function admin_init()
{
add_action('core_upgrade_preamble', array($this, 'core_upgrade_preamble'));
add_action('admin_action_upgrade-plugin', array($this, 'admin_action_upgrade_pluginortheme'));
add_action('admin_action_upgrade-theme', array($this, 'admin_action_upgrade_pluginortheme'));
add_action('admin_head', array($this, 'admin_head'));
add_filter((is_multisite() ? 'network_admin_' : '') . 'plugin_action_links', array($this, 'plugin_action_links'), 10, 2);
add_action('wp_ajax_updraft_download_backup', array($this, 'updraft_download_backup'));
add_action('wp_ajax_updraft_ajax', array($this, 'updraft_ajax_handler'));
add_action('wp_ajax_plupload_action', array($this, 'plupload_action'));
add_action('wp_ajax_plupload_action2', array($this, 'plupload_action2'));
global $updraftplus, $wp_version, $pagenow;
add_filter('updraftplus_dirlist_others', array($updraftplus, 'backup_others_dirlist'));
add_filter('updraftplus_dirlist_uploads', array($updraftplus, 'backup_uploads_dirlist'));
// First, the checks that are on all (admin) pages:
$service = UpdraftPlus_Options::get_updraft_option('updraft_service');
if (UpdraftPlus_Options::user_can_manage() && ('googledrive' === $service || is_array($service) && in_array('googledrive', $service)) && UpdraftPlus_Options::get_updraft_option('updraft_googledrive_clientid', '') != '' && UpdraftPlus_Options::get_updraft_option('updraft_googledrive_token', '') == '') {
add_action('all_admin_notices', array($this, 'show_admin_warning_googledrive'));
}
if (UpdraftPlus_Options::user_can_manage() && ('dropbox' === $service || is_array($service) && in_array('dropbox', $service)) && UpdraftPlus_Options::get_updraft_option('updraft_dropboxtk_request_token', '') == '') {
add_action('all_admin_notices', array($this, 'show_admin_warning_dropbox'));
}
if (UpdraftPlus_Options::user_can_manage() && $this->disk_space_check(1024 * 1024 * 35) === false) {
add_action('all_admin_notices', array($this, 'show_admin_warning_diskspace'));
}
// Next, the actions that only come on the UpdraftPlus page
if ($pagenow != UpdraftPlus_Options::admin_page() || empty($_REQUEST['page']) || 'updraftplus' != $_REQUEST['page']) {
return;
}
if (UpdraftPlus_Options::user_can_manage() && defined('DISABLE_WP_CRON') && DISABLE_WP_CRON == true) {
add_action('all_admin_notices', array($this, 'show_admin_warning_disabledcron'));
}
if (UpdraftPlus_Options::get_updraft_option('updraft_debug_mode')) {
@ini_set('display_errors', 1);
@error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
add_action('all_admin_notices', array($this, 'show_admin_debug_warning'));
}
# Avoid false positives, by attempting to raise the limit (as happens when we actually do a backup)
@set_time_limit(900);
$max_execution_time = (int) @ini_get('max_execution_time');
if ($max_execution_time > 0 && $max_execution_time < 20) {
add_action('all_admin_notices', array($this, 'show_admin_warning_execution_time'));
}
// LiteSpeed has a generic problem with terminating cron jobs
if (isset($_SERVER['SERVER_SOFTWARE']) && strpos($_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') !== false) {
if (!is_file(ABSPATH . '.htaccess') || !preg_match('/noabort/i', file_get_contents(ABSPATH . '.htaccess'))) {
add_action('all_admin_notices', array($this, 'show_admin_warning_litespeed'));
}
}
if (version_compare($wp_version, '3.2', '<')) {
add_action('all_admin_notices', array($this, 'show_admin_warning_wordpressversion'));
}
wp_enqueue_script('updraftplus-admin-ui', UPDRAFTPLUS_URL . '/includes/updraft-admin-ui.js', array('jquery', 'jquery-ui-dialog', 'plupload-all'), '31');
