/**
 * Creates blank index.php and .htaccess files
 *
 * This function runs approximately once per month in order to ensure all folders
 * have their necessary protection files
 *
 * @since 1.1.5
 *
 * @param bool $force
 * @param bool $method
 */
function edd_create_protection_files($force = false, $method = false)
{
    if (false === get_transient('edd_check_protection_files') || $force) {
        $upload_path = edd_get_upload_dir();
        // Make sure the /edd folder is created
        wp_mkdir_p($upload_path);
        // Top level .htaccess file
        $rules = edd_get_htaccess_rules($method);
        if (edd_htaccess_exists()) {
            $contents = @file_get_contents($upload_path . '/.htaccess');
            if ($contents !== $rules || !$contents) {
                // Update the .htaccess rules if they don't match
                @file_put_contents($upload_path . '/.htaccess', $rules);
            }
        } elseif (wp_is_writable($upload_path)) {
            // Create the file if it doesn't exist
            @file_put_contents($upload_path . '/.htaccess', $rules);
        }
        // Top level blank index.php
        if (!file_exists($upload_path . '/index.php') && wp_is_writable($upload_path)) {
            @file_put_contents($upload_path . '/index.php', '<?php' . PHP_EOL . '// Silence is golden.');
        }
        // Now place index.php files in all sub folders
        $folders = edd_scan_folders($upload_path);
        foreach ($folders as $folder) {
            // Create index.php, if it doesn't exist
            if (!file_exists($folder . 'index.php') && wp_is_writable($folder)) {
                @file_put_contents($folder . 'index.php', '<?php' . PHP_EOL . '// Silence is golden.');
            }
        }
        // Check for the files once per day
        set_transient('edd_check_protection_files', true, 3600 * 24);
    }
}
/**
 * Creates blank index.php and .htaccess files
 *
 * This function runs approximately once per month in order to ensure all folders
 * have their necessary protection files
 *
 * @since 1.1.5
 * @return void
 */
function edd_create_protection_files($force = false)
{
    if (false === get_transient('edd_check_protection_files') || $force) {
        $wp_upload_dir = wp_upload_dir();
        $upload_path = $wp_upload_dir['basedir'] . '/edd';
        wp_mkdir_p($upload_path);
        // Top level blank index.php
        if (!file_exists($upload_path . '/index.php')) {
            @file_put_contents($upload_path . '/index.php', '<?php' . PHP_EOL . '// Silence is golden.');
        }
        // Top level .htaccess file
        $rules = edd_get_htaccess_rules();
        if (file_exists($upload_path . '/.htaccess')) {
            $contents = @file_get_contents($upload_path . '/.htaccess');
            if (false === strpos($contents, $rules) || !$contents) {
                @file_put_contents($upload_path . '/.htaccess', $rules);
            }
        }
        // Now place index.php files in all sub folders
        $folders = edd_scan_folders($upload_path);
        foreach ($folders as $folder) {
            // Create index.php, if it doesn't exist
            if (!file_exists($folder . 'index.php')) {
                @file_put_contents($folder . 'index.php', '<?php' . PHP_EOL . '// Silence is golden.');
            }
        }
        // Check for the files once per day
        set_transient('edd_check_protection_files', true, 3600 * 24);
    }
}
/**
 * Admin Messages
 *
 * @since 1.0
 * @global $edd_options Array of all the EDD Options
 * @return void
 */
function edd_admin_messages()
{
    global $edd_options;
    if (isset($_GET['edd-message']) && 'discount_added' == $_GET['edd-message'] && current_user_can('manage_shop_discounts')) {
        add_settings_error('edd-notices', 'edd-discount-added', __('Discount code added.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'discount_add_failed' == $_GET['edd-message'] && current_user_can('manage_shop_discounts')) {
        add_settings_error('edd-notices', 'edd-discount-add-fail', __('There was a problem adding your discount code, please try again.', 'edd'), 'error');
    }
    if (isset($_GET['edd-message']) && 'discount_exists' == $_GET['edd-message'] && current_user_can('manage_shop_discounts')) {
        add_settings_error('edd-notices', 'edd-discount-exists', __('A discount with that code already exists, please use a different code.', 'edd'), 'error');
