The WP Remote WordPress Plugin

Version Description

Release Info

Developer	danielbachhuber
Plugin	The WP Remote WordPress Plugin
Version	2.6.4
Comparing to
See all releases

Code changes from version 2.6.3 to 2.6.4

Files changed (6) hide show

plugin.php +27 -7
readme.txt +8 -2
wprp.api.php +99 -0
wprp.log.php +134 -0
wprp.plugins.php +2 -1
wprp.themes.php +2 -1

plugin.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	/*
4	Plugin Name: WP Remote
5	Description: Manage your WordPress site with <a href="https://wpremote.com/">WP Remote</a>. <strong>Deactivate to clear your API Key.</strong>
6	- Version: 2.6.3
7	Author: Human Made Limited
8	Author URI: http://hmn.md/
9	*/
	@@ -51,6 +51,9 @@ if ( version_compare( phpversion(), '5.2.4', '<' ) ) {
51	require_once( WPRP_PLUGIN_PATH . '/wprp.admin.php' );
52	require_once( WPRP_PLUGIN_PATH . '/wprp.compatability.php' );
53



54	// Backups require 3.1
55	if ( version_compare( get_bloginfo( 'version' ), '3.1', '>=' ) ) {
56
	@@ -222,14 +225,14 @@ function _wpr_check_filesystem_access() {
222
223	function _wpr_set_filesystem_credentials( $credentials ) {
224
225	- if ( empty( $~~_GET~~['filesystem_details'] ) )
226	return $credentials;
227
228	$_credentials = array(
229	- 'username' => $~~_GET~~['filesystem_details']['credentials']['username'],
230	- 'password' => $~~_GET~~['filesystem_details']['credentials']['password'],
231	- 'hostname' => $~~_GET~~['filesystem_details']['credentials']['hostname'],
232	- 'connection_type' => $~~_GET~~['filesystem_details']['method']
233	);
234
235	// check whether the credentials can be used
	@@ -267,4 +270,21 @@ function wprp_translations_init() {
267	load_plugin_textdomain( $wprp_textdomain, FALSE, WPR_LANG_DIR );
268	}
269	}
270	- add_action( 'plugins_loaded', 'wprp_translations_init' );


3	/*
4	Plugin Name: WP Remote
5	Description: Manage your WordPress site with <a href="https://wpremote.com/">WP Remote</a>. <strong>Deactivate to clear your API Key.</strong>
6	+ Version: 2.6.4
7	Author: Human Made Limited
8	Author URI: http://hmn.md/
9	*/

51	require_once( WPRP_PLUGIN_PATH . '/wprp.admin.php' );
52	require_once( WPRP_PLUGIN_PATH . '/wprp.compatability.php' );
53
54	+ if ( get_option( 'wprp_enable_log' ) )
55	+ require_once( WPRP_PLUGIN_PATH . '/wprp.log.php' );
56	+
57	// Backups require 3.1
58	if ( version_compare( get_bloginfo( 'version' ), '3.1', '>=' ) ) {
59

225
226	function _wpr_set_filesystem_credentials( $credentials ) {
227
228	+ if ( empty( $_POST['filesystem_details'] ) )
229	return $credentials;
230
231	$_credentials = array(
232	+ 'username' => $_POST['filesystem_details']['credentials']['username'],
233	+ 'password' => $_POST['filesystem_details']['credentials']['password'],
234	+ 'hostname' => $_POST['filesystem_details']['credentials']['hostname'],
235	+ 'connection_type' => $_POST['filesystem_details']['method']
236	);
237
238	// check whether the credentials can be used

