The WP Remote WordPress Plugin - Version 2.8.3

Version Description

Download this release

Release Info

Developer jeramynirodha
Plugin Icon 128x128 The WP Remote WordPress Plugin
Version 2.8.3
Comparing to
See all releases

Code changes from version 2.8.2 to 2.8.3

Files changed (5) hide show
  1. plugin.php +315 -315
  2. readme.txt +272 -266
  3. wprp.admin.php +3 -1
  4. wprp.api.php +726 -722
  5. wprp.plugins.php +36 -4
plugin.php CHANGED
@@ -1,316 +1,316 @@
1
- <?php
2
-
3
- /*
4
- Plugin Name: WP Remote
5
- Description: Manage your WordPress site with <a href="https://wpremote.com/">WP Remote</a>.
6
- Version: 2.8.2
7
- Author: maekit
8
- Author URI: https://maek.it/
9
- */
10
-
11
- /* Copyright 2017 maekit (email : hello@maek.it)
12
-
13
- This program is free software; you can redistribute it and/or modify
14
- it under the terms of the GNU General Public License as published by
15
- the Free Software Foundation; either version 2 of the License, or
16
- (at your option) any later version.
17
-
18
- This program is distributed in the hope that it will be useful,
19
- but WITHOUT ANY WARRANTY; without even the implied warranty of
20
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21
- GNU General Public License for more details.
22
-
23
- You should have received a copy of the GNU General Public License
24
- along with this program; if not, write to the Free Software
25
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26
- */
27
-
28
- define( 'WPRP_PLUGIN_SLUG', 'wpremote' );
29
- define( 'WPRP_PLUGIN_BASE', plugin_basename(__FILE__) );
30
- define( 'WPRP_PLUGIN_PATH', plugin_dir_path( __FILE__ ) );
31
-
32
- if ( ! defined( 'WPR_URL' ) )
33
- define( 'WPR_URL', 'https://wpremote.com/' );
34
-
35
- if ( ! defined( 'WPR_API_URL' ) )
36
- define( 'WPR_API_URL', 'https://wpremote.com/api/json/' );
37
-
38
- if ( ! defined( 'WPR_LANG_DIR' ) )
39
- define( 'WPR_LANG_DIR', apply_filters( 'wpr_filter_lang_dir', trailingslashit( WPRP_PLUGIN_PATH ) . trailingslashit( 'languages' ) ) );
40
-
41
- // Don't activate on anything less than PHP 5.2.4
42
- if ( version_compare( phpversion(), '5.2.4', '<' ) ) {
43
-
44
- require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
45
- deactivate_plugins( WPRP_PLUGIN_SLUG . '/plugin.php' );
46
-
47
- if ( isset( $_GET['action'] ) && ( $_GET['action'] == 'activate' || $_GET['action'] == 'error_scrape' ) )
48
- die( __( 'WP Remote requires PHP version 5.2.4 or greater.', 'wpremote' ) );
49
-
50
- }
51
-
52
- require_once( WPRP_PLUGIN_PATH . '/wprp.admin.php' );
53
- require_once( WPRP_PLUGIN_PATH . '/wprp.compatability.php' );
54
-
55
- if ( get_option( 'wprp_enable_log' ) )
56
- require_once( WPRP_PLUGIN_PATH . '/wprp.log.php' );
57
-
58
- // Backups require 3.1
59
- if ( version_compare( get_bloginfo( 'version' ), '3.1', '>=' ) ) {
60
-
61
- require_once( WPRP_PLUGIN_PATH . '/wprp.hm.backup.php' );
62
- require_once( WPRP_PLUGIN_PATH . '/wprp.backups.php' );
63
-
64
- }
65
-
66
- /**
67
- * Get a needed URL on the WP Remote site
68
- *
69
- * @param string $uri URI for the URL (optional)
70
- * @return string $url Fully-qualified URL to WP Remote
71
- */
72
- function wprp_get_wpr_url( $uri = '' ) {
73
-
74
- if ( empty( $uri ) )
75
- return WPR_URL;
76
-
77
- $url = rtrim( WPR_URL, '/' );
78
- $uri = trim( $uri, '/' );
79
- return $url . '/' . $uri . '/';
80
- }
81
-
82
- /**
83
- * Catch the API calls and load the API
84
- *
85
- * @return null
86
- */
87
- function wprp_catch_api_call() {
88
-
89
- if ( empty( $_POST['wpr_verify_key'] ) )
90
- return;
91
-
92
- require_once( WPRP_PLUGIN_PATH . '/wprp.integration.php' );
93
- require_once( WPRP_PLUGIN_PATH . '/wprp.plugins.php' );
94
- require_once( WPRP_PLUGIN_PATH . '/wprp.themes.php' );
95
- require_once( WPRP_PLUGIN_PATH . '/wprp.content.php' );
96
-
97
- require_once( WPRP_PLUGIN_PATH . '/wprp.api.php' );
98
-
99
- exit;
100
-
101
- }
102
- add_action( 'init', 'wprp_catch_api_call', 100 );
103
-
104
-
105
- /**
106
- * Check for a bat signal from the mothership
107
- *
108
- * @since 2.7.0
109
- */
110
- function wprp_check_bat_signal() {
111
-
112
- $bat_signal_key = 'wprp_bat_signal';
113
-
114
- if ( false === get_transient( $bat_signal_key ) ) {
115
-
116
- $bat_signal_url = trailingslashit( WPR_URL ) . 'bat-signal/';
117
- $response = wp_remote_get( $bat_signal_url );
118
- $response_body = wp_remote_retrieve_body( $response );
119
- if ( 'destroy the evidence!' == trim( $response_body ) )
120
- delete_option( 'wpr_api_key' );
121
-
122
- // One request per day
123
- set_transient( $bat_signal_key, 'the coast is clear', 60 * 60 * 24 );
124
- }
125
-
126
- }
127
- add_action( 'init', 'wprp_check_bat_signal' );
128
-
129
- /**
130
- * Get the stored WPR API key
131
- *
132
- * @return mixed
133
- */
134
- function wprp_get_api_keys() {
135
- $keys = apply_filters( 'wpr_api_keys', get_option( 'wpr_api_key' ) );
136
- if ( ! empty( $keys ) )
137
- return (array)$keys;
138
- else
139
- return array();
140
- }
141
-
142
- function wprp_plugin_update_check() {
143
-
144
- $plugin_data = get_plugin_data( __FILE__ );
145
-
146
- // define the plugin version
147
- define( 'WPRP_VERSION', $plugin_data['Version'] );
148
-
149
- // Fire the update action
150
- if ( WPRP_VERSION !== get_option( 'wprp_plugin_version' ) )
151
- wprp_update();
152
-
153
- }
154
- add_action( 'admin_init', 'wprp_plugin_update_check' );
155
-
156
- /**
157
- * Run any update code and update the current version in the db
158
- *
159
- * @access public
160
- * @return void
161
- */
162
- function wprp_update() {
163
-
164
- /**
165
- * Remove the old _wpremote_backups directory
166
- */
167
- $uploads_dir = wp_upload_dir();
168
-
169
- $old_wpremote_dir = trailingslashit( $uploads_dir['basedir'] ) . '_wpremote_backups';
170
-
171
- if ( file_exists( $old_wpremote_dir ) )
172
- WPRP_Backups::rmdir_recursive( $old_wpremote_dir );
173
-
174
- // If BackUpWordPress isn't installed then lets just delete the whole backups directory
175
- if ( ! defined( 'HMBKP_PLUGIN_PATH' ) && $path = get_option( 'hmbkp_path' ) ) {
176
-
177
- WPRP_Backups::rmdir_recursive( $path );
178
-
179
- delete_option( 'hmbkp_path' );
180
- delete_option( 'hmbkp_default_path' );
181
- delete_option( 'hmbkp_plugin_version' );
182
-
183
- }
184
-
185
- // Update the version stored in the db
186
- if ( get_option( 'wprp_plugin_version' ) !== WPRP_VERSION )
187
- update_option( 'wprp_plugin_version', WPRP_VERSION );
188
-
189
- }
190
-
191
- function _wprp_upgrade_core() {
192
-
193
- if ( defined( 'DISALLOW_FILE_MODS' ) && DISALLOW_FILE_MODS )
194
- return new WP_Error( 'disallow-file-mods', __( "File modification is disabled with the DISALLOW_FILE_MODS constant.", 'wpremote' ) );
195
-
196
- include_once ( ABSPATH . 'wp-admin/includes/admin.php' );
197
- include_once ( ABSPATH . 'wp-admin/includes/upgrade.php' );
198
- include_once ( ABSPATH . 'wp-includes/update.php' );
199
- require_once ( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
200
- require_once WPRP_PLUGIN_PATH . 'inc/class-wprp-core-upgrader-skin.php';
201
-
202
- // check for filesystem access
203
- if ( ! _wpr_check_filesystem_access() )
204
- return new WP_Error( 'filesystem-not-writable', __( 'The filesystem is not writable with the supplied credentials', 'wpremote' ) );
205
-
206
- // force refresh
207
- wp_version_check();
208
-
209
- $updates = get_core_updates();
210
-
211
- if ( is_wp_error( $updates ) || ! $updates )
212
- return new WP_Error( 'no-update-available' );
213
-
214
- $update = reset( $updates );
215
-
216
- if ( ! $update )
217
- return new WP_Error( 'no-update-available' );
218
-
219
- $skin = new WPRP_Core_Upgrader_Skin();
220
-
221
- $upgrader = new Core_Upgrader( $skin );
222
- $result = $upgrader->upgrade($update);
223
-
224
- if ( is_wp_error( $result ) )
225
- return $result;
226
-
227
- global $wp_current_db_version, $wp_db_version;
228
-
229
- // we have to include version.php so $wp_db_version
230
- // will take the version of the updated version of wordpress
231
- require( ABSPATH . WPINC . '/version.php' );
232
-
233
- wp_upgrade();
234
-
235
- return true;
236
- }
237
-
238
- function _wpr_check_filesystem_access() {
239
-
240
- ob_start();
241
- $success = request_filesystem_credentials( '' );
242
- ob_end_clean();
243
-
244
- return (bool) $success;
245
- }
246
-
247
- function _wpr_set_filesystem_credentials( $credentials ) {
248
-
249
- if ( empty( $_POST['filesystem_details'] ) )
250
- return $credentials;
251
-
252
- $_credentials = array(
253
- 'username' => $_POST['filesystem_details']['credentials']['username'],
254
- 'password' => $_POST['filesystem_details']['credentials']['password'],
255
- 'hostname' => $_POST['filesystem_details']['credentials']['hostname'],
256
- 'connection_type' => $_POST['filesystem_details']['method']
257
- );
258
-
259
- // check whether the credentials can be used
260
- if ( ! WP_Filesystem( $_credentials ) ) {
261
- return $credentials;
262
- }
263
-
264
- return $_credentials;
265
- }
266
- add_filter( 'request_filesystem_credentials', '_wpr_set_filesystem_credentials' );
267
-
268
- /**
269
- *
270
- */
271
- function wprp_translations_init() {
272
-
273
- if ( is_admin() ) {
274
-
275
- /** Set unique textdomain string */
276
- $wprp_textdomain = 'wpremote';
277
-
278
- /** The 'plugin_locale' filter is also used by default in load_plugin_textdomain() */
279
- $plugin_locale = apply_filters( 'plugin_locale', get_locale(), $wprp_textdomain );
280
-
281
- /** Set filter for WordPress languages directory */
282
- $wprp_wp_lang_dir = apply_filters(
283
- 'wprp_filter_wp_lang_dir',
284
- trailingslashit( WP_LANG_DIR ) . trailingslashit( 'wp-remote' ) . $wprp_textdomain . '-' . $plugin_locale . '.mo'
285
- );
286
-
287
- /** Translations: First, look in WordPress' "languages" folder = custom & update-secure! */
288
- load_textdomain( $wprp_textdomain, $wprp_wp_lang_dir );
289
-
290
- /** Translations: Secondly, look in plugin's "languages" folder = default */
291
- load_plugin_textdomain( $wprp_textdomain, FALSE, WPR_LANG_DIR );
292
- }
293
- }
294
- add_action( 'plugins_loaded', 'wprp_translations_init' );
295
-
296
- /**
297
- * Format a WP User object into a better
298
- * object for the API
299
- */
300
- function wprp_format_user_obj( $user_obj ) {
301
- $new_user_obj = new stdClass;
302
-
303
- foreach( $user_obj->data as $key => $value ) {
304
- $new_user_obj->$key = $value;
305
- }
306
-
307
- $new_user_obj->roles = $user_obj->roles;
308
- $new_user_obj->caps = $user_obj->caps;
309
-
310
- return $new_user_obj;
311
- }
312
-
313
- // == CLI == //
314
- if ( defined( 'WP_CLI' ) && WP_CLI ) {
315
