WP Engine Automated Migration - Version 3.2

Version Description

  • Updating account authentication struture
Download this release

Release Info

Developer ritesh.soni36
Plugin Icon 128x128 WP Engine Automated Migration
Version 3.2
Comparing to
See all releases

Code changes from version 2.1 to 3.2

Files changed (15) hide show
  1. account.php +84 -89
  2. callback/handler.php +5 -4
  3. callback/request.php +126 -60
  4. callback/response.php +5 -6
  5. callback/streams.php +13 -13
  6. callback/wings/account.php +22 -11
  7. callback/wings/info.php +10 -0
  8. info.php +1 -2
  9. readme.txt +8 -1
  10. recover.php +47 -0
  11. wp_actions.php +1 -2
  12. wp_admin.php +7 -6
  13. wp_api.php +16 -4
  14. wp_site_info.php +1 -1
  15. wpengine.php +31 -13
account.php CHANGED
@@ -7,6 +7,8 @@ if (!class_exists('WPEAccount')) :
7
  public $public;
8
  public $secret;
9
  public $sig_match;
 
 
10
 
11
  public function __construct($settings, $public, $secret) {
12
  $this->settings = $settings;
@@ -14,19 +16,21 @@ if (!class_exists('WPEAccount')) :
14
  $this->secret = $secret;
15
  }
16
 
17
- public static function find($settings, $public = false) {
18
- if (!$public) {
19
- $public = self::defaultPublic($settings);
 
20
  }
21
- $bvkeys = self::allKeys($settings);
22
- if ($public && array_key_exists($public, $bvkeys) && isset($bvkeys[$public])) {
23
- $secret = $bvkeys[$public];
24
- } else {
25
- $secret = self::defaultSecret($settings);
26
  }
27
  return new self($settings, $public, $secret);
28
  }
29
 
 
 
 
 
30
  public static function randString($length) {
31
  $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
32
 
@@ -38,24 +42,53 @@ if (!class_exists('WPEAccount')) :
38
  return $str;
39
  }
40
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
41
  public static function allAccounts($settings) {
42
- return $settings->getOption('bvAccounts');
 
 
 
 
43
  }
44
 
45
- public static function hasAccount($settings) {
46
  $accounts = self::allAccounts($settings);
47
- return (is_array($accounts) && sizeof($accounts) >= 1);
 
 
 
 
 
 
 
48
  }
49
 
50
  public static function isConfigured($settings) {
51
- return self::defaultPublic($settings);
 
52
  }
53
 
54
- public function setup() {
55
- $bvinfo = new WPEInfo($this->settings);
56
- $this->settings->updateOption('bvSecretKey', self::randString(32));
57
- $this->settings->updateOption($bvinfo->plug_redirect, 'yes');
58
- $this->settings->updateOption('bvActivateTime', time());
59
  }
60
 
61
  public function authenticatedUrl($method) {
@@ -76,50 +109,13 @@ if (!class_exists('WPEAccount')) :
76
  return $args;
77
  }
78
 
79
- public static function defaultPublic($settings) {
80
- return $settings->getOption('bvPublic');
81
- }
82
-
83
- public static function defaultSecret($settings) {
84
- return $settings->getOption('bvSecretKey');
85
- }
86
-
87
- public static function allKeys($settings) {
88
- $keys = $settings->getOption('bvkeys');
89
- if (!is_array($keys)) {
90
- $keys = array();
91
- }
92
- $public = self::defaultPublic($settings);
93
- $secret = self::defaultSecret($settings);
94
- if ($public)
95
- $keys[$public] = $secret;
96
- $keys['default'] = $secret;
97
- return $keys;
98
- }
99
-
100
- public function addKeys($public, $secret) {
101
- $bvkeys = $this->settings->getOption('bvkeys');
102
- if (!$bvkeys || (!is_array($bvkeys))) {
103
- $bvkeys = array();
104
- }
105
- $bvkeys[$public] = $secret;
106
- $this->settings->updateOption('bvkeys', $bvkeys);
107
- }
108
-
109
- public function updateKeys($publickey, $secretkey) {
110
- $this->settings->updateOption('bvPublic', $publickey);
111
- $this->settings->updateOption('bvSecretKey', $secretkey);
112
- $this->addKeys($publickey, $secretkey);
113
- }
114
-
115
- public function rmKeys($publickey) {
116
- $bvkeys = $this->settings->getOption('bvkeys');
117
- if ($bvkeys && is_array($bvkeys)) {
118
- unset($bvkeys[$publickey]);
119
- $this->settings->updateOption('bvkeys', $bvkeys);
120
- return true;
121
  }
122
- return false;
 
123
  }
124
 
125
  public function respInfo() {
@@ -129,47 +125,50 @@ if (!class_exists('WPEAccount')) :
129
  );
130
  }
131
 
132
- public function authenticate() {
133
- $method = $_REQUEST['bvMethod'];
134
- $time = intval($_REQUEST['bvTime']);
135
- $version = $_REQUEST['bvVersion'];
136
- $sig = $_REQUEST['sig'];
 
 
 
 
 
 
 
 
 
137
  if ($time < intval($this->settings->getOption('bvLastRecvTime')) - 300) {
138
  return false;
139
  }
140
- if (array_key_exists('sha1', $_REQUEST)) {
141
- $sig_match = sha1($method.$this->secret.$time.$version);
142
- } else {
143
- $sig_match = md5($method.$this->secret.$time.$version);
144
- }
145
- $this->sig_match = $sig_match;
146
- if ($sig_match !== $sig) {
147
  return $sig_match;
148
  }
149
  $this->settings->updateOption('bvLastRecvTime', $time);
150
  return 1;
151
  }
152
 
153
- public function add($info) {
154
  $accounts = self::allAccounts($this->settings);
155
- if(!is_array($accounts)) {
156
- $accounts = array();
157
- }
158
  $pubkey = $info['pubkey'];
 
 
 
159
  $accounts[$pubkey]['lastbackuptime'] = time();
 
160
  $accounts[$pubkey]['url'] = $info['url'];
161
  $accounts[$pubkey]['email'] = $info['email'];
162
- $this->update($accounts);
163
  }
164
 
165
- public function remove($pubkey) {
166
- $bvkeys = $this->settings->getOption('bvkeys');
167
- $accounts = self::allAccounts($this->settings);
168
- $this->rmkeys($pubkey);
169
- $this->setup();
170
- if ($accounts && is_array($accounts)) {
171
  unset($accounts[$pubkey]);
172
- $this->update($accounts);
173
  return true;
174
  }
175
  return false;
@@ -179,9 +178,5 @@ if (!class_exists('WPEAccount')) :
179
  $accounts = self::allAccounts($this->settings);
180
  return array_key_exists($pubkey, $accounts);
181
  }
182
-
183
- public function update($accounts) {
184
- $this->settings->updateOption('bvAccounts', $accounts);
185
- }
186
  }
187
- endif;
7
  public $public;
8
  public $secret;
9
  public $sig_match;
10
+ public static $api_public_key = 'bvApiPublic';
11
+ public static $accounts_list = 'bvAccountsList';
12
 
