Cloudflare - Version 3.0.3

Version Description

  • 2016-09-21 =

Fixed

  • Fixed an issue where some domains were being incorrectly propagated to the domain selector dropdown
  • Fixed an issue where the Web Application Firewall was accidentally triggering RFI Attack Rules
  • Fixed an issue where image optimization was not being enabled for Pro and higher CloudFlare plans
Download this release

Release Info

Developer furkan811
Plugin Icon 128x128 Cloudflare
Version 3.0.3
Comparing to
See all releases

Code changes from version 3.0.2 to 3.0.3

Files changed (18) hide show
  1. cloudflare.php +32 -13
  2. composer.json +6 -6
  3. config.js +39 -28
  4. index.php +19 -3
  5. proxy.php +60 -32
  6. readme.txt +9 -1
  7. src/Hooks/Activation.php +0 -50
  8. src/Hooks/AutomaticCache.php +0 -73
  9. src/Hooks/Deactivation.php +0 -17
  10. src/Hooks/HTTP2ServerPush.php +3 -2
  11. src/Hooks/Init.php +0 -79
  12. src/WordPress/DataStore.php +15 -0
  13. src/WordPress/Hooks.php +163 -0
  14. src/WordPress/PluginActions.php +3 -3
  15. src/{Hooks → WordPress}/Uninstall.php +5 -4
  16. src/WordPress/Utils.php +12 -4
  17. src/WordPress/WordPressAPI.php +7 -20
  18. src/WordPress/WordPressClientAPI.php +11 -0
cloudflare.php CHANGED
@@ -3,38 +3,57 @@
3
  Plugin Name: CloudFlare
4
  Plugin URI: http://www.cloudflare.com/wiki/CloudFlareWordPressPlugin
5
  Description: CloudFlare integrates your blog with the CloudFlare platform.
6
- Version: 3.0.2
7
  Author: John Wineman, Furkan Yilmaz, Junade Ali (CloudFlare Team)
8
  License: BSD-3-Clause
9
  */
10
 
11
  require_once 'vendor/autoload.php';
12
 
13
- const CF_MIN_PHP_VERSION = '5.3';
14
- const CF_MIN_WP_VERSION = '3.4';
15
-
16
  if (!defined('ABSPATH')) { // Exit if accessed directly
17
  exit;
18
  }
19
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
20
  // Load Init Script
21
- add_action('init', array('\CF\Hooks\Init', 'init'), 1);
 
 
 
 
 
 
 
 
 
 
 
22
 
23
  // Load Activation Script
24
- register_activation_hook(__FILE__, array('\CF\Hooks\Activation', 'init'));
25
 
26
  // Load Deactivation Script
27
- register_deactivation_hook(__FILE__, array('\CF\Hooks\Deactivation', 'init'));
28
 
29
  // Load Uninstall Script
30
- register_uninstall_hook(__FILE__, array('\CF\Hooks\Uninstall', 'init'));
31
-
32
- //Register proxy AJAX endpoint
33
- add_action('wp_ajax_cloudflare_proxy', array('\CF\Hooks\Init', 'initProxy'));
34
 
35
  // Load AutomaticCache
36
- add_action('init', array('\CF\Hooks\AutomaticCache', 'init'));
 
37
 
38
  // Enable HTTP2 Server Push
39
- // Removed until the problems are indentified and fixed
40
  // add_action('init', array('\CF\Hooks\HTTP2ServerPush', 'init'));
3
  Plugin Name: CloudFlare
4
  Plugin URI: http://www.cloudflare.com/wiki/CloudFlareWordPressPlugin
5
  Description: CloudFlare integrates your blog with the CloudFlare platform.
6
+ Version: 3.0.3
7
  Author: John Wineman, Furkan Yilmaz, Junade Ali (CloudFlare Team)
8
  License: BSD-3-Clause
9
  */
10
 
11
  require_once 'vendor/autoload.php';
12
 
 
 
 
13
  if (!defined('ABSPATH')) { // Exit if accessed directly
14
  exit;
15
  }
16
 
17
+ // ************************************************************** //
18
+
19
+ // Initialize Global Objects
20
+ $cloudflareConfig = new CF\Integration\DefaultConfig(file_get_contents('config.js', true));
21
+ $cloudflareLogger = new CF\Integration\DefaultLogger($cloudflareConfig->getValue('debug'));
22
+ $cloudflareDataStore = new CF\WordPress\DataStore($cloudflareLogger);
23
+ $cloudflareWordpressAPI = new CF\WordPress\WordPressAPI($cloudflareDataStore);
24
+ $cloudflareWordpressIntegration = new CF\Integration\DefaultIntegration($cloudflareConfig, $cloudflareWordpressAPI, $cloudflareDataStore, $cloudflareLogger);
25
+
26
+ // ************************************************************** //
27
+
28
+ // Initiliaze Hooks class which contains WordPress hook functions
29
+ $cloudflareHooks = new \CF\WordPress\Hooks($cloudflareWordpressIntegration);
30
+
31
  // Load Init Script
32
+ add_action('init', array($cloudflareHooks, 'init'), 1);
33
+
34
+ //Register proxy AJAX endpoint
35
+ add_action('wp_ajax_cloudflare_proxy', array($cloudflareHooks, 'initProxy'));
36
+
37
+ //Add CloudFlare Plugin homepage to admin settings menu
38
+ add_action('admin_menu', array($cloudflareHooks, 'cloudflareConfigPage'));
39
+
40
+ add_action('admin_init', array($cloudflareHooks, 'cloudflareAdminInit'));
41
+
42
+ //Add CloudFlare Plugin homepage to admin settings menu
43
+ add_action('plugin_action_links_cloudflare/cloudflare.php', array($cloudflareHooks, 'pluginActionLinks'));
44
 
