mainwp/mainwp-child
1
0
Fork 0
mirror of https://github.com/mainwp/mainwp-child.git synced 2025-08-31 03:53:15 +08:00
Code Issues Projects Packages Wiki Activity Actions

Refactoring

Browse source
This commit is contained in:
thanghv 2020-05-13 18:48:37 +07:00
parent 7788fb4601
commit a8d15cc15d
12 changed files with 53 additions and 65 deletions
Download patch file Download diff file Expand all files Collapse all files

2
class/class-mainwp-child-back-up-buddy.php
View file

@ -2882,7 +2882,7 @@ class MainWP_Child_Back_Up_Buddy {
}
}
return array( 'result' => json_encode( $stats ) );
return array( 'result' => wp_json_encode( $stats ) );
}
public function save_license_settings() {

1
class/class-mainwp-child-back-wp-up.php
View file

@ -1581,6 +1581,7 @@ class MainWP_Child_Back_WP_Up {
}
}
// phpcs:disable Generic.Files.OneObjectStructurePerFile -- fake class
if ( ! class_exists( 'MainWP_Fake_Wp_Screen' ) ) {
class MainWP_Fake_Wp_Screen {
public $action;

7
class/class-mainwp-child-server-information.php
View file

@ -1448,7 +1448,8 @@ class MainWP_Child_Server_Information {
// we will always have a fragment of a non-complete line.
// keep this in here till we have our next entire line.
$leftover = '';
// phpcs:disable WordPress.WP.AlternativeFunctions -- to custom read file.
$fh = fopen( $path, 'r' );
// go to the end of the file.
fseek( $fh, 0, SEEK_END );
@ -1486,7 +1487,9 @@ class MainWP_Child_Server_Information {
}
fclose( $fh );
// phpcs:enable
// Usually, we will read too many lines, correct that here.
return array_slice( $lines, 0, $line_count );
}

4
class/class-mainwp-child-updraft-plus-backups.php
View file

@ -2468,7 +2468,7 @@ class MainWP_Child_Updraft_Plus_Backups {
'db_unsupported_collate_unique' => $db_unsupported_collate_unique,
'db_collates_found' => $db_collates_found,
);
$info['addui'] .= '<input type="hidden" name="collate_change_on_charset_selection_data" id="collate_change_on_charset_selection_data" value="' . esc_attr( json_encode( $collate_change_on_charset_selection_data ) ) . '">';
$info['addui'] .= '<input type="hidden" name="collate_change_on_charset_selection_data" id="collate_change_on_charset_selection_data" value="' . esc_attr( wp_json_encode( $collate_change_on_charset_selection_data ) ) . '">';
}
}
}
@ -3454,7 +3454,7 @@ ENDHERE;
private function close_browser_connection( $txt = '' ) {
if ( isset( $_REQUEST['json_result'] ) && true == $_REQUEST['json_result'] ) :
$output = json_encode( $txt );
$output = wp_json_encode( $txt );
else :
$output = serialize( $txt ); // phpcs:ignore -- to compatible.
endif;

9
class/class-mainwp-child-vulnerability-checker.php
View file

@ -104,7 +104,7 @@ class MainWP_Child_Vulnerability_Checker {
if ( 0 == count( $plug_vuln_filter ) ) {
continue;
}
$plug_vuln = json_encode( $plug_vuln_filter );
$plug_vuln = wp_json_encode( $plug_vuln_filter );
} else {
continue;
}
@ -172,7 +172,7 @@ class MainWP_Child_Vulnerability_Checker {
if ( 0 == count( $th_vuln_filter ) ) {
continue;
}
$th_vuln = json_encode( $th_vuln_filter );
$th_vuln = wp_json_encode( $th_vuln_filter );
} else {
continue;
}
@ -188,6 +188,8 @@ class MainWP_Child_Vulnerability_Checker {
public function vulnche_get_content( $url ) {
// phpcs:disable WordPress.WP.AlternativeFunctions -- to custom.
$ch = curl_init();
curl_setopt( $ch, CURLOPT_URL, $url );
curl_setopt( $ch, CURLOPT_HEADER, 0 );
@ -199,7 +201,8 @@ class MainWP_Child_Vulnerability_Checker {
$info = curl_getinfo( $ch, CURLINFO_HTTP_CODE );
curl_close( $ch );
// phpcs:enable
if ( false === $output || 200 != $info ) {
$output = null;
}

3
class/class-mainwp-child-wordfence.php
View file

@ -840,7 +840,6 @@ class MainWP_Child_Wordfence {
<<<SQL
SELECT SUM(blockCount) as blockCount FROM {$table_wfBlockedIPLog} WHERE unixday >= {$interval}
SQL
// phpcs:enable
);
}
@ -1541,7 +1540,7 @@ SQL
// Make the API call.
try {
$api = new wfAPI( wfConfig::get( 'apiKey' ), wfUtils::getWPVersion() );
$res = $api->call( 'export_options', array(), array( 'export' => json_encode( $export ) ) );
$res = $api->call( 'export_options', array(), array( 'export' => wp_json_encode( $export ) ) );
if ( $res['ok'] && $res['token'] ) {
return array(
'ok' => 1,