270	load_plugin_textdomain( $wprp_textdomain, FALSE, WPR_LANG_DIR );
271	}
272	}
273	+ add_action( 'plugins_loaded', 'wprp_translations_init' );
274	+
275	+ /**
276	+ * Format a WP User object into a better
277	+ * object for the API
278	+ */
279	+ function wprp_format_user_obj( $user_obj ) {
280	+ $new_user_obj = new stdClass;
281	+
282	+ foreach( $user_obj->data as $key => $value ) {
283	+ $new_user_obj->$key = $value;
284	+ }
285	+
286	+ $new_user_obj->roles = $user_obj->roles;
287	+ $new_user_obj->caps = $user_obj->caps;
288	+
289	+ return $new_user_obj;
290	+ }

readme.txt CHANGED Viewed

	@@ -2,8 +2,8 @@
2	Contributors: humanmade, willmot, joehoyle, danielbachhuber, mattheu, pauldewouters, cuvelier, tcrsavage
3	Tags: wpremote, remote administration, multiple wordpress
4	Requires at least: 3.0
5	- Tested up to: 3.6
6	- Stable tag: 2.6.3
7
8	WP Remote is a free web app that enables you to easily manage all of your WordPress powered sites from one place.
9
	@@ -31,6 +31,12 @@ You can email us at support@wpremote.com for support.
31
32	== Changelog ==
33






34	#### 2.6.3 (10 September 2013)
35
36	* Bug fix: Disabled updating BackupBuddy through WP Remote for BackupBuddy v4.1.1 and greater. BackupBuddy changed its custom update mechanism (as it's a premium plugin), which caused the WP Remote plugin not to function properly.


2	Contributors: humanmade, willmot, joehoyle, danielbachhuber, mattheu, pauldewouters, cuvelier, tcrsavage
3	Tags: wpremote, remote administration, multiple wordpress
4	Requires at least: 3.0
5	+ Tested up to: 3.6.1
6	+ Stable tag: 2.6.4
7
8	WP Remote is a free web app that enables you to easily manage all of your WordPress powered sites from one place.
9

31
32	== Changelog ==
33
34	+ #### 2.6.4 (2 October 2013)
35	+
36	+ * Misc API improvements for Premium.
37	+ * Bug fix: Disable all premium plugin and theme updates. Causing fatals too often.
38	+ * Bug fix: Restore FTP-based core, theme, and plugin updates by properly accessing the passed credentials.
39	+
40	#### 2.6.3 (10 September 2013)
41
42	* Bug fix: Disabled updating BackupBuddy through WP Remote for BackupBuddy v4.1.1 and greater. BackupBuddy changed its custom update mechanism (as it's a premium plugin), which caused the WP Remote plugin not to function properly.

wprp.api.php CHANGED Viewed

@@ -71,6 +71,10 @@ class WPR_API_Request {
             WPR_API_Request::verify_request();
             // Disable error_reporting so they don't break the json request
             if ( ! defined( 'WP_DEBUG' ) || ! WP_DEBUG )
             	error_reporting( 0 );
@@ -222,6 +226,101 @@ foreach( WPR_API_Request::get_actions() as $action ) {
             		break;
             		default :
             			$actions[$action] = 'not-implemented';


71
72	WPR_API_Request::verify_request();
73
74	+ // disable logging for anythign done in API requests
75	+ if ( class_exists( 'WPRP_Log' ) )
76	+ WPRP_Log::get_instance()->disable_logging();
77	+
78	// Disable error_reporting so they don't break the json request
79	if ( ! defined( 'WP_DEBUG' ) \|\| ! WP_DEBUG )
80	error_reporting( 0 );