45
  // Load Activation Script
46
+ register_activation_hook(__FILE__, array($cloudflareHooks, 'activate'));
47
 
48
  // Load Deactivation Script
49
+ register_deactivation_hook(__FILE__, array($cloudflareHooks, 'deactivate'));
50
 
51
  // Load Uninstall Script
52
+ register_uninstall_hook(__FILE__, array('\CF\WordPress\Hooks', 'uninstall'));
 
 
 
53
 
54
  // Load AutomaticCache
55
+ add_action('switch_theme', array($cloudflareHooks, 'purgeCache'));
56
+ add_action('customize_save_after', array($cloudflareHooks, 'purgeCache'));
57
 
58
  // Enable HTTP2 Server Push
 
59
  // add_action('init', array('\CF\Hooks\HTTP2ServerPush', 'init'));
composer.json CHANGED
@@ -4,7 +4,7 @@
4
  "require": {
5
  "cloudflare/cloudflare-plugin-backend": "^1.1",
6
  "cloudflare/cf-ip-rewrite": "^1.0.0",
7
- "symfony/yaml": "~2.6",
8
  "guzzle/guzzle": "~3.9"
9
  },
10
  "autoload": {
@@ -12,19 +12,19 @@
12
  "CF\\": "src/"
13
  }
14
  },
15
- "version": "3.0.2",
16
  "scripts": {
17
  "test": "vendor/bin/phpunit",
18
- "format": "vendor/bin/phpcs -n --standard=PSR2 --extensions=php,live.php src/",
19
  "post-install-cmd": [
20
- "bash git-hooks/setup.sh"
21
  ]
22
  },
23
  "require-dev": {
24
  "squizlabs/php_codesniffer": "2.*",
25
  "johnkary/phpunit-speedtrap": "^1.0",
26
- "phpunit/phpunit": "4.8.*",
27
  "php-mock/php-mock-phpunit": "^1.1"
28
  },
29
  "description": "A CloudFlare plugin for WordPress"
30
- }
4
  "require": {
5
  "cloudflare/cloudflare-plugin-backend": "^1.1",
6
  "cloudflare/cf-ip-rewrite": "^1.0.0",
7
+ "symfony/yaml": "~2.6",
8
  "guzzle/guzzle": "~3.9"
9
  },
10
  "autoload": {
12
  "CF\\": "src/"
13
  }
14
  },
15
+ "version": "3.0.3",
16
  "scripts": {
17
  "test": "vendor/bin/phpunit",
18
+ "format": "vendor/bin/phpcs -n --standard=PSR2 --extensions=php,live.php src/",
19
  "post-install-cmd": [
20
+ "bash git-hooks/setup.sh"
21
  ]
22
  },
23
  "require-dev": {
24
  "squizlabs/php_codesniffer": "2.*",
25
  "johnkary/phpunit-speedtrap": "^1.0",
26
+ "phpunit/phpunit": "4.8.*",
27
  "php-mock/php-mock-phpunit": "^1.1"
28
  },
29
  "description": "A CloudFlare plugin for WordPress"
30
+ }
config.js CHANGED
@@ -1,31 +1,42 @@
1
  {
2
- "debug": false,
3
- "featureManagerIsAlwaysOnlineEnabled": true,
4
- "featureManagerIsBrowserCacheTTLEnabled": true,
5
- "featureManagerIsBrowserIntegrityCheckEnabled": true,
6
- "featureManagerIsCacheLevelEnabled": true,
7
- "featureManagerIsChallengePassageEnabled": true,
8
- "featureManagerIsDevelopmentModeEnabled": true,
9
- "featureManagerIsFullZoneProvisioningEnabled": false,
10
- "featureManagerIsImageOptimizationEnabled": true,
11
- "featureManagerIsIpv6Enabled": true,
12
- "featureManagerIsIpRewriteEnabled": true,
13
- "featureManagerIsMinifyEnabled": true,
14
- "featureManagerIsProtocolRewriteEnabled": true,
15
- "featureManagerIsPurgeCacheEnabled": true,
16
- "featureManagerIsRailgunEnabled": true,
17
- "featureManagerIsScanEnabled": false,
18
- "featureManagerIsSecurityLevelEnabled": true,
19
- "featureManagerIsSSLEnabled": true,
20
- "featureManagerIsWAFEnabled": true,
21
- "isSubdomainCheckEnabled": true,
22
- "homePageCards": ["ApplyDefaultSettingsCard", "PurgeCacheCard", "PluginSpecificCacheCard"],
 
 
 
 
 
 
23
  "moreSettingsCards": {
24
- "container.moresettings.speed": ["AlwaysOnlineCard", "ImageOptimizationCard"],
25
- "container.moresettings.security": ["SecurityLevelCard", "WAFCard", "AdvanceDDoSCard"]
26
- },
27
- "locale": "en",
28
- "integrationName": "wordpress",
29
- "useHostAPILogin": false,
30
- "version": "3.0.2"
 
 
 
 
 