13
  public function __construct($settings, $public, $secret) {
14
  $this->settings = $settings;
16
  $this->secret = $secret;
17
  }
18
 
19
+ public static function find($settings, $public) {
20
+ $accounts = self::allAccounts($settings);
21
+ if (array_key_exists($public, $accounts) && isset($accounts[$public]['secret'])) {
22
+ $secret = $accounts[$public]['secret'];
23
  }
24
+ if (empty($secret) || (strlen($secret) < 32)) {
25
+ return null;
 
 
 
26
  }
27
  return new self($settings, $public, $secret);
28
  }
29
 
30
+ public static function update($settings, $allAccounts) {
31
+ $settings->updateOption(self::$accounts_list, $allAccounts);
32
+ }
33
+
34
  public static function randString($length) {
35
  $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
36
 
42
  return $str;
43
  }
44
 
45
+ public static function apiPublicAccount($settings) {
46
+ $pubkey = $settings->getOption(self::$api_public_key);
47
+ return self::find($settings, $pubkey);
48
+ }
49
+
50
+ public static function updateApiPublicKey($settings, $pubkey) {
51
+ $settings->updateOption(self::$api_public_key, $pubkey);
52
+ }
53
+
54
+ public static function getApiPublicKey($settings) {
55
+ return $settings->getOption(self::$api_public_key);
56
+ }
57
+
58
+ public static function getPlugName($settings) {
59
+ $bvinfo = new WPEInfo($settings);
60
+ return $bvinfo->plugname;
61
+ }
62
+
63
  public static function allAccounts($settings) {
64
+ $accounts = $settings->getOption(self::$accounts_list);
65
+ if (!is_array($accounts)) {
66
+ $accounts = array();
67
+ }
68
+ return $accounts;
69
  }
70
 
71
+ public static function accountsByPlugname($settings) {
72
  $accounts = self::allAccounts($settings);
73
+ $accountsByPlugname = array();
74
+ $plugname = self::getPlugName($settings);
75
+ foreach ($accounts as $pubkey => $value) {
76
+ if (array_key_exists($plugname, $value) && $value[$plugname] == 1) {
77
+ $accountsByPlugname[$pubkey] = $value;
78
+ }
79
+ }
80
+ return $accountsByPlugname;
81
  }
82
 
83
  public static function isConfigured($settings) {
84
+ $accounts = self::accountsByPlugname($settings);
85
+ return (sizeof($accounts) >= 1);
86
  }
87
 
88
+ public static function setup($settings) {
89
+ $bvinfo = new WPEInfo($settings);
90
+ $settings->updateOption($bvinfo->plug_redirect, 'yes');
91
+ $settings->updateOption('bvActivateTime', time());
 
92
  }
93
 
94
  public function authenticatedUrl($method) {
109
  return $args;
110
  }
111
 
112
+ public static function addAccount($settings, $public, $secret) {
113
+ $accounts = self::allAccounts($settings);
114
+ if (!isset($public, $accounts)) {
115
+ $accounts[$public] = array();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
116
  }
117
+ $accounts[$public]['secret'] = $secret;
118
+ self::update($settings, $accounts);
119
  }
120
 
121
  public function respInfo() {
125
  );
126
  }
127
 
128
+ public static function getSigMatch($request, $secret) {
129
+ $method = $request->method;
130
+ $time = $request->time;
131
+ $version = $request->version;
132
+ if ($request->is_sha1) {
133
+ $sig_match = sha1($method.$secret.$time.$version);
134
+ } else {
135
+ $sig_match = md5($method.$secret.$time.$version);
136
+ }
137
+ return $sig_match;
138
+ }
139
+
140
+ public function authenticate($request) {
141
+ $time = $request->time;
142
  if ($time < intval($this->settings->getOption('bvLastRecvTime')) - 300) {
143
  return false;
144
  }
145
+ $this->sig_match = self::getSigMatch($request, $this->secret);
146
+ if ($this->sig_match !== $request->sig) {
 
 
 
 
 
147
  return $sig_match;
148
  }
149
  $this->settings->updateOption('bvLastRecvTime', $time);
150
  return 1;
151
  }
152
 
153
+ public function updateInfo($info) {
154
  $accounts = self::allAccounts($this->settings);
155
+ $plugname = self::getPlugName($this->settings);
 
 
156
  $pubkey = $info['pubkey'];
157
+ if (!array_key_exists($pubkey, $accounts)) {
158
+ $accounts[$pubkey] = array();
159
+ }
160
  $accounts[$pubkey]['lastbackuptime'] = time();
161
+ $accounts[$pubkey][$plugname] = true;
162
  $accounts[$pubkey]['url'] = $info['url'];
163
  $accounts[$pubkey]['email'] = $info['email'];
164
+ self::update($this->settings, $accounts);
165
  }
166
 
167
+ public static function remove($settings, $pubkey) {
168
+ $accounts = self::allAccounts($settings);
169
+ if (array_key_exists($pubkey, $accounts)) {
 
 
 
170
  unset($accounts[$pubkey]);
171
+ self::update($settings, $accounts);
172
  return true;
173
  }
174
  return false;
178
  $accounts = self::allAccounts($this->settings);
179
  return array_key_exists($pubkey, $accounts);
180
  }
 
 
 
 
181
  }
182
+ endif;
callback/handler.php CHANGED
@@ -11,13 +11,13 @@ if (!class_exists('BVCallbackHandler')) :
11
  public $account;
12
  public $response;
13
 
14
- public function __construct($db, $settings, $siteinfo, $request, $account) {
15
  $this->db = $db;
16
  $this->settings = $settings;
17
  $this->siteinfo = $siteinfo;
18
  $this->request = $request;
19
  $this->account = $account;
20
- $this->response = new BVCallbackResponse();
21
  }
22
 
23
  public function bvAdmExecuteWithoutUser() {
@@ -35,9 +35,10 @@ if (!class_exists('BVCallbackHandler')) :
35
  "request_info" => $this->request->respInfo(),
36
  "site_info" => $this->siteinfo->respInfo(),
37
  "account_info" => $this->account->respInfo(),
38
- "bvinfo" => $bvinfo->respInfo()
 
39
  );
40
- $this->response->terminate($resp, $this->request->params);
41
  }
42
 
43
  public function routeRequest() {
11
  public $account;
12
  public $response;
13
 