226
227	break;
228
229	+ case 'get_option':
230	+
231	+ $actions[$action] = get_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ) );
232	+
233	+ break;
234	+
235	+ case 'update_option':
236	+
237	+ $actions[$action] = update_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ), WPR_API_Request::get_arg( 'option_value' ) );
238	+
239	+ break;
240	+
241	+ case 'delete_option':
242	+
243	+ $actions[$action] = delete_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ) );
244	+
245	+ break;
246	+
247	+ case 'get_users':
248	+
249	+ $arg_keys = array(
250	+ 'include',
251	+ 'exclude',
252	+ 'search',
253	+ 'orderby',
254	+ 'order',
255	+ 'offset',
256	+ 'number',
257	+ );
258	+ $args = array();
259	+ foreach( $arg_keys as $arg_key ) {
260	+ // Note: get_users() supports validation / sanitization
261	+ if ( $value = WPR_API_Request::get_arg( $arg_key ) )
262	+ $args[$arg_key] = $value;
263	+ }
264	+
265	+ $users = array_map( 'wprp_format_user_obj', get_users( $args ) );
266	+ $actions[$action] = $users;
267	+
268	+ break;
269	+
270	+ case 'create_user':
271	+
272	+ $args = array(
273	+ // Note: wp_insert_user() handles sanitization / validation
274	+ 'user_login' => WPR_API_Request::get_arg( 'user_login' ),
275	+ 'user_email' => WPR_API_Request::get_arg( 'user_email' ),
276	+ 'role' => get_option('default_role'),
277	+ 'user_pass' => false,
278	+ 'user_registered' => strftime( "%F %T", time() ),
279	+ 'display_name' => false,
280	+ );
281	+ foreach( $args as $key => $value ) {
282	+ // Note: wp_insert_user() handles sanitization / validation
283	+ if ( $new_value = WPR_API_Request::get_arg( $key ) )
284	+ $args[$key] = $new_value;
285	+ }
286	+
287	+ if ( ! $args['user_pass'] ) {
288	+ $args['user_pass'] = $generated_password = wp_generate_password();
289	+ } else {
290	+ $generated_password = false;
291	+ }
292	+
293	+ $user_id = wp_insert_user( $args );
294	+
295	+ if ( is_wp_error( $user_id ) ) {
296	+ $actions[$action] = array( 'status' => 'error', 'error' => $user_id->get_error_message() );
297	+ } else {
298	+ $actions[$action] = new WP_Error( 'log-not-enabled', 'Logging is not enabled' );
299	+ }
300	+
301	+ break;
302	+
303	+ case 'enable_log' :
304	+ update_option( 'wprp_enable_log', true );
305	+ $actions[$action] = true;
306	+ break;
307	+
308	+ case 'disable_log' :
309	+ delete_option( 'wprp_enable_log' );
310	+ $actions[$action] = true;
311	+ break;
312	+
313	+ case 'get_log' :
314	+
315	+ if ( class_exists( 'WPRP_Log' ) ) {
316	+ $actions[$action] = WPRP_Log::get_instance()->get_items();
317	+ WPRP_Log::get_instance()->delete_items();
318	+ } else {
319	+ $actions[$action] = new WP_Error( 'log-not-enabled', 'Logging is not enabled' );
320	+ }
321	+
322	+ break;
323	+
324	default :
325
326	$actions[$action] = 'not-implemented';