wp_localize_script('updraftplus-admin-ui', 'updraftlion', array('sendonlyonwarnings' => __('Send a report only when there are warnings/errors', 'updraftplus'), 'wholebackup' => __('When the Email storage method is enabled, also send the entire backup', 'updraftplus'), 'emailsizelimits' => esc_attr(sprintf(__('Be aware that mail servers tend to have size limits; typically around %s Mb; backups larger than any limits will likely not arrive.', 'updraftplus'), '10-20')), 'rescanning' => __('Rescanning (looking for backups that you have uploaded manually into the internal backup store)...', 'updraftplus'), 'enteremailhere' => esc_attr(__('To send to more than one address, separate each address with a comma.', 'updraftplus')), 'excludedeverything' => __('If you exclude both the database and the files, then you have excluded everything!', 'updraftplus'), 'restoreproceeding' => __('The restore operation has begun. Do not press stop or close your browser until it reports itself as having finished.', 'updraftplus'), 'unexpectedresponse' => __('Unexpected response:', 'updraftplus'), 'servererrorcode' => __('The web server returned an error code (try again, or check your web server logs)', 'updraftplus'), 'newuserpass' => __("The new user's RackSpace console password is (this will not be shown again):", 'updraftplus'), 'trying' => __('Trying...', 'updraftplus'), 'calculating' => __('calculating...', 'updraftplus'), 'begunlooking' => __('Begun looking for this entity', 'updraftplus'), 'stilldownloading' => __('Some files are still downloading or being processed - please wait.', 'updraftplus'), 'processing' => __('Processing files - please wait...', 'updraftplus'), 'emptyresponse' => __('Error: the server sent an empty response.', 'updraftplus'), 'warnings' => __('Warnings:', 'updraftplus'), 'errors' => __('Errors:', 'updraftplus'), 'jsonnotunderstood' => __('Error: the server sent us a response (JSON) which we did not understand.', 'updraftplus'), 'error' => __('Error:', 'updraftplus'), 'fileready' => __('File ready.', 'updraftplus'), 'youshould' => __('You should:', 'updraftplus'), 'deletefromserver' => __('Delete from your web server', 'updraftplus'), 'downloadtocomputer' => __('Download to your computer', 'updraftplus'), 'andthen' => __('and then, if you wish,', 'updraftplus'), 'notunderstood' => __('Download error: the server sent us a response which we did not understand.', 'updraftplus'), 'requeststart' => __('Requesting start of backup...', 'updraftplus'), 'phpinfo' => __('PHP information', 'updraftplus'), 'delete_old_dirs' => __('Delete Old Directories', 'updraftplus'), 'raw' => __('Raw backup history', 'updraftplus'), 'notarchive' => __('This file does not appear to be an UpdraftPlus backup archive (such files are .zip or .gz files which have a name like: backup_(time)_(site name)_(code)_(type).(zip|gz)). However, UpdraftPlus archives are standard zip/SQL files - so if you are sure that your file has the right format, then you can rename it to match that pattern.', 'updraftplus'), 'makesure' => __('(make sure that you were trying to upload a zip file previously created by UpdraftPlus)', 'updraftplus'), 'uploaderror' => __('Upload error:', 'updraftplus'), 'notdba' => __('This file does not appear to be an UpdraftPlus encrypted database archive (such files are .gz.crypt files which have a name like: backup_(time)_(site name)_(code)_db.crypt.gz).', 'updraftplus'), 'uploaderr' => __('Upload error', 'updraftplus'), 'followlink' => __('Follow this link to attempt decryption and download the database file to your computer.', 'updraftplus'), 'thiskey' => __('This decryption key will be attempted:', 'updraftplus'), 'unknownresp' => __('Unknown server response:', 'updraftplus'), 'ukrespstatus' => __('Unknown server response status:', 'updraftplus'), 'uploaded' => __('The file was uploaded.', 'updraftplus'), 'backupnow' => __('Backup Now', 'updraftplus'), 'cancel' => __('Cancel', 'updraftplus'), 'deletebutton' => __('Delete', 'updraftplus'), 'createbutton' => __('Create', 'updraftplus'), 'close' => __('Close', 'updraftplus'), 'restore' => __('Restore', 'updraftplus')));
