/** * Processes bulk installation and activation actions. * * The bulk installation process looks either for the $_POST * information or for the plugin info within the $_GET variable if * a user has to use WP_Filesystem to enter their credentials. * * @since 2.2.0 */ public function process_bulk_actions() { /** Bulk installation process */ if ('tgmpa-bulk-install' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); /** Prep variables to be populated */ $plugins_to_install = array(); $plugin_installs = array(); $plugin_path = array(); $plugin_name = array(); /** Look first to see if information has been passed via WP_Filesystem */ if (isset($_GET[sanitize_key('plugins')])) { $plugins = explode(',', stripslashes($_GET[sanitize_key('plugins')])); } elseif (isset($_POST[sanitize_key('plugin')])) { $plugins = (array) $_POST[sanitize_key('plugin')]; } else { $plugins = array(); } $a = 0; // Incremental variable /** Grab information from $_POST if available */ if (isset($_POST[sanitize_key('plugin')])) { foreach ($plugins as $plugin_data) { $plugins_to_install[] = explode(',', $plugin_data); } foreach ($plugins_to_install as $plugin_data) { $plugin_installs[] = $plugin_data[0]; $plugin_path[] = $plugin_data[1]; $plugin_name[] = $plugin_data[2]; } } else { foreach ($plugins as $key => $value) { /** Grab plugin slug for each plugin */ if (0 == $key % 3 || 0 == $key) { $plugins_to_install[] = $value; $plugin_installs[] = $value; } $a++; } } /** Look first to see if information has been passed via WP_Filesystem */ if (isset($_GET[sanitize_key('plugin_paths')])) { $plugin_paths = explode(',', stripslashes($_GET[sanitize_key('plugin_paths')])); } elseif (isset($_POST[sanitize_key('plugin')])) { $plugin_paths = (array) $plugin_path; } else { $plugin_paths = array(); } /** Look first to see if information has been passed via WP_Filesystem */ if (isset($_GET[sanitize_key('plugin_names')])) { $plugin_names = explode(',', stripslashes($_GET[sanitize_key('plugin_names')])); } elseif (isset($_POST[sanitize_key('plugin')])) { $plugin_names = (array) $plugin_name; } else { $plugin_names = array(); } $b = 0; // Incremental variable /** Loop through plugin slugs and remove already installed plugins from the list */ foreach ($plugin_installs as $key => $plugin) { if (preg_match('|.php$|', $plugin)) { unset($plugin_installs[$key]); /** If the plugin path isn't in the $_GET variable, we can unset the corresponding path */ if (!isset($_GET[sanitize_key('plugin_paths')])) { unset($plugin_paths[$b]); } /** If the plugin name isn't in the $_GET variable, we can unset the corresponding name */ if (!isset($_GET[sanitize_key('plugin_names')])) { unset($plugin_names[$b]); } } $b++; } /** No need to proceed further if we have no plugins to install */ if (empty($plugin_installs)) { return false; } /** Reset array indexes in case we removed already installed plugins */ $plugin_installs = array_values($plugin_installs); $plugin_paths = array_values($plugin_paths); $plugin_names = array_values($plugin_names); /** If we grabbed our plugin info from $_GET, we need to decode it for use */ $plugin_installs = array_map('urldecode', $plugin_installs); $plugin_paths = array_map('urldecode', $plugin_paths); $plugin_names = array_map('urldecode', $plugin_names); /** Pass all necessary information via URL if WP_Filesystem is needed */ $url = wp_nonce_url(add_query_arg(array('page' => TGM_Plugin_Activation::$instance->menu, 'tgmpa-action' => 'install-selected', 'plugins' => urlencode(implode(',', $plugins)), 'plugin_paths' => urlencode(implode(',', $plugin_paths)), 'plugin_names' => urlencode(implode(',', $plugin_names))), admin_url(TGM_Plugin_Activation::$instance->parent_url_slug)), 'bulk-plugins'); $method = ''; // Leave blank so WP_Filesystem can populate it as necessary $fields = array(sanitize_key('action'), sanitize_key('_wp_http_referer'), sanitize_key('_wpnonce')); // Extra fields to pass to WP_Filesystem if (false === ($creds = request_filesystem_credentials($url, $method, false, false, $fields))) { return true; } if (!WP_Filesystem($creds)) { request_filesystem_credentials($url, $method, true, false, $fields); // Setup WP_Filesystem return true; } require_once ABSPATH . 'wp-admin/includes/plugin-install.php'; // Need for plugins_api require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; // Need for upgrade classes /** Store all information in arrays since we are processing a bulk installation */ $api = array(); $sources = array(); $install_path = array(); $c = 0; // Incremental variable /** Loop through each plugin to install and try to grab information from WordPress API, if not create 'tgmpa-empty' scalar */ foreach ($plugin_installs as $plugin) { $api[$c] = plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false))) ? plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false))) : (object) ($api[$c] = 'tgmpa-empty'); $c++; } if (is_wp_error($api)) { wp_die(TGM_Plugin_Activation::$instance->strings['oops'] . var_dump($api)); } $d = 0; // Incremental variable /** Capture download links from $api or set install link to pre-packaged/private repo */ foreach ($api as $object) { $sources[$d] = isset($object->download_link) && 'repo' == $plugin_paths[$d] ? $object->download_link : $plugin_paths[$d]; $d++; } /** Finally, all the data is prepared to be sent to the installer */ $url = add_query_arg(array('page' => TGM_Plugin_Activation::$instance->menu), admin_url(TGM_Plugin_Activation::$instance->parent_url_slug)); $nonce = 'bulk-plugins'; $names = $plugin_names; /** Create a new instance of TGM_Bulk_Installer */ $installer = new TGM_Bulk_Installer($skin = new TGM_Bulk_Installer_Skin(compact('url', 'nonce', 'names'))); /** Wrap the install process with the appropriate HTML */ echo '<div class="tgmpa wrap">'; screen_icon(apply_filters('tgmpa_default_screen_icon', 'themes')); echo '<h2>' . esc_html(get_admin_page_title()) . '</h2>'; /** Process the bulk installation submissions */ $installer->bulk_install($sources); echo '</div>'; return true; } /** Bulk activation process */ if ('tgmpa-bulk-activate' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); /** Grab plugin data from $_POST */ $plugins = isset($_POST[sanitize_key('plugin')]) ? (array) $_POST[sanitize_key('plugin')] : array(); $plugins_to_activate = array(); /** Split plugin value into array with plugin file path, plugin source and plugin name */ foreach ($plugins as $i => $plugin) { $plugins_to_activate[] = explode(',', $plugin); } foreach ($plugins_to_activate as $i => $array) { if (!preg_match('|.php$|', $array[0])) { // Plugins that haven't been installed yet won't have the correct file path unset($plugins_to_activate[$i]); } } /** Return early if there are no plugins to activate */ if (empty($plugins_to_activate)) { return; } $plugins = array(); $plugin_names = array(); foreach ($plugins_to_activate as $plugin_string) { $plugins[] = $plugin_string[0]; $plugin_names[] = $plugin_string[2]; } $count = count($plugin_names); // Count so we can use _n function $last_plugin = array_pop($plugin_names); // Pop off last name to prep for readability $imploded = empty($plugin_names) ? '<strong>' . $last_plugin . '</strong>' : '<strong>' . (implode(', ', $plugin_names) . '</strong> and <strong>' . $last_plugin . '</strong>.'); /** Now we are good to go - let's start activating plugins */ $activate = activate_plugins($plugins); if (is_wp_error($activate)) { echo '<div id="message" class="error"><p>' . $activate->get_error_message() . '</p></div>'; } else { printf('<div id="message" class="updated"><p>%1$s %2$s</p></div>', _n('The following plugin was activated successfully:', 'The following plugins were activated successfully:', $count, TGM_Plugin_Activation::$instance->domain), $imploded); } /** Update recently activated plugins option */ $recent = (array) get_option('recently_activated'); foreach ($plugins as $plugin => $time) { if (isset($recent[$plugin])) { unset($recent[$plugin]); } } update_option('recently_activated', $recent); unset($_POST); // Reset the $_POST variable in case user wants to perform one action after another } }
/** * Processes bulk installation and activation actions. * * The bulk installation process looks either for the $_POST * information or for the plugin info within the $_GET variable if * a user has to use WP_Filesystem to enter their credentials. * * @since 2.2.0 */ public function process_bulk_actions() { // Bulk installation process. if ('tgmpa-bulk-install' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); // Prep variables to be populated. $plugins_to_install = array(); $plugin_installs = array(); $plugin_path = array(); $plugin_name = array(); // Look first to see if information has been passed via WP_Filesystem. if (isset($_GET['plugins'])) { $plugins = explode(',', stripslashes($_GET['plugins'])); } elseif (isset($_POST['plugin'])) { $plugins = (array) $_POST['plugin']; // @todo needs sanitizing, figure out how } else { $plugins = array(); } // Grab information from $_POST if available. if (isset($_POST['plugin'])) { foreach ($plugins as $plugin_data) { $plugins_to_install[] = explode(',', $plugin_data); } foreach ($plugins_to_install as $plugin_data) { $plugin_installs[] = $plugin_data[0]; $plugin_path[] = $plugin_data[1]; $plugin_name[] = $plugin_data[2]; } } else { foreach ($plugins as $key => $value) { // Grab plugin slug for each plugin. if (0 === $key % 3 || 0 === $key) { $plugins_to_install[] = $value; $plugin_installs[] = $value; } } } // Look first to see if information has been passed via WP_Filesystem. if (isset($_GET['plugin_paths'])) { $plugin_paths = explode(',', stripslashes($_GET['plugin_paths'])); } elseif (isset($_POST['plugin'])) { $plugin_paths = (array) $plugin_path; } else { $plugin_paths = array(); } // Look first to see if information has been passed via WP_Filesystem. if (isset($_GET['plugin_names'])) { $plugin_names = explode(',', stripslashes($_GET['plugin_names'])); } elseif (isset($_POST['plugin'])) { $plugin_names = (array) $plugin_name; } else { $plugin_names = array(); } // Loop through plugin slugs and remove already installed plugins from the list. $i = 0; foreach ($plugin_installs as $key => $plugin) { if (preg_match('|.php$|', $plugin)) { unset($plugin_installs[$key]); // If the plugin path isn't in the $_GET variable, we can unset the corresponding path. if (!isset($_GET['plugin_paths'])) { unset($plugin_paths[$i]); } // If the plugin name isn't in the $_GET variable, we can unset the corresponding name. if (!isset($_GET['plugin_names'])) { unset($plugin_names[$i]); } } $i++; } // No need to proceed further if we have no plugins to install. if (empty($plugin_installs)) { echo '<div id="message" class="error"><p>', esc_html__('No plugins are available to be installed at this time.', 'tgmpa'), '</p></div>'; return false; } // Reset array indexes in case we removed already installed plugins. $plugin_installs = array_values($plugin_installs); $plugin_paths = array_values($plugin_paths); $plugin_names = array_values($plugin_names); // If we grabbed our plugin info from $_GET, we need to decode it for use. $plugin_installs = array_map('urldecode', $plugin_installs); $plugin_paths = array_map('urldecode', $plugin_paths); $plugin_names = array_map('urldecode', $plugin_names); // Pass all necessary information via URL if WP_Filesystem is needed. $url = wp_nonce_url(add_query_arg(array('page' => $this->tgmpa->menu, 'tgmpa-action' => 'install-selected', 'plugins' => urlencode(implode(',', $plugins)), 'plugin_paths' => urlencode(implode(',', $plugin_paths)), 'plugin_names' => urlencode(implode(',', $plugin_names))), self_admin_url($this->admin_page_base)), 'bulk-plugins'); $method = ''; // Leave blank so WP_Filesystem can populate it as necessary. $fields = array('action', '_wp_http_referer', '_wpnonce'); // Extra fields to pass to WP_Filesystem. if (false === ($creds = request_filesystem_credentials(esc_url_raw($url), $method, false, false, $fields))) { return true; } if (!WP_Filesystem($creds)) { request_filesystem_credentials(esc_url_raw($url), $method, true, false, $fields); // Setup WP_Filesystem. return true; } require_once ABSPATH . 'wp-admin/includes/plugin-install.php'; // Need for plugins_api require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; // Need for upgrade classes // Store all information in arrays since we are processing a bulk installation. $api = array(); $sources = array(); $install_path = array(); // Loop through each plugin to install and try to grab information from WordPress API, if not create 'tgmpa-empty' scalar. $i = 0; foreach ($plugin_installs as $plugin) { $temp = plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false))); $api[$i] = (object) 'tgmpa-empty'; if (!is_wp_error($temp)) { $api[$i] = $temp; } $i++; } unset($plugin, $temp); if (is_wp_error($api)) { if (WP_DEBUG === true) { wp_die(esc_html($this->tgmpa->strings['oops']) . var_dump($api)); // wpcs: xss ok } else { wp_die(esc_html($this->tgmpa->strings['oops'])); } } // Capture download links from $api or set install link to pre-packaged/private repo. $i = 0; foreach ($api as $object) { $sources[$i] = isset($object->download_link) && 'repo' === $plugin_paths[$i] ? $object->download_link : $plugin_paths[$i]; $i++; } // Finally, all the data is prepared to be sent to the installer. $url = esc_url_raw(add_query_arg(array('page' => $this->tgmpa->menu), self_admin_url($this->admin_page_base))); $nonce = 'bulk-plugins'; $names = $plugin_names; // Create a new instance of TGM_Bulk_Installer. $installer = new TGM_Bulk_Installer($skin = new TGM_Bulk_Installer_Skin(compact('url', 'nonce', 'names'))); // Wrap the install process with the appropriate HTML. echo '<div class="tgmpa wrap">', '<h2>', esc_html(get_admin_page_title()), '</h2>'; // Process the bulk installation submissions. $installer->bulk_install($sources); echo '</div>'; return true; } // Bulk activation process. if ('tgmpa-bulk-activate' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); // Grab plugin data from $_POST. $plugins = isset($_POST['plugin']) ? (array) $_POST['plugin'] : array(); // @todo needs sanitizing, figure out how $plugins_to_activate = array(); // Split plugin value into array with plugin file path, plugin source and plugin name. foreach ($plugins as $i => $plugin) { $plugins_to_activate[] = explode(',', $plugin); } foreach ($plugins_to_activate as $i => $array) { if (!preg_match('|.php$|', $array[0])) { unset($plugins_to_activate[$i]); } } // Return early if there are no plugins to activate. if (empty($plugins_to_activate)) { echo '<div id="message" class="error"><p>', esc_html__('No plugins are available to be activated at this time.', 'tgmpa'), '</p></div>'; return false; } $plugins = array(); $plugin_names = array(); foreach ($plugins_to_activate as $plugin_string) { $plugins[] = $plugin_string[0]; $plugin_names[] = $plugin_string[2]; } $count = count($plugin_names); // Count so we can use _n function. $last_plugin = array_pop($plugin_names); // Pop off last name to prep for readability. $imploded = empty($plugin_names) ? '<strong>' . $last_plugin . '</strong>' : '<strong>' . (implode(', ', $plugin_names) . '</strong> and <strong>' . $last_plugin . '</strong>.'); // Now we are good to go - let's start activating plugins. $activate = activate_plugins($plugins); if (is_wp_error($activate)) { echo '<div id="message" class="error"><p>', wp_kses_post($activate->get_error_message()), '</p></div>'; } else { printf('<div id="message" class="updated"><p>%1$s %2$s.</p></div>', esc_html(_n('The following plugin was activated successfully:', 'The following plugins were activated successfully:', $count, 'tgmpa')), wp_kses_post($imploded)); } // Update recently activated plugins option. $recent = (array) get_option('recently_activated'); foreach ($plugins as $plugin => $time) { if (isset($recent[$plugin])) { unset($recent[$plugin]); } } update_option('recently_activated', $recent); unset($_POST); // Reset the $_POST variable in case user wants to perform one action after another. return true; } }
