. 
  5173. * 
  5174. * @return bool Whether the value was added to the whitelist, or false if it was already there. 
  5175. */ 
  5176. public static function whitelist_identity_crisis_value( $key, $value ) { 
  5177. if ( Jetpack::is_identity_crisis_value_whitelisted( $key, $value ) ) { 
  5178. return false; 
  5179.  
  5180. $whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist', array() ); 
  5181. if ( empty( $whitelist[ $key ] ) || ! is_array( $whitelist[ $key ] ) ) { 
  5182. $whitelist[ $key ] = array(); 
  5183. array_push( $whitelist[ $key ], $value ); 
  5184.  
  5185. Jetpack_Options::update_option( 'identity_crisis_whitelist', $whitelist ); 
  5186. return true; 
  5187.  
  5188. /** 
  5189. * Checks whether a value is already whitelisted. 
  5190. * 
  5191. * @param string $key The option name that we're checking the value for. 
  5192. * @param string $value The value that we're curious to see if it's on the whitelist. 
  5193. * 
  5194. * @return bool Whether the value is whitelisted. 
  5195. */ 
  5196. public static function is_identity_crisis_value_whitelisted( $key, $value ) { 
  5197. $whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist', array() ); 
  5198. if ( ! empty( $whitelist[ $key ] ) && is_array( $whitelist[ $key ] ) && in_array( $value, $whitelist[ $key ] ) ) { 
  5199. return true; 
  5200. return false; 
  5201.  
  5202. /** 
  5203. * Checks whether the home and siteurl specifically are whitelisted 
  5204. * Written so that we don't have re-check $key and $value params every time 
  5205. * we want to check if this site is whitelisted, for example in footer.php 
  5206. * 
  5207. * @return bool True = already whitelsisted False = not whitelisted 
  5208. */ 
  5209. public static function jetpack_is_staging_site() { 
  5210. $current_whitelist = Jetpack_Options::get_option( 'identity_crisis_whitelist' ); 
  5211. if ( ! $current_whitelist ) { 
  5212. return false; 
  5213.  
  5214. $options_to_check = Jetpack::identity_crisis_options_to_check(); 
  5215. $cloud_options = Jetpack::init()->get_cloud_site_options( $options_to_check ); 
  5216.  
  5217. foreach ( $cloud_options as $cloud_key => $cloud_value ) { 
  5218. if ( ! self::is_identity_crisis_value_whitelisted( $cloud_key, $cloud_value ) ) { 
  5219. return false; 
  5220. return true; 
  5221.  
  5222. public function identity_crisis_js( $nonce ) { 
  5223. ?> 
  5224. <script> 
  5225. (function( $ ) { 
  5226. var SECOND_IN_MS = 1000; 
  5227.  
  5228. function contactSupport( e ) { 
  5229. e.preventDefault(); 
  5230. $( '.jp-id-crisis-question' ).hide(); 
  5231. $( '#jp-id-crisis-contact-support' ).show(); 
  5232.  
  5233. function autodismissSuccessBanner() { 
  5234. $( '.jp-identity-crisis' ).fadeOut(600); //.addClass( 'dismiss' ); 
  5235.  
  5236. var data = { action: 'jetpack_resolve_identity_crisis', 'ajax-nonce': '<?php echo $nonce; ?>' }; 
  5237.  
  5238. $( document ).ready(function() { 
  5239.  
  5240. // Site moved: Update the URL on the shadow blog 
  5241. $( '.site-moved' ).click(function( e ) { 
  5242. e.preventDefault(); 
  5243. data.crisis_resolution_action = 'site_migrated'; 
  5244. $( '#jp-id-crisis-question-1 .spinner' ).show(); 
  5245. $.post( ajaxurl, data, function() { 
  5246. $( '.jp-id-crisis-question' ).hide(); 
  5247. $( '.banner-title' ).hide(); 
  5248. $( '#jp-id-crisis-success' ).show(); 
  5249. setTimeout( autodismissSuccessBanner, 6 * SECOND_IN_MS ); 
  5250. }); 
  5251.  
  5252. }); 
  5253.  
  5254. // URL hasn't changed, next question please. 
  5255. $( '.site-not-moved' ).click(function( e ) { 
  5256. e.preventDefault(); 
  5257. $( '.jp-id-crisis-question' ).hide(); 
  5258. $( '#jp-id-crisis-question-2' ).show(); 
  5259. }); 
  5260.  
  5261. // Reset connection: two separate sites. 
  5262. $( '.reset-connection' ).click(function( e ) { 
  5263. data.crisis_resolution_action = 'reset_connection'; 
  5264. $.post( ajaxurl, data, function( response ) { 
  5265. if ( 'reset-connection-success' === response ) { 
  5266. window.location.replace( '<?php echo Jetpack::admin_url(); ?>' ); 
  5267. }); 
  5268. }); 
  5269.  
  5270. // It's a dev environment. Ignore. 
  5271. $( '.is-dev-env' ).click(function( e ) { 
  5272. data.crisis_resolution_action = 'whitelist'; 
  5273. $( '#jp-id-crisis-question-2 .spinner' ).show(); 
  5274. $.post( ajaxurl, data, function() { 
  5275. $( '.jp-id-crisis-question' ).hide(); 
  5276. $( '.banner-title' ).hide(); 
  5277. $( '#jp-id-crisis-success' ).show(); 
  5278. setTimeout( autodismissSuccessBanner, 4 * SECOND_IN_MS ); 
  5279. }); 
  5280. }); 
  5281.  