}
function admin_init()
{
add_action('admin_head', array($this, 'admin_head'));
add_filter('plugin_action_links', array($this, 'plugin_action_links'), 10, 2);
add_action('wp_ajax_updraft_download_backup', array($this, 'updraft_download_backup'));
add_action('wp_ajax_updraft_ajax', array($this, 'updraft_ajax_handler'));
add_action('wp_ajax_plupload_action', array($this, 'plupload_action'));
add_action('wp_ajax_plupload_action2', array($this, 'plupload_action2'));
global $updraftplus, $wp_version, $pagenow;
add_filter('updraftplus_dirlist_others', array($updraftplus, 'backup_others_dirlist'));
// First, the checks that are on all (admin) pages:
if (UpdraftPlus_Options::user_can_manage() && UpdraftPlus_Options::get_updraft_option('updraft_service') == "googledrive" && UpdraftPlus_Options::get_updraft_option('updraft_googledrive_clientid', '') != '' && UpdraftPlus_Options::get_updraft_option('updraft_googledrive_token', '') == '') {
add_action('admin_notices', array($this, 'show_admin_warning_googledrive'));
}
if (UpdraftPlus_Options::user_can_manage() && UpdraftPlus_Options::get_updraft_option('updraft_service') == "dropbox" && UpdraftPlus_Options::get_updraft_option('updraft_dropboxtk_request_token', '') == '') {
add_action('admin_notices', array($this, 'show_admin_warning_dropbox'));
}
if (UpdraftPlus_Options::user_can_manage() && $this->disk_space_check(1024 * 1024 * 35) === false) {
add_action('admin_notices', array($this, 'show_admin_warning_diskspace'));
}
// Next, the actions that only come on settings pages
// if ($pagenow != 'options-general.php') return;
// Next, the actions that only come on the UpdraftPlus page
if ($pagenow != 'options-general.php' || !isset($_REQUEST['page']) || 'updraftplus' != $_REQUEST['page']) {
return;
}
if (UpdraftPlus_Options::get_updraft_option('updraft_debug_mode')) {
@ini_set('display_errors', 1);
@error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
add_action('admin_notices', array($this, 'show_admin_debug_warning'));
}
// W3 Total Cache's object cache eats transients during cron jobs. Reported to them many times by multiple people.
if (defined('W3TC') && W3TC == true) {
if (function_exists('w3_instance')) {
$modules = w3_instance('W3_ModuleStatus');
if ($modules->is_enabled('objectcache')) {
add_action('admin_notices', array($this, 'show_admin_warning_w3_total_cache'));
}
}
}
// LiteSpeed has a generic problem with terminating cron jobs
if (isset($_SERVER['SERVER_SOFTWARE']) && strpos($_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') !== false) {
if (!is_file(ABSPATH . '.htaccess') || !preg_match('/noabort/i', file_get_contents(ABSPATH . '.htaccess'))) {
add_action('admin_notices', array($this, 'show_admin_warning_litespeed'));
}
}
if (version_compare($wp_version, '3.2', '<')) {
add_action('admin_notices', array($this, 'show_admin_warning_wordpressversion'));
}
wp_enqueue_script('jquery');
wp_enqueue_script('jquery-ui-dialog');
wp_enqueue_script('plupload-all');
wp_register_script('updraftplus-plupload', UPDRAFTPLUS_URL . '/includes/ud-plupload.js', array('jquery'));
wp_enqueue_script('updraftplus-plupload');
}
public function handle_url_actions()
{
// First, basic security check: must be an admin page, with ability to manage options, with the right parameters
// Also, only on GET because WordPress on the options page repeats parameters sometimes when POST-ing via the _wp_referer field
if (isset($_SERVER['REQUEST_METHOD']) && 'GET' == $_SERVER['REQUEST_METHOD'] && isset($_GET['action'])) {
if (preg_match("/^updraftmethod-([a-z]+)-([a-z]+)\$/", $_GET['action'], $matches) && file_exists(UPDRAFTPLUS_DIR . '/methods/' . $matches[1] . '.php') && UpdraftPlus_Options::user_can_manage()) {