- require_once 'cli/wprp.cli.php';
316
  }
1
+ <?php
2
+
3
+ /*
4
+ Plugin Name: WP Remote
5
+ Description: Manage your WordPress site with <a href="https://wpremote.com/">WP Remote</a>.
6
+ Version: 2.8.3
7
+ Author: maekit
8
+ Author URI: https://maek.it/
9
+ */
10
+
11
+ /* Copyright 2017 maekit (email : hello@maek.it)
12
+
13
+ This program is free software; you can redistribute it and/or modify
14
+ it under the terms of the GNU General Public License as published by
15
+ the Free Software Foundation; either version 2 of the License, or
16
+ (at your option) any later version.
17
+
18
+ This program is distributed in the hope that it will be useful,
19
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
20
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21
+ GNU General Public License for more details.
22
+
23
+ You should have received a copy of the GNU General Public License
24
+ along with this program; if not, write to the Free Software
25
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26
+ */
27
+
28
+ define( 'WPRP_PLUGIN_SLUG', 'wpremote' );
29
+ define( 'WPRP_PLUGIN_BASE', plugin_basename(__FILE__) );
30
+ define( 'WPRP_PLUGIN_PATH', plugin_dir_path( __FILE__ ) );
31
+
32
+ if ( ! defined( 'WPR_URL' ) )
33
+ define( 'WPR_URL', 'https://wpremote.com/' );
34
+
35
+ if ( ! defined( 'WPR_API_URL' ) )
36
+ define( 'WPR_API_URL', 'https://wpremote.com/api/json/' );
37
+
38
+ if ( ! defined( 'WPR_LANG_DIR' ) )
39
+ define( 'WPR_LANG_DIR', apply_filters( 'wpr_filter_lang_dir', trailingslashit( WPRP_PLUGIN_PATH ) . trailingslashit( 'languages' ) ) );
40
+
41
+ // Don't activate on anything less than PHP 5.2.4
42
+ if ( version_compare( phpversion(), '5.2.4', '<' ) ) {
43
+
44
+ require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
45
+ deactivate_plugins( WPRP_PLUGIN_SLUG . '/plugin.php' );
46
+
47
+ if ( isset( $_GET['action'] ) && ( $_GET['action'] == 'activate' || $_GET['action'] == 'error_scrape' ) )
48
+ die( __( 'WP Remote requires PHP version 5.2.4 or greater.', 'wpremote' ) );
49
+
50
+ }
51
+
52
+ require_once( WPRP_PLUGIN_PATH . '/wprp.admin.php' );
53
+ require_once( WPRP_PLUGIN_PATH . '/wprp.compatability.php' );
54
+
55
+ if ( get_option( 'wprp_enable_log' ) )
56
+ require_once( WPRP_PLUGIN_PATH . '/wprp.log.php' );
57
+
58
+ // Backups require 3.1
59
+ if ( version_compare( get_bloginfo( 'version' ), '3.1', '>=' ) ) {
60
+
61
+ require_once( WPRP_PLUGIN_PATH . '/wprp.hm.backup.php' );
62
+ require_once( WPRP_PLUGIN_PATH . '/wprp.backups.php' );
63
+
64
+ }
65
+
66
+ /**
67
+ * Get a needed URL on the WP Remote site
68
+ *
69
+ * @param string $uri URI for the URL (optional)
70
+ * @return string $url Fully-qualified URL to WP Remote
71
+ */
72
+ function wprp_get_wpr_url( $uri = '' ) {
73
+
74
+ if ( empty( $uri ) )
75
+ return WPR_URL;
76
+
77
+ $url = rtrim( WPR_URL, '/' );
78
+ $uri = trim( $uri, '/' );
79
+ return $url . '/' . $uri . '/';
80
+ }
81
+
82
+ /**
83
+ * Catch the API calls and load the API
84
+ *
85
+ * @return null
86
+ */
87
+ function wprp_catch_api_call() {
88
+
89
+ if ( empty( $_POST['wpr_verify_key'] ) )
90
+ return;
91
+
92
+ require_once( WPRP_PLUGIN_PATH . '/wprp.integration.php' );
93
+ require_once( WPRP_PLUGIN_PATH . '/wprp.plugins.php' );
94
+ require_once( WPRP_PLUGIN_PATH . '/wprp.themes.php' );
95
+ require_once( WPRP_PLUGIN_PATH . '/wprp.content.php' );
96
+
97
+ require_once( WPRP_PLUGIN_PATH . '/wprp.api.php' );
98
+
99
+ exit;
100
+
101
+ }
102
+ add_action( 'init', 'wprp_catch_api_call', 100 );
103
+
104
+
105
+ /**
106
+ * Check for a bat signal from the mothership
107
+ *
108
+ * @since 2.7.0
109
+ */
110
+ function wprp_check_bat_signal() {
111
+
112
+ $bat_signal_key = 'wprp_bat_signal';
113
+
114
+ if ( false === get_transient( $bat_signal_key ) ) {
115
+
116
+ $bat_signal_url = trailingslashit( WPR_URL ) . 'bat-signal/';
117
+ $response = wp_remote_get( $bat_signal_url );
118
+ $response_body = wp_remote_retrieve_body( $response );
119
+ if ( 'destroy the evidence!' == trim( $response_body ) )
120
+ delete_option( 'wpr_api_key' );
121
+
122
+ // One request per day
123
+ set_transient( $bat_signal_key, 'the coast is clear', 60 * 60 * 24 );
124
+ }
125
+
126
+ }
127
+ add_action( 'init', 'wprp_check_bat_signal' );
128
+
129
+ /**
130
+ * Get the stored WPR API key
131
+ *
132
+ * @return mixed
133
+ */
134
+ function wprp_get_api_keys() {
135
+ $keys = apply_filters( 'wpr_api_keys', get_option( 'wpr_api_key' ) );
136
+ if ( ! empty( $keys ) )
137
+ return (array)$keys;
138
+ else
139
+ return array();
140
+ }
141
+
142
+ function wprp_plugin_update_check() {
143
+
144
+ $plugin_data = get_plugin_data( __FILE__ );
145
+
146
+ // define the plugin version
147
+ define( 'WPRP_VERSION', $plugin_data['Version'] );
148
+
149
+ // Fire the update action
150
+ if ( WPRP_VERSION !== get_option( 'wprp_plugin_version' ) )
151
+ wprp_update();
152
+
153
+ }
154
+ add_action( 'admin_init', 'wprp_plugin_update_check' );
155
+
156
+ /**
157
+ * Run any update code and update the current version in the db
158
+ *
159
+ * @access public
160
+ * @return void
161
+ */
162
+ function wprp_update() {
163
+
164
+ /**
165
+ * Remove the old _wpremote_backups directory
166
+ */
167
+ $uploads_dir = wp_upload_dir();
168
+
169
+ $old_wpremote_dir = trailingslashit( $uploads_dir['basedir'] ) . '_wpremote_backups';
170
+
171
+ if ( file_exists( $old_wpremote_dir ) )
172
+ WPRP_Backups::rmdir_recursive( $old_wpremote_dir );
173
+
174
+ // If BackUpWordPress isn't installed then lets just delete the whole backups directory
175
+ if ( ! defined( 'HMBKP_PLUGIN_PATH' ) && $path = get_option( 'hmbkp_path' ) ) {
176
+
177
+ WPRP_Backups::rmdir_recursive( $path );
178
+
179
+ delete_option( 'hmbkp_path' );
180
+ delete_option( 'hmbkp_default_path' );
181
+ delete_option( 'hmbkp_plugin_version' );
182
+
183
+ }
184
+
185
+ // Update the version stored in the db
186
+ if ( get_option( 'wprp_plugin_version' ) !== WPRP_VERSION )
187
+ update_option( 'wprp_plugin_version', WPRP_VERSION );
188
+
189
+ }
190
+
191
+ function _wprp_upgrade_core() {
192
+
193
+ if ( defined( 'DISALLOW_FILE_MODS' ) && DISALLOW_FILE_MODS )
194
+ return new WP_Error( 'disallow-file-mods', __( "File modification is disabled with the DISALLOW_FILE_MODS constant.", 'wpremote' ) );
195
+
196
+ include_once ( ABSPATH . 'wp-admin/includes/admin.php' );
197
+ include_once ( ABSPATH . 'wp-admin/includes/upgrade.php' );
198
+ include_once ( ABSPATH . 'wp-includes/update.php' );
199
+ require_once ( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
200
+ require_once WPRP_PLUGIN_PATH . 'inc/class-wprp-core-upgrader-skin.php';
201
+
202
+ // check for filesystem access
203
+ if ( ! _wpr_check_filesystem_access() )
204
+ return new WP_Error( 'filesystem-not-writable', __( 'The filesystem is not writable with the supplied credentials', 'wpremote' ) );
205
+
206
+ // force refresh
207
+ wp_version_check();
208
+
209
+ $updates = get_core_updates();
210
+
211
+ if ( is_wp_error( $updates ) || ! $updates )
212
+ return new WP_Error( 'no-update-available' );
213
+
214
+ $update = reset( $updates );
215
+
216
+ if ( ! $update )
217
+ return new WP_Error( 'no-update-available' );
218
+
219
+ $skin = new WPRP_Core_Upgrader_Skin();
220
+
221
+ $upgrader = new Core_Upgrader( $skin );
222
+ $result = $upgrader->upgrade($update);
223
+
224
+ if ( is_wp_error( $result ) )
225
+ return $result;
226
+
227
+ global $wp_current_db_version, $wp_db_version;
228
+
229
+ // we have to include version.php so $wp_db_version
230
+ // will take the version of the updated version of wordpress
231
+ require( ABSPATH . WPINC . '/version.php' );
232
+
233
+ wp_upgrade();
234
+
235
+ return true;
236
+ }
237
+
238
+ function _wpr_check_filesystem_access() {
239
+
240
+ ob_start();
241
+ $success = request_filesystem_credentials( '' );
242
+ ob_end_clean();
243
+
244
+ return (bool) $success;
245
+ }
246
+
247
+ function _wpr_set_filesystem_credentials( $credentials ) {
248
+
249
+ if ( empty( $_POST['filesystem_details'] ) )
250
+ return $credentials;
251
+
252
+ $_credentials = array(
253
+ 'username' => $_POST['filesystem_details']['credentials']['username'],
254
+ 'password' => $_POST['filesystem_details']['credentials']['password'],
255
+ 'hostname' => $_POST['filesystem_details']['credentials']['hostname'],
256
+ 'connection_type' => $_POST['filesystem_details']['method']
257
+ );
258
+
259
+ // check whether the credentials can be used
260
+ if ( ! WP_Filesystem( $_credentials ) ) {
261
+ return $credentials;
262
+ }
263
+
264
+ return $_credentials;
265
+ }
266
+ add_filter( 'request_filesystem_credentials', '_wpr_set_filesystem_credentials' );
267
+
268
+ /**
269
+ *
270
+ */
271
+ function wprp_translations_init() {
272
+
273
+ if ( is_admin() ) {
274
+
275
+ /** Set unique textdomain string */
276
+ $wprp_textdomain = 'wpremote';
277
+
278
+ /** The 'plugin_locale' filter is also used by default in load_plugin_textdomain() */
279
+ $plugin_locale = apply_filters( 'plugin_locale', get_locale(), $wprp_textdomain );
280
+
281
+ /** Set filter for WordPress languages directory */
282
+ $wprp_wp_lang_dir = apply_filters(
283
+ 'wprp_filter_wp_lang_dir',
284
+ trailingslashit( WP_LANG_DIR ) . trailingslashit( 'wp-remote' ) . $wprp_textdomain . '-' . $plugin_locale . '.mo'
285
+ );
286
+
287
+ /** Translations: First, look in WordPress' "languages" folder = custom & update-secure! */
288
+ load_textdomain( $wprp_textdomain, $wprp_wp_lang_dir );
289
+
290
+ /** Translations: Secondly, look in plugin's "languages" folder = default */
291
+ load_plugin_textdomain( $wprp_textdomain, FALSE, WPR_LANG_DIR );
292
+ }
293
+ }
294
+ add_action( 'plugins_loaded', 'wprp_translations_init' );
295
+
296
+ /**
297
+ * Format a WP User object into a better
298
+ * object for the API
299
+ */
300
+ function wprp_format_user_obj( $user_obj ) {
301
+ $new_user_obj = new stdClass;
302
+
303
+ foreach( $user_obj->data as $key => $value ) {
304
+ $new_user_obj->$key = $value;
305
+ }
306
+
307
+ $new_user_obj->roles = $user_obj->roles;
308
+ $new_user_obj->caps = $user_obj->caps;
309
+
310
+ return $new_user_obj;
311
+ }
312
+
313
+ // == CLI == //
314
+ if ( defined( 'WP_CLI' ) && WP_CLI ) {
315
+ require_once 'cli/wprp.cli.php';
316
  }
readme.txt CHANGED
@@ -1,266 +1,272 @@
1
- === The WP Remote WordPress Plugin ===
2
- Contributors: jeramynirodha, bmett, humanmade, willmot, joehoyle, danielbachhuber, mattheu, pauldewouters, cuvelier, tcrsavage
3
- Tags: wpremote, remote administration, multiple wordpress
4
- Requires at least: 3.0
5
- Tested up to: 4.8.2
6
- Stable tag: 2.8.2
7
-
8
- WP Remote is a free web app that enables you to easily manage all of your WordPress powered sites from one place.