31
  }
1
  {
2
+ "debug": false,
3
+ "featureManagerIsAlwaysOnlineEnabled": true,
4
+ "featureManagerIsBrowserCacheTTLEnabled": true,
5
+ "featureManagerIsBrowserIntegrityCheckEnabled": true,
6
+ "featureManagerIsCacheLevelEnabled": true,
7
+ "featureManagerIsChallengePassageEnabled": true,
8
+ "featureManagerIsDevelopmentModeEnabled": true,
9
+ "featureManagerIsFullZoneProvisioningEnabled": false,
10
+ "featureManagerIsImageOptimizationEnabled": true,
11
+ "featureManagerIsIpRewriteEnabled": true,
12
+ "featureManagerIsIpv6Enabled": true,
13
+ "featureManagerIsMinifyEnabled": true,
14
+ "featureManagerIsProtocolRewriteEnabled": true,
15
+ "featureManagerIsPurgeCacheEnabled": true,
16
+ "featureManagerIsRailgunEnabled": true,
17
+ "featureManagerIsSSLEnabled": true,
18
+ "featureManagerIsScanEnabled": false,
19
+ "featureManagerIsSecurityLevelEnabled": true,
20
+ "featureManagerIsWAFEnabled": true,
21
+ "homePageCards": [
22
+ "ApplyDefaultSettingsCard",
23
+ "PurgeCacheCard",
24
+ "PluginSpecificCacheCard"
25
+ ],
26
+ "integrationName": "wordpress",
27
+ "isSubdomainCheckEnabled": true,
28
+ "locale": "en",
29
  "moreSettingsCards": {
30
+ "container.moresettings.security": [
31
+ "SecurityLevelCard",
32
+ "WAFCard",
33
+ "AdvanceDDoSCard"
34
+ ],
35
+ "container.moresettings.speed": [
36
+ "AlwaysOnlineCard",
37
+ "ImageOptimizationCard"
38
+ ]
39
+ },
40
+ "useHostAPILogin": false,
41
+ "version": "3.0.3"
42
  }
index.php CHANGED
@@ -40,19 +40,35 @@ function RestProxyCallback(opts) {
40
  if(!opts.parameters) {
41
  opts.parameters = {};
42
  }
43
- opts.parameters['action'] = 'cloudflare_proxy'; //wordpress ajax action
 
 
44
 
45
  if(opts.method.toUpperCase() !== "GET") {
46
  if(!opts.body) {
47
  opts.body = {};
48
  }
 
49
  opts.body['cfCSRFToken'] = cfCSRFToken;
50
  opts.body['proxyURL'] = opts.url;
51
  } else {
52
- opts.parameters['proxyURL'] = opts.url;
 
 
 
 
 
 
 
 
 
 
 
 
53
  }
54
 
55
- opts.url = ajaxurl; //wordpress ajax global
 
56
  } else {
57
  opts.url = absoluteUrlBase + opts.url;
58
  }
40
  if(!opts.parameters) {
41
  opts.parameters = {};
42
  }
43
+
44
+ // WordPress Ajax Action
45
+ opts.parameters['action'] = 'cloudflare_proxy';
46
 
47
  if(opts.method.toUpperCase() !== "GET") {
48
  if(!opts.body) {
49
  opts.body = {};
50
  }
51
+
52
  opts.body['cfCSRFToken'] = cfCSRFToken;
53
  opts.body['proxyURL'] = opts.url;
54
  } else {
55
+ var clientAPIURL = '<?= \CF\API\Client::ENDPOINT ?>';
56
+ var pluginAPIURL = '<?= \CF\API\Plugin::ENDPOINT ?>';
57
+
58
+ // If opts url begins with clientAPIURL or pluginAPIURL
59
+ // Remove the api url and assign the rest to proxyURL
60
+ if (opts.url.substring(0, clientAPIURL.length) === clientAPIURL) {
61
+ opts.parameters['proxyURL'] = opts.url.substring(clientAPIURL.
62
+ length);
63
+ opts.parameters['proxyURLType'] = 'CLIENT';
64
+ } else if (opts.url.substring(0, pluginAPIURL.length) === pluginAPIURL) {
65
+ opts.parameters['proxyURL'] = opts.url.substring(pluginAPIURL.length);
66
+ opts.parameters['proxyURLType'] = 'PLUGIN';
67
+ }
68
  }
69
 
70
+ // WordPress Ajax Global
71
+ opts.url = ajaxurl;
72
  } else {
73
  opts.url = absoluteUrlBase + opts.url;
74
  }
proxy.php CHANGED
@@ -20,54 +20,82 @@ $requestRouter->addRouter('\CF\API\Plugin', \CF\WordPress\PluginRoutes::getRoute
20
  $wpDomain = $wordpressAPI->getOriginalDomain();
21
  $cachedDomainList = $wordpressAPI->getDomainList();
22
  $cachedDomain = $cachedDomainList[0];
23
- if (CF\WordPress\Utils::getRegistrableDomain($wpDomain) != $cachedDomain) {
24
- $domainName = $wpDomain;
25
-
26
  $wordPressClientAPI = new \CF\WordPress\WordPressClientAPI($wordpressIntegration);
27
- $response = $wordPressClientAPI->getZones();
28
- $validDomainName = $wordpressAPI->getValidCloudflareDomain($response, $wpDomain);
29
 
30
- if ($wordPressClientAPI->responseOK($response) && $validDomainName) {
31
- $domainName = CF\WordPress\Utils::getRegistrableDomain($wpDomain);
32
- }
 
 
 
 
 
 
33
 
34
- $wordpressAPI->setDomainNameCache($domainName);
 
 
 
 
 
 
 
35
  }
36
 
37
  $method = $_SERVER['REQUEST_METHOD'];
38
  $parameters = $_GET;
39
  $body = json_decode(file_get_contents('php://input'), true);
40
- $path = (strtoupper($method === 'GET') ? $_GET['proxyURL'] : $body['proxyURL']);
 
 
 
 
 
 
 
 
 
41
 
 
42
  unset($parameters['proxyURL']);
43
  unset($body['proxyURL']);
44
  $request = new CF\API\Request($method, $path, $parameters, $body);
45
 
46
- // Only check CSRF if its not a GET request
47
- if ($request->getMethod() === 'GET') {
48
- $isCSRFTokenValid = true;
49
  } else {
50
- $body = $request->getBody();
51
- $nonce = $body['cfCSRFToken'];
52
- $isCSRFTokenValid = wp_verify_nonce($nonce, CF\WordPress\WordPressAPI::API_NONCE);
53
- unset($body['cfCSRFToken']);
 