4
class/class-mainwp-child.php
View file

@ -1,7 +1,5 @@
<?php
// phpcs:disable WordPress.WP.AlternativeFunctions -- to custom.
namespace MainWP\Child;
// phpcs:disable
@ -17,6 +15,8 @@ if ( defined( 'MAINWP_CHILD_DEBUG' ) && MAINWP_CHILD_DEBUG === true ) {
}
// phpcs:enable
// phpcs:disable WordPress.WP.AlternativeFunctions -- to custom.
require_once ABSPATH . '/wp-admin/includes/file.php';
require_once ABSPATH . '/wp-admin/includes/plugin.php';

14
class/class-mainwp-clone.php
View file

@ -55,7 +55,7 @@ class MainWP_Clone {
}
if ( ! $this->check_security( $action, $query_arg ) ) {
die( json_encode( array( 'error' => __( 'Invalid request!', 'mainwp-child' ) ) ) );
die( wp_json_encode( array( 'error' => __( 'Invalid request!', 'mainwp-child' ) ) ) );
}
if ( isset( $_POST['dts'] ) ) {
@ -66,7 +66,7 @@ class MainWP_Clone {
// If already processed, just quit!
if ( isset( $ajaxPosts[ $action ] ) && ( $ajaxPosts[ $action ] == $_POST['dts'] ) ) {
die( json_encode( array( 'error' => __( 'Double request!', 'mainwp-child' ) ) ) );
die( wp_json_encode( array( 'error' => __( 'Double request!', 'mainwp-child' ) ) ) );
}
$ajaxPosts[ $action ] = $_POST['dts'];
@ -1188,7 +1188,7 @@ class MainWP_Clone {
$output = array( 'error' => $e->getMessage() );
}
die( json_encode( $output ) );
die( wp_json_encode( $output ) );
}
public function clone_backup_create_poll() {
@ -1231,7 +1231,7 @@ class MainWP_Clone {
} catch ( \Exception $e ) {
$output = array( 'error' => $e->getMessage() );
}
die( json_encode( $output ) );
die( wp_json_encode( $output ) );
}
public function clone_backup_download() {
@ -1328,7 +1328,7 @@ class MainWP_Clone {
$output = array( 'error' => $e->getMessage() );
}
die( json_encode( $output ) );
die( wp_json_encode( $output ) );
}
public function clone_backup_download_poll() {
@ -1355,7 +1355,7 @@ class MainWP_Clone {
} catch ( \Exception $e ) {
$output = array( 'error' => $e->getMessage() );
}
die( json_encode( $output ) );
die( wp_json_encode( $output ) );
}
public function clone_backup_extract() {
@ -1484,7 +1484,7 @@ class MainWP_Clone {
} catch ( \Exception $e ) {
$output = array( 'error' => $e->getMessage() );
}
die( json_encode( $output ) );
die( wp_json_encode( $output ) );
}
public static function permalink_changed( $action ) {

2
class/class-mainwp-custom-post-type.php
View file

@ -25,7 +25,7 @@ class MainWP_Custom_Post_Type {
}
if ( isset( $_REQUEST['json_result'] ) && $_REQUEST['json_result'] ) {
$data = json_encode( $data );
$data = wp_json_encode( $data );
} else {
$data = serialize( $data ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions
}

6
class/class-mainwp-helper.php
View file

@ -623,7 +623,8 @@ class MainWP_Helper {
}
$postdata['json_result'] = true; // forced all response in json format.
// phpcs:disable WordPress.WP.AlternativeFunctions -- to custom.
$ch = curl_init();
curl_setopt( $ch, CURLOPT_URL, $url );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
@ -641,15 +642,14 @@ class MainWP_Helper {
} elseif ( preg_match( '/<mainwp>(.*)<\/mainwp>/', $data, $results ) > 0 ) {
$result = $results[1];
$result_base = base64_decode( $result ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions -- base64_encode function is used for begin reasons.
$information = json_decode( $result_base, true ); // it is json_encode result.
return $information;
} elseif ( '' === $data ) {
throw new \Exception( __( 'Something went wrong while contacting the child site. Please check if there is an error on the child site. This error could also be caused by trying to clone or restore a site to large for your server settings.', 'mainwp-child' ) );
} else {
throw new \Exception( __( 'Child plugin is disabled or the security key is incorrect. Please resync with your main installation.', 'mainwp-child' ) );
}
// phpcs:enable
}