9
-
10
- == Description ==
11
-
12
- The WP Remote WordPress Plugin works with [WP Remote](https://wpremote.com/) to enable you to remotely manage and update all your WordPress sites.
13
-
14
- = Features =
15
-
16
- * Free to monitor and update an unlimited number of sites.
17
- * Track and update all of your WordPress sites from one place.
18
- * Track and update all of your WordPress plugins and themes from one place.
19
- * Schedule automatic backups to AWS, SFTP, FTP.
20
- * Perform manual backups of your WordPress database and files.
21
- * Download previous backups from the one place.
22
- * Install and activate plugins and themes from the one place.
23
- * Early beta access to [maekit](https://maek.it/) web design business platform.
24
-
25
- = Support =
26
-
27
- You can email us at support@wpremote.com for support.
28
-
29
- == Installation ==
30
-
31
- 1. Install The WP Remote WordPress Plugin either via the WordPress.org plugin directory, or by uploading the files to your server.
32
- 2. Activate the plugin.
33
- 3. Sign up for an account at wpremote.com and add your site.
34
-
35
- == Frequently Asked Questions ==
36
-
37
- ** I've forgotten my password **
38
- Use the “I’ve forgotten my password” link on the log-in screen to generate an email with a link to reset your password.
39
-
40
- https://wpremote.com/login/lost-password/
41
-
42
- ** How do I fix the “Does not appear to be a valid URL” message? **
43
-
44
- 1. If the domain name has been typed incorrectly:
45
- The easiest way to ensure you have the correct domain name is to open your site in a different browser window and then copy and paste the site address.
46
-
47
- 2. If you have made recent changes to your DNS/Nameservers records:
48
- If this is the case then just give it a little more time and try again later.
49
-
50
- **What if I want to back up my site to another destination?**
51
-
52
- You can also store your backups on your own Amazon S3 or you can upload backups to your own server via FTP or SFTP.
53
-
54
- **How do I restore my site from a backup?**
55
-
56
- WP Remote does not provide an automated way to restore your site. We recommend downloading a copy of your backup, unzipping it and then uploading to your site's server via FTP/SSH. Database importing can be done via your PHPMyAdmin interface or a similar tool - Your database backup can be found in the root folder of your downloaded backup zip.
57
-
58
- **Further Support & Feedback**
59
-
60
- General support questions should be posted in the <a href="http://wordpress.org/support/plugin/wpremote">WordPress support forums.</a>
61
-
62
- You can email us at support@wpremote.com for support.
63
-
64
- == Screenshots ==
65
-
66
- 1. The WP Remote dashboard at wpremote.com
67
- 2. See all of the plugins and themes needing update across all Sites in one view.
68
- 3. Download nightly Automatic Backups.
69
-
70
- == Changelog ==
71
-
72
- #### 2.8.2 (25 October 2017)
73
-
74
- * Change settings page function name for compatibility
75
- * Allow the WP Remote API key to be updated from CLI
76
-
77
- #### 2.8.1 (10 October 2017)
78
-
79
- * Add link to clear API key from the plugin settings page.
80
- * Prevent WP Remote from clearing the API key on deactivation
81
- * Clear API key on uninstall
82
-
83
- #### 2.8.0.1 (31 August 2017)
84
-
85
- * Bug fix for PHP < 5.4
86
-
87
- #### 2.8.0 (30 August 2017)
88
-
89
- * Modify plugin activation and return plugin active status to WP Remote
90
-
91
- #### 2.7.9.2 (25 August 2017)
92
-
93
- * Bug fix for php 5.4 and lower
94
-
95
- #### 2.7.9.1 (25 August 2017)
96
-
97
- * Add Fallback method for when current user isn't found
98
-
99
- #### 2.7.9 (22 August 2017)
100
-
101
- * Query DB to find an admin user to run updates
102
-
103
- #### 2.7.8 (20 July 2017)
104
-
105
- * Replaced mysql class and functions with mysqli
106
-
107
- #### 2.7.7 (20 April 2017)
108
-
109
- * Fixed fatal error with backup location
110
-
111
- #### 2.7.6 (18 Sept 2014)
112
-
113
- * Fixed issue with plugins not being reactivated when updated on an MU WordPress install
114
- * Fixed issue with child themes reporting an available update whenever the parent theme has an available update
115
-
116
- #### 2.7.5 (10 Sept 2014)
117
-
118
- * Fixed WordPress 4.0 issues with json_encode of a WP_Error object which would result in malformed responses from the WP_Remote WordPress plugin
119
- * Added FAQ to readme
120
- * Updated incompatible plugins list
121
-
122
- #### 2.7.3 (12 May 2014)
123
-
124
- * Added the ability to return basic content information for the site - post count, user count, plugin count etc.
125
- * Updated contribution guidelines
126
-
127
- #### 2.7.2 (22 January 2014)
128
-
129
- * Misc improvements to the accuracy of the backup restart mechanism.
130
- * Inline styles to insure the API key prompt always appears, even if a theme or plugin may hide admin notices.
131
-
132
- #### 2.7.1 (23 December 2013)
133
-
134
- * Bug fix: Restore plugin and theme installation mechanism.
135
- * Bug fix: On some hosts where `getmypid()` wasn't permitted, the backup process would be prematurely reported as killed.
136
-
137
- #### 2.7.0 (19 November 2013)
138
-
139
- * Improved durability of backups where the backup process can take more than 90 seconds.
140
- * New API support for posts, comments, and fixed support for users (oops).
141
- * Reporting and update integration with premium plugins that support ManageWP's API implementation.
142
- * Plugin, theme, and core updates now respect the `DISALLOW_FILE_MODS` constant.
143
-
144
- #### 2.6.7 (27 October 2013)
145
-
146
- * API improvement: specify database- and file-only backups
147
- * Bug fix: Make the backup download URL accessible on Apache servers again. The protective .htaccess was being generated with the wrong key.
148
-
149
- #### 2.6.6 (23 October 2013)
150
-
151
- * Bug fix: Due to some files moving around, WP Remote wasn't able to properly update the current version of the plugin.
152
-
153
- #### 2.6.5 (23 October 2013)
154
-
155
- * Incorporated a more reliable plugin re-activation process after update.
156
- * Bug fix: Properly delete backup folders for failed backups. Users may want to look inside of `/wp-content/` for any folders named as `*-backups`. If they were created by WP Remote, they can be safely deleted.
157
- * Bug fix: Log the proper fields in history when a new user is created.
158
-
159
- #### 2.6.4 (2 October 2013)
160
-
161
- * Misc API improvements for Premium.
162
- * Bug fix: Disable all premium plugin and theme updates. Causing fatals too often.
163
- * Bug fix: Restore FTP-based core, theme, and plugin updates by properly accessing the passed credentials.
164
-
165
- #### 2.6.3 (10 September 2013)
166
-
167
- * Bug fix: Disabled updating BackupBuddy through WP Remote for BackupBuddy v4.1.1 and greater. BackupBuddy changed its custom update mechanism (as it's a premium plugin), which caused the WP Remote plugin not to function properly.
168
-
169
- #### 2.6.2 (2 September 2013)
170
-
171
- * Bug fix: Reactivating plugin after plugin upgrade.
172
-
173
- #### 2.6.1 (26 August 2013)
174
-
175
- * Add multiple API keys to your WP Remote plugin with a `wpr_api_keys` filter if you'd like to use more than WP Remote account with the site.
176
- * Plugin now supports localization. Please feel free to [submit your translation](http://translate.hmn.md/projects).
177
- * Update `HM Backup` to v2.3
178
- * Bug fix: Properly handle timestamp values in database backups.
179
- * Bug fix: Use super randomized backup directories.
180
-
181
- #### 2.6
182
-
183
- * Change to using better hmac style authentication
184
- * Fix error for sites running =< WordPress 3.1
185
-
186
- #### 2.5
187
-
188
- * Remove BackUpWordPress, backups are now handled by the `HM Backup` class.
189
- * BackUpWordPress can now be used alongside WP Remote without issues.
190
- * Exclude `.git` and `.svn` folders from backups automatically.
191
-
192
- #### 2.4.12 & 2.4.13
193
-
194
- * Upgrade bundled BackUpWordPress to 2.1.3.
195
- * Fix an issue with Download Site on Apache servers.
196
- * Set the correct location for the BackUpWordPress language files.
197
-
198
- #### 2.4.10 + 2.4.11
199
-
200
- * Plugin release shenaningans.
201
-
202
- #### 2.4.9
203
-
204
- * Pull in latest BackUpWordPress which fixes a possible Fatal error caused by `url_shorten` being called outside the admin.
205
-
206
- #### 2.4.8
207
-
208
- * Pull in latest BackUpWordPress which fixes a possible Fatal error caused by misc.php being included to early.
209
-
210
- #### 2.4.7
211
-
212
- * Update to BackUpWordPress 2.1
213
- * Fix an issue that could cause backups to be run when they shouldn't have.
214
- * Only hide the backups menu item if the site doesn't have any non wpremote schedules.
215
- * Hide all BackUpWordPress admin notices.
216
- * Fix the button styles for the save API Key button in WordPress 3.5
217
- * Fix a possible warning in the WP_Filesystem integration, props @tillkruess (github).
218
- * Support for updating the Pagelines premium theme, props @tillkruess (github)
219
-
220
- #### 2.4.6
221
-
222
- * Support for updating the BackupBuddy premium plugin, props @tillkruess (github)
223
-
224
- #### 2.4.1 - 2.4.5
225
-
226
- * Minor bug fixes
227
-
228
- #### 2.4
229
-
230
- * Backups are now powered by BackUpWordPress.
231
- * The BackUpWordPress Plugin can no longer be run alongside WP Remote.
232
- * Show a message if a security plugin is active which could affect WP Remote.
233
- * Emphasise that you can deactivate the plugin to clear your API key.
234
-
235
- #### 2.3.1
236
-
237
- * PHP 5.2.4 compat.
238
-
239
- #### 2.3
240
-
241
- * WP_Filesystem support for servers which don't allow PHP direct filesystem access.
242
- * Support for monitoring and updating Gravity Forms.
243
-
244
- #### 2.2.5
245
-
246
- * Implemented API call for Core updates
247
-
248
- #### 2.2.4
249
-
250
- * Fixed excludes for backups directories
251
- * Started on remote core upgrades
252
- * Fix memory limit in WP 3.1
253
-
254
- #### 2.2.3
255
-
256
- * Use WPR_HM_Backup instead of HM_Backup (fixes compatibilty with backupwordpress)
257
-
258
- #### 2.2
259
-
260
- * Start keeping a changelog of plugin changes
261
- * Pass home_url, site_url and admin_url to WP Remote instead of guessing at them, fixes issues with the urls being wrong for non-standard WordPress installs
262
- * Better error message when you have the wrong API key entered.
263
-
264
- ## Contribution guidelines ##
265
-
266
- see https://github.com/MyWorkAus/WP-Remote-WordPress-Plugin/blob/master/CONTRIBUTING.md
 