 
 
 
 
 
 
 
54
  }
55
 
56
- if ($isCSRFTokenValid) {
57
- $response = $requestRouter->route($request);
58
- } else {
59
- $message = 'CSRF Token not valid.';
60
- $response = array(
61
- 'result' => null,
62
- 'success' => false,
63
- 'errors' => array(
64
- array(
65
- 'code' => '',
66
- 'message' => $message,
67
- ),
68
- ),
69
- 'messages' => array(),
70
- );
 
71
  }
72
 
73
  //die is how wordpress ajax keeps the rest of the app from loading during an ajax request
20
  $wpDomain = $wordpressAPI->getOriginalDomain();
21
  $cachedDomainList = $wordpressAPI->getDomainList();
22
  $cachedDomain = $cachedDomainList[0];
23
+ if (CF\WordPress\Utils::getRegistrableDomain($wpDomain) !== $cachedDomain) {
 
 
24
  $wordPressClientAPI = new \CF\WordPress\WordPressClientAPI($wordpressIntegration);
 
 
25
 
26
+ // Since we may not be logged in yet we need to check the credentials being set
27
+ if ($wordPressClientAPI->isCrendetialsSet()) {
28
+ // If it's not a subdomain cache the current domain
29
+ $domainName = $wpDomain;
30
+
31
+ // Get cloudflare zones to find if the current domain is a subdomain
32
+ // of any cloudflare zones registered
33
+ $response = $wordPressClientAPI->getZones();
34
+ $validDomainName = $wordpressAPI->checkIfValidCloudflareSubdomain($response, $wpDomain);
35
 
36
+ // Check if it's a subdomain, if it is cache the zone instead of the
37
+ // subdomain
38
+ if ($wordPressClientAPI->responseOK($response) && $validDomainName) {
39
+ $domainName = CF\WordPress\Utils::getRegistrableDomain($wpDomain);
40
+ }
41
+
42
+ $wordpressAPI->setDomainNameCache($domainName);
43
+ }
44
  }
45
 
46
  $method = $_SERVER['REQUEST_METHOD'];
47
  $parameters = $_GET;
48
  $body = json_decode(file_get_contents('php://input'), true);
49
+ $path = null;
50
+ if (strtoupper($method === 'GET')) {
51
+ if ($_GET['proxyURLType'] === 'CLIENT') {
52
+ $path = \CF\API\Client::ENDPOINT.$_GET['proxyURL'];
53
+ } elseif ($_GET['proxyURLType'] === 'PLUGIN') {
54
+ $path = \CF\API\Plugin::ENDPOINT.$_GET['proxyURL'];
55
+ }
56
+ } else {
57
+ $path = $body['proxyURL'];
58
+ }
59
 
60
+ unset($parameters['proxyURLType']);
61
  unset($parameters['proxyURL']);
62
  unset($body['proxyURL']);
63
  $request = new CF\API\Request($method, $path, $parameters, $body);
64
 
65
+ $response = null;
66
+ if (isCloudFlareCSRFTokenValid($request)) {
67
+ $response = $requestRouter->route($request);
68
  } else {
69
+ $message = 'CSRF Token not valid.';
70
+ $response = array(
71
+ 'result' => null,
72
+ 'success' => false,
73
+ 'errors' => array(
74
+ array(
75
+ 'code' => '',
76
+ 'message' => $message,
77
+ ),
78
+ ),
79
+ 'messages' => array(),
80
+ );
81
  }
82
 
83
+ /**
84
+ * https://codex.wordpress.org/Function_Reference/wp_verify_nonce
85
+ *
86
+ * Boolean false if the nonce is invalid. Otherwise, returns an integer with the value of:
87
+ * 1 – if the nonce has been generated in the past 12 hours or less.
88
+ * 2 – if the nonce was generated between 12 and 24 hours ago.
89
+ *
90
+ * @param CF\API\Request $request
91
+ * @return bool
92
+ */
93
+ function isCloudFlareCSRFTokenValid($request) {
94
+ if($request->getMethod() === 'GET') {
95
+ return true;
96
+ }
97
+ $body = $request->getBody();
98
+ return (wp_verify_nonce($body['cfCSRFToken'], CF\WordPress\WordPressAPI::API_NONCE) !== false);
99
  }
100
 
101
  //die is how wordpress ajax keeps the rest of the app from loading during an ajax request
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: jwineman, furkan811, IcyApril
3
  Tags: cloudflare, seo, ssl, ddos, speed, security, cdn, performance, free
4
  Requires at least: 3.4
5
  Tested up to: 4.6
6
- Stable tag: 3.0.2
7
  License: BSD-3-Clause
8
 
9
  All of CloudFlare’s performance and security benefits in a simple one-click install of recommended settings specifically developed for WordPress.
@@ -84,6 +84,14 @@ Make sure that the php5-curl extension is installed on your system.
84
 
85
  == Changelog ==
86
 
 
 
 
 
 
 
 
 
87
  = 3.0.2 - 2016-09-16 =
88
 
89
  *Fixed*
3
  Tags: cloudflare, seo, ssl, ddos, speed, security, cdn, performance, free
4
  Requires at least: 3.4
5
  Tested up to: 4.6
6
+ Stable tag: 3.0.3
7
  License: BSD-3-Clause
8
 
9
  All of CloudFlare’s performance and security benefits in a simple one-click install of recommended settings specifically developed for WordPress.
84
 
85
  == Changelog ==
86
 
87
+ = 3.0.3 - 2016-09-21 =
88
+
89
+ *Fixed*
90
+
91
+ * Fixed an issue where some domains were being incorrectly propagated to the domain selector dropdown
92
+ * Fixed an issue where the Web Application Firewall was accidentally triggering RFI Attack Rules
93
+ * Fixed an issue where image optimization was not being enabled for Pro and higher CloudFlare plans
94
+
95
  = 3.0.2 - 2016-09-16 =
96
 