$_GET['page'] = 'updraftplus';
$_REQUEST['page'] = 'updraftplus';
$method = $matches[1];
require_once UPDRAFTPLUS_DIR . '/methods/' . $method . '.php';
$call_class = "UpdraftPlus_BackupModule_" . $method;
$call_method = "action_" . $matches[2];
$backup_obj = new $call_class();
add_action('http_request_args', array($this, 'modify_http_options'));
try {
if (method_exists($backup_obj, $call_method)) {
call_user_func(array($backup_obj, $call_method));
} elseif (method_exists($backup_obj, 'action_handler')) {
call_user_func(array($backup_obj, 'action_handler'), $matches[2]);
}
} catch (Exception $e) {
$this->log(sprintf(__("%s error: %s", 'updraftplus'), $method, $e->getMessage() . ' (' . $e->getCode() . ')', 'error'));
}
remove_action('http_request_args', array($this, 'modify_http_options'));
} elseif (isset($_GET['page']) && $_GET['page'] == 'updraftplus' && $_GET['action'] == 'downloadlog' && isset($_GET['updraftplus_backup_nonce']) && preg_match("/^[0-9a-f]{12}\$/", $_GET['updraftplus_backup_nonce']) && UpdraftPlus_Options::user_can_manage()) {
// No WordPress nonce is needed here or for the next, since the backup is already nonce-based
$updraft_dir = $this->backups_dir_location();
$log_file = $updraft_dir . '/log.' . $_GET['updraftplus_backup_nonce'] . '.txt';
if (is_readable($log_file)) {
header('Content-type: text/plain');
if (!empty($_GET['force_download'])) {
header('Content-Disposition: attachment; filename="' . basename($log_file) . '"');
}
readfile($log_file);
exit;
} else {
add_action('all_admin_notices', array($this, 'show_admin_warning_unreadablelog'));
}
} elseif (isset($_GET['page']) && $_GET['page'] == 'updraftplus' && $_GET['action'] == 'downloadfile' && isset($_GET['updraftplus_file']) && preg_match('/^backup_([\\-0-9]{15})_.*_([0-9a-f]{12})-db([0-9]+)?+\\.(gz\\.crypt)$/i', $_GET['updraftplus_file']) && UpdraftPlus_Options::user_can_manage()) {
$updraft_dir = $this->backups_dir_location();
$spool_file = $updraft_dir . '/' . basename($_GET['updraftplus_file']);
if (is_readable($spool_file)) {
$dkey = isset($_GET['decrypt_key']) ? $_GET['decrypt_key'] : "";
$this->spool_file('db', $spool_file, $dkey);
exit;
} else {
add_action('all_admin_notices', array($this, 'show_admin_warning_unreadablefile'));
}
}
}
}
public function updraft_ajax_savesettings()
{
global $updraftplus;
if (empty($_POST) || empty($_POST['subaction']) || 'savesettings' != $_POST['subaction'] || !isset($_POST['nonce']) || !is_user_logged_in() || !UpdraftPlus_Options::user_can_manage() || !wp_verify_nonce($_POST['nonce'], 'updraftplus-settings-nonce')) {
die('Security check');
}
if (empty($_POST['settings']) || !is_string($_POST['settings'])) {
die('Invalid data');
}
parse_str($_POST['settings'], $posted_settings);
// We now have $posted_settings as an array
echo json_encode($this->save_settings($posted_settings));
die;
}
public function plupload_action2()
{
@set_time_limit(900);
global $updraftplus;
if (!UpdraftPlus_Options::user_can_manage()) {
exit;
}
check_ajax_referer('updraft-uploader');
$updraft_dir = $updraftplus->backups_dir_location();
if (!is_writable($updraft_dir)) {
exit;
}
add_filter('upload_dir', array($this, 'upload_dir'));
add_filter('sanitize_file_name', array($this, 'sanitize_file_name'));
// handle file upload
$farray = array('test_form' => true, 'action' => 'plupload_action2');
$farray['test_type'] = false;
$farray['ext'] = 'crypt';
$farray['type'] = 'application/octet-stream';
if (isset($_POST['chunks'])) {
// $farray['ext'] = 'zip';
// $farray['type'] = 'application/zip';
} else {
$farray['unique_filename_callback'] = array($this, 'unique_filename_callback');
}
$status = wp_handle_upload($_FILES['async-upload'], $farray);
remove_filter('upload_dir', array($this, 'upload_dir'));