  5282. $( '.not-reconnecting' ).click(contactSupport); 
  5283. $( '.not-staging-or-dev' ).click(contactSupport); 
  5284. }); 
  5285. })( jQuery ); 
  5286. </script> 
  5287. <?php 
  5288.  
  5289. /** 
  5290. * Displays an admin_notice, alerting the user to an identity crisis. 
  5291. */ 
  5292. public function alert_identity_crisis() { 
  5293. // @todo temporary copout for dealing with domain mapping 
  5294. // @see https://github.com/Automattic/jetpack/issues/2702 
  5295. if ( is_multisite() && defined( 'SUNRISE' ) && ! Jetpack::is_development_version() ) { 
  5296. return; 
  5297.  
  5298. if ( ! current_user_can( 'jetpack_disconnect' ) ) { 
  5299. return; 
  5300.  
  5301. if ( ! $errors = self::check_identity_crisis() ) { 
  5302. return; 
  5303.  
  5304. // Only show on dashboard and jetpack pages 
  5305. $screen = get_current_screen(); 
  5306. if ( 'dashboard' !== $screen->base && ! did_action( 'jetpack_notices' ) ) { 
  5307. return; 
  5308.  
  5309. // Include the js! 
  5310. $ajax_nonce = wp_create_nonce( 'resolve-identity-crisis' ); 
  5311. $this->identity_crisis_js( $ajax_nonce ); 
  5312.  
  5313. // Include the CSS! 
  5314. if ( ! wp_script_is( 'jetpack', 'done' ) ) { 
  5315. $this->admin_banner_styles(); 
  5316.  
  5317. if ( ! array_key_exists( 'error_code', $errors ) ) { 
  5318. $key = 'siteurl'; 
  5319. if ( ! $errors[ $key ] ) { 
  5320. $key = 'home'; 
  5321. } else { 
  5322. $key = 'error_code'; 
  5323. // 401 is the only error we care about. Any other errors should not trigger the alert. 
  5324. if ( 401 !== $errors[ $key ] ) { 
  5325. return; 
  5326.  
  5327. ?> 
  5328.  
  5329. <style> 
  5330. .jp-identity-crisis .jp-btn-group { 
  5331. margin: 15px 0; 
  5332. .jp-identity-crisis strong { 
  5333. color: #518d2a; 
  5334. .jp-identity-crisis.dismiss { 
  5335. display: none; 
  5336. .jp-identity-crisis .button { 
  5337. margin-right: 4px; 
  5338. </style> 
  5339.  
  5340. <div id="message" class="error jetpack-message jp-identity-crisis stay-visible"> 
  5341. <div class="service-mark"></div> 
  5342. <div class="jp-id-banner__content"> 
  5343. <!-- <h3 class="banner-title"><?php _e( 'Something\'s not quite right with your Jetpack connection! Let\'s fix that.', 'jetpack' ); ?></h3> --> 
  5344.  
  5345. <div class="jp-id-crisis-question" id="jp-id-crisis-question-1"> 
  5346. <?php 
  5347. // 401 means that this site has been disconnected from wpcom, but the remote site still thinks it's connected. 
  5348. if ( 'error_code' == $key && '401' == $errors[ $key ] ) : ?> 
  5349. <div class="banner-content"> 
  5350. <p><?php 
  5351. /** translators: %s is a URL */ 
  5352. printf( __( 'Our records show that this site does not have a valid connection to WordPress.com. Please reset your connection to fix this. <a href="%s" target="_blank">What caused this?</a>', 'jetpack' ), 'https://jetpack.me/support/no-valid-wordpress-com-connection/' ); 
  5353. ?></p> 
  5354. </div> 
  5355. <div class="jp-btn-group"> 
  5356. <a href="#" class="reset-connection"><?php _e( 'Reset the connection', 'jetpack' ); ?></a> 
  5357. <span class="idc-separator">|</span> 
  5358. <a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( 'jetpack-notice=dismiss' ), 'jetpack-deactivate' ) ); ?>"><?php _e( 'Deactivate Jetpack', 'jetpack' ); ?></a> 
  5359. </div> 
  5360. <?php else : ?> 
  5361. <div class="banner-content"> 
  5362. <p><?php printf( __( 'It looks like you may have changed your domain. Is <strong>%1$s</strong> still your site\'s domain, or have you updated it to <strong> %2$s </strong>?', 'jetpack' ), $errors[ $key ], (string) get_option( $key ) ); ?></p> 
  5363. </div> 
  5364. <div class="jp-btn-group"> 
  5365. <a href="#" class="regular site-moved"><?php printf( __( '%s is now my domain.', 'jetpack' ), $errors[ $key ] ); ?></a> <span class="idc-separator">|</span> <a href="#" class="site-not-moved" ><?php printf( __( '%s is still my domain.', 'jetpack' ), (string) get_option( $key ) ); ?></a> 
  5366. <span class="spinner"></span> 
  5367. </div> 
  5368. <?php endif ; ?> 
  5369. </div> 
  5370.  