97
  *Fixed*
src/Hooks/Activation.php DELETED
@@ -1,50 +0,0 @@
1
- <?php
2
-
3
- namespace CF\Hooks;
4
-
5
- class Activation
6
- {
7
- public static function init()
8
- {
9
- self::checkVersionCompatibility();
10
- self::checkDependenciesExist();
11
- }
12
-
13
- public static function checkVersionCompatibility()
14
- {
15
- global $wp_version;
16
-
17
- if (version_compare(PHP_VERSION, CF_MIN_PHP_VERSION, '<')) {
18
- $flag = 'PHP';
19
- $version = CF_MIN_PHP_VERSION;
20
- }
21
-
22
- if (version_compare($wp_version, CF_MIN_WP_VERSION, '<')) {
23
- $flag = 'WordPress';
24
- $version = CF_MIN_WP_VERSION;
25
- }
26
-
27
- if (isset($flag) || isset($version)) {
28
- // Deactivate Plugin
29
- deactivate_plugins(basename(__FILE__));
30
-
31
- // Kill Execution
32
- wp_die('<p><strong>Cloudflare</strong> plugin requires '.$flag.' version '.$version.' or greater.</p>', 'Plugin Activation Error', array('response' => 200, 'back_link' => true));
33
-
34
- return;
35
- }
36
- }
37
-
38
- public static function checkDependenciesExist()
39
- {
40
- // Guzzle3 depends on php5-curl. If dependency does not exist kill the plugin.
41
- if (!extension_loaded('curl')) {
42
- // Deactivate Plugin
43
- deactivate_plugins(basename(__FILE__));
44
-
45
- wp_die('<p><strong>Cloudflare</strong> plugin requires php5-curl to be installed.</p>', 'Plugin Activation Error', array('response' => 200, 'back_link' => true));
46
-
47
- return;
48
- }
49
- }
50
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
src/Hooks/AutomaticCache.php DELETED
@@ -1,73 +0,0 @@
1
- <?php
2
-
3
- namespace CF\Hooks;
4
-
5
- class AutomaticCache
6
- {
7
- private static $initiated = false;
8
-
9
- public static function init()
10
- {
11
- if (!self::$initiated) {
12
- self::initHooks();
13
- }
14
- }
15
-
16
- public static function initHooks()
17
- {
18
- self::$initiated = true;
19
-
20
- add_action('switch_theme', array('\CF\Hooks\AutomaticCache', 'switchWPTheme'));
21
- add_action('customize_save_after', array('\CF\Hooks\AutomaticCache', 'themeSaveButtonPressed'));
22
- }
23
-
24
- // "Save and Activate" pressed
25
- public static function switchWPTheme()
26
- {
27
- // Purge cache when theme is switched.
28
- self::purgeCache();
29
- }
30
-
31
- // "Save and Publish" pressed
32
- public static function themeSaveButtonPressed()
33
- {
34
- self::purgeCache();
35
- }
36
-
37
- // Purges everything
38
- public static function purgeCache()
39
- {
40
- if (self::isPluginSpecificCacheEnabled()) {
41
- $config = new \CF\Integration\DefaultConfig('[]');
42
- $logger = new \CF\Integration\DefaultLogger($config->getValue('debug'));
43
- $dataStore = new \CF\WordPress\DataStore($logger);
44
- $wordpressAPI = new \CF\WordPress\WordPressAPI($dataStore);
45
- $wordpressIntegration = new \CF\Integration\DefaultIntegration($config, $wordpressAPI, $dataStore, $logger);
46
- $clientAPIClient = new \CF\WordPress\WordPressClientAPI($wordpressIntegration);
47
-
48
- $wp_domain_list = $wordpressAPI->getDomainList();
49
- $wp_domain = $wp_domain_list[0];
50
- if (count($wp_domain) > 0) {
51
- $zoneTag = $clientAPIClient->getZoneTag($wp_domain);
52
-
53
- if (isset($zoneTag)) {
54
- // Do not care of the return value
55
- $clientAPIClient->zonePurgeCache($zoneTag);
56
- }
57
- }
58
- }
59
- }
60
-
61
- public static function isPluginSpecificCacheEnabled()
62
- {
63
- // TODO: refactor so we're only initing this stuff once.
64
- $config = new \CF\Integration\DefaultConfig('[]');
65
- $logger = new \CF\Integration\DefaultLogger($config->getValue('debug'));
66
- $dataStore = new \CF\WordPress\DataStore($logger);
67
-
68
- $cacheSettingObject = $dataStore->getPluginSetting(\CF\API\Plugin::SETTING_PLUGIN_SPECIFIC_CACHE);
69
- $cacheSettingValue = $cacheSettingObject[\CF\API\Plugin::SETTING_VALUE_KEY];
70
-
71
- return $cacheSettingValue;
72
- }
73
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
src/Hooks/Deactivation.php DELETED
@@ -1,17 +0,0 @@
1
- <?php
2
-
3
- namespace CF\Hooks;
4
-
5
- class Deactivation
6
- {
7
- public static function init()
8
- {
9
- // Create temp objects because we can't trust for them to be initialized
10
- $config = new \CF\Integration\DefaultConfig('[]');
11
- $logger = new \CF\Integration\DefaultLogger($config->getValue('debug'));
12
- $dataStore = new \CF\WordPress\DataStore($logger);
13
- $wordpressAPI = new \CF\WordPress\WordPressAPI($dataStore);
14
-
15
- $wordpressAPI->clearDataStore();
16
- }
17
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
src/Hooks/HTTP2ServerPush.php CHANGED
@@ -42,14 +42,15 @@ class HTTP2ServerPush
42
  return $src;
43
  }
44
 