14
+ public function __construct($db, $settings, $siteinfo, $request, $account, $response) {
15
  $this->db = $db;
16
  $this->settings = $settings;
17
  $this->siteinfo = $siteinfo;
18
  $this->request = $request;
19
  $this->account = $account;
20
+ $this->response = $response;
21
  }
22
 
23
  public function bvAdmExecuteWithoutUser() {
35
  "request_info" => $this->request->respInfo(),
36
  "site_info" => $this->siteinfo->respInfo(),
37
  "account_info" => $this->account->respInfo(),
38
+ "bvinfo" => $bvinfo->respInfo(),
39
+ "api_pubkey" => substr(WPEAccount::getApiPublicKey($this->settings), 0, 8)
40
  );
41
+ $this->response->terminate($resp);
42
  }
43
 
44
  public function routeRequest() {
callback/request.php CHANGED
@@ -9,16 +9,31 @@ if (!class_exists('BVCallbackRequest')) :
9
  public $is_afterload;
10
  public $is_admin_ajax;
11
  public $is_debug;
12
- public $is_recovery;
13
-
14
- public function __construct($params) {
15
- $this->params = $params;
16
- $this->wing = $this->params['wing'];
17
- $this->method = $this->params['bvMethod'];
18
- $this->is_afterload = array_key_exists('afterload', $this->params);
19
- $this->is_admin_ajax = array_key_exists('adajx', $this->params);
20
- $this->is_debug = array_key_exists('bvdbg', $this->params);
21
- $this->is_recovery = array_key_exists('bvrcvr', $this->params);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
22
  }
23
 
24
  public function isAPICall() {
@@ -27,9 +42,9 @@ if (!class_exists('BVCallbackRequest')) :
27
 
28
  public function respInfo() {
29
  $info = array(
30
- "requestedsig" => $this->params['sig'],
31
- "requestedtime" => intval($this->params['bvTime']),
32
- "requestedversion" => $this->params['bvVersion']
33
  );
34
  if ($this->is_debug) {
35
  $info["inreq"] = $this->params;
@@ -40,74 +55,125 @@ if (!class_exists('BVCallbackRequest')) :
40
  if ($this->is_afterload) {
41
  $info["afterload"] = true;
42
  }
 
 
 
43
  return $info;
44
  }
45
 
46
- public function processParams() {
47
- $params = $this->params;
48
- if (array_key_exists('obend', $params) && function_exists('ob_end_clean'))
 
49
  @ob_end_clean();
50
- if (array_key_exists('op_reset', $params) && function_exists('output_reset_rewrite_vars'))
 
51
  @output_reset_rewrite_vars();
52
- if (array_key_exists('binhead', $params)) {
 
53
  header("Content-type: application/binary");
54
  header('Content-Transfer-Encoding: binary');
55
  }
56
- if (array_key_exists('concat', $params)) {
57
- foreach ($params['concat'] as $key) {
 
58
  $concated = '';
59
- $count = intval($params[$key]);
60
  for ($i = 1; $i <= $count; $i++) {
61
- $concated .= $params[$key."_bv_".$i];
62
  }
63
- $params[$key] = $concated;
64
  }
65
  }
66
- if (array_key_exists('b64', $params)) {
67
- foreach ($params['b64'] as $key) {
68
- if (is_array($params[$key])) {
69
- $params[$key] = array_map('base64_decode', $params[$key]);
70
- } else {
71
- $params[$key] = base64_decode($params[$key]);
72
- }
73
- }
74
- }
75
- if (array_key_exists('unser', $params)) {
76
- foreach ($params['unser'] as $key) {
77
- $params[$key] = json_decode($params[$key], TRUE);
78
  }
79
- }
80
- if (array_key_exists('b642', $params)) {
81
- foreach ($params['b642'] as $key) {
82
- if (is_array($params[$key])) {
83
- $params[$key] = array_map('base64_decode', $params[$key]);
84
- } else {
85
- $params[$key] = base64_decode($params[$key]);
 
 
 
 
 
 
 
86
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
87
  }
88
  }
89
- if (array_key_exists('dic', $params)) {
90
- foreach ($params['dic'] as $key => $mkey) {
91
- $params[$mkey] = $params[$key];
92
- unset($params[$key]);
93
- }
 
 
94
  }
95
- if (array_key_exists('clacts', $params)) {
96
- foreach ($params['clacts'] as $action) {
97
- remove_all_actions($action);
98
- }
99
  }
100
- if (array_key_exists('clallacts', $params)) {
101
- global $wp_filter;
102
- foreach ( $wp_filter as $filter => $val ){
103
- remove_all_actions($filter);
104
- }
105
  }
106
- if (array_key_exists('memset', $params)) {
107
- $val = intval(urldecode($params['memset']));
108
- @ini_set('memory_limit', $val.'M');
 
 
 
 
109
  }
110
- return $params;
 
111
  }
112
  }
113
  endif;
9
  public $is_afterload;
10
  public $is_admin_ajax;
11
  public $is_debug;
12
+ public $account;
13
+ public $calculated_mac;
14
+ public $sig;
15
+ public $time;
16
+ public $version;
17
+ public $is_sha1;
18
+ public $bvb64stream;
19
+ public $bvb64cksize;
20
+ public $checksum;
21
+
22
+ public function __construct($account, $in_params) {
23
+ $this->params = array();
24
+ $this->account = $account;
25
+ $this->wing = $in_params['wing'];
26
+ $this->method = $in_params['bvMethod'];
27
+ $this->is_afterload = array_key_exists('afterload', $in_params);
28
+ $this->is_admin_ajax = array_key_exists('adajx', $in_params);
29
+ $this->is_debug = array_key_exists('bvdbg', $in_params);
30
+ $this->sig = $in_params['sig'];
31
+ $this->time = intval($in_params['bvTime']);
32
+ $this->version = $in_params['bvVersion'];
33
+ $this->is_sha1 = array_key_exists('sha1', $in_params);
34
+ $this->bvb64stream = isset($in_params['bvb64stream']);
35
+ $this->bvb64cksize = array_key_exists('bvb64cksize', $in_params) ? intval($in_params['bvb64cksize']) : false;
36
+ $this->checksum = array_key_exists('checksum', $in_params) ? $in_params['checksum'] : false;
37
  }
38
 
39
  public function isAPICall() {
42
 
43
  public function respInfo() {
44
  $info = array(
45
+ "requestedsig" => $this->sig,
46
+ "requestedtime" => $this->time,
47
+ "requestedversion" => $this->version
48
  );
49
  if ($this->is_debug) {
50
  $info["inreq"] = $this->params;
55
  if ($this->is_afterload) {
56
  $info["afterload"] = true;
57
  }
58
+ if ($this->calculated_mac) {
59
+ $info["calculated_mac"] = $this->calculated_mac;
60
+ }
61
  return $info;
62
  }
63
 