    }
    if (isset($_GET['edd-message']) && 'discount_updated' == $_GET['edd-message'] && current_user_can('manage_shop_discounts')) {
        add_settings_error('edd-notices', 'edd-discount-updated', __('Discount code updated.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'discount_update_failed' == $_GET['edd-message'] && current_user_can('manage_shop_discounts')) {
        add_settings_error('edd-notices', 'edd-discount-updated-fail', __('There was a problem updating your discount code, please try again.', 'edd'), 'error');
    }
    if (isset($_GET['edd-message']) && 'payment_deleted' == $_GET['edd-message'] && current_user_can('view_shop_reports')) {
        add_settings_error('edd-notices', 'edd-payment-deleted', __('The payment has been deleted.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'email_sent' == $_GET['edd-message'] && current_user_can('view_shop_reports')) {
        add_settings_error('edd-notices', 'edd-payment-sent', __('The purchase receipt has been resent.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'payment-note-deleted' == $_GET['edd-message'] && current_user_can('view_shop_reports')) {
        add_settings_error('edd-notices', 'edd-payment-note-deleted', __('The payment note has been deleted.', 'edd'), 'updated');
    }
    if (isset($_GET['page']) && 'edd-payment-history' == $_GET['page'] && current_user_can('view_shop_reports') && edd_is_test_mode()) {
        add_settings_error('edd-notices', 'edd-payment-sent', sprintf(__('Note: Test Mode is enabled, only test payments are shown below. <a href="%s">Settings</a>.', 'edd'), admin_url('edit.php?post_type=download&page=edd-settings')), 'updated');
    }
    if ((empty($edd_options['purchase_page']) || 'trash' == get_post_status($edd_options['purchase_page'])) && current_user_can('edit_pages') && !get_user_meta(get_current_user_id(), '_edd_set_checkout_dismissed')) {
        echo '<div class="error">';
        echo '<p>' . sprintf(__('No checkout page has been configured. Visit <a href="%s">Settings</a> to set one.', 'edd'), admin_url('edit.php?post_type=download&page=edd-settings')) . '</p>';
        echo '<p><a href="' . add_query_arg(array('edd_action' => 'dismiss_notices', 'edd_notice' => 'set_checkout')) . '">' . __('Dismiss Notice', 'edd') . '</a></p>';
        echo '</div>';
    }
    if (isset($_GET['edd-message']) && 'settings-imported' == $_GET['edd-message'] && current_user_can('manage_shop_settings')) {
        add_settings_error('edd-notices', 'edd-settings-imported', __('The settings have been imported.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'note-added' == $_GET['edd-message'] && current_user_can('edit_shop_payments')) {
        add_settings_error('edd-notices', 'edd-note-added', __('The payment note has been added successfully.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'payment-updated' == $_GET['edd-message'] && current_user_can('edit_shop_payments')) {
        add_settings_error('edd-notices', 'edd-payment-updated', __('The payment has been successfully updated.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'api-key-generated' == $_GET['edd-message'] && current_user_can('manage_shop_settings')) {
        add_settings_error('edd-notices', 'edd-api-key-generated', __('API keys successfully generated.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'api-key-exists' == $_GET['edd-message'] && current_user_can('manage_shop_settings')) {
        add_settings_error('edd-notices', 'edd-api-key-exists', __('The specified user already has API keys.', 'edd'), 'error');
    }
    if (isset($_GET['edd-message']) && 'api-key-regenerated' == $_GET['edd-message'] && current_user_can('manage_shop_settings')) {
        add_settings_error('edd-notices', 'edd-api-key-regenerated', __('API keys successfully regenerated.', 'edd'), 'updated');
    }
    if (isset($_GET['edd-message']) && 'api-key-revoked' == $_GET['edd-message'] && current_user_can('manage_shop_settings')) {
        add_settings_error('edd-notices', 'edd-api-key-revoked', __('API keys successfully revoked.', 'edd'), 'updated');
    }
    if (!edd_htaccess_exists() && !get_user_meta(get_current_user_id(), '_edd_htaccess_missing_dismissed', true)) {
        if (!stristr($_SERVER['SERVER_SOFTWARE'], 'apache')) {
            return;
        }
        // Bail if we aren't using Apache... nginx doesn't use htaccess!