45
- // If the current header size is larger than 6KB (6144 bytes)
46
  // ignore following resources which can be pushed
47
  // This is a workaround for Cloudflare's 8KB header limit
 
48
  $headerAsString = implode(' ', headers_list());
49
 
50
  // +2 comes from the last CRLF since it's two bytes
51
  $headerSize = strlen($headerAsString) + 2;
52
- if ($headerSize > 6144) {
53
  return $src;
54
  }
55
 
42
  return $src;
43
  }
44
 
45
+ // If the current header size is larger than 3KB (3072 bytes)
46
  // ignore following resources which can be pushed
47
  // This is a workaround for Cloudflare's 8KB header limit
48
+ // and fastcgi default 4KB header limit
49
  $headerAsString = implode(' ', headers_list());
50
 
51
  // +2 comes from the last CRLF since it's two bytes
52
  $headerSize = strlen($headerAsString) + 2;
53
+ if ($headerSize > 3072) {
54
  return $src;
55
  }
56
 
src/Hooks/Init.php DELETED
@@ -1,79 +0,0 @@
1
- <?php
2
-
3
- namespace CF\Hooks;
4
-
5
- use CloudFlare\IpRewrite;
6
-
7
- class Init
8
- {
9
- private static $initiated = false;
10
-
11
- public static function init()
12
- {
13
- if (!self::$initiated) {
14
- self::initHooks();
15
- }
16
-
17
- self::cloudflareInit();
18
- }
19
-
20
- public static function initHooks()
21
- {
22
- self::$initiated = true;
23
-
24
- add_action('admin_menu', array('\CF\Hooks\Init', 'cloudflareConfigPage'));
25
- add_action('admin_init', array('\CF\Hooks\Init', 'cloudflareAdminInit'));
26
- add_action('plugin_action_links_cloudflare/cloudflare.php', array('\CF\Hooks\Init', 'pluginActionLinks'));
27
- }
28
-
29
- public static function cloudflareInit()
30
- {
31
- $ipRewrite = new IpRewrite();
32
- $is_cf = $ipRewrite->isCloudFlare();
33
- if ($is_cf) {
34
- // The HTTP Request is from Cloudflare. Ip is rewritten successfully.
35
- // For more info: github.com/cloudflare/cf-ip-rewrite
36
- self::sslRewrite();
37
- }
38
- }
39
-
40
- public static function cloudflareConfigPage()
41
- {
42
- if (function_exists('add_options_page')) {
43
- add_options_page(__('CloudFlare Configuration'), __('CloudFlare'), 'manage_options', 'cloudflare', array('\CF\Hooks\Init', 'cloudflareIndexPage'));
44
- }
45
- }
46
-
47
- public static function cloudflareIndexPage()
48
- {
49
- include WP_PLUGIN_DIR.'/cloudflare/index.php';
50
- }
51
-
52
- public static function sslRewrite()
53
- {
54
- if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
55
- $_SERVER['HTTPS'] = 'on';
56
-
57
- return true;
58
- }
59
-
60
- return false;
61
- }
62
-
63
- public static function pluginActionLinks($links)
64
- {
65
- $links[] = '<a href="'.get_admin_url(null, 'options-general.php?page=cloudflare').'">Settings</a>';
66
-
67
- return $links;
68
- }
69
-
70
- public static function cloudflareAdminInit()
71
- {
72
- // NARNIA!!
73
- }
74
-
75
- public static function initProxy()
76
- {
77
- include WP_PLUGIN_DIR.'/cloudflare/proxy.php';
78
- }
79
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
src/WordPress/DataStore.php CHANGED
@@ -144,4 +144,19 @@ class DataStore implements DataStoreInterface
144
  {
145
  delete_option($key);
146
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
147
  }
144
  {
145
  delete_option($key);
146
  }
147
+
148
+ public function clearDataStore()
149
+ {
150
+ $pluginKeys = \CF\API\Plugin::getPluginSettingsKeys();
151
+
152
+ // Delete Plugin Setting Options
153
+ foreach ($pluginKeys as $optionName) {
154
+ $this->clear($optionName);
155
+ }
156
+
157
+ // Delete DataStore Options
158
+ $this->clear(self::API_KEY);
159
+ $this->clear(self::EMAIL);
160
+ $this->clear(self::CACHED_DOMAIN_NAME);
161
+ }
162
  }
src/WordPress/Hooks.php ADDED
@@ -0,0 +1,163 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace CF\WordPress;
4
+
5
+ use CloudFlare\IpRewrite;
6
+
7
+ class Hooks
8
+ {
9
+ protected $api;
10
+ protected $config;
11
+ protected $dataStore;
12
+ protected $integrationAPI;
13
+ protected $ipRewrite;
14
+ protected $logger;
15
+
16
+ const CF_MIN_PHP_VERSION = '5.3';
17
+ const CF_MIN_WP_VERSION = '3.4';
18
+
19
+ /**
20
+ * @param \CF\Integration\IntegrationInterface $integrationContext
21
+ */
22
+ public function __construct(\CF\Integration\IntegrationInterface $integrationContext)
23
+ {
24
+ $this->api = new \CF\WordPress\WordPressClientAPI($integrationContext);
25
+ $this->config = $integrationContext->getConfig();
26
+ $this->dataStore = $integrationContext->getDataStore();
27
+ $this->integrationAPI = $integrationContext->getIntegrationAPI();
28
+ $this->ipRewrite = new IpRewrite();
29