64
+ public function processParams($in_params) {
65
+ $params = array();
66
+
67
+ if (array_key_exists('obend', $in_params) && function_exists('ob_end_clean'))
68
  @ob_end_clean();
69
+
70
+ if (array_key_exists('op_reset', $in_params) && function_exists('output_reset_rewrite_vars'))
71
  @output_reset_rewrite_vars();
72
+
73
+ if (array_key_exists('binhead', $in_params)) {
74
  header("Content-type: application/binary");
75
  header('Content-Transfer-Encoding: binary');
76
  }
77
+
78
+ if (array_key_exists('concat', $in_params)) {
79
+ foreach ($in_params['concat'] as $key) {
80
  $concated = '';
81
+ $count = intval($in_params[$key]);
82
  for ($i = 1; $i <= $count; $i++) {
83
+ $concated .= $in_params[$key."_bv_".$i];
84
  }
85
+ $in_params[$key] = $concated;
86
  }
87
  }
88
+
89
+ if (array_key_exists('bvprms', $in_params) && isset($in_params['bvprms']) &&
90
+ array_key_exists('bvprmsmac', $in_params) && isset($in_params['bvprmsmac'])) {
91
+ $digest_algo = 'SHA1';
92
+ $sent_mac = $in_params['bvprmsmac'];
93
+
94
+ if (array_key_exists('bvprmshshalgo', $in_params) && isset($in_params['bvprmshshalgo'])) {
95
+ $digest_algo = $in_params['bvprmshshalgo'];
 
 
 
 
96
  }
97
+
98
+ $calculated_mac = hash_hmac($digest_algo, $in_params['bvprms'], $this->account->secret);
99
+ $this->calculated_mac = substr($calculated_mac, 0, 6);
100
+
101
+ if ($this->compare_mac($sent_mac, $calculated_mac) === true) {
102
+
103
+ if (array_key_exists('b64', $in_params)) {
104
+ foreach ($in_params['b64'] as $key) {
105
+ if (is_array($in_params[$key])) {
106
+ $in_params[$key] = array_map('base64_decode', $in_params[$key]);
107
+ } else {
108
+ $in_params[$key] = base64_decode($in_params[$key]);
109
+ }
110
+ }
111
  }
112
+
113
+ if (array_key_exists('unser', $in_params)) {
114
+ foreach ($in_params['unser'] as $key) {
115
+ $in_params[$key] = json_decode($in_params[$key], TRUE);
116
+ }
117
+ }
118
+
119
+ if (array_key_exists('sersafe', $in_params)) {
120
+ $key = $in_params['sersafe'];
121
+ $in_params[$key] = BVCallbackRequest::serialization_safe_decode($in_params[$key]);
122
+ }
123
+
124
+ if (array_key_exists('bvprms', $in_params) && isset($in_params['bvprms'])) {
125
+ $params = $in_params['bvprms'];
126
+ }
127
+
128
+ if (array_key_exists('clacts', $in_params)) {
129
+ foreach ($in_params['clacts'] as $action) {
130
+ remove_all_actions($action);
131
+ }
132
+ }
133
+
134
+ if (array_key_exists('clallacts', $in_params)) {
135
+ global $wp_filter;
136
+ foreach ( $wp_filter as $filter => $val ){
137
+ remove_all_actions($filter);
138
+ }
139
+ }
140
+
141
+ if (array_key_exists('memset', $in_params)) {
142
+ $val = intval(urldecode($in_params['memset']));
143
+ @ini_set('memory_limit', $val.'M');
144
+ }
145
+
146
+ return $params;
147
  }
148
  }
149
+
150
+ return false;
151
+ }
152
+
153
+ private function compare_mac($l_hash, $r_hash) {
154
+ if (!is_string($l_hash) || !is_string($r_hash)) {
155
+ return false;
156
  }
157
+
158
+ if (strlen($l_hash) !== strlen($r_hash)) {
159
+ return false;
 
160
  }
161
+
162
+ if (function_exists('hash_equals')) {
163
+ return hash_equals($l_hash, $r_hash);
164
+ } else {
165
+ return $l_hash === $r_hash;
166
  }
167
+ }
168
+
169
+ public static function serialization_safe_decode($data) {
170
+ if (is_array($data)) {
171
+ $data = array_map(array('BVCallbackRequest', 'serialization_safe_decode'), $data);
172
+ } elseif (is_string($data)) {
173
+ $data = base64_decode($data);
174
  }
175
+
176
+ return $data;
177
  }
178
  }
179
  endif;
callback/response.php CHANGED
@@ -5,9 +5,11 @@ if (!class_exists('BVCallbackResponse')) :
5
 
6
  class BVCallbackResponse extends BVCallbackBase {
7
  public $status;
 
8
 
9
- public function __construct() {
10
  $this->status = array("blogvault" => "response");
 
11
  }
12
 
13
  public function addStatus($key, $value) {
@@ -21,14 +23,11 @@ if (!class_exists('BVCallbackResponse')) :
21
  $this->status[$key][] = $value;
22
  }
23
 
24
- public function terminate($resp = array(), $req_params) {
25
  $resp = array_merge($this->status, $resp);
26
  $resp["signature"] = "Blogvault API";
27
  $response = "bvbvbvbvbv".serialize($resp)."bvbvbvbvbv";
28
- if (array_key_exists('bvb64resp', $req_params)) {
29
- $chunk_size = array_key_exists('bvb64cksize', $req_params) ? intval($req_params['bvb64cksize']) : false;
30
- $response = "bvb64bvb64".$this->base64Encode($response, $chunk_size)."bvb64bvb64";
31
- }
32
  die($response);
33
 
34
  exit;
5
 
6
  class BVCallbackResponse extends BVCallbackBase {
7
  public $status;
8
+ public $bvb64cksize;
9
 
10
+ public function __construct($bvb64cksize) {
11
  $this->status = array("blogvault" => "response");
12
+ $this->bvb64cksize = $bvb64cksize;
13
  }
14
 
15
  public function addStatus($key, $value) {
23
  $this->status[$key][] = $value;
24
  }
25
 
26
+ public function terminate($resp = array()) {
27
  $resp = array_merge($this->status, $resp);
28
  $resp["signature"] = "Blogvault API";
29
  $response = "bvbvbvbvbv".serialize($resp)."bvbvbvbvbv";
30
+ $response = "bvb64bvb64".$this->base64Encode($response, $this->bvb64cksize)."bvb64bvb64";
 
 
 