remove_filter('sanitize_file_name', array($this, 'sanitize_file_name'));
if (isset($status['error'])) {
echo 'ERROR:' . $status['error'];
exit;
}
// If this was the chunk, then we should instead be concatenating onto the final file
if (isset($_POST['chunks']) && isset($_POST['chunk']) && preg_match('/^[0-9]+$/', $_POST['chunk'])) {
$final_file = basename($_POST['name']);
rename($status['file'], $updraft_dir . '/' . $final_file . '.' . $_POST['chunk'] . '.zip.tmp');
$status['file'] = $updraft_dir . '/' . $final_file . '.' . $_POST['chunk'] . '.zip.tmp';
// Final chunk? If so, then stich it all back together
if ($_POST['chunk'] == $_POST['chunks'] - 1) {
if ($wh = fopen($updraft_dir . '/' . $final_file, 'wb')) {
for ($i = 0; $i < $_POST['chunks']; $i++) {
$rf = $updraft_dir . '/' . $final_file . '.' . $i . '.zip.tmp';
if ($rh = fopen($rf, 'rb')) {
while ($line = fread($rh, 32768)) {
fwrite($wh, $line);
}
fclose($rh);
@unlink($rf);
}
}
fclose($wh);
$status['file'] = $updraft_dir . '/' . $final_file;
}
}
}
if (!isset($_POST['chunks']) || isset($_POST['chunk']) && $_POST['chunk'] == $_POST['chunks'] - 1) {
$file = basename($status['file']);
if (!preg_match('/^backup_([\\-0-9]{15})_.*_([0-9a-f]{12})-db([0-9]+)?\\.(gz\\.crypt)$/i', $file)) {
@unlink($status['file']);
echo 'ERROR:' . __('Bad filename format - this does not look like an encrypted database file created by UpdraftPlus', 'updraftplus');
exit;
}
}
// send the uploaded file url in response
// echo 'OK:'.$status['url'];
echo 'OK:' . $file;
exit;
}
public function options_printpage()
{
if (!UpdraftPlus_Options::user_can_manage()) {
wp_die(__('You do not have sufficient permissions to access this page.'));
}
$options = $this->options->get_option(UDADDONS2_SLUG . '_options');
$user_and_pass_at_top = empty($options['email']) ? true : false;
$title = htmlspecialchars($this->title);
$mother = $this->mother;
echo <<<ENDHERE
\t<div class="wrap">
\t\t
ENDHERE;
$enter_credentials_begin = UpdraftPlus_Options::options_form_begin('', false);
if (is_multisite()) {
$enter_credentials_begin .= '<input type="hidden" name="action" value="update">';
}
$interested = htmlspecialchars(__('Interested in knowing about your UpdraftPlus.Com password security? Read about it here.', 'updraftplus'));
$connect = htmlspecialchars(__('Connect', 'updraftplus'));
$enter_credentials_end = <<<ENDHERE
\t\t\t<p style="margin-left: 258px;">
\t\t\t\t<input id="ud_connectsubmit" type="submit" class="button-primary" value="{$connect}" />
\t\t\t</p>
\t\t\t<p style="margin-left: 258px; font-size: 70%"><em><a href="http://updraftplus.com/faqs/tell-me-about-my-updraftplus-com-account/">{$interested}</a></em></p>
\t\t</form>
ENDHERE;
global $updraftplus_addons2;
// $this->connected = (!empty($options['email']) && !empty($options['password'])) ? $updraftplus_addons2->connection_status() : false;
$this->connected = !empty($options['email']) ? $updraftplus_addons2->connection_status() : false;
if (true !== $this->connected) {
if (is_wp_error($this->connected)) {
$connection_errors = array();
foreach ($this->connected->get_error_messages() as $key => $msg) {
$connection_errors[] = $msg;
}
} else {
if (!empty($options['email']) && !empty($options['password'])) {
$connection_errors = array(__('An unknown error occurred when trying to connect to UpdraftPlus.Com', 'updraftplus'));
}
}
$this->connected = false;
}
if ($this->connected) {
echo '<p style="clear: both; float: left;">' . __('You are presently <strong>connected</strong> to an UpdraftPlus.Com account.', 'updraftplus');
echo ' <a href="#" onclick="jQuery(\'#ud_connectsubmit\').click();">' . __('If you bought new add-ons, then follow this link to refresh your connection', 'updraftplus') . '</a>.';
if (!empty($options['password'])) {