+ $this->logger = $integrationContext->getLogger();
30
+ }
31
+
32
+ /**
33
+ * @param \CF\API\APIInterface $api
34
+ */
35
+ public function setAPI(\CF\API\APIInterface $api)
36
+ {
37
+ $this->api = $api;
38
+ }
39
+
40
+ public function setIPRewrite(\CloudFlare\IpRewrite $ipRewrite) {
41
+ $this->ipRewrite = $ipRewrite;
42
+ }
43
+
44
+ public function init()
45
+ {
46
+ if ($this->ipRewrite->isCloudFlare()) {
47
+ // Fixes issues with Flexible-SSL
48
+ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
49
+ $_SERVER['HTTPS'] = 'on';
50
+ }
51
+ }
52
+ }
53
+
54
+ public function cloudflareConfigPage()
55
+ {
56
+ if (function_exists('add_options_page')) {
57
+ add_options_page(__('CloudFlare Configuration'), __('CloudFlare'), 'manage_options', 'cloudflare', array($this, 'cloudflareIndexPage'));
58
+ }
59
+ }
60
+
61
+ public function cloudflareIndexPage()
62
+ {
63
+ include WP_PLUGIN_DIR.'/cloudflare/index.php';
64
+ }
65
+
66
+ public function pluginActionLinks($links)
67
+ {
68
+ $links[] = '<a href="'.get_admin_url(null, 'options-general.php?page=cloudflare').'">Settings</a>';
69
+
70
+ return $links;
71
+ }
72
+
73
+ public function cloudflareAdminInit()
74
+ {
75
+ // NARNIA!!
76
+ }
77
+
78
+ public function initProxy()
79
+ {
80
+ include WP_PLUGIN_DIR.'/cloudflare/proxy.php';
81
+ }
82
+
83
+ public function activate()
84
+ {
85
+ $this->checkVersionCompatibility();
86
+ $this->checkDependenciesExist();
87
+ }
88
+
89
+ public function checkVersionCompatibility()
90
+ {
91
+ //wordpress global
92
+ global $wp_version;
93
+
94
+ if (version_compare(PHP_VERSION, self::CF_MIN_PHP_VERSION, '<')) {
95
+ $flag = 'PHP';
96
+ $version = self::CF_MIN_PHP_VERSION;
97
+ }
98
+
99
+ if (version_compare($wp_version, self::CF_MIN_WP_VERSION, '<')) {
100
+ $flag = 'WordPress';
101
+ $version = self::CF_MIN_WP_VERSION;
102
+ }
103
+
104
+ if (isset($flag) || isset($version)) {
105
+ // Deactivate Plugin
106
+ deactivate_plugins(basename(__FILE__));
107
+
108
+ // Kill Execution
109
+ wp_die('<p><strong>Cloudflare</strong> plugin requires '.$flag.' version '.$version.' or greater.</p>', 'Plugin Activation Error', array('response' => 200, 'back_link' => true));
110
+
111
+ return;
112
+ }
113
+ }
114
+
115
+ public function checkDependenciesExist()
116
+ {
117
+ // Guzzle3 depends on php5-curl. If dependency does not exist kill the plugin.
118
+ if (!extension_loaded('curl')) {
119
+ // Deactivate Plugin
120
+ deactivate_plugins(basename(__FILE__));
121
+
122
+ wp_die('<p><strong>Cloudflare</strong> plugin requires php5-curl to be installed.</p>', 'Plugin Activation Error', array('response' => 200, 'back_link' => true));
123
+
124
+ return;
125
+ }
126
+ }
127
+
128
+ public function deactivate()
129
+ {
130
+ $this->dataStore->clearDataStore();
131
+ }
132
+
133
+ public static function uninstall() {
134
+ $config = new \CF\Integration\DefaultConfig('[]');
135
+ $logger = new \CF\Integration\DefaultLogger($config->getValue('debug'));
136
+ $dataStore = new \CF\WordPress\DataStore($logger);
137
+ $dataStore->clearDataStore();
138
+ }
139
+
140
+ public function purgeCache()
141
+ {
142
+ if ($this->isPluginSpecificCacheEnabled()) {
143
+ $wp_domain_list = $this->integrationAPI->getDomainList();
144
+ $wp_domain = $wp_domain_list[0];
145
+ if (count($wp_domain) > 0) {
146
+ $zoneTag = $this->api->getZoneTag($wp_domain);
147
+
148
+ if (isset($zoneTag)) {
149
+ // Do not care of the return value
150
+ $this->api->zonePurgeCache($zoneTag);
151
+ }
152
+ }
153
+ }
154
+ }
155
+
156
+ public function isPluginSpecificCacheEnabled()
157
+ {
158
+ $cacheSettingObject = $this->dataStore->getPluginSetting(\CF\API\Plugin::SETTING_PLUGIN_SPECIFIC_CACHE);
159
+ $cacheSettingValue = $cacheSettingObject[\CF\API\Plugin::SETTING_VALUE_KEY];
160
+
161
+ return $cacheSettingValue;
162
+ }
163
+ }
src/WordPress/PluginActions.php CHANGED
@@ -115,14 +115,14 @@ class PluginActions extends AbstractPluginActions
115
  throw new ZoneSettingFailException();
116
  }
117
 
118
- // If plan supports Mirage and Polish try to set them off
119
  if (!Plans::PlanNeedsUpgrade($currentPlan, Plans::BIZ_PLAN)) {
120
- $result &= $this->clientAPI->changeZoneSettings($zoneId, 'mirage', array('value' => 'off'));
121
  if (!$result) {
122
  throw new ZoneSettingFailException();
123
  }
124
 
125
- $result &= $this->clientAPI->changeZoneSettings($zoneId, 'polish', array('value' => 'off'));
126
  if (!$result) {
127
  throw new ZoneSettingFailException();
128
  }
115
  throw new ZoneSettingFailException();
116
  }
117
 