  5371. <div class="jp-id-crisis-question" id="jp-id-crisis-question-2" style="display: none;"> 
  5372. <div class="banner-content"> 
  5373. <p><?php printf( 
  5374. /** translators: %1$s, %2$s and %3$s are URLs */ 
  5375. __( 
  5376. 'Are <strong> %2$s </strong> and <strong> %1$s </strong> two completely separate websites? If so we should create a new connection, which will reset your followers and linked services. <a href="%3$s"><em>What does this mean?</em></a>',  
  5377. 'jetpack' 
  5378. ),  
  5379. $errors[ $key ],  
  5380. (string) get_option( $key ),  
  5381. 'https://jetpack.me/support/what-does-resetting-the-connection-mean/' 
  5382. ); ?></p> 
  5383. </div> 
  5384. <div class="jp-btn-group"> 
  5385. <a href="#" class="reset-connection"><?php _e( 'Reset the connection', 'jetpack' ); ?></a> <span class="idc-separator">|</span> 
  5386. <a href="#" class="is-dev-env"><?php _e( 'This is a development environment', 'jetpack' ); ?></a> <span class="idc-separator">|</span> 
  5387. <a href="https://jetpack.me/contact-support/" class="contact-support"><?php _e( 'Submit a support ticket', 'jetpack' ); ?></a> 
  5388. <span class="spinner"></span> 
  5389. </div> 
  5390. </div> 
  5391.  
  5392. <div class="jp-id-crisis-success" id="jp-id-crisis-success" style="display: none;"> 
  5393. <h3 class="success-notice"><?php printf( __( 'Thanks for taking the time to sort things out. We've updated our records accordingly!', 'jetpack' ) ); ?></h3> 
  5394. </div> 
  5395. </div> 
  5396. </div> 
  5397.  
  5398. <?php 
  5399.  
  5400. /** 
  5401. * Maybe Use a .min.css stylesheet, maybe not. 
  5402. * 
  5403. * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args. 
  5404. */ 
  5405. public static function maybe_min_asset( $url, $path, $plugin ) { 
  5406. // Short out on things trying to find actual paths. 
  5407. if ( ! $path || empty( $plugin ) ) { 
  5408. return $url; 
  5409.  
  5410. // Strip out the abspath. 
  5411. $base = dirname( plugin_basename( $plugin ) ); 
  5412.  
  5413. // Short out on non-Jetpack assets. 
  5414. if ( 'jetpack/' !== substr( $base, 0, 8 ) ) { 
  5415. return $url; 
  5416.  
  5417. // File name parsing. 
  5418. $file = "{$base}/{$path}"; 
  5419. $full_path = JETPACK__PLUGIN_DIR . substr( $file, 8 ); 
  5420. $file_name = substr( $full_path, strrpos( $full_path, '/' ) + 1 ); 
  5421. $file_name_parts_r = array_reverse( explode( '.', $file_name ) ); 
  5422. $extension = array_shift( $file_name_parts_r ); 
  5423.  
  5424. if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) { 
  5425. // Already pointing at the minified version. 
  5426. if ( 'min' === $file_name_parts_r[0] ) { 
  5427. return $url; 
  5428.  
  5429. $min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path ); 
  5430. if ( file_exists( $min_full_path ) ) { 
  5431. $url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url ); 
  5432.  
  5433. return $url; 
  5434.  
  5435. /** 
  5436. * Maybe inlines a stylesheet. 
  5437. * 
  5438. * If you'd like to inline a stylesheet instead of printing a link to it,  
  5439. * wp_style_add_data( 'handle', 'jetpack-inline', true ); 
  5440. * 
  5441. * Attached to `style_loader_tag` filter. 
  5442. * 
  5443. * @param string $tag The tag that would link to the external asset. 
  5444. * @param string $handle The registered handle of the script in question. 
  5445. * 
  5446. * @return string 
  5447. */ 
  5448. public static function maybe_inline_style( $tag, $handle ) { 
  5449. global $wp_styles; 
  5450. $item = $wp_styles->registered[ $handle ]; 
  5451.  
  5452. if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) { 
  5453. return $tag; 
  5454.  
  5455. if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) { 
  5456. $href = $matches[1]; 
  5457. // Strip off query string 
  5458. if ( $pos = strpos( $href, '?' ) ) { 
  5459. $href = substr( $href, 0, $pos ); 
  5460. // Strip off fragment 
  5461. if ( $pos = strpos( $href, '#' ) ) { 
  5462. $href = substr( $href, 0, $pos ); 
  5463. } else { 
  5464. return $tag; 
  5465.  
  5466. $plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE ); 
  5467. if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) { 
  5468. return $tag; 
  5469.  
  5470. // If this stylesheet has a RTL version, and the RTL version replaces normal... 
  5471. if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) { 
  5472. // And this isn't the pass that actually deals with the RTL version... 
  5473. if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) { 
  5474. // Short out, as the RTL version will deal with it in a moment. 
  5475. return $tag; 
  5476.  