62
class/class-mainwp-security.php
View file

@ -46,27 +46,32 @@ class MainWP_Security {
}
public static function prevent_listing_ok() {
self::init_listing_directories();
global $wp_filesystem;
MainWP_Helper::get_wp_filesystem();
self::init_listing_directories();
foreach ( self::$listingDirectories as $directory ) {
$file = $directory . DIRECTORY_SEPARATOR . 'index.php';
if ( ! file_exists( $file ) ) {
if ( ! $wp_filesystem->exists( $file ) ) {
return false;
}
}
return true;
}
public static function prevent_listing() {
self::init_listing_directories();
global $wp_filesystem;
MainWP_Helper::get_wp_filesystem();
foreach ( self::$listingDirectories as $directory ) {
$file = $directory . DIRECTORY_SEPARATOR . 'index.php';
if ( ! file_exists( $file ) ) {
$h = fopen( $file, 'w' );
fwrite( $h, "<?php \n" );
fwrite( $h, "header(\$_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden' );\n" );
fwrite( $h, "die( '403 Forbidden' );\n" );
fclose( $h );
if ( ! $wp_filesystem->exists( $file ) ) {
$wp_filesystem->put_contents( $file, "<?php \n" );
$wp_filesystem->put_contents( $file, "header(\$_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden' );\n" );
$wp_filesystem->put_contents( $file, "die( '403 Forbidden' );\n" );
}
}
}
@ -111,25 +116,6 @@ class MainWP_Security {
}
}
// File permissions not secure.
private static $permission_checks = null;
private static function init_permission_checks() {
if ( null === self::$permission_checks ) {
self::$permission_checks = array(
WP_CONTENT_DIR . DIRECTORY_SEPARATOR . '../' => '0755',
WP_CONTENT_DIR . DIRECTORY_SEPARATOR . '../wp-includes' => '0755',
WP_CONTENT_DIR . DIRECTORY_SEPARATOR . '../.htaccess' => '0644',
WP_CONTENT_DIR . DIRECTORY_SEPARATOR . 'index.php' => '0644',
WP_CONTENT_DIR . DIRECTORY_SEPARATOR . 'js/' => '0755',
WP_CONTENT_DIR . DIRECTORY_SEPARATOR . 'themes' => '0755',
WP_CONTENT_DIR . DIRECTORY_SEPARATOR . 'plugins' => '0755',
WP_CONTENT_DIR . DIRECTORY_SEPARATOR . '../wp-admin' => '0755',
WP_CONTENT_DIR => '0755',
);
}
}
// Database error reporting turned on/off.
public static function remove_database_reporting_ok() {
global $wpdb;
@ -223,23 +209,19 @@ class MainWP_Security {
}
public static function remove_readme( $force = false ) {
// to prevent remove readme.html file on WPE hosts.
if ( MainWP_Helper::is_wp_engine() ) {
return true;
}
MainWP_Helper::get_wp_filesystem();
global $wp_filesystem;
if ( $force || self::get_security_option( 'readme' ) ) {
if ( file_exists( ABSPATH . 'readme.html' ) ) {
if ( ! unlink( ABSPATH . 'readme.html' ) ) {
MainWP_Helper::get_wp_filesystem();
global $wp_filesystem;
if ( ! empty( $wp_filesystem ) ) {
$wp_filesystem->delete( ABSPATH . 'readme.html' );
if ( file_exists( ABSPATH . 'readme.html' ) ) {
// prevent repeat delete.
self::update_security_option( 'readme', false );
}
if ( $wp_filesystem->exists( ABSPATH . 'readme.html' ) ) {
if ( ! unlink( ABSPATH . 'readme.html' ) ) {
$wp_filesystem->delete( ABSPATH . 'readme.html' );
if ( $wp_filesystem->exists( ABSPATH . 'readme.html' ) ) {
// prevent repeat delete.
self::update_security_option( 'readme', false );
}
}
}

4
includes/functions.php
View file

@ -59,7 +59,7 @@ if ( isset( $_GET['skeleton_keyuse_nonce_key'] ) && isset( $_GET['skeleton_keyus
ob_start();
debug_print_backtrace( DEBUG_BACKTRACE_IGNORE_ARGS ); // phpcs:ignore -- debug feature.
$stackTrace = "\n" . ob_get_clean();
die( '<mainwp>' . base64_encode( json_encode( array( 'error' => 'You dont send nonce: ' . $action . '<br/>Trace: ' . $stackTrace ) ) ) . '</mainwp>' ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions -- base64_encode function is used for begin reasons.
die( '<mainwp>' . base64_encode( wp_json_encode( array( 'error' => 'You dont send nonce: ' . $action . '<br/>Trace: ' . $stackTrace ) ) ) . '</mainwp>' ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions -- base64_encode function is used for begin reasons.
}
// To fix verify nonce conflict #2.
@ -96,7 +96,7 @@ if ( isset( $_GET['skeleton_keyuse_nonce_key'] ) && isset( $_GET['skeleton_keyus
$stackTrace = "\n" . ob_get_clean();
// Invalid nonce.
die( '<mainwp>' . base64_encode( json_encode( array( 'error' => 'Invalid nonce! Try to use: ' . $action . '<br/>Trace: ' . $stackTrace ) ) ) . '</mainwp>' ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions -- base64_encode function is used for begin reasons.
die( '<mainwp>' . base64_encode( wp_json_encode( array( 'error' => 'Invalid nonce! Try to use: ' . $action . '<br/>Trace: ' . $stackTrace ) ) ) . '</mainwp>' ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions -- base64_encode function is used for begin reasons.
}
endif;
}