        echo '<div class="error">';
        echo '<p>' . sprintf(__('The Easy Digital Downloads .htaccess file is missing from <strong>%s</strong>!', 'edd'), edd_get_upload_dir()) . '</p>';
        echo '<p>' . sprintf(__('First, please resave the Misc settings tab a few times. If this warning continues to appear, create a file called ".htaccess" in the <strong>%s</strong> directory, and copy the following into it:', 'edd'), edd_get_upload_dir()) . '</p>';
        echo '<p><pre>' . edd_get_htaccess_rules() . '</pre>';
        echo '<p><a href="' . add_query_arg(array('edd_action' => 'dismiss_notices', 'edd_notice' => 'htaccess_missing')) . '">' . __('Dismiss Notice', 'edd') . '</a></p>';
        echo '</div>';
    }
    settings_errors('edd-notices');
}
Ejemplo n.º 4
0
 /**
  * Show relevant notices
  *
  * @since 2.3
  */
 public function show_notices()
 {
     $notices = array('updated' => array(), 'error' => array());
     // Global (non-action-based) messages
     if (edd_get_option('purchase_page', '') == '' || 'trash' == get_post_status(edd_get_option('purchase_page', '')) && current_user_can('edit_pages') && !get_user_meta(get_current_user_id(), '_edd_set_checkout_dismissed')) {
         echo '<div class="error">';
         echo '<p>' . sprintf(__('No checkout page has been configured. Visit <a href="%s">Settings</a> to set one.', 'easy-digital-downloads'), admin_url('edit.php?post_type=download&page=edd-settings')) . '</p>';
         echo '<p><a href="' . add_query_arg(array('edd_action' => 'dismiss_notices', 'edd_notice' => 'set_checkout')) . '">' . __('Dismiss Notice', 'easy-digital-downloads') . '</a></p>';
         echo '</div>';
     }
     if (isset($_GET['page']) && 'edd-payment-history' == $_GET['page'] && current_user_can('view_shop_reports') && edd_is_test_mode()) {
         $notices['updated']['edd-payment-history-test-mode'] = sprintf(__('Note: Test Mode is enabled, only test payments are shown below. <a href="%s">Settings</a>.', 'easy-digital-downloads'), admin_url('edit.php?post_type=download&page=edd-settings'));
     }
     if (stristr($_SERVER['SERVER_SOFTWARE'], 'nginx') && !get_user_meta(get_current_user_id(), '_edd_nginx_redirect_dismissed', true) && current_user_can('manage_shop_settings')) {
         echo '<div class="error">';
         echo '<p>' . sprintf(__('The download files in <strong>%s</strong> are not currently protected due to your site running on NGINX.', 'easy-digital-downloads'), edd_get_upload_dir()) . '</p>';
         echo '<p>' . __('To protect them, you must add a redirect rule as explained in <a href="http://docs.easydigitaldownloads.com/article/682-protected-download-files-on-nginx">this guide</a>.', 'easy-digital-downloads') . '</p>';
         echo '<p>' . __('If you have already added the redirect rule, you may safely dismiss this notice', 'easy-digital-downloads') . '</p>';
         echo '<p><a href="' . add_query_arg(array('edd_action' => 'dismiss_notices', 'edd_notice' => 'nginx_redirect')) . '">' . __('Dismiss Notice', 'easy-digital-downloads') . '</a></p>';
         echo '</div>';
     }
     if (!edd_htaccess_exists() && !get_user_meta(get_current_user_id(), '_edd_htaccess_missing_dismissed', true) && current_user_can('manage_shop_settings')) {
         if (!stristr($_SERVER['SERVER_SOFTWARE'], 'apache')) {
             return;
         }
         // Bail if we aren't using Apache... nginx doesn't use htaccess!