 
 
 
 
 
1
+ === The WP Remote WordPress Plugin ===
2
+ Contributors: jeramynirodha, bmett, humanmade, willmot, joehoyle, danielbachhuber, mattheu, pauldewouters, cuvelier, tcrsavage
3
+ Tags: wpremote, remote administration, multiple wordpress
4
+ Requires at least: 3.0
5
+ Tested up to: 4.8.2
6
+ Stable tag: 2.8.3
7
+
8
+ WP Remote is a free web app that enables you to easily manage all of your WordPress powered sites from one place.
9
+
10
+ == Description ==
11
+
12
+ The WP Remote WordPress Plugin works with [WP Remote](https://wpremote.com/) to enable you to remotely manage and update all your WordPress sites.
13
+
14
+ = Features =
15
+
16
+ * Free to monitor and update an unlimited number of sites.
17
+ * Track and update all of your WordPress sites from one place.
18
+ * Track and update all of your WordPress plugins and themes from one place.
19
+ * Schedule automatic backups to AWS, SFTP, FTP.
20
+ * Perform manual backups of your WordPress database and files.
21
+ * Download previous backups from the one place.
22
+ * Install and activate plugins and themes from the one place.
23
+ * Early beta access to [maekit](https://maek.it/) web design business platform.
24
+
25
+ = Support =
26
+
27
+ You can email us at support@wpremote.com for support.
28
+
29
+ == Installation ==
30
+
31
+ 1. Install The WP Remote WordPress Plugin either via the WordPress.org plugin directory, or by uploading the files to your server.
32
+ 2. Activate the plugin.
33
+ 3. Sign up for an account at wpremote.com and add your site.
34
+
35
+ == Frequently Asked Questions ==
36
+
37
+ ** I've forgotten my password **
38
+ Use the “I’ve forgotten my password” link on the log-in screen to generate an email with a link to reset your password.
39
+
40
+ https://wpremote.com/login/lost-password/
41
+
42
+ ** How do I fix the “Does not appear to be a valid URL” message? **
43
+
44
+ 1. If the domain name has been typed incorrectly:
45
+ The easiest way to ensure you have the correct domain name is to open your site in a different browser window and then copy and paste the site address.
46
+
47
+ 2. If you have made recent changes to your DNS/Nameservers records:
48
+ If this is the case then just give it a little more time and try again later.
49
+
50
+ **What if I want to back up my site to another destination?**
51
+
52
+ You can also store your backups on your own Amazon S3 or you can upload backups to your own server via FTP or SFTP.
53
+
54
+ **How do I restore my site from a backup?**
55
+
56
+ WP Remote does not provide an automated way to restore your site. We recommend downloading a copy of your backup, unzipping it and then uploading to your site's server via FTP/SSH. Database importing can be done via your PHPMyAdmin interface or a similar tool - Your database backup can be found in the root folder of your downloaded backup zip.
57
+
58
+ **Further Support & Feedback**
59
+
60
+ General support questions should be posted in the <a href="http://wordpress.org/support/plugin/wpremote">WordPress support forums.</a>
61
+
62
+ You can email us at support@wpremote.com for support.
63
+
64
+ == Screenshots ==
65
+
66
+ 1. The WP Remote dashboard at wpremote.com
67
+ 2. See all of the plugins and themes needing update across all Sites in one view.
68
+ 3. Download nightly Automatic Backups.
69
+
70
+ == Changelog ==
71
+
72
+ #### 2.8.3 (21 November 2017)
73
+
74
+ * Add endpoint to validate plugin update
75
+ * Improved error handling
76
+ * Fix 'Clear Api' redirect
77
+
78
+ #### 2.8.2 (25 October 2017)
79
+
80
+ * Change settings page function name for compatibility
81
+ * Allow the WP Remote API key to be updated from CLI
82
+
83
+ #### 2.8.1 (10 October 2017)
84
+
85
+ * Add link to clear API key from the plugin settings page.
86
+ * Prevent WP Remote from clearing the API key on deactivation
87
+ * Clear API key on uninstall
88
+
89
+ #### 2.8.0.1 (31 August 2017)
90
+
91
+ * Bug fix for PHP < 5.4
92
+
93
+ #### 2.8.0 (30 August 2017)
94
+
95
+ * Modify plugin activation and return plugin active status to WP Remote
96
+
97
+ #### 2.7.9.2 (25 August 2017)
98
+
99
+ * Bug fix for php 5.4 and lower
100
+
101
+ #### 2.7.9.1 (25 August 2017)
102
+
103
+ * Add Fallback method for when current user isn't found
104
+
105
+ #### 2.7.9 (22 August 2017)
106
+
107
+ * Query DB to find an admin user to run updates
108
+
109
+ #### 2.7.8 (20 July 2017)
110
+
111
+ * Replaced mysql class and functions with mysqli
112
+
113
+ #### 2.7.7 (20 April 2017)
114
+
115
+ * Fixed fatal error with backup location
116
+
117
+ #### 2.7.6 (18 Sept 2014)
118
+
119
+ * Fixed issue with plugins not being reactivated when updated on an MU WordPress install
120
+ * Fixed issue with child themes reporting an available update whenever the parent theme has an available update
121
+
122
+ #### 2.7.5 (10 Sept 2014)
123
+
124
+ * Fixed WordPress 4.0 issues with json_encode of a WP_Error object which would result in malformed responses from the WP_Remote WordPress plugin
125
+ * Added FAQ to readme
126
+ * Updated incompatible plugins list
127
+
128
+ #### 2.7.3 (12 May 2014)
129
+
130
+ * Added the ability to return basic content information for the site - post count, user count, plugin count etc.
131
+ * Updated contribution guidelines
132
+
133
+ #### 2.7.2 (22 January 2014)
134
+
135
+ * Misc improvements to the accuracy of the backup restart mechanism.
136
+ * Inline styles to insure the API key prompt always appears, even if a theme or plugin may hide admin notices.
137
+
138
+ #### 2.7.1 (23 December 2013)
139
+
140
+ * Bug fix: Restore plugin and theme installation mechanism.
141
+ * Bug fix: On some hosts where `getmypid()` wasn't permitted, the backup process would be prematurely reported as killed.
142
+
143
+ #### 2.7.0 (19 November 2013)
144
+
145
+ * Improved durability of backups where the backup process can take more than 90 seconds.
146
+ * New API support for posts, comments, and fixed support for users (oops).
147
+ * Reporting and update integration with premium plugins that support ManageWP's API implementation.
148
+ * Plugin, theme, and core updates now respect the `DISALLOW_FILE_MODS` constant.
149
+
150
+ #### 2.6.7 (27 October 2013)
151
+
152
+ * API improvement: specify database- and file-only backups
153
+ * Bug fix: Make the backup download URL accessible on Apache servers again. The protective .htaccess was being generated with the wrong key.
154
+
155
+ #### 2.6.6 (23 October 2013)
156
+
157
+ * Bug fix: Due to some files moving around, WP Remote wasn't able to properly update the current version of the plugin.
158
+
159
+ #### 2.6.5 (23 October 2013)
160
+
161
+ * Incorporated a more reliable plugin re-activation process after update.
162
+ * Bug fix: Properly delete backup folders for failed backups. Users may want to look inside of `/wp-content/` for any folders named as `*-backups`. If they were created by WP Remote, they can be safely deleted.
163
+ * Bug fix: Log the proper fields in history when a new user is created.
164
+
165
+ #### 2.6.4 (2 October 2013)
166
+
167
+ * Misc API improvements for Premium.
168
+ * Bug fix: Disable all premium plugin and theme updates. Causing fatals too often.
169
+ * Bug fix: Restore FTP-based core, theme, and plugin updates by properly accessing the passed credentials.
170
+
171
+ #### 2.6.3 (10 September 2013)
172
+
173
+ * Bug fix: Disabled updating BackupBuddy through WP Remote for BackupBuddy v4.1.1 and greater. BackupBuddy changed its custom update mechanism (as it's a premium plugin), which caused the WP Remote plugin not to function properly.
174
+
175
+ #### 2.6.2 (2 September 2013)
176
+
177
+ * Bug fix: Reactivating plugin after plugin upgrade.
178
+
179
+ #### 2.6.1 (26 August 2013)
180
+
181
+ * Add multiple API keys to your WP Remote plugin with a `wpr_api_keys` filter if you'd like to use more than WP Remote account with the site.
182
+ * Plugin now supports localization. Please feel free to [submit your translation](http://translate.hmn.md/projects).
183
+ * Update `HM Backup` to v2.3
184
+ * Bug fix: Properly handle timestamp values in database backups.
185
+ * Bug fix: Use super randomized backup directories.
186
+
187
+ #### 2.6
188
+
189
+ * Change to using better hmac style authentication
190
+ * Fix error for sites running =< WordPress 3.1
191
+
192
+ #### 2.5
193
+
194
+ * Remove BackUpWordPress, backups are now handled by the `HM Backup` class.
195
+ * BackUpWordPress can now be used alongside WP Remote without issues.
196
+ * Exclude `.git` and `.svn` folders from backups automatically.
197
+
198
+ #### 2.4.12 & 2.4.13
199
+
200
+ * Upgrade bundled BackUpWordPress to 2.1.3.
201
+ * Fix an issue with Download Site on Apache servers.
202
+ * Set the correct location for the BackUpWordPress language files.
203
+
204
+ #### 2.4.10 + 2.4.11
205
+
206
+ * Plugin release shenaningans.
207
+
208
+ #### 2.4.9
209
+
210
+ * Pull in latest BackUpWordPress which fixes a possible Fatal error caused by `url_shorten` being called outside the admin.
211
+
212
+ #### 2.4.8
213
+
214
+ * Pull in latest BackUpWordPress which fixes a possible Fatal error caused by misc.php being included to early.
215
+
216
+ #### 2.4.7
217
+
218
+ * Update to BackUpWordPress 2.1
219
+ * Fix an issue that could cause backups to be run when they shouldn't have.
220
+ * Only hide the backups menu item if the site doesn't have any non wpremote schedules.
221
+ * Hide all BackUpWordPress admin notices.
222
+ * Fix the button styles for the save API Key button in WordPress 3.5
223
+ * Fix a possible warning in the WP_Filesystem integration, props @tillkruess (github).
224
+ * Support for updating the Pagelines premium theme, props @tillkruess (github)
225
+
226
+ #### 2.4.6
227
+
228
+ * Support for updating the BackupBuddy premium plugin, props @tillkruess (github)
229
+
230
+ #### 2.4.1 - 2.4.5
231
+
232
+ * Minor bug fixes
233
+
234
+ #### 2.4
235
+
236
+ * Backups are now powered by BackUpWordPress.
237
+ * The BackUpWordPress Plugin can no longer be run alongside WP Remote.
238
+ * Show a message if a security plugin is active which could affect WP Remote.
239
+ * Emphasise that you can deactivate the plugin to clear your API key.
240
+
241
+ #### 2.3.1
242
+
243
+ * PHP 5.2.4 compat.
244
+
245
+ #### 2.3
246
+
247
+ * WP_Filesystem support for servers which don't allow PHP direct filesystem access.
248
+ * Support for monitoring and updating Gravity Forms.
249
+
250
+ #### 2.2.5
251
+
252
+ * Implemented API call for Core updates
253
+
254
+ #### 2.2.4
255
+
256
+ * Fixed excludes for backups directories
257
+ * Started on remote core upgrades
258
+ * Fix memory limit in WP 3.1
259
+
260
+ #### 2.2.3
261
+
262
+ * Use WPR_HM_Backup instead of HM_Backup (fixes compatibilty with backupwordpress)
263
+
264
+ #### 2.2
265
+
266
+ * Start keeping a changelog of plugin changes
267
+ * Pass home_url, site_url and admin_url to WP Remote instead of guessing at them, fixes issues with the urls being wrong for non-standard WordPress installs
268
+ * Better error message when you have the wrong API key entered.
269
+
270
+ ## Contribution guidelines ##
271
+
272
+ see https://github.com/MyWorkAus/WP-Remote-WordPress-Plugin/blob/master/CONTRIBUTING.md
wprp.admin.php CHANGED
@@ -110,5 +110,7 @@ add_action('admin_menu', 'wpr_register_pages');
110
  */
111
  function wpr_settings_page( ) {
112
  delete_wpr_options();
113
- exit( wp_redirect( admin_url( 'plugins.php' ) ) );
 