  5477. $file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) ); 
  5478. $css = Jetpack::absolutize_css_urls( file_get_contents( $file ), $href ); 
  5479. if ( $css ) { 
  5480. $tag = "<!-- Inline {$item->handle} -->\r\n"; 
  5481. if ( empty( $item->extra['after'] ) ) { 
  5482. wp_add_inline_style( $handle, $css ); 
  5483. } else { 
  5484. array_unshift( $item->extra['after'], $css ); 
  5485. wp_style_add_data( $handle, 'after', $item->extra['after'] ); 
  5486.  
  5487. return $tag; 
  5488.  
  5489. /** 
  5490. * Loads a view file from the views 
  5491. * 
  5492. * Data passed in with the $data parameter will be available in the 
  5493. * template file as $data['value'] 
  5494. * 
  5495. * @param string $template - Template file to load 
  5496. * @param array $data - Any data to pass along to the template 
  5497. * @return boolean - If template file was found 
  5498. **/ 
  5499. public function load_view( $template, $data = array() ) { 
  5500. $views_dir = JETPACK__PLUGIN_DIR . 'views/'; 
  5501.  
  5502. if( file_exists( $views_dir . $template ) ) { 
  5503. require_once( $views_dir . $template ); 
  5504. return true; 
  5505.  
  5506. error_log( "Jetpack: Unable to find view file $views_dir$template" ); 
  5507. return false; 
  5508.  
  5509. /** 
  5510. * Sends a ping to the Jetpack servers to toggle on/off remote portions 
  5511. * required by some modules. 
  5512. * 
  5513. * @param string $module_slug 
  5514. */ 
  5515. public function toggle_module_on_wpcom( $module_slug ) { 
  5516. Jetpack::init()->sync->register( 'noop' ); 
  5517.  
  5518. if ( false !== strpos( current_filter(), 'jetpack_activate_module_' ) ) { 
  5519. self::check_privacy( $module_slug ); 
  5520.  
  5521.  
  5522. /** 
  5523. * Throws warnings for deprecated hooks to be removed from Jetpack 
  5524. */ 
  5525. public function deprecated_hooks() { 
  5526. global $wp_filter; 
  5527.  
  5528. /** 
  5529. * Format: 
  5530. * deprecated_filter_name => replacement_name 
  5531. * 
  5532. * If there is no replacement us null for replacement_name 
  5533. */ 
  5534. $deprecated_list = array( 
  5535. 'jetpack_bail_on_shortcode' => 'jetpack_shortcodes_to_include',  
  5536. 'wpl_sharing_2014_1' => null,  
  5537. ); 
  5538.  
  5539. // This is a silly loop depth. Better way? 
  5540. foreach( $deprecated_list AS $hook => $hook_alt ) { 
  5541. if( isset( $wp_filter[ $hook ] ) && is_array( $wp_filter[ $hook ] ) ) { 
  5542. foreach( $wp_filter[$hook] AS $func => $values ) { 
  5543. foreach( $values AS $hooked ) { 
  5544. _deprecated_function( $hook . ' used for ' . $hooked['function'], null, $hook_alt ); 
  5545.  
  5546. /** 
  5547. * Converts any url in a stylesheet, to the correct absolute url. 
  5548. * 
  5549. * Considerations: 
  5550. * - Normal, relative URLs `feh.png` 
  5551. * - Data URLs `data:image/gif;base64, eh129ehiuehjdhsa==` 
  5552. * - Schema-agnostic URLs `//domain.com/feh.png` 
  5553. * - Absolute URLs `http://domain.com/feh.png` 
  5554. * - Domain root relative URLs `/feh.png` 
  5555. * 
  5556. * @param $css string: The raw CSS -- should be read in directly from the file. 
  5557. * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from. 
  5558. * 
  5559. * @return mixed|string 
  5560. */ 
  5561. public static function absolutize_css_urls( $css, $css_file_url ) { 
  5562. $pattern = '#url\((?P<path>[^)]*)\)#i'; 
  5563. $css_dir = dirname( $css_file_url ); 
  5564. $p = parse_url( $css_dir ); 
  5565. $domain = sprintf( 
  5566. '%1$s//%2$s%3$s%4$s',  
  5567. isset( $p['scheme'] ) ? "{$p['scheme']}:" : '',  
  5568. isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',  
  5569. $p['host'],  
  5570. isset( $p['port'] ) ? ":{$p['port']}" : '' 
  5571. ); 
  5572.  
  5573. if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) { 
  5574. $find = $replace = array(); 
  5575. foreach ( $matches as $match ) { 
  5576. $url = trim( $match['path'], "'\" \t" ); 
  5577.  
  5578. // If this is a data url, we don't want to mess with it. 
  5579. if ( 'data:' === substr( $url, 0, 5 ) ) { 
  5580. continue; 
  5581.  
  5582. // If this is an absolute or protocol-agnostic url,  
  5583. // we don't want to mess with it. 
  5584. if ( preg_match( '#^(https?:)?//#i', $url ) ) { 
  5585. continue; 
  5586.  
  5587. switch ( substr( $url, 0, 1 ) ) { 
  5588. case '/': 
  5589. $absolute = $domain . $url; 
  5590. break; 
  5591. default: 
  5592. $absolute = $css_dir . '/' . $url; 
  5593.  
  5594. $find[] = $match[0]; 
  5595. $replace[] = sprintf( 'url("%s")', $absolute ); 
  5596. $css = str_replace( $find, $replace, $css ); 
  5597.  