/** * Processes bulk installation and activation actions. * * The bulk installation process looks for the $_POST information and passes that * through if a user has to use WP_Filesystem to enter their credentials. * * @since 2.2.0 */ public function process_bulk_actions() { // Bulk installation process. if ('tgmpa-bulk-install' === $this->current_action() || 'tgmpa-bulk-update' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); $install_type = 'install'; if ('tgmpa-bulk-update' === $this->current_action()) { $install_type = 'update'; } $plugins_to_install = array(); // Did user actually select any plugins to install/update ? if (empty($_POST['plugin'])) { if ('install' === $install_type) { $message = __('No plugins were selected to be installed. No action taken.', 'omega'); } else { $message = __('No plugins were selected to be updated. No action taken.', 'omega'); } echo '<div id="message" class="error"><p>', esc_html($message), '</p></div>'; return false; } if (is_array($_POST['plugin'])) { $plugins_to_install = (array) $_POST['plugin']; } elseif (is_string($_POST['plugin'])) { // Received via Filesystem page - un-flatten array (WP bug #19643). $plugins_to_install = explode(',', $_POST['plugin']); } // Sanitize the received input. $plugins_to_install = array_map('urldecode', $plugins_to_install); $plugins_to_install = array_map(array($this->tgmpa, 'sanitize_key'), $plugins_to_install); // Validate the received input. foreach ($plugins_to_install as $key => $slug) { // Check if the plugin was registered with TGMPA and remove if not. if (!isset($this->tgmpa->plugins[$slug])) { unset($plugins_to_install[$key]); continue; } // For updates: make sure this is a plugin we *can* update (update available and WP version ok). if ('update' === $install_type && ($this->tgmpa->is_plugin_installed($slug) && (false === $this->tgmpa->does_plugin_have_update($slug) || !$this->tgmpa->can_plugin_update($slug)))) { unset($plugins_to_install[$key]); } } // No need to proceed further if we have no plugins to handle. if (empty($plugins_to_install)) { if ('install' === $install_type) { $message = __('No plugins are available to be installed at this time.', 'omega'); } else { $message = __('No plugins are available to be updated at this time.', 'omega'); } echo '<div id="message" class="error"><p>', esc_html($message), '</p></div>'; return false; } // Pass all necessary information if WP_Filesystem is needed. $url = wp_nonce_url($this->tgmpa->get_tgmpa_url(), 'bulk-' . $this->_args['plural']); // Give validated data back to $_POST which is the only place the filesystem looks for extra fields. $_POST['plugin'] = implode(',', $plugins_to_install); // Work around for WP bug #19643. $method = ''; // Leave blank so WP_Filesystem can populate it as necessary. $fields = array_keys($_POST); // Extra fields to pass to WP_Filesystem. if (false === ($creds = request_filesystem_credentials(esc_url_raw($url), $method, false, false, $fields))) { return true; // Stop the normal page form from displaying, credential request form will be shown. } // Now we have some credentials, setup WP_Filesystem. if (!WP_Filesystem($creds)) { // Our credentials were no good, ask the user for them again. request_filesystem_credentials(esc_url_raw($url), $method, true, false, $fields); return true; } /* If we arrive here, we have the filesystem */ // Store all information in arrays since we are processing a bulk installation. $names = array(); $sources = array(); // Needed for installs. $file_paths = array(); // Needed for upgrades. $to_inject = array(); // Information to inject into the update_plugins transient. // Prepare the data for validated plugins for the install/upgrade. foreach ($plugins_to_install as $slug) { $name = $this->tgmpa->plugins[$slug]['name']; $source = $this->tgmpa->get_download_url($slug); if (!empty($name) && !empty($source)) { $names[] = $name; switch ($install_type) { case 'install': $sources[] = $source; break; case 'update': $file_paths[] = $this->tgmpa->plugins[$slug]['file_path']; $to_inject[$slug] = $this->tgmpa->plugins[$slug]; $to_inject[$slug]['source'] = $source; break; } } } unset($slug, $name, $source); // Create a new instance of TGM_Bulk_Installer. $installer = new TGM_Bulk_Installer(new TGM_Bulk_Installer_Skin(array('url' => esc_url_raw($this->tgmpa->get_tgmpa_url()), 'nonce' => 'bulk-' . $this->_args['plural'], 'names' => $names, 'install_type' => $install_type))); // Wrap the install process with the appropriate HTML. echo '<div class="tgmpa wrap">', '<h2>', esc_html(get_admin_page_title()), '</h2>'; // Process the bulk installation submissions. add_filter('upgrader_source_selection', array($this->tgmpa, 'maybe_adjust_source_dir'), 1, 3); if ('tgmpa-bulk-update' === $this->current_action()) { // Inject our info into the update transient. $this->tgmpa->inject_update_info($to_inject); $installer->bulk_upgrade($file_paths); } else { $installer->bulk_install($sources); } remove_filter('upgrader_source_selection', array($this->tgmpa, 'maybe_adjust_source_dir'), 1, 3); echo '</div>'; return true; } // Bulk activation process. if ('tgmpa-bulk-activate' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); // Did user actually select any plugins to activate ? if (empty($_POST['plugin'])) { echo '<div id="message" class="error"><p>', esc_html__('No plugins were selected to be activated. No action taken.', 'omega'), '</p></div>'; return false; } // Grab plugin data from $_POST. $plugins = array(); if (isset($_POST['plugin'])) { $plugins = array_map('urldecode', (array) $_POST['plugin']); $plugins = array_map(array($this->tgmpa, 'sanitize_key'), $plugins); } $plugins_to_activate = array(); $plugin_names = array(); // Grab the file paths for the selected & inactive plugins from the registration array. foreach ($plugins as $slug) { if ($this->tgmpa->can_plugin_activate($slug)) { $plugins_to_activate[] = $this->tgmpa->plugins[$slug]['file_path']; $plugin_names[] = $this->tgmpa->plugins[$slug]['name']; } } unset($slug); // Return early if there are no plugins to activate. if (empty($plugins_to_activate)) { echo '<div id="message" class="error"><p>', esc_html__('No plugins are available to be activated at this time.', 'omega'), '</p></div>'; return false; } // Now we are good to go - let's start activating plugins. $activate = activate_plugins($plugins_to_activate); if (is_wp_error($activate)) { echo '<div id="message" class="error"><p>', wp_kses_post($activate->get_error_message()), '</p></div>'; } else { $count = count($plugin_names); // Count so we can use _n function. $plugin_names = array_map(array('TGM_Utils', 'wrap_in_strong'), $plugin_names); $last_plugin = array_pop($plugin_names); // Pop off last name to prep for readability. $imploded = empty($plugin_names) ? $last_plugin : implode(', ', $plugin_names) . ' ' . esc_html_x('and', 'plugin A *and* plugin B', 'omega') . ' ' . $last_plugin; printf('<div id="message" class="updated"><p>%1$s %2$s.</p></div>', esc_html(_n('The following plugin was activated successfully:', 'The following plugins were activated successfully:', $count, 'omega')), $imploded); // Update recently activated plugins option. $recent = (array) get_option('recently_activated'); foreach ($plugins_to_activate as $plugin => $time) { if (isset($recent[$plugin])) { unset($recent[$plugin]); } } update_option('recently_activated', $recent); } unset($_POST); // Reset the $_POST variable in case user wants to perform one action after another. return true; } return false; }
/** * Method for the actual installation process * @return bool */ protected function process_installation() { $method = ''; // Leave blank so WP_Filesystem can populate it as necessary. $fields = array('action', '_wp_http_referer', '_wpnonce'); // Extra fields to pass to WP_Filesystem. if (FALSE === ($creds = request_filesystem_credentials($this->url, $method, FALSE, FALSE, $fields))) { return TRUE; } if (!WP_Filesystem($creds)) { request_filesystem_credentials($this->url, $method, TRUE, FALSE, $fields); // Setup WP_Filesystem. return TRUE; } require_once ABSPATH . 'wp-admin/includes/plugin-install.php'; // Need for plugins_api require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; // Need for upgrade classes // Store all information in arrays since we are processing a bulk installation. $api = array(); $sources = array(); // Loop through each plugin to install and try to grab information from WordPress API, if not create 'tgmpa-empty' scalar. $i = 0; foreach ($this->plugins_install as $plugin) { $temp = plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false))); $api[$i] = (object) 'tgmpa-empty'; if (!is_wp_error($temp)) { $api[$i] = $temp; } $i++; } unset($this->plugin, $temp); if (is_wp_error($api)) { if (true === WP_DEBUG) { wp_die(esc_html($this->tgmpa->strings['oops']) . var_dump($api)); // wpcs: xss ok } else { wp_die(esc_html($this->tgmpa->strings['oops'])); } } // Capture download links from $api or set install link to pre-packaged/private repo. $i = 0; foreach ($api as $object) { $sources[$i] = isset($object->download_link) && 'repo' === $this->plugins_path[$i] ? $object->download_link : $this->plugins_path[$i]; $i++; } // Create a new instance of TGM_Bulk_Installer. $installer = new TGM_Bulk_Installer(new TGM_Bulk_Installer_Skin(array('url' => esc_url_raw(add_query_arg(array('page' => urlencode($this->tgmpa->menu)), self_admin_url($this->tgmpa->parent_slug))), 'nonce' => 'bulk-plugins', 'names' => $this->plugins_name))); // Wrap the install process with the appropriate HTML. echo '<div class="tgmpa wrap">', '<h2>', esc_html(get_admin_page_title()), '</h2>'; // Process the bulk installation submissions. // Perform the action and install the plugin from the $source urldecode(). add_filter('upgrader_source_selection', array($this->tgmpa, 'maybe_adjust_source_dir'), 1, 3); $installer->bulk_install($sources, $this->update); remove_filter('upgrader_source_selection', array($this->tgmpa, 'maybe_adjust_source_dir'), 1, 3); echo '</div>'; return TRUE; }
public function process_bulk_actions() { if ('tgmpa-bulk-install' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); $plugins_to_install = array(); $plugin_installs = array(); $plugin_path = array(); $plugin_name = array(); if (isset($_GET['plugins'])) { $plugins = explode(',', stripslashes($_GET['plugins'])); } elseif (isset($_POST['plugin'])) { $plugins = (array) $_POST['plugin']; } else { $plugins = array(); } if (isset($_POST['plugin'])) { foreach ($plugins as $plugin_data) { $plugins_to_install[] = explode(',', $plugin_data); } foreach ($plugins_to_install as $plugin_data) { $plugin_installs[] = $plugin_data[0]; $plugin_path[] = $plugin_data[1]; $plugin_name[] = $plugin_data[2]; } } else { foreach ($plugins as $key => $value) { if (0 == $key % 3 || 0 == $key) { $plugins_to_install[] = $value; $plugin_installs[] = $value; } } } if (isset($_GET['plugin_paths'])) { $plugin_paths = explode(',', stripslashes($_GET['plugin_paths'])); } elseif (isset($_POST['plugin'])) { $plugin_paths = (array) $plugin_path; } else { $plugin_paths = array(); } if (isset($_GET['plugin_names'])) { $plugin_names = explode(',', stripslashes($_GET['plugin_names'])); } elseif (isset($_POST['plugin'])) { $plugin_names = (array) $plugin_name; } else { $plugin_names = array(); } $i = 0; foreach ($plugin_installs as $key => $plugin) { if (preg_match('|.php$|', $plugin)) { unset($plugin_installs[$key]); if (!isset($_GET['plugin_paths'])) { unset($plugin_paths[$i]); } if (!isset($_GET['plugin_names'])) { unset($plugin_names[$i]); } } $i++; } if (empty($plugin_installs)) { return false; } $plugin_installs = array_values($plugin_installs); $plugin_paths = array_values($plugin_paths); $plugin_names = array_values($plugin_names); $plugin_installs = array_map('urldecode', $plugin_installs); $plugin_paths = array_map('urldecode', $plugin_paths); $plugin_names = array_map('urldecode', $plugin_names); $url = wp_nonce_url(add_query_arg(array('page' => urlencode(TGM_Plugin_Activation::$instance->menu), 'tgmpa-action' => 'install-selected', 'plugins' => urlencode(implode(',', $plugins)), 'plugin_paths' => urlencode(implode(',', $plugin_paths)), 'plugin_names' => urlencode(implode(',', $plugin_names))), network_admin_url('themes.php')), 'bulk-plugins'); $method = ''; $fields = array('action', '_wp_http_referer', '_wpnonce'); if (false === ($creds = request_filesystem_credentials(esc_url_raw($url), $method, false, false, $fields))) { return true; } if (!WP_Filesystem($creds)) { request_filesystem_credentials(esc_url_raw($url), $method, true, false, $fields); return true; } require_once ABSPATH . 'wp-admin/includes/plugin-install.php'; require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; $api = array(); $sources = array(); $install_path = array(); $i = 0; foreach ($plugin_installs as $plugin) { $api[$i] = plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false))) ? plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false))) : (object) ($api[$i] = 'tgmpa-empty'); $i++; } if (is_wp_error($api)) { wp_die(TGM_Plugin_Activation::$instance->strings['oops'] . var_dump($api)); } $i = 0; foreach ($api as $object) { $sources[$i] = isset($object->download_link) && 'repo' == $plugin_paths[$i] ? $object->download_link : $plugin_paths[$i]; $i++; } $url = esc_url_raw(add_query_arg(array('page' => urlencode(TGM_Plugin_Activation::$instance->menu)), network_admin_url('themes.php'))); $nonce = 'bulk-plugins'; $names = $plugin_names; $installer = new TGM_Bulk_Installer($skin = new TGM_Bulk_Installer_Skin(compact('url', 'nonce', 'names'))); echo '<div class="tgmpa wrap">'; echo '<h2>' . esc_html(get_admin_page_title()) . '</h2>'; $installer->bulk_install($sources); echo '</div>'; return true; } if ('tgmpa-bulk-activate' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); $plugins = isset($_POST['plugin']) ? (array) $_POST['plugin'] : array(); $plugins_to_activate = array(); foreach ($plugins as $i => $plugin) { $plugins_to_activate[] = explode(',', $plugin); } foreach ($plugins_to_activate as $i => $array) { if (!preg_match('|.php$|', $array[0])) { unset($plugins_to_activate[$i]); } } if (empty($plugins_to_activate)) { return; } $plugins = array(); $plugin_names = array(); foreach ($plugins_to_activate as $plugin_string) { $plugins[] = $plugin_string[0]; $plugin_names[] = $plugin_string[2]; } $count = count($plugin_names); $last_plugin = array_pop($plugin_names); $imploded = empty($plugin_names) ? '<strong>' . $last_plugin . '</strong>' : '<strong>' . (implode(', ', $plugin_names) . '</strong> and <strong>' . $last_plugin . '</strong>.'); $activate = activate_plugins($plugins); if (is_wp_error($activate)) { echo '<div id="message" class="error"><p>' . $activate->get_error_message() . '</p></div>'; } else { printf('<div id="message" class="updated"><p>%1$s %2$s.</p></div>', _n('The following plugin was activated successfully:', 'The following plugins were activated successfully:', $count, 'tgmpa'), $imploded); } $recent = (array) get_option('recently_activated'); foreach ($plugins as $plugin => $time) { if (isset($recent[$plugin])) { unset($recent[$plugin]); } } update_option('recently_activated', $recent); unset($_POST); } }
/** * Processes bulk installation and activation actions. * * The bulk installation process looks for the $_POST information and passes that * through if a user has to use WP_Filesystem to enter their credentials. * * @since 2.2.0 */ public function process_bulk_actions() { // Bulk installation process. if ('tgmpa-bulk-install' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); $plugins_to_install = array(); if (!empty($_POST['plugin'])) { if (is_array($_POST['plugin'])) { $plugins_to_install = (array) $_POST['plugin']; } elseif (is_string($_POST['plugin'])) { // Received via Filesystem page - unflatten array (WP bug #19643) $plugins_to_install = explode(',', $_POST['plugin']); } // Sanitize the received input $plugins_to_install = array_map('sanitize_key', $plugins_to_install); // Validate the received input foreach ($plugins_to_install as $key => $slug) { // Check if the plugin was registered with TGMPA and remove if not if (!isset($this->tgmpa->plugins[$slug])) { unset($plugins_to_install[$key]); } elseif ($slug !