118
+ // If plan supports Mirage and Polish try to set them on
119
  if (!Plans::PlanNeedsUpgrade($currentPlan, Plans::BIZ_PLAN)) {
120
+ $result &= $this->clientAPI->changeZoneSettings($zoneId, 'mirage', array('value' => 'on'));
121
  if (!$result) {
122
  throw new ZoneSettingFailException();
123
  }
124
 
125
+ $result &= $this->clientAPI->changeZoneSettings($zoneId, 'polish', array('value' => 'lossless'));
126
  if (!$result) {
127
  throw new ZoneSettingFailException();
128
  }
src/{Hooks → WordPress}/Uninstall.php RENAMED
@@ -1,17 +1,18 @@
1
  <?php
2
 
3
- namespace CF\Hooks;
4
 
 
 
5
  class Uninstall
6
  {
7
  public static function init()
8
  {
9
- // Create temp objects because we can't trust for them to be initialized
10
  $config = new \CF\Integration\DefaultConfig('[]');
11
  $logger = new \CF\Integration\DefaultLogger($config->getValue('debug'));
12
  $dataStore = new \CF\WordPress\DataStore($logger);
13
- $wordpressAPI = new \CF\WordPress\WordPressAPI($dataStore);
14
 
15
- $wordpressAPI->clearDataStore();
16
  }
17
  }
1
  <?php
2
 
3
+ namespace CF\WordPress;
4
 
5
+ // Uninstall must have it's own class since WordPress doesn't accept
6
+ // non-static class function for register_uninstall_hook
7
  class Uninstall
8
  {
9
  public static function init()
10
  {
11
+ // Create temp objects because to call clearDataStore
12
  $config = new \CF\Integration\DefaultConfig('[]');
13
  $logger = new \CF\Integration\DefaultLogger($config->getValue('debug'));
14
  $dataStore = new \CF\WordPress\DataStore($logger);
 
15
 
16
+ $dataStore->clearDataStore();
17
  }
18
  }
src/WordPress/Utils.php CHANGED
@@ -5,9 +5,9 @@ namespace CF\WordPress;
5
  class Utils
6
  {
7
  /**
8
- * @param $haystack
9
- * @param $needle
10
- *
11
  * @return bool
12
  */
13
  public static function endsWith($haystack, $needle)
@@ -21,7 +21,15 @@ class Utils
21
  return false;
22
  }
23
 
24
- return self::endsWith($subDomainName, $domainName) && $subDomainName !== $domainName;
 
 
 
 
 
 
 
 
25
  }
26
 
27
  public static function getRegistrableDomain($domainName)
5
  class Utils
6
  {
7
  /**
8
+ * @param $haystack
9
+ * @param $needle
10
+ *
11
  * @return bool
12
  */
13
  public static function endsWith($haystack, $needle)
21
  return false;
22
  }
23
 
24
+ // Check if strpos is a positive integer
25
+ $dotPosition = strpos($subDomainName, $domainName) - 1;
26
+ if ($dotPosition === -1) {
27
+ return false;
28
+ }
29
+
30
+ return self::endsWith($subDomainName, $domainName) &&
31
+ $subDomainName !== $domainName &&
32
+ $subDomainName[$dotPosition] == '.';
33
  }
34
 
35
  public static function getRegistrableDomain($domainName)
src/WordPress/WordPressAPI.php CHANGED
@@ -73,7 +73,7 @@ class WordPressAPI implements IntegrationAPIInterface
73
  /**
74
  * We wrap the return value with an array to be consistent between
75
  * other plugins.
76
- *
77
  * @param null $userId
78
  *
79
  * @return mixed
@@ -133,29 +133,16 @@ class WordPressAPI implements IntegrationAPIInterface
133
  /**
134
  * @return mixed
135
  */
136
- public function getValidCloudflareDomain($response, $domainName)
137
  {
138
- foreach ($response['result'] as $zone) {
139
- if (Utils::isSubdomainOf($domainName, $zone['name'])) {
140
- return $zone['name'];
 
 
141
  }
142
  }
143
 
144
  return false;
145
  }
146
-
147
- public function clearDataStore()
148
- {
149
- $pluginKeys = \CF\API\Plugin::getPluginSettingsKeys();
150
-
151
- // Delete Plugin Setting Options
152
- foreach ($pluginKeys as $optionName) {
153
- $this->dataStore->clear($optionName);
154
- }
155
-
156
- // Delete DataStore Options
157
- $this->dataStore->clear(DataStore::API_KEY);
158
- $this->dataStore->clear(DataStore::EMAIL);
159
- $this->dataStore->clear(DataStore::CACHED_DOMAIN_NAME);
160
- }
161
  }
73
  /**
74
  * We wrap the return value with an array to be consistent between
75
  * other plugins.
76
+ *
77
  * @param null $userId
78
  *
79
  * @return mixed
133
  /**
134
  * @return mixed
135
  */
136
+ public function checkIfValidCloudflareSubdomain($response, $domainName)
137
  {
138
+ if (isset($response['result'])) {
139
+ foreach ($response['result'] as $zone) {
140
+ if (Utils::isSubdomainOf($domainName, $zone['name'])) {
141
+ return $zone['name'];
142
+ }
143
  }
144
  }
145
 
146
  return false;
147
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
148
  }
src/WordPress/WordPressClientAPI.php CHANGED
@@ -112,4 +112,15 @@ class WordPressClientAPI extends Client
112
  'status' => 'active',
113
  );
114
  }
 
 
 
 
 
 
 
 
 
 
 
115
  }
112
  'status' => 'active',
113
  );
114
  }
115
+
116
+ /**
117
+ * @return bool
118
+ */
119
+ public function isCrendetialsSet()
120
+ {
121
+ $apiKey = $this->data_store->getClientV4APIKey();
122
+ $email = $this->data_store->getCloudFlareEmail();
123
+
124
+ return isset($apiKey) && isset($email);
125
+ }
126
  }