  5598. return $css; 
  5599.  
  5600. /** 
  5601. * This method checks to see if SSL is required by the site in 
  5602. * order to visit it in some way other than only setting the 
  5603. * https value in the home or siteurl values. 
  5604. * 
  5605. * @since 3.2 
  5606. * @return boolean 
  5607. **/ 
  5608. private function is_ssl_required_to_visit_site() { 
  5609. global $wp_version; 
  5610. $ssl = is_ssl(); 
  5611.  
  5612. if ( version_compare( $wp_version, '4.4-alpha', '<=' ) && force_ssl_login() ) { // force_ssl_login deprecated WP 4.4. 
  5613. $ssl = true; 
  5614. } else if ( force_ssl_admin() ) { 
  5615. $ssl = true; 
  5616. return $ssl; 
  5617.  
  5618. /** 
  5619. * This methods removes all of the registered css files on the frontend 
  5620. * from Jetpack in favor of using a single file. In effect "imploding" 
  5621. * all the files into one file. 
  5622. * 
  5623. * Pros: 
  5624. * - Uses only ONE css asset connection instead of 15 
  5625. * - Saves a minimum of 56k 
  5626. * - Reduces server load 
  5627. * - Reduces time to first painted byte 
  5628. * 
  5629. * Cons: 
  5630. * - Loads css for ALL modules. However all selectors are prefixed so it 
  5631. * should not cause any issues with themes. 
  5632. * - Plugins/themes dequeuing styles no longer do anything. See 
  5633. * jetpack_implode_frontend_css filter for a workaround 
  5634. * 
  5635. * For some situations developers may wish to disable css imploding and 
  5636. * instead operate in legacy mode where each file loads seperately and 
  5637. * can be edited individually or dequeued. This can be accomplished with 
  5638. * the following line: 
  5639. * 
  5640. * add_filter( 'jetpack_implode_frontend_css', '__return_false' ); 
  5641. * 
  5642. * @since 3.2 
  5643. **/ 
  5644. public function implode_frontend_css( $travis_test = false ) { 
  5645. $do_implode = true; 
  5646. if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) { 
  5647. $do_implode = false; 
  5648.  
  5649. /** 
  5650. * Allow CSS to be concatenated into a single jetpack.css file. 
  5651. * 
  5652. * @since 3.2.0 
  5653. * 
  5654. * @param bool $do_implode Should CSS be concatenated? Default to true. 
  5655. */ 
  5656. $do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode ); 
  5657.  
  5658. // Do not use the imploded file when default behaviour was altered through the filter 
  5659. if ( ! $do_implode ) { 
  5660. return; 
  5661.  
  5662. // We do not want to use the imploded file in dev mode, or if not connected 
  5663. if ( Jetpack::is_development_mode() || ! self::is_active() ) { 
  5664. if ( ! $travis_test ) { 
  5665. return; 
  5666.  
  5667. // Do not use the imploded file if sharing css was dequeued via the sharing settings screen 
  5668. if ( get_option( 'sharedaddy_disable_resources' ) ) { 
  5669. return; 
  5670.  
  5671. /** 
  5672. * Now we assume Jetpack is connected and able to serve the single 
  5673. * file. 
  5674. * 
  5675. * In the future there will be a check here to serve the file locally 
  5676. * or potentially from the Jetpack CDN 
  5677. * 
  5678. * For now: 
  5679. * - Enqueue a single imploded css file 
  5680. * - Zero out the style_loader_tag for the bundled ones 
  5681. * - Be happy, drink scotch 
  5682. */ 
  5683.  
  5684. add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 ); 
  5685.  
  5686. $version = Jetpack::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION; 
  5687.  
  5688. wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version ); 
  5689. wp_style_add_data( 'jetpack_css', 'rtl', 'replace' ); 
  5690.  
  5691. function concat_remove_style_loader_tag( $tag, $handle ) { 
  5692. if ( in_array( $handle, $this->concatenated_style_handles ) ) { 
  5693. $tag = ''; 
  5694. if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { 
  5695. $tag = "<!-- `" . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n"; 
  5696.  
  5697. return $tag; 
  5698.  
  5699. /** 
  5700. * Check the heartbeat data 
  5701. * 
  5702. * Organizes the heartbeat data by severity. For example, if the site 
  5703. * is in an ID crisis, it will be in the $filtered_data['bad'] array. 
  5704. * 
  5705. * Data will be added to "caution" array, if it either: 
  5706. * - Out of date Jetpack version 
  5707. * - Out of date WP version 
  5708. * - Out of date PHP version 
  5709. * 
  5710. * $return array $filtered_data 
  5711. */ 
  5712. public static function jetpack_check_heartbeat_data() { 
  5713. $raw_data = Jetpack_Heartbeat::generate_stats_array(); 
  5714.  
  5715. $good = array(); 
  5716. $caution = array(); 
  5717. $bad = array(); 
  5718.  
  5719. foreach ( $raw_data as $stat => $value ) { 
  5720.  
  5721. // Check jetpack version 
  5722. if ( 'version' == $stat ) { 
  5723. if ( version_compare( $value, JETPACK__VERSION, '<' ) ) { 
  5724. $caution[ $stat ] = $value . " - min supported is " . JETPACK__VERSION; 
  5725. continue; 
  5726.  