== $this->tgmpa->plugins[$slug]['file_path'] && preg_match('|.php$|', $this->tgmpa->plugins[$slug]['file_path'])) { unset($plugins_to_install[$key]); } } } // No need to proceed further if we have no plugins to install. if (empty($plugins_to_install)) { echo '<div id="message" class="error"><p>', esc_html__('No plugins are available to be installed at this time.', 'tgmpa'), '</p></div>'; return false; } // Pass all necessary information if WP_Filesystem is needed. $url = wp_nonce_url($this->tgmpa->get_tgmpa_url(), 'bulk-' . $this->_args['plural']); // Give validated data back to $_POST which is the only place the filesystem looks for extra fields $_POST['plugin'] = implode(',', $plugins_to_install); // Work around for WP bug #19643 $method = ''; // Leave blank so WP_Filesystem can populate it as necessary. $fields = array_keys($_POST); // Extra fields to pass to WP_Filesystem. if (false === ($creds = request_filesystem_credentials(esc_url_raw($url), $method, false, false, $fields))) { return true; // Stop the normal page form from displaying, credential request form will be shown } // Now we have some credentials, setup WP_Filesystem if (!WP_Filesystem($creds)) { // Our credentials were no good, ask the user for them again request_filesystem_credentials(esc_url_raw($url), $method, true, false, $fields); return true; } // If we arrive here, we have the filesystem require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; // Need for upgrade classes // Store all information in arrays since we are processing a bulk installation. $names = array(); $sources = array(); // Prepare the data for validated plugins for the install foreach ($plugins_to_install as $slug) { $name = $this->tgmpa->plugins[$slug]['name']; $source = $this->tgmpa->get_download_url($slug); if (!empty($name) && !empty($source)) { $names[] = $name; $sources[] = $source; } } unset($slug, $name, $source); // Finally, all the data is prepared to be sent to the installer. $url = esc_url_raw($this->tgmpa->get_tgmpa_url()); $nonce = 'bulk-plugins'; // Create a new instance of TGM_Bulk_Installer. $installer = new TGM_Bulk_Installer(new TGM_Bulk_Installer_Skin(compact('url', 'nonce', 'names'))); // Wrap the install process with the appropriate HTML. echo '<div class="tgmpa wrap">', '<h2>', esc_html(get_admin_page_title()), '</h2>'; // Process the bulk installation submissions. add_filter('upgrader_source_selection', array($this->tgmpa, 'maybe_adjust_source_dir'), 1, 3); $installer->bulk_install($sources); remove_filter('upgrader_source_selection', array($this->tgmpa, 'maybe_adjust_source_dir'), 1, 3); echo '</div>'; return true; } // Bulk activation process. if ('tgmpa-bulk-activate' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); // Grab plugin data from $_POST. $plugins = array(); if (isset($_POST['plugin'])) { $plugins = array_map('sanitize_key', (array) $_POST['plugin']); } $plugins_to_activate = array(); $plugin_names = array(); // Grab the file paths for the selected & inactive plugins from the registration array foreach ($plugins as $plugin) { if (!empty($this->tgmpa->plugins[$plugin]['file_path']) && !is_plugin_active($this->tgmpa->plugins[$plugin]['file_path'])) { $plugins_to_activate[] = $this->tgmpa->plugins[$plugin]['file_path']; $plugin_names[] = $this->tgmpa->plugins[$plugin]['name']; } } unset($plugin); // Return early if there are no plugins to activate. if (empty($plugins_to_activate)) { echo '<div id="message" class="error"><p>', esc_html__('No plugins are available to be activated at this time.', 'tgmpa'), '</p></div>'; return false; } // Now we are good to go - let's start activating plugins. $activate = activate_plugins($plugins_to_activate); if (is_wp_error($activate)) { echo '<div id="message" class="error"><p>', wp_kses_post($activate->get_error_message()), '</p></div>'; } else { $count = count($plugin_names); // Count so we can use _n function. $plugin_names = array_map(array('TGM_Utils', 'wrap_in_strong'), $plugin_names); $last_plugin = array_pop($plugin_names); // Pop off last name to prep for readability. $imploded = empty($plugin_names) ? $last_plugin : implode(', ', $plugin_names) . ' ' . esc_html_x('and', 'plugin A *and* plugin B', 'tgmpa') . ' ' . $last_plugin; printf('<div id="message" class="updated"><p>%1$s %2$s.</p></div>', esc_html(_n('The following plugin was activated successfully:', 'The following plugins were activated successfully:', $count, 'tgmpa')), $imploded); // Update recently activated plugins option. $recent = (array) get_option('recently_activated'); foreach ($plugins_to_activate as $plugin => $time) { if (isset($recent[$plugin])) { unset($recent[$plugin]); } } update_option('recently_activated', $recent); } unset($_POST); // Reset the $_POST variable in case user wants to perform one action after another. return true; } return false; }
/** * Processes bulk installation and activation actions. * * The bulk installation process looks either for the $_POST * information or for the plugin info within the $_GET variable if * a user has to use WP_Filesystem to enter their credentials. * * @since 2.2.0 */ public function process_bulk_actions() { /** Bulk installation process */ if ('tgmpa-bulk-install' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); /** Prep variables to be populated */ $plugins_to_install = array(); $plugin_installs = array(); $plugin_path = array(); $plugin_name = array(); /** Look first to see if information has been passed via WP_Filesystem */ if (isset($_GET[sanitize_key('plugins')])) { $plugins = explode(',', stripslashes($_GET[sanitize_key('plugins')])); } elseif (isset($_POST[sanitize_key('plugin')])) { $plugins = (array) $_POST[sanitize_key('plugin')]; } else { $plugins = array(); } $a = 0; // Incremental variable /** Grab information from $_POST if available */ if (isset($_POST[sanitize_key('plugin')])) { foreach ($plugins as $plugin_data) { $plugins_to_install[] = explode(',', $plugin_data); //$plugins_to_install[0][0] = ''; } foreach ($plugins_to_install as $plugin_data) { $plugin_installs[] = ''; $plugin_path[] = $plugin_data[1]; $plugin_name[] = $plugin_data[2]; } } else { foreach ($plugins as $key => $value) { out($key . "+" . $value); /** Grab plugin slug for each plugin */ if (0 == $key % 3 || 0 == $key) { $plugins_to_install[] = $value; $plugin_installs[] = $value; } $a++; } } /** Look first to see if information has been passed via WP_Filesystem */ if (isset($_GET[sanitize_key('plugin_paths')])) { $plugin_paths = explode(',', stripslashes($_GET[sanitize_key('plugin_paths')])); } elseif (isset($_POST[sanitize_key('plugin')])) { $plugin_paths = (array) $plugin_path; } else { $plugin_paths = array(); } /** Look first to see if information has been passed via WP_Filesystem */ if (isset($_GET[sanitize_key('plugin_names')])) { $plugin_names = explode(',', stripslashes($_GET[sanitize_key('plugin_names')])); } elseif (isset($_POST[sanitize_key('plugin')])) { $plugin_names = (array) $plugin_name; } else { $plugin_names = array(); } $b = 0; // Incremental variable /** Loop through plugin slugs and remove already installed plugins from the list */ foreach ($plugin_installs as $key => $plugin) { if (preg_match('|.php$|', $plugin)) { unset($plugin_installs[$key]); /** If the plugin path isn't in the $_GET variable, we can unset the corresponding path */ if (!isset($_GET[sanitize_key('plugin_paths')])) { unset($plugin_paths[$b]); } /** If the plugin name isn't in the $_GET variable, we can unset the corresponding name */ if (!isset($_GET[sanitize_key('plugin_names')])) { unset($plugin_names[$b]); } } $b++; } /** No need to proceed further if we have no plugins to install */ if (empty($plugin_installs)) { return false; } /** Reset array indexes in case we removed already installed plugins */ $plugin_installs = array_values($plugin_installs); $plugin_paths = array_values($plugin_paths); $plugin_names = array_values($plugin_names); /** If we grabbed our plugin info from $_GET, we need to decode it for use */ $plugin_installs = array_map('urldecode', $plugin_installs); $plugin_paths = array_map('urldecode', $plugin_paths); $plugin_names = array_map('urldecode', $plugin_names); /** Pass all necessary information via URL if WP_Filesystem is needed */ $url = wp_nonce_url(add_query_arg(array('page' => TGM_Plugin_Activation::$instance->menu, 'tgmpa-action' => 'install-selected', 'plugins' => urlencode(implode(',', $plugins)), 'plugin_paths' => urlencode(implode(',', $plugin_paths)), 'plugin_names' => urlencode(implode(',', $plugin_names))), admin_url(TGM_Plugin_Activation::$instance->parent_url_slug)), 'bulk-plugins'); $method = ''; // Leave blank so WP_Filesystem can populate it as necessary $fields = array(sanitize_key('action'), sanitize_key('_wp_http_referer'), sanitize_key('_wpnonce')); // Extra fields to pass to WP_Filesystem if (false === ($creds = request_filesystem_credentials($url, $method, false, false, $fields))) { return true; } if (!WP_Filesystem($creds)) { request_filesystem_credentials($url, $method, true, false, $fields); // Setup WP_Filesystem return true; } require_once ABSPATH . 'wp-admin/includes/plugin-install.php'; // Need for plugins_api require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; // Need for upgrade classes /** Store all information in arrays since we are processing a bulk installation */ $api = array(); $sources = array(); $install_path = array(); $c = 0; // Incremental variable /** Loop through each plugin to install and try to grab information from WordPress API, if not create 'tgmpa-empty' scalar */ foreach ($plugin_installs as $plugin) { $api[$c] = plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false))) ? plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false))) : (object) ($api[$c] = 'tgmpa-empty'); $c++; } if (is_wp_error($api)) { wp_die(TGM_Plugin_Activation::$instance->strings['oops'] . var_dump($api)); } $d = 0; // Incremental variable /** Capture download links from $api or set install link to pre-packaged/private repo */ foreach ($api as $object) { $sources[$d] = isset($object->download_link) && 'repo' == $plugin_paths[$d] ? $object->download_link : $plugin_paths[$d]; $d++; } /** Finally, all the data is prepared to be sent to the installer */ $url = add_query_arg(array('page' => TGM_Plugin_Activation::$instance->menu), admin_url(TGM_Plugin_Activation::$instance->parent_url_slug)); $nonce = 'bulk-plugins'; $names = $plugin_names; /** Create a new instance of TGM_Bulk_Installer */ $installer = new TGM_Bulk_Installer($skin = new TGM_Bulk_Installer_Skin(compact('url', 'nonce', 'names'))); /** Wrap the install process with the appropriate HTML */ // echo '<div class="tgmpa wrap">'; // screen_icon( apply_filters( 'tgmpa_default_screen_icon', 'themes' ) ); // echo '<h2>' . esc_html( get_admin_page_title() ) . '</h2>'; /** Process the bulk installation submissions */ $installer->bulk_install($sources); // echo '</div>'; $this->process_bulk_activate(); return true; } /** Bulk activation process */ if ('tgmpa-bulk-activate' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); $this->process_bulk_activate(); return true; } /** Bulk delete process */ if ('tgmpa-bulk-delete' === $this->current_action()) { check_admin_referer('bulk-' . $this->_args['plural']); $this->process_bulk_delete(); $link = admin_url('admin.php?page=plugin-installer'); $redirect = '<script type="text/javascript">window.location = "' . $link . '";</script>'; echo $redirect; } }