         echo '<div class="error">';
         echo '<p>' . sprintf(__('The Easy Digital Downloads .htaccess file is missing from <strong>%s</strong>!', 'easy-digital-downloads'), edd_get_upload_dir()) . '</p>';
         echo '<p>' . sprintf(__('First, please resave the Misc settings tab a few times. If this warning continues to appear, create a file called ".htaccess" in the <strong>%s</strong> directory, and copy the following into it:', 'easy-digital-downloads'), edd_get_upload_dir()) . '</p>';
         echo '<p><pre>' . edd_get_htaccess_rules() . '</pre>';
         echo '<p><a href="' . add_query_arg(array('edd_action' => 'dismiss_notices', 'edd_notice' => 'htaccess_missing')) . '">' . __('Dismiss Notice', 'easy-digital-downloads') . '</a></p>';
         echo '</div>';
     }
     /* Commented out per https://github.com/easydigitaldownloads/Easy-Digital-Downloads/issues/3475
     		if( ! edd_test_ajax_works() && ! get_user_meta( get_current_user_id(), '_edd_admin_ajax_inaccessible_dismissed', true ) && current_user_can( 'manage_shop_settings' ) ) {
     			echo '<div class="error">';
     				echo '<p>' . __( 'Your site appears to be blocking the WordPress ajax interface. This may causes issues with your store.', 'easy-digital-downloads' ) . '</p>';
     				echo '<p>' . sprintf( __( 'Please see <a href="%s" target="_blank">this reference</a> for possible solutions.', 'easy-digital-downloads' ), 'https://easydigitaldownloads.com/docs/admin-ajax-blocked' ) . '</p>';
     				echo '<p><a href="' . add_query_arg( array( 'edd_action' => 'dismiss_notices', 'edd_notice' => 'admin_ajax_inaccessible' ) ) . '">' . __( 'Dismiss Notice', 'easy-digital-downloads' ) . '</a></p>';
     			echo '</div>';
     		}
     		*/
     if (isset($_GET['edd-message'])) {
         // Shop discounts errors
         if (current_user_can('manage_shop_discounts')) {
             switch ($_GET['edd-message']) {
                 case 'discount_added':
                     $notices['updated']['edd-discount-added'] = __('Discount code added.', 'easy-digital-downloads');
                     break;
                 case 'discount_add_failed':
                     $notices['error']['edd-discount-add-fail'] = __('There was a problem adding your discount code, please try again.', 'easy-digital-downloads');
                     break;
                 case 'discount_exists':
                     $notices['error']['edd-discount-exists'] = __('A discount with that code already exists, please use a different code.', 'easy-digital-downloads');
                     break;
                 case 'discount_updated':
                     $notices['updated']['edd-discount-updated'] = __('Discount code updated.', 'easy-digital-downloads');
                     break;
                 case 'discount_update_failed':
                     $notices['error']['edd-discount-updated-fail'] = __('There was a problem updating your discount code, please try again.', 'easy-digital-downloads');
                     break;
             }
         }
         // Shop reports errors
         if (current_user_can('view_shop_reports')) {
             switch ($_GET['edd-message']) {
                 case 'payment_deleted':
                     $notices['updated']['edd-payment-deleted'] = __('The payment has been deleted.', 'easy-digital-downloads');
                     break;
                 case 'email_sent':
                     $notices['updated']['edd-payment-sent'] = __('The purchase receipt has been resent.', 'easy-digital-downloads');
                     break;
                 case 'payment-note-deleted':
                     $notices['updated']['edd-payment-note-deleted'] = __('The payment note has been deleted.', 'easy-digital-downloads');
                     break;
             }
         }
         // Shop settings errors
         if (current_user_can('manage_shop_settings')) {
             switch ($_GET['edd-message']) {
                 case 'settings-imported':
                     $notices['updated']['edd-settings-imported'] = __('The settings have been imported.', 'easy-digital-downloads');
                     break;
                 case 'api-key-generated':
                     $notices['updated']['edd-api-key-generated'] = __('API keys successfully generated.', 'easy-digital-downloads');
                     break;
                 case 'api-key-exists':
                     $notices['error']['edd-api-key-exists'] = __('The specified user already has API keys.', 'easy-digital-downloads');
                     break;
                 case 'api-key-regenerated':