31
  die($response);
32
 
33
  exit;
callback/streams.php CHANGED
@@ -8,10 +8,10 @@ if (!class_exists('BVRespStream')) :
8
  public $bvb64cksize;
9
  public $checksum;
10
 
11
- function __construct($params) {
12
- $this->bvb64stream = isset($params['bvb64stream']);
13
- $this->bvb64cksize = array_key_exists('bvb64cksize', $params) ? intval($params['bvb64cksize']) : false;
14
- $this->checksum = array_key_exists('checksum', $params) ? $params['checksum'] : false;
15
  }
16
 
17
  public function writeChunk($chunk) {
@@ -20,9 +20,9 @@ if (!class_exists('BVRespStream')) :
20
  public static function startStream($account, $request) {
21
  $result = array();
22
  $params = $request->params;
23
- $stream = new BVRespStream($params);
24
  if ($request->isAPICall()) {
25
- $stream = new BVHttpStream($params);
26
  if (!$stream->connect()) {
27
  $apicallstatus = array(
28
  "httperror" => "Cannot Open Connection to Host",
@@ -65,8 +65,8 @@ if (!class_exists('BVRespStream')) :
65
  }
66
 
67
  class BVRespStream extends BVStream {
68
- function __construct($params) {
69
- parent::__construct($params);
70
  }
71
 
72
  public function writeChunk($_string) {
@@ -91,11 +91,11 @@ class BVHttpStream extends BVStream {
91
  var $boundary;
92
  var $apissl;
93
 
94
- function __construct($params) {
95
- parent::__construct($params);
96
- $this->host = $params['apihost'];
97
- $this->port = intval($params['apiport']);
98
- $this->apissl = array_key_exists('apissl', $params);
99
  }
100
 
101
  public function connect() {
8
  public $bvb64cksize;
9
  public $checksum;
10
 
11
+ function __construct($request) {
12
+ $this->bvb64stream = $request->bvb64stream;
13
+ $this->bvb64cksize = $request->bvb64cksize;
14
+ $this->checksum = $request->checksum;
15
  }
16
 
17
  public function writeChunk($chunk) {
20
  public static function startStream($account, $request) {
21
  $result = array();
22
  $params = $request->params;
23
+ $stream = new BVRespStream($request);
24
  if ($request->isAPICall()) {
25
+ $stream = new BVHttpStream($request);
26
  if (!$stream->connect()) {
27
  $apicallstatus = array(
28
  "httperror" => "Cannot Open Connection to Host",
65
  }
66
 
67
  class BVRespStream extends BVStream {
68
+ function __construct($request) {
69
+ parent::__construct($request);
70
  }
71
 
72
  public function writeChunk($_string) {
91
  var $boundary;
92
  var $apissl;
93
 
94
+ function __construct($request) {
95
+ parent::__construct($request);
96
+ $this->host = $request->params['apihost'];
97
+ $this->port = intval($request->params['apiport']);
98
+ $this->apissl = array_key_exists('apissl', $request->params);
99
  }
100
 
101
  public function connect() {
callback/wings/account.php CHANGED
@@ -14,27 +14,38 @@ class BVAccountCallback extends BVCallbackBase {
14
  function process($request) {
15
  $params = $request->params;
16
  $account = $this->account;
 
17
  switch ($request->method) {
18
- case "addkeys":
19
- $resp = array("status" => $account->addKeys($params['public'], $params['secret']));
 
20
  break;
21
- case "updatekeys":
22
- $resp = array("status" => $account->updateKeys($params['public'], $params['secret']));
23
- break;
24
- case "rmkeys":
25
- $resp = array("status" => $account->rmKeys($params['public']));
26
  break;
27
  case "updt":
28
  $info = array();
29
  $info['email'] = $params['email'];
30
  $info['url'] = $params['url'];
31
  $info['pubkey'] = $params['pubkey'];
32
- $account->add($info);
33
  $resp = array("status" => $account->doesAccountExists($params['pubkey']));
34
  break;
35
- case "disc":
36
- $account->remove($params['pubkey']);
37
- $resp = array("status" => !$account->doesAccountExists($params['pubkey']));
 
 
 
 
 
 
 
 
 
 
 
 
38
  case "fetch":
39
  $resp = array("status" => WPEAccount::allAccounts($this->settings));
40
  break;
14
  function process($request) {
15
  $params = $request->params;
16
  $account = $this->account;
17
+ $settings = $this->settings;
18
  switch ($request->method) {
19
+ case "addacc":
20
+ WPEAccount::addAccount($this->settings, $params['public'], $params['secret']);
21
+ $resp = array("status" => $account->doesAccountExists($params['public']));
22
  break;
23
+ case "rmacc":
24
+ $resp = array("status" => $account->remove($params['public']));
 
 
 
25
  break;
26
  case "updt":
27
  $info = array();
28
  $info['email'] = $params['email'];
29
  $info['url'] = $params['url'];
30
  $info['pubkey'] = $params['pubkey'];
31
+ $account->updateInfo($info);
32
  $resp = array("status" => $account->doesAccountExists($params['pubkey']));
33
  break;
34
+ case "updtapikey":
35
+ $resp = array("status" => WPEAccount::updateApiPublicKey($this->settings, $params['pubkey']));
36
+ break;
37
+ case "rmdefsec":
38
+ $resp = array("status" => $settings->deleteOption('bvDefaultSecret'));
39
+ break;
40
+ case "rmbvkeys":
41
+ $resp = array("status" => $settings->deleteOption('bvKeys'));
42
+ break;
43
+ case "rmdefpub":
44
+ $resp = array("status" => $settings->deleteOption('bvDefaultPublic'));
45
+ break;
46
+ case "rmoldbvacc":
47
+ $resp = array("status" => $settings->deleteOption('bvAccounts'));
48
+ break;
49
  case "fetch":
50
  $resp = array("status" => WPEAccount::allAccounts($this->settings));
51
  break;
callback/wings/info.php CHANGED
@@ -142,6 +142,8 @@ class BVInfoCallback extends BVCallbackBase {
142
  'dbcharset' => defined('DB_CHARSET') ? DB_CHARSET : null,
143
  'disallow_file_edit' => defined('DISALLOW_FILE_EDIT'),
144
  'disallow_file_mods' => defined('DISALLOW_FILE_MODS'),
 
 
145
  'locale' => get_locale(),
146
  'wp_local_string' => $wp_local_package,
147
  'charset_collate' => $db->getCharsetCollate()
@@ -230,11 +232,19 @@ class BVInfoCallback extends BVCallbackBase {
230
  $arules = $settings->getOption('bvfwauditrules');
231
  $rmode = $settings->getOption('bvfwrulesmode');
232
  $reqprofilingmode = $settings->getOption('bvfwreqprofilingmode');
 
 
 