wprp.log.php ADDED Viewed

	@@ -0,0 +1,134 @@


1	+ <?php
2	+
3	+ class WPRP_Log {
4	+
5	+ static $instance;
6	+
7	+ private $is_logging_enabled = true;
8	+
9	+ static function get_instance() {
10	+
11	+ if ( empty( self::$instance ) )
12	+ self::$instance = new WPRP_Log();
13	+
14	+ return self::$instance;
15	+ }
16	+
17	+ public function __construct() {
18	+
19	+ $this->setup_actions();
20	+ }
21	+
22	+ public function disable_logging() {
23	+ $this->is_logging_enabled = false;
24	+ }
25	+
26	+ public function setup_actions() {
27	+
28	+ if ( ! $this->is_logging_enabled )
29	+ return;
30	+
31	+ add_action( 'wp_login', array( $this, 'action_wp_login' ), 10, 2 );
32	+ add_action( 'user_register', array( $this, 'action_user_register' ) );
33	+ add_action( 'profile_update', array( $this, 'action_profile_updated' ), 10, 2 );
34	+
35	+
36	+ add_action( 'update_option_current_theme', array( $this, 'updated_option_current_theme' ), 10, 2 );
37	+ }
38	+
39	+ public function action_wp_login( $user_login, $user ) {
40	+
41	+ // we are only interested in administators
42	+ if ( ! array_intersect( $user->roles, array( 'administrator' ) ) )
43	+ return;
44	+
45	+ $this->add_item( array(
46	+ 'type' => 'user',
47	+ 'action' => 'login',
48	+ 'remote_user' => array( 'user_login' => $user_login, 'display_name' => $user->display_name ),
49	+ ));
50	+ }
51	+
52	+ public function action_user_register( $user_id ) {
53	+
54	+ $user = get_userdata();
55	+
56	+ // we are only interested in administators
57	+ if ( ! array_intersect( $user->roles, array( 'administrator' ) ) )
58	+ return;
59	+
60	+ $this->add_item( array(
61	+ 'type' => 'user',
62	+ 'action' => 'create',
63	+ 'remote_user' => array( 'user_login' => $user->user_login, 'display_name' => $user->display_name ),
64	+ ));
65	+ }
66	+
67	+ public function action_profile_updated( $user_id, $old_user_data ) {
68	+
69	+ $user_data = get_userdata( $user_id );
70	+
71	+ // we are only interested in administators
72	+ if ( ! array_intersect( $user_data->roles, array( 'administrator' ) ) )
73	+ return;
74	+
75	+
76	+ if ( $user_data->user_email !== $old_user_data->user_email ) {
77	+ $this->add_item( array(
78	+ 'type' => 'user',
79	+ 'action' => 'email-update',
80	+ 'old_email' => $old_user_data->user_email,
81	+ 'new_email' => $user_data->user_email,
82	+ ));
83	+ }
84	+
85	+ if ( $user_data->user_pass !== $old_user_data->user_pass ) {
86	+ $this->add_item( array(
87	+ 'type' => 'user',
88	+ 'action' => 'password-update',
89	+ ));
90	+ }
91	+ }
92	+
93	+ public function updated_option_current_theme( $old_theme, $new_theme ) {
94	+
95	+ $this->add_item( array(
96	+ 'type' => 'theme',
97	+ 'action' => 'switch',
98	+ 'old_theme' => $old_theme,
99	+ 'new_theme' => $new_theme
100	+ ));
101	+ }
102	+
103	+ public function add_item( $item ) {
104	+
105	+ if ( ! $this->is_logging_enabled )
106	+ return;
107	+
108	+ $item = wp_parse_args( $item, array(
109	+ 'date' => time(),
110	+ 'remote_user' => is_user_logged_in() ? array( 'user_login' => wp_get_current_user()->user_login, 'display_name' => wp_get_current_user()->display_name ) : array(),
111	+ ));
112	+
113	+ $items = $this->get_items();
114	+ $items[] = $item;
115	+
116	+ // only store the last 100 items
117	+ if ( count( $items ) > 100 )
118	+ $items = array_slice( $items, 0, 100 );
119	+
120	+ update_option( 'wprp_log', $items );
121	+ }
122	+
123	+ public function get_items() {
124	+
125	+ return get_option( 'wprp_log', array() );
126	+ }
127	+
128	+ public function delete_items() {
129	+
130	+ delete_option( 'wprp_log' );
131	+ }
132	+ }
133	+
134	+ add_action( 'plugins_loaded', array( 'WPRP_Log', 'get_instance' ) );

wprp.plugins.php CHANGED Viewed

	@@ -9,7 +9,8 @@ function _wprp_get_plugins() {
9
10	require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
11
12	- ~~_wpr_add_non_extend_plugin_support_filter();~~

13
14	// Get all plugins
15	$plugins = get_plugins();


9
10	require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
11
12	+ // Disabled 10/2/13 because buggy all the time
13	+ // _wpr_add_non_extend_plugin_support_filter();
14
15	// Get all plugins
16	$plugins = get_plugins();

wprp.themes.php CHANGED Viewed

	@@ -9,7 +9,8 @@ function _wprp_get_themes() {
9
10	require_once( ABSPATH . '/wp-admin/includes/theme.php' );
11
12	- ~~_wpr_add_non_extend_theme_support_filter();~~

13
14	// Get all themes
15	if ( function_exists( 'wp_get_themes' ) )


9
10	require_once( ABSPATH . '/wp-admin/includes/theme.php' );
11
12	+ // Disabled 10/2/2013 because causes fatals all the time.
13	+ // _wpr_add_non_extend_theme_support_filter();
14
15	// Get all themes
16	if ( function_exists( 'wp_get_themes' ) )

The WP Remote WordPress Plugin - Version 2.6.4

Version Description

Release Info

Code changes from version 2.6.3 to 2.6.4