 
114
  }
110
  */
111
  function wpr_settings_page( ) {
112
  delete_wpr_options();
113
+ // TODO : Build proper settings page
114
+ echo 'Successfully cleared API key. Redirecting back to the plugins page...';
115
+ echo '<meta http-equiv="refresh" content="0; url=' . admin_url( 'plugins.php' ) . '" />';
116
  }
wprp.api.php CHANGED
@@ -1,722 +1,726 @@
1
- <?php
2
-
3
- class WPR_API_Request {
4
-
5
- static $actions = array();
6
- static $args = array();
7
-
8
- static function verify_request() {
9
-
10
- // Check the API Key
11
- if ( ! wprp_get_api_keys() ) {
12
-
13
- echo json_encode( 'blank-api-key' );
14
- exit;
15
-
16
- } elseif ( isset( $_POST['wpr_verify_key'] ) ) {
17
-
18
- $verify = $_POST['wpr_verify_key'];
19
- unset( $_POST['wpr_verify_key'] );
20
-
21
- $hash = self::generate_hashes( $_POST );
22
-
23
- if ( ! in_array( $verify, $hash, true ) ) {
24
- echo json_encode( 'bad-verify-key' );
25
- exit;
26
- }
27
-
28
- if ( (int) $_POST['timestamp'] > time() + 360 || (int) $_POST['timestamp'] < time() - 360 ) {
29
- echo json_encode( 'bad-timstamp' );
30
- exit;
31
- }
32
-
33
- self::$actions = $_POST['actions'];
34
- self::$args = $_POST;
35
-
36
-
37
- } else {
38
- exit;
39
- }
40
-
41
- return true;
42
-
43
- }
44
-
45
- static function generate_hashes( $vars ) {
46
-
47
- $api_key = wprp_get_api_keys();
48
- if ( ! $api_key )
49
- return array();
50
-
51
- $hashes = array();
52
- foreach( $api_key as $key ) {
53
- $hashes[] = hash_hmac( 'sha256', serialize( $vars ), $key );
54
- }
55
- return $hashes;
56
-
57
- }
58
-
59
- static function get_actions() {
60
- return self::$actions;
61
- }
62
-
63
- static function get_args() {
64
- return self::$args;
65
- }
66
-
67
- static function get_arg( $arg ) {
68
- return ( isset( self::$args[$arg] ) ) ? self::$args[$arg] : null;
69
- }
70
- }
71
-
72
- WPR_API_Request::verify_request();
73
-
74
- // disable logging for anythign done in API requests
75
- if ( class_exists( 'WPRP_Log' ) )
76
- WPRP_Log::get_instance()->disable_logging();
77
-
78
- // Disable error_reporting so they don't break the json request
79
- if ( ! defined( 'WP_DEBUG' ) || ! WP_DEBUG )
80
- error_reporting( 0 );
81
-
82
- // Temp hack so our requests to verify file size are signed.
83
- global $wprp_noauth_nonce;
84
- $wprp_noauth_nonce = wp_create_nonce( 'wprp_calculate_backup_size' );
85
-
86
- // Log in as admin
87
- $users_query = new WP_User_Query( array(
88
- 'role' => 'administrator',
89
- 'orderby' => 'ID'
90
- ) );
91
- wp_set_current_user(1);
92
- if ($users_query->get_total()) {
93
- foreach ($users_query->get_results() as $user) {
94
- if (!$user) {
95
- continue;
96
- }
97
- $currentUser = wp_set_current_user($user->ID);
98
- break;
99
- }
100
- if (empty($currentUser)) {
101
- wp_set_current_user(1);
102
- }
103
- }
104
-
105
- include_once ( ABSPATH . 'wp-admin/includes/admin.php' );
106
-
107
- $actions = array();
108
-
109
- foreach( WPR_API_Request::get_actions() as $action ) {
110
-
111
- // TODO Instead should just fire actions which we hook into.
112
- // TODO should namespace api methods?
113
- switch( $action ) {
114
-
115
- // TODO should be dynamic
116
- case 'get_plugin_version' :
117
-
118
- $actions[$action] = '1.1';
119
-
120
- break;
121
-
122
- case 'get_filesystem_method' :
123
-
124
- $actions[$action] = get_filesystem_method();
125
-
126
- break;
127
-
128
- case 'get_supported_filesystem_methods' :
129
-
130
- $actions[$action] = array();
131
-
132
- if ( extension_loaded( 'ftp' ) || extension_loaded( 'sockets' ) || function_exists( 'fsockopen' ) )
133
- $actions[$action][] = 'ftp';
134
-
135
- if ( extension_loaded( 'ftp' ) )
136
- $actions[$action][] = 'ftps';
137
-
138
- if ( extension_loaded( 'ssh2' ) && function_exists( 'stream_get_contents' ) )
139
- $actions[$action][] = 'ssh';
140
-
141
- break;
142
-
143
- case 'get_wp_version' :
144
-
145
- global $wp_version;
146
-
147
- $actions[$action] = (string) $wp_version;
148
-
149
- break;
150
-
151
- case 'get_constants':
152
-
153
- $constants = array();
154
- if ( is_array( WPR_API_Request::get_arg( 'constants' ) ) ) {
155
-
156
- foreach( WPR_API_Request::get_arg( 'constants' ) as $constant ) {
157
- if ( defined( $constant ) )
158
- $constants[$constant] = constant( $constant );
159
- else
160
- $constants[$constant] = null;
161
- }
162
-
163
- }
164
- $actions[$action] = $constants;
165
-
166
- break;
167
-
168
- case 'upgrade_core' :
169
-
170
- $actions[$action] = _wprp_upgrade_core();
171
-
172
- break;
173
-
174
- case 'get_plugins' :
175
-
176
- $actions[$action] = _wprp_get_plugins();
177
-
178
- break;
179
-
180
- case 'update_plugin' :
181
- case 'upgrade_plugin' :
182
-
183
- $api_args = array(
184
- 'zip_url' => esc_url_raw( WPR_API_Request::get_arg( 'zip_url' ) ),
185
- );
186
- $actions[$action] = _wprp_update_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ), $api_args );
187
-
188
- break;
189
-
190
- case 'install_plugin' :
191
-
192
- $api_args = array(
193
- 'version' => sanitize_text_field( WPR_API_Request::get_arg( 'version' ) ),
194
- );
195
- $actions[$action] = _wprp_install_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ), $api_args );
196
-
197
- break;
198
-
199
- case 'activate_plugin' :
200
-
201
- $actions[$action] = _wprp_activate_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ) );
202
-
203
- break;
204
-
205
- case 'deactivate_plugin' :
206
-
207
- $actions[$action] = _wprp_deactivate_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ) );
208
-
209
- break;
210
-
211
- case 'uninstall_plugin' :
212
-
213
- $actions[$action] = _wprp_uninstall_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ) );
214
-
215
- break;
216
-
217
- case 'get_themes' :
218
-
219
- $actions[$action] = _wprp_get_themes();
220
-
221
- break;
222
-
223
- case 'install_theme':
224
-
225
- $api_args = array(
226
- 'version' => sanitize_text_field( WPR_API_Request::get_arg( 'version' ) ),
227
- );
228
- $actions[$action] = _wprp_install_theme( sanitize_text_field( WPR_API_Request::get_arg( 'theme' ) ), $api_args );
229
-
230
- break;
231
-
232
- case 'activate_theme':
233
-
234
- $actions[$action] = _wprp_activate_theme( sanitize_text_field( WPR_API_Request::get_arg( 'theme' ) ) );
235
-
236
- break;
237
-
238
- case 'update_theme' :
239
- case 'upgrade_theme' : // 'upgrade' is deprecated
240
-
241
- $actions[$action] = _wprp_update_theme( sanitize_text_field( WPR_API_Request::get_arg( 'theme' ) ) );
242
-
243
- break;
244
-
245
- case 'delete_theme':
246
-
247
- $actions[$action] = _wprp_delete_theme( sanitize_text_field( WPR_API_Request::get_arg( 'theme' ) ) );
248
-
249
- break;
250
-
251
- case 'do_backup' :
252
-
253
- if ( in_array( WPR_API_Request::get_arg( 'backup_type' ), array( 'complete', 'database', 'file' ) ) )
254
- WPRP_Backups::get_instance()->set_type( WPR_API_Request::get_arg( 'backup_type' ) );
255
-
256
- if ( WPR_API_Request::get_arg( 'backup_approach' ) && 'file_manifest' == WPR_API_Request::get_arg( 'backup_approach' ) )
257
- WPRP_Backups::get_instance()->set_is_using_file_manifest( true );
258
-
259
- $actions[$action] = WPRP_Backups::get_instance()->do_backup();
260
-
261
- break;
262
-
263
- case 'get_backup' :
264
-
265
- $actions[$action] = WPRP_Backups::get_instance()->get_backup();
266
-
267
- break;
268
-
269
- case 'delete_backup' :
270
-
271
- $actions[$action] = WPRP_Backups::get_instance()->cleanup();
272
-
273
- break;
274
-
275
- case 'backup_heartbeat' :
276
-
277
- WPRP_Backups::get_instance()->set_is_using_file_manifest( true );
278
-
279
- if ( in_array( WPR_API_Request::get_arg( 'backup_type' ), array( 'complete', 'database', 'file' ) ) )
280
- WPRP_Backups::get_instance()->set_type( WPR_API_Request::get_arg( 'backup_type' ) );
281
-
282
- $actions[$action] = WPRP_Backups::get_instance()->backup_heartbeat();
283
-
284
- break;
285
-
286
- case 'supports_backups' :
287
-
288
- $actions[$action] = true;
289
-
290
- break;
291
-
292
- case 'get_site_info' :
293
-
294
- $actions[$action] = array(
295
- 'site_url' => get_site_url(),
296
- 'home_url' => get_home_url(),
297
- 'admin_url' => get_admin_url(),
298
- 'backups' => function_exists( '_wprp_get_backups_info' ) ? _wprp_get_backups_info() : array(),
299
- 'web_host' => _wprp_integration_get_web_host(),
300
- 'summary' => _wprp_get_content_summary(),
301
- );
302
-
303
- break;
304
-
305
- case 'get_option':
306
-
307
- $actions[$action] = get_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ) );
308
-
309
- break;
310
-
311
- case 'update_option':
312
-
313
- $actions[$action] = update_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ), WPR_API_Request::get_arg( 'option_value' ) );
314
-
315
- break;
316
-
317
- case 'delete_option':
318
-
319
- $actions[$action] = delete_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ) );
320
-
321
- break;
322
-
323
- case 'get_posts':
324
-
325
- $arg_keys = array(
326
- /** Author **/
327
- 'author',
328
- 'author_name',
329
- 'author__in',
330
- 'author__not_in',
331
-
332
- /** Category **/
333
- 'cat',
334
- 'category_name',
335
- 'category__and',
336
- 'category__in',
337
- 'category__not_in',
338
-
339
- /** Tag **/
340
- 'tag',
341
- 'tag_id',
342
- 'tag__and',
343
- 'tag__in',
344
- 'tag__not_in',
345
- 'tag_slug__and',
346
- 'tag_slug__in',
347
-
348
- /** Search **/
349
- 's',
350
-
351
- /** Post Attributes **/
352
- 'name',
353
- 'pagename',
354
- 'post_parent',
355
- 'post_parent__in',
356
- 'post_parent__not_in',
357
- 'post__in',
358
- 'post__not_in',
359
- 'post_status',
360
- 'post_type',
361
-
362
- /** Order / Pagination / Etc. **/
363
- 'order',
364
- 'orderby',
365
- 'nopaging',
366
- 'posts_per_page',
367
- 'offset',
368
- 'paged',
369
- 'page',
370
- 'ignore_sticky_posts',
371
- );
372
- $args = array();
373
- foreach( $arg_keys as $arg_key ) {
374
- // Note: WP_Query() supports validation / sanitization
375
- if ( null !== ( $value = WPR_API_Request::get_arg( $arg_key ) ) )
376
- $args[$arg_key] = $value;
377
- }
378
-
379
- $query = new WP_Query;
380
- $query->query( $args );
381
- $actions[$action] = $query->posts;
382
-
383
- break;
384
-
385
- case 'get_post':
386
- case 'delete_post':
387
-
388
- $post_id = (int)WPR_API_Request::get_arg( 'post_id' );
389
- $post = get_post( $post_id );
390
-
391
- if ( ! $post ) {
392
- $actions[$action] = new WP_Error( 'missing-post', __( "No post found.", 'wpremote' ) );
393
- break;
394
- }
395
-
396
- if ( 'get_post' == $action ) {
397
-
398
- $actions[$action] = $post;
399
-
400
- } else if ( 'delete_post' == $action ) {
401
-
402
- $actions[$action] = wp_delete_post( $post_id );
403
-
404
- }
405
-
406
- break;
407
-
408
- case 'create_post':
409
- case 'update_post':
410
-
411
- $arg_keys = array(
412
- 'menu_order',
413
- 'comment_status',
414
- 'ping_status',
415
- 'post_author',
416
- 'post_content',
417
- 'post_date',
418
- 'post_date_gmt',
419
- 'post_excerpt',
420
- 'post_name',
421
- 'post_parent',
422
- 'post_password',
423
- 'post_status',
424
- 'post_title',
425
- 'post_type',
426
- 'tags_input',
427
- );
428
- $args = array();
429
- foreach( $arg_keys as $arg_key ) {
430
- // Note: wp_update_post() supports validation / sanitization
431
- if ( null !== ( $value = WPR_API_Request::get_arg( $arg_key ) ) )
432
- $args[$arg_key] = $value;
433
- }
434
-
435
- if ( 'create_post' == $action ) {
436
-
437
- if ( $post_id = wp_insert_post( $args ) )
438
- $actions[$action] = get_post( $post_id );
439
- else
440
- $actions[$action] = new WP_Error( 'create-post', __( "Error creating post.", 'wpremote' ) );
441
-
442
- } else if ( 'update_post' == $action ) {
443
-
444
- $args['ID'] = (int)WPR_API_Request::get_arg( 'post_id' );
445
-
446
- if ( ! get_post( $args['ID'] ) ) {
447
- $actions[$action] = new WP_Error( 'missing-post', __( "No post found.", 'wpremote' ) );
448
- break;
449
- }
450
-
451
- if ( wp_update_post( $args ) )
452
- $actions[$action] = get_post( $args['ID'] );
453
- else
454
- $actions[$action] = new WP_Error( 'update-post', __( "Error updating post.", 'wpremote' ) );
455
-
456
- }
457
-
458
- break;
459
-
460
- case 'get_metadata':
461
-
462
- $actions[$action] = get_metadata( WPR_API_Request::get_arg( 'meta_type' ), WPR_API_Request::get_arg( 'object_id' ), WPR_API_Request::get_arg( 'meta_key' ), false );
463
-
464
- break;
465
-
466
- case 'add_metadata':
467
-
468
- $actions[$action] = add_metadata( WPR_API_Request::get_arg( 'meta_type' ), WPR_API_Request::get_arg( 'object_id' ), WPR_API_Request::get_arg( 'meta_key' ), WPR_API_Request::get_arg( 'meta_value' ) );
469
-
470
- break;
471
-
472
- case 'update_metadata':
473
-
474
- $actions[$action] = update_metadata( WPR_API_Request::get_arg( 'meta_type' ), WPR_API_Request::get_arg( 'object_id' ), WPR_API_Request::get_arg( 'meta_key' ), WPR_API_Request::get_arg( 'meta_value' ) );
475
-
476
- break;
477
-
478
- case 'delete_metadata':
479
-
480
- $actions[$action] = delete_metadata( WPR_API_Request::get_arg( 'meta_type' ), WPR_API_Request::get_arg( 'object_id' ), WPR_API_Request::get_arg( 'meta_key' ) );
481
-
482
- break;
483
-
484
- case 'get_comments':
485
-
486
- $arg_keys = array(
487
- 'status',
488
- 'orderby',
489
- 'order',
490
- 'post_id',
491
- );
492
- $args = array();
493
- foreach( $arg_keys as $arg_key ) {
494
- // Note: get_comments() supports validation / sanitization
495
- if ( null !== ( $value = WPR_API_Request::get_arg( $arg_key ) ) )
496
- $args[$arg_key] = $value;
497
- }
498
- $actions[$action] = get_comments( $args );
499
-
500
- break;
501
-
502
- case 'get_comment':
503
- case 'delete_comment':
504
-
505
- $comment_id = (int)WPR_API_Request::get_arg( 'comment_id' );
506
- $comment = get_comment( $comment_id );
507
-
508
- if ( ! $comment ) {
509
- $actions[$action] = new WP_Error( 'missing-comment', __( "No comment found.", 'wpremote' ) );
510
- break;
511
- }
512
-
513
- if ( 'get_comment' == $action ) {
514
-
515
- $actions[$action] = $comment;
516
-
517
- } else if ( 'delete_comment' == $action ) {
518
-
519
- $actions[$action] = wp_delete_comment( $comment_id );
520
-
521
- }
522
-
523
- break;
524
-
525
- case 'create_comment':
526
- case 'update_comment':
527
-
528
- $arg_keys = array(
529
- 'comment_post_ID',
530
- 'comment_author',
531
- 'comment_author_email',
532
- 'comment_author_url',
533
- 'comment_date',
534
- 'comment_date_gmt',
535
- 'comment_content',
536
- 'comment_approved',
537
- 'comment_type',
538
- 'comment_parent',
539
- 'user_id'
540
- );
541
- $args = array();
542
- foreach( $arg_keys as $arg_key ) {
543
- // Note: wp_update_comment() supports validation / sanitization
544
- if ( null !== ( $value = WPR_API_Request::get_arg( $arg_key ) ) )
545
- $args[$arg_key] = $value;
546
- }
547
-
548
- if ( 'create_comment' == $action ) {
549
-
550
- if ( $comment_id = wp_insert_comment( $args ) )
551
- $actions[$action] = get_comment( $comment_id );
552
- else
553
- $actions[$action] = new WP_Error( 'create-comment', __( "Error creating comment.", 'wpremote' ) );
554
-
555
- } else if ( 'update_comment' == $action ) {
556
-
557
- $args['comment_ID'] = (int)WPR_API_Request::get_arg( 'comment_id' );
558
-
559
- if ( ! get_comment( $args['comment_ID'] ) ) {
560
- $actions[$action] = new WP_Error( 'missing-comment', __( "No comment found.", 'wpremote' ) );
561
- break;
562
- }
563
-
564
- if ( wp_update_comment( $args ) )
565
- $actions[$action] = get_comment( $args['comment_ID'] );
566
- else
567
- $actions[$action] = new WP_Error( 'update-comment', __( "Error updating comment.", 'wpremote' ) );
568
-
569
- }
570
-
571
- break;
572
-
573
- case 'get_users':
574
-
575
- $arg_keys = array(
576
- 'include',
577
- 'exclude',
578
- 'search',
579
- 'orderby',
580
- 'order',
581
- 'offset',
582
- 'number',
583
- );
584
- $args = array();
585
- foreach( $arg_keys as $arg_key ) {
586
- // Note: get_users() supports validation / sanitization
587
- if ( $value = WPR_API_Request::get_arg( $arg_key ) )
588
- $args[$arg_key] = $value;
589
- }
590
-
591
- $users = array_map( 'wprp_format_user_obj', get_users( $args ) );
592
- $actions[$action] = $users;
593
-
594
- break;
595
-
596
- case 'get_user':
597
- case 'update_user':
598
- case 'delete_user':
599
-
600
- $user_id = (int)WPR_API_Request::get_arg( 'user_id' );
601
- $user = get_user_by( 'id', $user_id );
602
-
603
- if ( ! $user ) {
604
- $actions[$action] = new WP_Error( 'missing-user', "No user found." );
605
- break;
606
- }
607
-
608
- require_once ABSPATH . '/wp-admin/includes/user.php';
609
-
610
- if ( 'get_user' == $action ) {
611
-
612
- $actions[$action] = wprp_format_user_obj( $user );
613
-
614
- } else if ( 'update_user' == $action ) {
615
-
616
- $fields = array(
617
- 'user_email',
618
- 'display_name',
619
- 'first_name',
620
- 'last_name',
621
- 'user_nicename',
622
- 'user_pass',
623
- 'user_url',
624
- 'description'
625
- );
626
- $args = array();
627
- foreach( $fields as $field ) {
628
- // Note: wp_update_user() handles sanitization / validation
629
- if ( null !== ( $value = WPR_API_Request::get_arg( $field ) ) )
630
- $args[$field] = $value;
631
- }
632
- $args['ID'] = $user->ID;
633
- $ret = wp_update_user( $args );
634
- if ( is_wp_error( $ret ) )
635
- $actions[$action] = $ret;
636
- else
637
- $actions[$action] = wprp_format_user_obj( get_user_by( 'id', $ret ) );
638
-
639
- } else if ( 'delete_user' == $action ) {
640
-
641
- $actions[$action] = wp_delete_user( $user->ID );
642
-
643
- }
644
-
645
-
646
- break;
647
-
648
- case 'create_user':
649
-
650
- $args = array(
651
- // Note: wp_insert_user() handles sanitization / validation
652
- 'user_login' => WPR_API_Request::get_arg( 'user_login' ),
653
- 'user_email' => WPR_API_Request::get_arg( 'user_email' ),
654
- 'role' => get_option('default_role'),
655
- 'user_pass' => false,
656
- 'user_registered' => strftime( "%F %T", time() ),
657
- 'display_name' => false,
658
- );
659
- foreach( $args as $key => $value ) {
660
- // Note: wp_insert_user() handles sanitization / validation
661
- if ( null !== ( $new_value = WPR_API_Request::get_arg( $key ) ) )
662
- $args[$key] = $new_value;
663
- }
664
-
665
- if ( ! $args['user_pass'] ) {
666
- $args['user_pass'] = wp_generate_password();
667
- }
668
-
669
- $user_id = wp_insert_user( $args );
670
-
671
- if ( is_wp_error( $user_id ) ) {
672
- $actions[$action] = array( 'status' => 'error', 'error' => $user_id->get_error_message() );
673
- } else {
674
- $actions[$action] = wprp_format_user_obj( get_user_by( 'id', $user_id ) );
675
- }
676
-
677
- break;
678
-
679
- case 'enable_log' :
680
- update_option( 'wprp_enable_log', true );
681
- $actions[$action] = true;
682
- break;
683
-
684
- case 'disable_log' :
685
- delete_option( 'wprp_enable_log' );
686
- $actions[$action] = true;
687
- break;
688
-
689
- case 'get_log' :
690
-
691
- if ( class_exists( 'WPRP_Log' ) ) {
692
- $actions[$action] = WPRP_Log::get_instance()->get_items();
693
- WPRP_Log::get_instance()->delete_items();
694
- } else {
695
- $actions[$action] = new WP_Error( 'log-not-enabled', 'Logging is not enabled' );
696
- }
697
-
698
- break;
699
-
700
- default :
701
-
702
- $actions[$action] = 'not-implemented';
703
-
704
- break;
705
-
706
- }
707
-
708
- }
709
-
710
- foreach ( $actions as $key => $action ) {
711
-
712
- if ( is_wp_error( $action ) ) {
713
-
714
- $actions[$key] = (object) array(
715
- 'errors' => $action->errors
716
- );
717
- }
718
- }
719
-
720
- echo json_encode( $actions );
721
-
722
- exit;
 