 
233
  $config['mode'] = intval($mode ? $mode : 1);
234
  $config['disabled_rules'] = $drules ? $drules : array();
235
  $config['audit_rules'] = $arules ? $arules : array();
236
  $config['rules_mode'] = intval($rmode ? $rmode : 1);
237
  $config['req_profiling_mode'] = intval($reqprofilingmode ? $reqprofilingmode : 1);
 
 
 
 
238
  return $config;
239
  }
240
 
142
  'dbcharset' => defined('DB_CHARSET') ? DB_CHARSET : null,
143
  'disallow_file_edit' => defined('DISALLOW_FILE_EDIT'),
144
  'disallow_file_mods' => defined('DISALLOW_FILE_MODS'),
145
+ 'custom_users' => defined('CUSTOM_USER_TABLE') ? CUSTOM_USER_TABLE : null,
146
+ 'custom_usermeta' => defined('CUSTOM_USERMETA_TABLE') ? CUSTOM_USERMETA_TABLE : null,
147
  'locale' => get_locale(),
148
  'wp_local_string' => $wp_local_package,
149
  'charset_collate' => $db->getCharsetCollate()
232
  $arules = $settings->getOption('bvfwauditrules');
233
  $rmode = $settings->getOption('bvfwrulesmode');
234
  $reqprofilingmode = $settings->getOption('bvfwreqprofilingmode');
235
+ $bypass_level = $settings->getOption('bvfwbypasslevel');
236
+ $custom_roles = $settings->getOption('bvfwcustomroles');
237
+ $cookiemode = $settings->getOption('bvfwcookiemode');
238
+ $cookiekey = (string) $settings->getOption('bvfwcookiekey');
239
  $config['mode'] = intval($mode ? $mode : 1);
240
  $config['disabled_rules'] = $drules ? $drules : array();
241
  $config['audit_rules'] = $arules ? $arules : array();
242
  $config['rules_mode'] = intval($rmode ? $rmode : 1);
243
  $config['req_profiling_mode'] = intval($reqprofilingmode ? $reqprofilingmode : 1);
244
+ $config['bypslevl'] = intval($bypass_level ? $bypass_level : 2);
245
+ $config['cstmrls'] = $custom_roles ? $custom_roles : array();
246
+ $config['cookiemode'] = intval($cookiemode ? $cookiemode : 2);
247
+ $config['cookiekey'] = $cookiekey;
248
  return $config;
249
  }
250
 
info.php CHANGED
@@ -9,7 +9,7 @@ if (!class_exists('WPEInfo')) :
9
  public $badgeinfo = 'wpebadge';
10
  public $ip_header_option = 'wpeipheader';
11
  public $brand_option = 'wpebrand';
12
- public $version = '2.1';
13
  public $webpage = 'https://wpengine.com';
14
  public $appurl = 'https://wpengine.blogvault.net';
15
  public $slug = 'wp-site-migrate/wpengine.php';
@@ -78,7 +78,6 @@ if (!class_exists('WPEInfo')) :
78
  public function respInfo() {
79
  return array(
80
  "bvversion" => $this->version,
81
- "asymauth" => "true",
82
  "sha1" => "true"
83
  );
84
  }
9
  public $badgeinfo = 'wpebadge';
10
  public $ip_header_option = 'wpeipheader';
11
  public $brand_option = 'wpebrand';
12
+ public $version = '3.2';
13
  public $webpage = 'https://wpengine.com';
14
  public $appurl = 'https://wpengine.blogvault.net';
15
  public $slug = 'wp-site-migrate/wpengine.php';
78
  public function respInfo() {
79
  return array(
80
  "bvversion" => $this->version,
 
81
  "sha1" => "true"
82
  );
83
  }
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: wpengine, blogvault, akshatc, taylor4484
3
  Tags: wpe, wpengine, migration
4
  Requires at least: 4.0
5
  Tested up to: 5.2.1
6
- Stable tag: 2.1
7
  License: GPLv2 or later
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
@@ -78,6 +78,13 @@ That's easy! [Signup here](http://wpengine.com/plans/).
78
  2. BlogVault dashboard showing live updates.
79
 
80
  == Changelog ==
 
 
 
 
 
 
 
81
  = 2.1 =
82
  * Restructuring classes
83
 
3
  Tags: wpe, wpengine, migration
4
  Requires at least: 4.0
5
  Tested up to: 5.2.1
6
+ Stable tag: 3.2
7
  License: GPLv2 or later
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
78
  2. BlogVault dashboard showing live updates.
79
 
80
  == Changelog ==
81
+ = 3.2 =
82
+ * Updating account authentication struture
83
+
84
+ = 2.3 =
85
+ * Adding params validation
86
+ * Adding support for custom user tables
87
+
88
  = 2.1 =
89
  * Restructuring classes
90
 
recover.php ADDED
@@ -0,0 +1,47 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ if (!defined('ABSPATH')) exit;
3
+ if (!class_exists('WPERecover')) :
4
+ class WPERecover {
5
+ public static $default_secret_key = 'bvSecretKey';
6
+
7
+ public static function defaultSecret($settings) {
8
+ $secret = self::getDefaultSecret($settings);
9
+ if (empty($secret)) {
10
+ $secret = WPEAccount::randString(32);
11
+ self::updateDefaultSecret($settings, $secret);
12
+ }
13
+ return $secret;
14
+ }
15
+
16
+ public static function deleteDefaultSecret($settings) {
17
+ $settings->deleteOption(self::$default_secret_key);
18
+ }
19
+
20
+ public static function getDefaultSecret($settings) {
21
+ return $settings->getOption(self::$default_secret_key);
22
+ }
23
+
24
+ public static function updateDefaultSecret($settings, $secret) {
25
+ $settings->updateOption(self::$default_secret_key, $secret);
26
+ }
27
+
28
+ public static function validate($pubkey) {
29
+ if ($pubkey && strlen($pubkey) >= 32) {
30
+ return true;
31
+ } else {
32
+ return false;
33
+ }
34
+ }
35
+
36
+ public static function find($settings, $pubkey) {
37
+ if (!self::validate($pubkey)) {
38
+ return null;
39
+ }
40
+ $secret = self::getDefaultSecret($settings);
41
+ if (!empty($secret) && (strlen($secret) >= 32)) {
42
+ $account = new WPEAccount($settings, $pubkey, $secret);
43
+ }
44
+ return $account;
45
+ }
46
+ }
47
+ endif;
wp_actions.php CHANGED
@@ -16,7 +16,6 @@ if (!class_exists('WPEWPAction')) :
16
  }
17
 