                     $notices['updated']['edd-api-key-regenerated'] = __('API keys successfully regenerated.', 'easy-digital-downloads');
                     break;
                 case 'api-key-revoked':
                     $notices['updated']['edd-api-key-revoked'] = __('API keys successfully revoked.', 'easy-digital-downloads');
                     break;
             }
         }
         // Shop payments errors
         if (current_user_can('edit_shop_payments')) {
             switch ($_GET['edd-message']) {
                 case 'note-added':
                     $notices['updated']['edd-note-added'] = __('The payment note has been added successfully.', 'easy-digital-downloads');
                     break;
                 case 'payment-updated':
                     $notices['updated']['edd-payment-updated'] = __('The payment has been successfully updated.', 'easy-digital-downloads');
                     break;
             }
         }
         // Customer Notices
         if (current_user_can('edit_shop_payments')) {
             switch ($_GET['edd-message']) {
                 case 'customer-deleted':
                     $notices['updated']['edd-customer-deleted'] = __('Customer successfully deleted', 'easy-digital-downloads');
                     break;
                 case 'user-verified':
                     $notices['updated']['edd-user-verified'] = __('User successfully verified', 'easy-digital-downloads');
                     break;
             }
         }
     }
     if (count($notices['updated']) > 0) {
         foreach ($notices['updated'] as $notice => $message) {
             add_settings_error('edd-notices', $notice, $message, 'updated');
         }
     }
     if (count($notices['error']) > 0) {
         foreach ($notices['error'] as $notice => $message) {
             add_settings_error('edd-notices', $notice, $message, 'error');
         }
     }
     settings_errors('edd-notices');
 }
        /**
         * Display our editor
         *
         * @access      public
         * @since       1.0.0
         * @return      void
         */
        public function htaccess_editor()
        {
            $contents = edd_get_option('htaccess_rules', false);
            if (!$contents) {
                $contents = edd_get_htaccess_rules();
            } else {
                $contents = html_entity_decode(stripslashes($contents));
            }
            ?>
                <div class="postbox">
                    <h3><span><?php 
            _e('Edit htaccess', 'edd-htaccess-editor');
            ?>
</span></h3>
                    <div class="inside">
                        <?php 
            if (!stristr($_SERVER['SERVER_SOFTWARE'], 'apache')) {
                ?>
                            <p><?php 
                _e('The htaccess editor is only useful with the Apache webserver!', 'edd-htaccess-editor');
                ?>
</p>
                        <?php 
            } else {
                ?>
                            <form method="post" action="<?php 
                echo admin_url('edit.php?post_type=download&page=edd-tools&tab=general');
                ?>
">
                                <p>
                                    <textarea name="htaccess_contents" rows="10" class="large-text"><?php 
                echo $contents;
                ?>
</textarea>
                                    <span class="description"><?php 
                _e('<strong>Warning!</strong> Incorrectly modifying your htaccess file could result in unexpected site behavior.', 'edd-htaccess-editor');
                ?>
</span>
                                </p>
                                <p>
                                    <input type="hidden" name="edd_action" value="save_htaccess_file" />
                                    <?php 
                wp_nonce_field('edd_save_htaccess_nonce', 'edd_save_htaccess_nonce');
                ?>
                                    <?php 
                submit_button(__('Save', 'edd-htaccess-editor'), 'secondary', 'submit', false);
                ?>
                                    <a href="<?php 
                echo esc_url(add_query_arg(array('edd-action' => 'reset_htaccess_file')));
                ?>
" class="button secondary-button" style="color: #ff0000;"><?php 
                _e('Reset htaccess file', 'edd-htaccess-editor');
                ?>
</a>
                                </p>
                            </form>
                        <?php 
            }
            ?>
                    </div><!-- .inside -->
                </div><!-- .postbox -->
            <?php 
        }