  5727. // Check WP version 
  5728. if ( 'wp-version' == $stat ) { 
  5729. if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) { 
  5730. $caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_WP_VERSION; 
  5731. continue; 
  5732.  
  5733. // Check PHP version 
  5734. if ( 'php-version' == $stat ) { 
  5735. if ( version_compare( PHP_VERSION, '5.2.4', '<' ) ) { 
  5736. $caution[ $stat ] = $value . " - min supported is 5.2.4"; 
  5737. continue; 
  5738.  
  5739. // Check ID crisis 
  5740. if ( 'identitycrisis' == $stat ) { 
  5741. if ( 'yes' == $value ) { 
  5742. $bad[ $stat ] = $value; 
  5743. continue; 
  5744.  
  5745. // The rest are good :) 
  5746. $good[ $stat ] = $value; 
  5747.  
  5748. $filtered_data = array( 
  5749. 'good' => $good,  
  5750. 'caution' => $caution,  
  5751. 'bad' => $bad 
  5752. ); 
  5753.  
  5754. return $filtered_data; 
  5755.  
  5756.  
  5757. /** 
  5758. * This method is used to organize all options that can be reset 
  5759. * without disconnecting Jetpack. 
  5760. * 
  5761. * It is used in class.jetpack-cli.php to reset options 
  5762. * 
  5763. * @return array of options to delete. 
  5764. */ 
  5765. public static function get_jetpack_options_for_reset() { 
  5766. $jetpack_options = Jetpack_Options::get_option_names(); 
  5767. $jetpack_options_non_compat = Jetpack_Options::get_option_names( 'non_compact' ); 
  5768. $jetpack_options_private = Jetpack_Options::get_option_names( 'private' ); 
  5769.  
  5770. $all_jp_options = array_merge( $jetpack_options, $jetpack_options_non_compat, $jetpack_options_private ); 
  5771.  
  5772. // A manual build of the wp options 
  5773. $wp_options = array( 
  5774. 'sharing-options',  
  5775. 'disabled_likes',  
  5776. 'disabled_reblogs',  
  5777. 'jetpack_comments_likes_enabled',  
  5778. 'wp_mobile_excerpt',  
  5779. 'wp_mobile_featured_images',  
  5780. 'wp_mobile_app_promos',  
  5781. 'stats_options',  
  5782. 'stats_dashboard_widget',  
  5783. 'safecss_preview_rev',  
  5784. 'safecss_rev',  
  5785. 'safecss_revision_migrated',  
  5786. 'nova_menu_order',  
  5787. 'jetpack_portfolio',  
  5788. 'jetpack_portfolio_posts_per_page',  
  5789. 'jetpack_testimonial',  
  5790. 'jetpack_testimonial_posts_per_page',  
  5791. 'wp_mobile_custom_css',  
  5792. 'sharedaddy_disable_resources',  
  5793. 'sharing-options',  
  5794. 'sharing-services',  
  5795. 'site_icon_temp_data',  
  5796. 'featured-content',  
  5797. 'site_logo',  
  5798. ); 
  5799.  
  5800. // Flag some Jetpack options as unsafe 
  5801. $unsafe_options = array( 
  5802. 'id', // (int) The Client ID/WP.com Blog ID of this site. 
  5803. 'master_user', // (int) The local User ID of the user who connected this site to jetpack.wordpress.com. 
  5804. 'version', // (string) Used during upgrade procedure to auto-activate new modules. version:time 
  5805. 'jumpstart', // (string) A flag for whether or not to show the Jump Start. Accepts: new_connection, jumpstart_activated, jetpack_action_taken, jumpstart_dismissed. 
  5806.  
  5807. // non_compact 
  5808. 'activated',  
  5809.  
  5810. // private 
  5811. 'register',  
  5812. 'blog_token', // (string) The Client Secret/Blog Token of this site. 
  5813. 'user_token', // (string) The User Token of this site. (deprecated) 
  5814. 'user_tokens' 
  5815. ); 
  5816.  
  5817. // Remove the unsafe Jetpack options 
  5818. foreach ( $unsafe_options as $unsafe_option ) { 
  5819. if ( false !== ( $key = array_search( $unsafe_option, $all_jp_options ) ) ) { 
  5820. unset( $all_jp_options[ $key ] ); 
  5821.  
  5822. $options = array( 
  5823. 'jp_options' => $all_jp_options,  
  5824. 'wp_options' => $wp_options 
  5825. ); 
  5826.  
  5827. return $options; 
  5828.  
  5829. /** 
  5830. * Check if an option of a Jetpack module has been updated. 
  5831. * 
  5832. * If any module option has been updated before Jump Start has been dismissed,  
  5833. * update the 'jumpstart' option so we can hide Jump Start. 
  5834. */ 
  5835. public static function jumpstart_has_updated_module_option( $option_name = '' ) { 
  5836. // Bail if Jump Start has already been dismissed 
  5837. if ( 'new_connection' !== Jetpack::get_option( 'jumpstart' ) ) { 
  5838. return false; 
  5839.  
  5840. $jetpack = Jetpack::init(); 
  5841.  
  5842.  