 
 
 
1
+ <?php
2
+
3
+ class WPR_API_Request {
4
+
5
+ static $actions = array();
6
+ static $args = array();
7
+
8
+ static function verify_request() {
9
+
10
+ // Check the API Key
11
+ if ( ! wprp_get_api_keys() ) {
12
+
13
+ echo json_encode( 'blank-api-key' );
14
+ exit;
15
+
16
+ } elseif ( isset( $_POST['wpr_verify_key'] ) ) {
17
+
18
+ $verify = $_POST['wpr_verify_key'];
19
+ unset( $_POST['wpr_verify_key'] );
20
+
21
+ $hash = self::generate_hashes( $_POST );
22
+
23
+ if ( ! in_array( $verify, $hash, true ) ) {
24
+ echo json_encode( 'bad-verify-key' );
25
+ exit;
26
+ }
27
+
28
+ if ( (int) $_POST['timestamp'] > time() + 360 || (int) $_POST['timestamp'] < time() - 360 ) {
29
+ echo json_encode( 'bad-timstamp' );
30
+ exit;
31
+ }
32
+
33
+ self::$actions = $_POST['actions'];
34
+ self::$args = $_POST;
35
+
36
+
37
+ } else {
38
+ exit;
39
+ }
40
+
41
+ return true;
42
+
43
+ }
44
+
45
+ static function generate_hashes( $vars ) {
46
+
47
+ $api_key = wprp_get_api_keys();
48
+ if ( ! $api_key )
49
+ return array();
50
+
51
+ $hashes = array();
52
+ foreach( $api_key as $key ) {
53
+ $hashes[] = hash_hmac( 'sha256', serialize( $vars ), $key );
54
+ }
55
+ return $hashes;
56
+
57
+ }
58
+
59
+ static function get_actions() {
60
+ return self::$actions;
61
+ }
62
+
63
+ static function get_args() {
64
+ return self::$args;
65
+ }
66
+
67
+ static function get_arg( $arg ) {
68
+ return ( isset( self::$args[$arg] ) ) ? self::$args[$arg] : null;
69
+ }
70
+ }
71
+
72
+ WPR_API_Request::verify_request();
73
+
74
+ // disable logging for anythign done in API requests
75
+ if ( class_exists( 'WPRP_Log' ) )
76
+ WPRP_Log::get_instance()->disable_logging();
77
+
78
+ // Disable error_reporting so they don't break the json request
79
+ if ( ! defined( 'WP_DEBUG' ) || ! WP_DEBUG )
80
+ error_reporting( 0 );
81
+
82
+ // Temp hack so our requests to verify file size are signed.
83
+ global $wprp_noauth_nonce;
84
+ $wprp_noauth_nonce = wp_create_nonce( 'wprp_calculate_backup_size' );
85
+
86
+ // Log in as admin
87
+ $users_query = new WP_User_Query( array(
88
+ 'role' => 'administrator',
89
+ 'orderby' => 'ID'
90
+ ) );
91
+ wp_set_current_user(1);
92
+ if ($users_query->get_total()) {
93
+ foreach ($users_query->get_results() as $user) {
94
+ if (!$user) {
95
+ continue;
96
+ }
97
+ $currentUser = wp_set_current_user($user->ID);
98
+ break;
99
+ }
100
+ if (empty($currentUser)) {
101
+ wp_set_current_user(1);
102
+ }
103
+ }
104
+
105
+ include_once ( ABSPATH . 'wp-admin/includes/admin.php' );
106
+
107
+ $actions = array();
108
+
109
+ foreach( WPR_API_Request::get_actions() as $action ) {
110
+
111
+ // TODO Instead should just fire actions which we hook into.
112
+ // TODO should namespace api methods?
113
+ switch( $action ) {
114
+
115
+ // TODO should be dynamic
116
+ case 'get_plugin_version' :
117
+
118
+ $actions[$action] = '1.1';
119
+
120
+ break;
121
+
122
+ case 'get_filesystem_method' :
123
+
124
+ $actions[$action] = get_filesystem_method();
125
+
126
+ break;
127
+
128
+ case 'get_supported_filesystem_methods' :
129
+
130
+ $actions[$action] = array();
131
+
132
+ if ( extension_loaded( 'ftp' ) || extension_loaded( 'sockets' ) || function_exists( 'fsockopen' ) )
133
+ $actions[$action][] = 'ftp';
134
+
135
+ if ( extension_loaded( 'ftp' ) )
136
+ $actions[$action][] = 'ftps';
137
+
138
+ if ( extension_loaded( 'ssh2' ) && function_exists( 'stream_get_contents' ) )
139
+ $actions[$action][] = 'ssh';
140
+
141
+ break;
142
+
143
+ case 'get_wp_version' :
144
+
145
+ global $wp_version;
146
+
147
+ $actions[$action] = (string) $wp_version;
148
+
149
+ break;
150
+
151
+ case 'get_constants':
152
+
153
+ $constants = array();
154
+ if ( is_array( WPR_API_Request::get_arg( 'constants' ) ) ) {
155
+
156
+ foreach( WPR_API_Request::get_arg( 'constants' ) as $constant ) {
157
+ if ( defined( $constant ) )
158
+ $constants[$constant] = constant( $constant );
159
+ else
160
+ $constants[$constant] = null;
161
+ }
162
+
163
+ }
164
+ $actions[$action] = $constants;
165
+
166
+ break;
167
+
168
+ case 'upgrade_core' :
169
+
170
+ $actions[$action] = _wprp_upgrade_core();
171
+
172
+ break;
173
+
174
+ case 'get_plugins' :
175
+
176
+ $actions[$action] = _wprp_get_plugins();
177
+
178
+ break;
179
+
180
+ case 'update_plugin' :
181
+ case 'upgrade_plugin' :
182
+
183
+ $api_args = array(
184
+ 'zip_url' => esc_url_raw( WPR_API_Request::get_arg( 'zip_url' ) ),
185
+ );
186
+ $actions[$action] = _wprp_update_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ), $api_args );
187
+
188
+ break;
189
+
190
+ case 'validate_plugin' :
191
+ $actions[$action] = _wprp_validate( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ) );
192
+ break;
193
+
194
+ case 'install_plugin' :
195
+
196
+ $api_args = array(
197
+ 'version' => sanitize_text_field( WPR_API_Request::get_arg( 'version' ) ),
198
+ );
199
+ $actions[$action] = _wprp_install_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ), $api_args );
200
+
201
+ break;
202
+
203
+ case 'activate_plugin' :
204
+
205
+ $actions[$action] = _wprp_activate_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ) );
206
+
207
+ break;
208
+
209
+ case 'deactivate_plugin' :
210
+
211
+ $actions[$action] = _wprp_deactivate_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ) );
212
+
213
+ break;
214
+
215
+ case 'uninstall_plugin' :
216
+
217
+ $actions[$action] = _wprp_uninstall_plugin( sanitize_text_field( WPR_API_Request::get_arg( 'plugin' ) ) );
218
+
219
+ break;
220
+
221
+ case 'get_themes' :
222
+
223
+ $actions[$action] = _wprp_get_themes();
224
+
225
+ break;
226
+
227
+ case 'install_theme':
228
+
229
+ $api_args = array(
230
+ 'version' => sanitize_text_field( WPR_API_Request::get_arg( 'version' ) ),
231
+ );
232
+ $actions[$action] = _wprp_install_theme( sanitize_text_field( WPR_API_Request::get_arg( 'theme' ) ), $api_args );
233
+
234
+ break;
235
+
236
+ case 'activate_theme':
237
+
238
+ $actions[$action] = _wprp_activate_theme( sanitize_text_field( WPR_API_Request::get_arg( 'theme' ) ) );
239
+
240
+ break;
241
+
242
+ case 'update_theme' :
243
+ case 'upgrade_theme' : // 'upgrade' is deprecated
244
+
245
+ $actions[$action] = _wprp_update_theme( sanitize_text_field( WPR_API_Request::get_arg( 'theme' ) ) );
246
+
247
+ break;
248
+
249
+ case 'delete_theme':
250
+
251
+ $actions[$action] = _wprp_delete_theme( sanitize_text_field( WPR_API_Request::get_arg( 'theme' ) ) );
252
+
253
+ break;
254
+
255
+ case 'do_backup' :
256
+
257
+ if ( in_array( WPR_API_Request::get_arg( 'backup_type' ), array( 'complete', 'database', 'file' ) ) )
258
+ WPRP_Backups::get_instance()->set_type( WPR_API_Request::get_arg( 'backup_type' ) );
259
+
260
+ if ( WPR_API_Request::get_arg( 'backup_approach' ) && 'file_manifest' == WPR_API_Request::get_arg( 'backup_approach' ) )
261
+ WPRP_Backups::get_instance()->set_is_using_file_manifest( true );
262
+
263
+ $actions[$action] = WPRP_Backups::get_instance()->do_backup();
264
+
265
+ break;
266
+
267
+ case 'get_backup' :
268
+
269
+ $actions[$action] = WPRP_Backups::get_instance()->get_backup();
270
+
271
+ break;
272
+
273
+ case 'delete_backup' :
274
+
275
+ $actions[$action] = WPRP_Backups::get_instance()->cleanup();
276
+
277
+ break;
278
+
279
+ case 'backup_heartbeat' :
280
+
281
+ WPRP_Backups::get_instance()->set_is_using_file_manifest( true );
282
+
283
+ if ( in_array( WPR_API_Request::get_arg( 'backup_type' ), array( 'complete', 'database', 'file' ) ) )
284
+ WPRP_Backups::get_instance()->set_type( WPR_API_Request::get_arg( 'backup_type' ) );
285
+
286
+ $actions[$action] = WPRP_Backups::get_instance()->backup_heartbeat();
287
+
288
+ break;
289
+
290
+ case 'supports_backups' :
291
+
292
+ $actions[$action] = true;
293
+
294
+ break;
295
+
296
+ case 'get_site_info' :
297
+
298
+ $actions[$action] = array(
299
+ 'site_url' => get_site_url(),
300
+ 'home_url' => get_home_url(),
301
+ 'admin_url' => get_admin_url(),
302
+ 'backups' => function_exists( '_wprp_get_backups_info' ) ? _wprp_get_backups_info() : array(),
303
+ 'web_host' => _wprp_integration_get_web_host(),
304
+ 'summary' => _wprp_get_content_summary(),
305
+ );
306
+
307
+ break;
308
+
309
+ case 'get_option':
310
+
311
+ $actions[$action] = get_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ) );
312
+
313
+ break;
314
+
315
+ case 'update_option':
316
+
317
+ $actions[$action] = update_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ), WPR_API_Request::get_arg( 'option_value' ) );
318
+
319
+ break;
320
+
321
+ case 'delete_option':
322
+
323
+ $actions[$action] = delete_option( sanitize_text_field( WPR_API_Request::get_arg( 'option_name' ) ) );
324
+
325
+ break;
326
+
327
+ case 'get_posts':
328
+
329
+ $arg_keys = array(
330
+ /** Author **/
331
+ 'author',
332
+ 'author_name',
333
+ 'author__in',
334
+ 'author__not_in',
335
+
336
+ /** Category **/
337
+ 'cat',
338
+ 'category_name',
339
+ 'category__and',
340
+ 'category__in',
341
+ 'category__not_in',
342
+
343
+ /** Tag **/
344
+ 'tag',
345
+ 'tag_id',
346
+ 'tag__and',
347
+ 'tag__in',
348
+ 'tag__not_in',
349
+ 'tag_slug__and',
350
+ 'tag_slug__in',
351
+
352
+ /** Search **/
353
+ 's',
354
+
355
+ /** Post Attributes **/
356
+ 'name',
357
+ 'pagename',
358
+ 'post_parent',
359
+ 'post_parent__in',
360
+ 'post_parent__not_in',
361
+ 'post__in',
362
+ 'post__not_in',
363
+ 'post_status',
364
+ 'post_type',
365
+
366
+ /** Order / Pagination / Etc. **/
367
+ 'order',
368
+ 'orderby',
369
+ 'nopaging',
370
+ 'posts_per_page',
371
+ 'offset',
372
+ 'paged',
373
+ 'page',
374
+ 'ignore_sticky_posts',
375
+ );
376
+ $args = array();
377
+ foreach( $arg_keys as $arg_key ) {
378
+ // Note: WP_Query() supports validation / sanitization
379