18
  public function activate() {
19
- $account = WPEAccount::find($this->settings);
20
  if (!isset($_REQUEST['blogvaultkey'])) {
21
  ##BVKEYSLOCATE##
22
  }
@@ -26,7 +25,7 @@ if (!class_exists('WPEWPAction')) :
26
  $this->siteinfo->basic($info);
27
  $this->bvapi->pingbv('/bvapi/activate', $info);
28
  } else {
29
- $account->setup();
30
  }
31
  }
32
 
16
  }
17
 
18
  public function activate() {
 
19
  if (!isset($_REQUEST['blogvaultkey'])) {
20
  ##BVKEYSLOCATE##
21
  }
25
  $this->siteinfo->basic($info);
26
  $this->bvapi->pingbv('/bvapi/activate', $info);
27
  } else {
28
+ WPEAccount::setup($this->settings);
29
  }
30
  }
31
 
wp_admin.php CHANGED
@@ -5,14 +5,12 @@ if (!class_exists('WPEWPAdmin')) :
5
  class WPEWPAdmin {
6
  public $settings;
7
  public $siteinfo;
8
- public $account;
9
  public $bvinfo;
10
 
11
  function __construct($settings, $siteinfo) {
12
  $this->settings = $settings;
13
  $this->siteinfo = $siteinfo;
14
  $this->bvinfo = new WPEInfo($this->settings);
15
- $this->account = WPEAccount::find($this->settings);
16
  }
17
 
18
  public function mainUrl($_params = '') {
@@ -34,7 +32,7 @@ class WPEWPAdmin {
34
  (array_key_exists('page', $_REQUEST) &&
35
  $_REQUEST['page'] == $this->bvinfo->plugname)) {
36
  $keys = str_split($_REQUEST['blogvaultkey'], 32);
37
- $this->account->updateKeys($keys[0], $keys[1]);
38
  if (array_key_exists('redirect', $_REQUEST)) {
39
  $location = $_REQUEST['redirect'];
40
  wp_redirect($this->bvinfo->appUrl().'/migration/'.$location);
@@ -119,8 +117,10 @@ class WPEWPAdmin {
119
  }
120
 
121
  public function siteInfoTags() {
 
122
  $bvnonce = wp_create_nonce("bvnonce");
123
- $secret = $this->account->secret;
 
124
  $tags = "<input type='hidden' name='url' value='".$this->siteinfo->wpurl()."'/>\n".
125
  "<input type='hidden' name='homeurl' value='".$this->siteinfo->homeurl()."'/>\n".
126
  "<input type='hidden' name='siteurl' value='".$this->siteinfo->siteurl()."'/>\n".
@@ -131,6 +131,7 @@ class WPEWPAdmin {
131
  "<input type='hidden' name='serverip' value='".$_SERVER["SERVER_ADDR"]."'/>\n".
132
  "<input type='hidden' name='abspath' value='".ABSPATH."'/>\n".
133
  "<input type='hidden' name='secret' value='".$secret."'/>\n".
 
134
  "<input type='hidden' name='bvnonce' value='".$bvnonce."'/>\n";
135
  return $tags;
136
  }
@@ -140,8 +141,8 @@ class WPEWPAdmin {
140
  if (!WPEAccount::isConfigured($this->settings) && $hook_suffix == 'index.php' ) {
141
  ?>
142
  <div id="message" class="updated" style="padding: 8px; font-size: 16px; background-color: #dff0d8">
143
- <a class="button-primary" href="<?php echo $this->mainUrl(); ?>">Activate Migrate Guru</a>
144
- &nbsp;&nbsp;&nbsp;<b>Almost Done:</b> Activate your Migrate Guru account to migrate your site.
145
  </div>
146
  <?php
147
  }
5
  class WPEWPAdmin {
6
  public $settings;
7
  public $siteinfo;
 
8
  public $bvinfo;
9
 
10
  function __construct($settings, $siteinfo) {
11
  $this->settings = $settings;
12
  $this->siteinfo = $siteinfo;
13
  $this->bvinfo = new WPEInfo($this->settings);
 
14
  }
15
 
16
  public function mainUrl($_params = '') {
32
  (array_key_exists('page', $_REQUEST) &&
33
  $_REQUEST['page'] == $this->bvinfo->plugname)) {
34
  $keys = str_split($_REQUEST['blogvaultkey'], 32);
35
+ WPEAccount::addAccount($this->settings, $keys[0], $keys[1]);
36
  if (array_key_exists('redirect', $_REQUEST)) {
37
  $location = $_REQUEST['redirect'];
38
  wp_redirect($this->bvinfo->appUrl().'/migration/'.$location);
117
  }
118
 
119
  public function siteInfoTags() {
120
+ require_once dirname( __FILE__ ) . '/recover.php';
121
  $bvnonce = wp_create_nonce("bvnonce");
122
+ $secret = WPERecover::defaultSecret($this->settings);
123
+ $public = WPEAccount::getApiPublicKey($this->settings);
124
  $tags = "<input type='hidden' name='url' value='".$this->siteinfo->wpurl()."'/>\n".
125
  "<input type='hidden' name='homeurl' value='".$this->siteinfo->homeurl()."'/>\n".
126
  "<input type='hidden' name='siteurl' value='".$this->siteinfo->siteurl()."'/>\n".
131
  "<input type='hidden' name='serverip' value='".$_SERVER["SERVER_ADDR"]."'/>\n".
132
  "<input type='hidden' name='abspath' value='".ABSPATH."'/>\n".
133
  "<input type='hidden' name='secret' value='".$secret."'/>\n".
134
+ "<input type='hidden' name='public' value='".$public."'/>\n".
135
  "<input type='hidden' name='bvnonce' value='".$bvnonce."'/>\n";
136
  return $tags;
137
  }
141
  if (!WPEAccount::isConfigured($this->settings) && $hook_suffix == 'index.php' ) {
142
  ?>
143
  <div id="message" class="updated" style="padding: 8px; font-size: 16px; background-color: #dff0d8">
144
+ <a class="button-primary" href="<?php echo $this->mainUrl(); ?>">Activate WP Engine Migrate</a>
145
+ &nbsp;&nbsp;&nbsp;<b>Almost Done:</b> Activate your WP Engine account to migrate your site.
146
  </div>
147
  <?php
148
  }
wp_api.php CHANGED
@@ -3,14 +3,26 @@
3
  if (!defined('ABSPATH')) exit;
4
  if (!class_exists('WPEWPAPI')) :
5
  class WPEWPAPI {
6
- public $account;
7
 
8
  public function __construct($settings) {
9
- $this->account = WPEAccount::find($settings);
10
  }
11
 
12
- public function pingbv($method, $body) {
13
- $url = $this->account->authenticatedUrl($method);
 
 
 
 
 
 
 
 
 
 
 