  5843. // Manual build of module options 
  5844. $option_names = self::get_jetpack_options_for_reset(); 
  5845.  
  5846. if ( in_array( $option_name, $option_names['wp_options'] ) ) { 
  5847. Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' ); 
  5848.  
  5849. //Jump start is being dismissed send data to MC Stats 
  5850. $jetpack->stat( 'jumpstart', 'manual, '.$option_name ); 
  5851.  
  5852. $jetpack->do_stats( 'server_side' ); 
  5853.  
  5854.  
  5855. /** 
  5856. * Strip http:// or https:// from a url, replaces forward slash with ::,  
  5857. * so we can bring them directly to their site in calypso. 
  5858. * 
  5859. * @param string | url 
  5860. * @return string | url without the guff 
  5861. */ 
  5862. public static function build_raw_urls( $url ) { 
  5863. $strip_http = '/.*?:\/\//i'; 
  5864. $url = preg_replace( $strip_http, '', $url ); 
  5865. $url = str_replace( '/', '::', $url ); 
  5866. return $url; 
  5867.  
  5868. /** 
  5869. * Stores and prints out domains to prefetch for page speed optimization. 
  5870. * 
  5871. * @param mixed $new_urls 
  5872. */ 
  5873. public static function dns_prefetch( $new_urls = null ) { 
  5874. static $prefetch_urls = array(); 
  5875. if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) { 
  5876. echo "\r\n"; 
  5877. foreach ( $prefetch_urls as $this_prefetch_url ) { 
  5878. printf( "<link rel='dns-prefetch' href='%s'>\r\n", esc_attr( $this_prefetch_url ) ); 
  5879. } elseif ( ! empty( $new_urls ) ) { 
  5880. if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) { 
  5881. add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ); 
  5882. foreach ( (array) $new_urls as $this_new_url ) { 
  5883. $prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) ); 
  5884. $prefetch_urls = array_unique( $prefetch_urls ); 
  5885.  
  5886. public function wp_dashboard_setup() { 
  5887. if ( self::is_active() ) { 
  5888. add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 ); 
  5889. $widget_title = __( 'Jetpack', 'jetpack' ); 
  5890. } elseif ( ! self::is_development_mode() && current_user_can( 'jetpack_connect' ) ) { 
  5891. add_action( 'jetpack_dashboard_widget', array( $this, 'dashboard_widget_connect_to_wpcom' ) ); 
  5892. $widget_title = __( 'Please Connect Jetpack', 'jetpack' ); 
  5893.  
  5894. if ( has_action( 'jetpack_dashboard_widget' ) ) { 
  5895. wp_add_dashboard_widget( 
  5896. 'jetpack_summary_widget',  
  5897. $widget_title,  
  5898. array( __CLASS__, 'dashboard_widget' ) 
  5899. ); 
  5900. wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION ); 
  5901.  
  5902. // If we're inactive and not in development mode, sort our box to the top. 
  5903. if ( ! self::is_active() && ! self::is_development_mode() ) { 
  5904. global $wp_meta_boxes; 
  5905.  
  5906. $dashboard = $wp_meta_boxes['dashboard']['normal']['core']; 
  5907. $ours = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] ); 
  5908.  
  5909. $wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard ); 
  5910.  
  5911. /** 
  5912. * @param mixed $result Value for the user's option 
  5913. * @return mixed 
  5914. */ 
  5915. function get_user_option_meta_box_order_dashboard( $sorted ) { 
  5916. if ( ! is_array( $sorted ) ) { 
  5917. return $sorted; 
  5918.  
  5919. foreach ( $sorted as $box_context => $ids ) { 
  5920. if ( false === strpos( $ids, 'dashboard_stats' ) ) { 
  5921. // If the old id isn't anywhere in the ids, don't bother exploding and fail out. 
  5922. continue; 
  5923.  
  5924. $ids_array = explode( ', ', $ids ); 
  5925. $key = array_search( 'dashboard_stats', $ids_array ); 
  5926.  
  5927. if ( false !== $key ) { 
  5928. // If we've found that exact value in the option (and not `google_dashboard_stats` for example) 
  5929. $ids_array[ $key ] = 'jetpack_summary_widget'; 
  5930. $sorted[ $box_context ] = implode( ', ', $ids_array ); 
  5931. // We've found it, stop searching, and just return. 
  5932. break; 
  5933.  
  5934. return $sorted; 
  5935.  
  5936. public static function dashboard_widget() { 
  5937. /** 
  5938. * Fires when the dashboard is loaded. 
  5939. * 
  5940. * @since 3.4.0 
  5941. */ 
  5942. do_action( 'jetpack_dashboard_widget' ); 
  5943.  
  5944. public static function dashboard_widget_footer() { 
  5945. ?> 
  5946. <footer> 
  5947.  
  5948. <div class="protect"> 
  5949. <?php if ( Jetpack::is_module_active( 'protect' ) ) : ?> 
  5950. <h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3> 
  5951. <p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p> 
  5952. <?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?> 
  5953. <a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( array( 'action' => 'activate', 'module' => 'protect' ) ), 'jetpack_activate-protect' ) ); ?>" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>"> 
  5954. <?php esc_html_e( 'Activate Protect', 'jetpack' ); ?> 
  5955. </a> 
  5956. <?php else : ?> 
  5957. <?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?> 
  5958. <?php endif; ?> 
  5959. </div> 
  5960.  