+ if ( null !== ( $value = WPR_API_Request::get_arg( $arg_key ) ) )
380
+ $args[$arg_key] = $value;
381
+ }
382
+
383
+ $query = new WP_Query;
384
+ $query->query( $args );
385
+ $actions[$action] = $query->posts;
386
+
387
+ break;
388
+
389
+ case 'get_post':
390
+ case 'delete_post':
391
+
392
+ $post_id = (int)WPR_API_Request::get_arg( 'post_id' );
393
+ $post = get_post( $post_id );
394
+
395
+ if ( ! $post ) {
396
+ $actions[$action] = new WP_Error( 'missing-post', __( "No post found.", 'wpremote' ) );
397
+ break;
398
+ }
399
+
400
+ if ( 'get_post' == $action ) {
401
+
402
+ $actions[$action] = $post;
403
+
404
+ } else if ( 'delete_post' == $action ) {
405
+
406
+ $actions[$action] = wp_delete_post( $post_id );
407
+
408
+ }
409
+
410
+ break;
411
+
412
+ case 'create_post':
413
+ case 'update_post':
414
+
415
+ $arg_keys = array(
416
+ 'menu_order',
417
+ 'comment_status',
418
+ 'ping_status',
419
+ 'post_author',
420
+ 'post_content',
421
+ 'post_date',
422
+ 'post_date_gmt',
423
+ 'post_excerpt',
424
+ 'post_name',
425
+ 'post_parent',
426
+ 'post_password',
427
+ 'post_status',
428
+ 'post_title',
429
+ 'post_type',
430
+ 'tags_input',
431
+ );
432
+ $args = array();
433
+ foreach( $arg_keys as $arg_key ) {
434
+ // Note: wp_update_post() supports validation / sanitization
435
+ if ( null !== ( $value = WPR_API_Request::get_arg( $arg_key ) ) )
436
+ $args[$arg_key] = $value;
437
+ }
438
+
439
+ if ( 'create_post' == $action ) {
440
+
441
+ if ( $post_id = wp_insert_post( $args ) )
442
+ $actions[$action] = get_post( $post_id );
443
+ else
444
+ $actions[$action] = new WP_Error( 'create-post', __( "Error creating post.", 'wpremote' ) );
445
+
446
+ } else if ( 'update_post' == $action ) {
447
+
448
+ $args['ID'] = (int)WPR_API_Request::get_arg( 'post_id' );
449
+
450
+ if ( ! get_post( $args['ID'] ) ) {
451
+ $actions[$action] = new WP_Error( 'missing-post', __( "No post found.", 'wpremote' ) );
452
+ break;
453
+ }
454
+
455
+ if ( wp_update_post( $args ) )
456
+ $actions[$action] = get_post( $args['ID'] );
457
+ else
458
+ $actions[$action] = new WP_Error( 'update-post', __( "Error updating post.", 'wpremote' ) );
459
+
460
+ }
461
+
462
+ break;
463
+
464
+ case 'get_metadata':
465
+
466
+ $actions[$action] = get_metadata( WPR_API_Request::get_arg( 'meta_type' ), WPR_API_Request::get_arg( 'object_id' ), WPR_API_Request::get_arg( 'meta_key' ), false );
467
+
468
+ break;
469
+
470
+ case 'add_metadata':
471
+
472
+ $actions[$action] = add_metadata( WPR_API_Request::get_arg( 'meta_type' ), WPR_API_Request::get_arg( 'object_id' ), WPR_API_Request::get_arg( 'meta_key' ), WPR_API_Request::get_arg( 'meta_value' ) );
473
+
474
+ break;
475
+
476
+ case 'update_metadata':
477
+
478
+ $actions[$action] = update_metadata( WPR_API_Request::get_arg( 'meta_type' ), WPR_API_Request::get_arg( 'object_id' ), WPR_API_Request::get_arg( 'meta_key' ), WPR_API_Request::get_arg( 'meta_value' ) );
479
+
480
+ break;
481
+
482
+ case 'delete_metadata':
483
+
484
+ $actions[$action] = delete_metadata( WPR_API_Request::get_arg( 'meta_type' ), WPR_API_Request::get_arg( 'object_id' ), WPR_API_Request::get_arg( 'meta_key' ) );
485
+
486
+ break;
487
+
488
+ case 'get_comments':
489
+
490
+ $arg_keys = array(
491
+ 'status',
492
+ 'orderby',
493
+ 'order',
494
+ 'post_id',
495
+ );
496
+ $args = array();
497
+ foreach( $arg_keys as $arg_key ) {
498
+ // Note: get_comments() supports validation / sanitization
499
+ if ( null !== ( $value = WPR_API_Request::get_arg( $arg_key ) ) )
500
+ $args[$arg_key] = $value;
501
+ }
502
+ $actions[$action] = get_comments( $args );
503
+
504
+ break;
505
+
506
+ case 'get_comment':
507
+ case 'delete_comment':
508
+
509
+ $comment_id = (int)WPR_API_Request::get_arg( 'comment_id' );
510
+ $comment = get_comment( $comment_id );
511
+
512
+ if ( ! $comment ) {
513
+ $actions[$action] = new WP_Error( 'missing-comment', __( "No comment found.", 'wpremote' ) );
514
+ break;
515
+ }
516
+
517
+ if ( 'get_comment' == $action ) {
518
+
519
+ $actions[$action] = $comment;
520
+
521
+ } else if ( 'delete_comment' == $action ) {
522
+
523
+ $actions[$action] = wp_delete_comment( $comment_id );
524
+
525
+ }
526
+
527
+ break;
528
+
529
+ case 'create_comment':
530
+ case 'update_comment':
531
+
532
+ $arg_keys = array(
533
+ 'comment_post_ID',
534
+ 'comment_author',
535
+ 'comment_author_email',
536
+ 'comment_author_url',
537
+ 'comment_date',
538
+ 'comment_date_gmt',
539
+ 'comment_content',
540
+ 'comment_approved',
541
+ 'comment_type',
542
+ 'comment_parent',
543
+ 'user_id'
544
+ );
545
+ $args = array();
546
+ foreach( $arg_keys as $arg_key ) {
547
+ // Note: wp_update_comment() supports validation / sanitization
548
+ if ( null !== ( $value = WPR_API_Request::get_arg( $arg_key ) ) )
549
+ $args[$arg_key] = $value;
550
+ }
551
+
552
+ if ( 'create_comment' == $action ) {
553
+
554
+ if ( $comment_id = wp_insert_comment( $args ) )
555
+ $actions[$action] = get_comment( $comment_id );
556
+ else
557
+ $actions[$action] = new WP_Error( 'create-comment', __( "Error creating comment.", 'wpremote' ) );
558
+
559
+ } else if ( 'update_comment' == $action ) {
560
+
561
+ $args['comment_ID'] = (int)WPR_API_Request::get_arg( 'comment_id' );
562
+
563
+ if ( ! get_comment( $args['comment_ID'] ) ) {
564
+ $actions[$action] = new WP_Error( 'missing-comment', __( "No comment found.", 'wpremote' ) );
565
+ break;
566
+ }
567
+
568
+ if ( wp_update_comment( $args ) )
569
+ $actions[$action] = get_comment( $args['comment_ID'] );
570
+ else
571
+ $actions[$action] = new WP_Error( 'update-comment', __( "Error updating comment.", 'wpremote' ) );
572
+
573
+ }
574
+
575
+ break;
576
+
577
+ case 'get_users':
578
+
579
+ $arg_keys = array(
580
+ 'include',
581
+ 'exclude',
582
+ 'search',
583
+ 'orderby',
584
+ 'order',
585
+ 'offset',
586
+ 'number',
587
+ );
588
+ $args = array();
589
+ foreach( $arg_keys as $arg_key ) {
590
+ // Note: get_users() supports validation / sanitization
591
+ if ( $value = WPR_API_Request::get_arg( $arg_key ) )
592
+ $args[$arg_key] = $value;
593
+ }
594
+
595
+ $users = array_map( 'wprp_format_user_obj', get_users( $args ) );
596
+ $actions[$action] = $users;
597
+
598
+ break;
599
+
600
+ case 'get_user':
601
+ case 'update_user':
602
+ case 'delete_user':
603
+
604
+ $user_id = (int)WPR_API_Request::get_arg( 'user_id' );
605
+ $user = get_user_by( 'id', $user_id );
606
+
607
+ if ( ! $user ) {
608
+ $actions[$action] = new WP_Error( 'missing-user', "No user found." );
609
+ break;
610
+ }
611
+
612
+ require_once ABSPATH . '/wp-admin/includes/user.php';
613
+
614
+ if ( 'get_user' == $action ) {
615
+
616
+ $actions[$action] = wprp_format_user_obj( $user );
617
+
618
+ } else if ( 'update_user' == $action ) {
619
+
620
+ $fields = array(
621
+ 'user_email',
622
+ 'display_name',
623
+ 'first_name',
624
+ 'last_name',
625
+ 'user_nicename',
626
+ 'user_pass',
627
+ 'user_url',
628
+ 'description'
629
+ );
630
+ $args = array();
631
+ foreach( $fields as $field ) {
632
+ // Note: wp_update_user() handles sanitization / validation
633
+ if ( null !== ( $value = WPR_API_Request::get_arg( $field ) ) )
634
+ $args[$field] = $value;
635
+ }
636
+ $args['ID'] = $user->ID;
637
+ $ret = wp_update_user( $args );
638
+ if ( is_wp_error( $ret ) )
639
+ $actions[$action] = $ret;
640
+ else
641
+ $actions[$action] = wprp_format_user_obj( get_user_by( 'id', $ret ) );
642
+
643
+ } else if ( 'delete_user' == $action ) {
644
+
645
+ $actions[$action] = wp_delete_user( $user->ID );
646
+
647
+ }
648
+
649
+
650
+ break;
651
+
652
+ case 'create_user':
653
+
654
+ $args = array(
655
+ // Note: wp_insert_user() handles sanitization / validation
656
+ 'user_login' => WPR_API_Request::get_arg( 'user_login' ),
657
+ 'user_email' => WPR_API_Request::get_arg( 'user_email' ),
658
+ 'role' => get_option('default_role'),
659
+ 'user_pass' => false,
660
+ 'user_registered' => strftime( "%F %T", time() ),
661
+ 'display_name' => false,
662
+ );
663
+ foreach( $args as $key => $value ) {
664
+ // Note: wp_insert_user() handles sanitization / validation
665
+ if ( null !== ( $new_value = WPR_API_Request::get_arg( $key ) ) )
666
+ $args[$key] = $new_value;
667
+ }
668
+
669
+ if ( ! $args['user_pass'] ) {
670
+ $args['user_pass'] = wp_generate_password();
671
+ }
672
+
673
+ $user_id = wp_insert_user( $args );
674
+
675
+ if ( is_wp_error( $user_id ) ) {
676
+ $actions[$action] = array( 'status' => 'error', 'error' => $user_id->get_error_message() );
677
+ } else {
678
+ $actions[$action] = wprp_format_user_obj( get_user_by( 'id', $user_id ) );
679
+ }
680
+
681
+ break;
682
+
683
+ case 'enable_log' :
684
+ update_option( 'wprp_enable_log', true );
685
+ $actions[$action] = true;
686
+ break;
687
+
688
+ case 'disable_log' :
689
+ delete_option( 'wprp_enable_log' );
690
+ $actions[$action] = true;
691
+ break;
692
+
693
+ case 'get_log' :
694
+
695
+ if ( class_exists( 'WPRP_Log' ) ) {
696
+ $actions[$action] = WPRP_Log::get_instance()->get_items();
697
+ WPRP_Log::get_instance()->delete_items();
698
+ } else {
699
+ $actions[$action] = new WP_Error( 'log-not-enabled', 'Logging is not enabled' );
700
+ }
701
+
702
+ break;
703
+
704
+ default :
705
+
706
+ $actions[$action] = 'not-implemented';
707
+
708
+ break;
709
+
710
+ }
711
+
712
+ }
713
+
714
+ foreach ( $actions as $key => $action ) {
715
+
716
+ if ( is_wp_error( $action ) ) {
717
+
718
+ $actions[$key] = (object) array(
719
+ 'errors' => $action->errors
720
+ );
721
+ }
722
+ }
723
+
724
+ echo json_encode( $actions );
725
+
726
+ exit;
wprp.plugins.php CHANGED
@@ -79,8 +79,9 @@ function _wprp_get_plugins() {
79
  * Update a plugin
80
  *
81
  * @access private
82
- * @param mixed $plugin
83
- * @return array
 