 
14
  $this->http_request($url, $body);
15
  }
16
 
3
  if (!defined('ABSPATH')) exit;
4
  if (!class_exists('WPEWPAPI')) :
5
  class WPEWPAPI {
6
+ public $settings;
7
 
8
  public function __construct($settings) {
9
+ $this->settings = $settings;
10
  }
11
 
12
+ public function pingbv($method, $body, $public = false) {
13
+ if ($public) {
14
+ $this->create_request_params($method, $public);
15
+ } else {
16
+ $accounts = WPEAccount::allAccounts($this->settings);
17
+ foreach ($accounts as $pubkey => $value ) {
18
+ $this->create_request_params($method, $pubkey);
19
+ }
20
+ }
21
+ }
22
+
23
+ public function create_request_params($method, $pubkey) {
24
+ $account = WPEAccount::find($this->settings, $pubkey);
25
+ $url = $account->authenticatedUrl($method);
26
  $this->http_request($url, $body);
27
  }
28
 
wp_site_info.php CHANGED
@@ -38,7 +38,7 @@ class WPEWPSiteInfo {
38
  return true;
39
  return is_main_site();
40
  }
41
-
42
  public function respInfo() {
43
  $info = array();
44
  $this->basic($info);
38
  return true;
39
  return is_main_site();
40
  }
41
+
42
  public function respInfo() {
43
  $info = array();
44
  $this->basic($info);
wpengine.php CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://wpengine.com
5
  Description: The easiest way to migrate your site to WP Engine
6
  Author: WPEngine
7
  Author URI: https://wpengine.com
8
- Version: 2.1
9
  Network: True
10
  */
11
 
@@ -52,6 +52,7 @@ register_deactivation_hook(__FILE__, array($wp_action, 'deactivate'));
52
 
53
  add_action('wp_footer', array($wp_action, 'footerHandler'), 100);
54
 
 
55
  if (is_admin()) {
56
  require_once dirname( __FILE__ ) . '/wp_admin.php';
57
  $wpadmin = new WPEWPAdmin($bvsettings, $bvsiteinfo);
@@ -75,19 +76,35 @@ if ((array_key_exists('bvreqmerge', $_POST)) || (array_key_exists('bvreqmerge',
75
 
76
  if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "wpengine")) {
77
  require_once dirname( __FILE__ ) . '/callback/base.php';
78
- require_once dirname( __FILE__ ) . '/callback/request.php';
79
  require_once dirname( __FILE__ ) . '/callback/response.php';
80
-
81
- $request = new BVCallbackRequest($_REQUEST);
82
- $account = WPEAccount::find($bvsettings, $_REQUEST['pubkey']);
83
 
84
-
85
- ##RECOVERYMODULE##
86
 
87
- if ($account && (1 === $account->authenticate())) {
 
 
 
 
 
 
 
 
 
88
  require_once dirname( __FILE__ ) . '/callback/handler.php';
89
- $request->params = $request->processParams();
90
- $callback_handler = new BVCallbackHandler($bvdb, $bvsettings, $bvsiteinfo, $request, $account);
 
 
 
 
 
 
 
 
 
 
91
  if ($request->is_afterload) {
92
  add_action('wp_loaded', array($callback_handler, 'execute'));
93
  } else if ($request->is_admin_ajax) {
@@ -101,10 +118,11 @@ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "
101
  "account_info" => $account ? $account->respInfo() : array("error" => "ACCOUNT_NOT_FOUND"),
102
  "request_info" => $request->respInfo(),
103
  "bvinfo" => $bvinfo->respInfo(),
104
- "statusmsg" => "FAILED_AUTH"
 
 
105
  );
106
- $response = new BVCallbackResponse();
107
- $response->terminate($resp, $request->params);
108
  }
109
  } else {
110
  ##PROTECTMODULE##
5
  Description: The easiest way to migrate your site to WP Engine
6
  Author: WPEngine
7
  Author URI: https://wpengine.com
8
+ Version: 3.2
9
  Network: True
10
  */
11
 
52
 
53
  add_action('wp_footer', array($wp_action, 'footerHandler'), 100);
54
 
55
+ ##WPCLIMODULE##
56
  if (is_admin()) {
57
  require_once dirname( __FILE__ ) . '/wp_admin.php';
58
  $wpadmin = new WPEWPAdmin($bvsettings, $bvsiteinfo);
76
 
77
  if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "wpengine")) {
78
  require_once dirname( __FILE__ ) . '/callback/base.php';
 
79
  require_once dirname( __FILE__ ) . '/callback/response.php';
80
+ require_once dirname( __FILE__ ) . '/callback/request.php';
81
+ require_once dirname( __FILE__ ) . '/recover.php';
 
82
 
83
+ $pubkey = $_REQUEST['pubkey'];
 
84
 
85
+ if (array_key_exists('rcvracc', $_REQUEST)) {
86
+ $account = WPERecover::find($bvsettings, $pubkey);
87
+ } else {
88
+ $account = WPEAccount::find($bvsettings, $pubkey);
89
+ }
90
+
91
+ $request = new BVCallbackRequest($account, $_REQUEST);
92
+ $response = new BVCallbackResponse($request->bvb64cksize);
93
+
94
+ if ($account && (1 === $account->authenticate($request))) {
95
  require_once dirname( __FILE__ ) . '/callback/handler.php';
96
+ $params = $request->processParams($_REQUEST);
97
+ if ($params === false) {
98
+ $resp = array(
99
+ "account_info" => $account->respInfo(),
100
+ "request_info" => $request->respInfo(),
101
+ "bvinfo" => $bvinfo->respInfo(),
102
+ "statusmsg" => "BVPRMS_CORRUPTED"
103
+ );
104
+ $response->terminate($resp);
105
+ }
106
+ $request->params = $params;
107
+ $callback_handler = new BVCallbackHandler($bvdb, $bvsettings, $bvsiteinfo, $request, $account, $response);
108
  if ($request->is_afterload) {
109
  add_action('wp_loaded', array($callback_handler, 'execute'));
110
  } else if ($request->is_admin_ajax) {
118
  "account_info" => $account ? $account->respInfo() : array("error" => "ACCOUNT_NOT_FOUND"),
119
  "request_info" => $request->respInfo(),
120
  "bvinfo" => $bvinfo->respInfo(),
121
+ "statusmsg" => "FAILED_AUTH",
122
+ "api_pubkey" => substr(WPEAccount::getApiPublicKey($bvsettings), 0, 8),
123
+ "def_sigmatch" => substr(WPEAccount::getSigMatch($request, WPERecover::getDefaultSecret($bvsettings)), 0, 8)
124
  );
125
+ $response->terminate($resp);
 
126
  }
127
  } else {
128
  ##PROTECTMODULE##