  5961. <div class="akismet"> 
  5962. <?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?> 
  5963. <h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3> 
  5964. <p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p> 
  5965. <?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?> 
  5966. <a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => 'akismet/akismet.php' ), admin_url( 'plugins.php' ) ), 'activate-plugin_akismet/akismet.php' ) ); ?>" class="button button-jetpack"> 
  5967. <?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?> 
  5968. </a> 
  5969. <?php else : ?> 
  5970. <p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p> 
  5971. <?php endif; ?> 
  5972. </div> 
  5973.  
  5974.  
  5975. <?php if ( ! current_user_can( 'edit_posts' ) && self::is_user_connected() ) : ?> 
  5976. <div style="width: 100%; text-align: center; padding-top: 20px; clear: both;"><a class="button" title="<?php esc_attr_e( 'Unlink your account from WordPress.com', 'jetpack' ); ?>" href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'unlink', 'redirect' => 'sub-unlink' ), admin_url( 'index.php' ) ), 'jetpack-unlink' ) ); ?>"><?php esc_html_e( 'Unlink your account from WordPress.com', 'jetpack' ); ?></a></div> 
  5977. <?php endif; ?> 
  5978.  
  5979. </footer> 
  5980. <?php 
  5981.  
  5982. public function dashboard_widget_connect_to_wpcom() { 
  5983. if ( Jetpack::is_active() || Jetpack::is_development_mode() || ! current_user_can( 'jetpack_connect' ) ) { 
  5984. return; 
  5985. ?> 
  5986. <div class="wpcom-connect"> 
  5987. <div class="jp-emblem"> 
  5988. <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0" y="0" viewBox="0 0 172.9 172.9" enable-background="new 0 0 172.9 172.9" xml:space="preserve"> 
  5989. <path d="M86.4 0C38.7 0 0 38.7 0 86.4c0 47.7 38.7 86.4 86.4 86.4s86.4-38.7 86.4-86.4C172.9 38.7 134.2 0 86.4 0zM83.1 106.6l-27.1-6.9C49 98 45.7 90.1 49.3 84l33.8-58.5V106.6zM124.9 88.9l-33.8 58.5V66.3l27.1 6.9C125.1 74.9 128.4 82.8 124.9 88.9z"/> 
  5990. </svg> 
  5991. </div> 
  5992. <h3><?php esc_html_e( 'Please Connect Jetpack', 'jetpack' ); ?></h3> 
  5993. <p><?php echo wp_kses( __( 'Connecting Jetpack will show you <strong>stats</strong> about your traffic, <strong>protect</strong> you from brute force attacks, <strong>speed up</strong> your images and photos, and enable other <strong>traffic and security</strong> features.', 'jetpack' ), 'jetpack' ) ?></p> 
  5994.  
  5995. <div class="actions"> 
  5996. <a href="<?php echo $this->build_connect_url() ?>" class="button button-primary"> 
  5997. <?php esc_html_e( 'Connect Jetpack', 'jetpack' ); ?> 
  5998. </a> 
  5999. </div> 
  6000. </div> 
  6001. <?php 
  6002.  
  6003. /** 
  6004. * A graceful transition to using Core's site icon. 
  6005. * 
  6006. * All of the hard work has already been done with the image 
  6007. * in all_done_page(). All that needs to be done now is update 
  6008. * the option and display proper messaging. 
  6009. * 
  6010. * @todo remove when WP 4.3 is minimum 
  6011. * 
  6012. * @since 3.6.1 
  6013. * 
  6014. * @return bool false = Core's icon not available || true = Core's icon is available 
  6015. */ 
  6016. public static function jetpack_site_icon_available_in_core() { 
  6017. global $wp_version; 
  6018. $core_icon_available = function_exists( 'has_site_icon' ) && version_compare( $wp_version, '4.3-beta' ) >= 0; 
  6019.  
  6020. if ( ! $core_icon_available ) { 
  6021. return false; 
  6022.  
  6023. // No need for Jetpack's site icon anymore if core's is already set 
  6024. if ( has_site_icon() ) { 
  6025. if ( Jetpack::is_module_active( 'site-icon' ) ) { 
  6026. Jetpack::log( 'deactivate', 'site-icon' ); 
  6027. Jetpack::deactivate_module( 'site-icon' ); 
  6028. return true; 
  6029.  
  6030. // Transfer Jetpack's site icon to use core. 
  6031. $site_icon_id = Jetpack::get_option( 'site_icon_id' ); 
  6032. if ( $site_icon_id ) { 
  6033. // Update core's site icon 
  6034. update_option( 'site_icon', $site_icon_id ); 
  6035.  
  6036. // Delete Jetpack's icon option. We still want the blavatar and attached data though. 
  6037. delete_option( 'site_icon_id' ); 
  6038.  
  6039. // No need for Jetpack's site icon anymore 
  6040. if ( Jetpack::is_module_active( 'site-icon' ) ) { 
  6041. Jetpack::log( 'deactivate', 'site-icon' ); 
  6042. Jetpack::deactivate_module( 'site-icon' ); 
  6043.  
  6044. return true; 
  6045.  
.