84
  */
85
  function _wprp_update_plugin( $plugin_file, $args ) {
86
  global $wprp_zip_update;
@@ -159,8 +160,15 @@ function _wprp_update_plugin( $plugin_file, $args ) {
159
  if ( $is_active )
160
  activate_plugin( $plugin_file, '', $is_active_network, true );
161
 
162
- if ( ! empty( $skin->error ) ) {
163
- return new WP_Error('plugin-upgrader-skin', $upgrader->strings[$skin->error]);
 
 
 
 
 
 
 
164
  } else if ( is_wp_error( $result ) ) {
165
  return $result;
166
  } else if ( ( ! $result && ! is_null( $result ) ) || $data ) {
@@ -177,6 +185,30 @@ function _wprp_update_plugin( $plugin_file, $args ) {
177
  return array( 'status' => 'success', 'active_status' => $active_status );
178
  }
179
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
180
  /**
181
  * Filter `update_plugins` to produce a response it will understand
182
  * so we can have the Upgrader skin handle the update
79
  * Update a plugin
80
  *
81
  * @access private
82
+ * @param $plugin_file
83
+ * @param $args
84
+ * @return array|WP_Error
85
  */
86
  function _wprp_update_plugin( $plugin_file, $args ) {
87
  global $wprp_zip_update;
160
  if ( $is_active )
161
  activate_plugin( $plugin_file, '', $is_active_network, true );
162
 
163
+ if ( ! empty( $skin->error ) ) {
164
+ $msg = $upgrader->strings[$skin->error];
165
+ if (is_wp_error($skin->error)) {
166
+ $msg = $skin->error->get_error_message();
167
+ }
168
+ if (empty($msg)) {
169
+ $msg = __('Unknown error updating plugin.', 'wpremote');
170
+ }
171
+ return new WP_Error('plugin-upgrader-skin', $msg);
172
  } else if ( is_wp_error( $result ) ) {
173
  return $result;
174
  } else if ( ( ! $result && ! is_null( $result ) ) || $data ) {
185
  return array( 'status' => 'success', 'active_status' => $active_status );
186
  }
187
 
188
+ /**
189
+ * Validate Plugin Update
190
+ *
191
+ * @param $plugin_file
192
+ * @return array|WP_Error
193
+ */
194
+ function _wprp_validate($plugin_file)
195
+ {
196
+ $plugin_status = false;
197
+ foreach( get_plugins() as $path => $maybe_plugin ) {
198
+ if ( $path == $plugin_file ) {
199
+ $plugin_status = true;
200
+ break;
201
+ }
202
+ }
203
+ if (!$plugin_status) {
204
+ return new WP_Error('plugin-missing', __('Plugin has gone missing.', 'wpremote'));
205
+ }
206
+ return array(
207
+ 'status' => 'success',
208
+ 'plugin_status' => is_plugin_active( $plugin_file )
209
+ );
210
+ }
211
+
212
  /**
213
  * Filter `update_plugins` to produce a response it will understand
214
  * so we can have the Upgrader skin handle the update