echo ' ' . __("Note that after you have claimed your add-ons, you can remove your password (but not the email address) from the settings below, without affecting this site's access to updates.", 'updraftplus');
}
} else {
// $oval = is_object($this->plug_updatechecker) ? get_site_option($this->plug_updatechecker->optionName, null) : null;
// // Detect the case where the password has been removed
// if (is_object($oval) && !empty($oval->lastCheck) && time()-$oval->lastCheck < 86400*8) {
// } else {
echo "<p>" . __('You are presently <strong>not connected</strong> to an UpdraftPlus.Com account.', 'updraftplus');
// }
}
echo '</p>';
if (isset($connection_errors)) {
echo '<div class="error"><p><strong>' . __('Errors occurred when trying to connect to UpdraftPlus.Com:', 'updraftplus') . '</strong></p><ul>';
foreach ($connection_errors as $err) {
echo '<li style="list-style:disc inside;">' . $err . '</li>';
}
echo '</ul></div>';
}
global $updraftplus_addons2;
$sid = $updraftplus_addons2->siteid();
$home_url = home_url();
// Enumerate possible unclaimed/re-claimable purchases, and what should be active on this site
$unclaimed_available = array();
$assigned = array();
$have_all = false;
if ($this->connected && isset($updraftplus_addons2->user_addons) && is_array($updraftplus_addons2->user_addons)) {
foreach ($updraftplus_addons2->user_addons as $akey => $addon) {
// Keys: site, sitedescription, key, status
if (isset($addon['status']) && 'active' == $addon['status'] && isset($addon['site']) && ('unclaimed' == $addon['site'] || 'unlimited' == $addon['site'])) {
$key = $addon['key'];
$unclaimed_available[$key] = array('eid' => $akey, 'status' => 'available');
} elseif (isset($addon['status']) && 'active' == $addon['status'] && isset($addon['site']) && $addon['site'] == $sid) {
$key = $addon['key'];
$assigned[$key] = $akey;
if ('all' == $key) {
$have_all = true;
}
} elseif (isset($addon['sitedescription']) && ($home_url === $addon['sitedescription'] || 0 === strpos($addon['sitedescription'], $home_url . ' - '))) {
# Is assigned to a site with the same URL as this one - allow a reclaim
$key = $addon['key'];
$unclaimed_available[$key] = array('eid' => $akey, 'status' => 'reclaimable');
}
}
}
if (!$this->connected) {
$this->show_credentials_form($enter_credentials_begin, $enter_credentials_end);
}
$email = isset($options['email']) ? $options['email'] : '';
$pass = isset($options['password']) ? base64_encode($options['password']) : '';
$sn = base64_encode(get_bloginfo('name'));
$su = base64_encode($home_url);
$ourpageslug = UDADDONS2_PAGESLUG;
$mother = $this->mother;
//$href = (is_multisite()) ? 'settings.php' : 'options-general.php';
$href = UpdraftPlus_Options::admin_page_url();
if (count($unclaimed_available) > 0) {
$nonce = wp_create_nonce('udmanager-nonce');
$pleasewait = htmlspecialchars(__('Please wait whilst we make the claim...', 'updraftplus'));
$notgranted = esc_js(__('Claim not granted - perhaps you have already used this purchase somewhere else?', 'updraftplus'));
$notgrantedlogin = esc_js(__('Claim not granted - your account login details were wrong', 'updraftplus'));
$ukresponse = esc_js(__('An unknown response was received. Response was:', 'updraftplus'));
echo <<<ENDHERE
\t\t<div id="udm_pleasewait" class="updated" style="border: 1px solid; padding: 10px; margin-top: 10px; margin-bottom: 10px; clear: both; float: left; display:none;"><strong>{$pleasewait}</strong></div>
\t\t<script type="text/javascript">
\t\t\tfunction udm_claim(key) {
\t\t\t\tvar data = {
\t\t\t\t\t\taction: 'udaddons_claimaddon',
\t\t\t\t\t\tnonce: '{$nonce}',
\t\t\t\t\t\tkey: key
\t\t\t\t};
\t\t\t\tjQuery('#udm_pleasewait').fadeIn();
\t\t\t\tjQuery.post(ajaxurl, data, function(response) {
\t\t\t\t\tif ('ERR' == response) {
\t\t\t\t\t\talert("{$notgranted}");
\t\t\t\t\t} else if (response == 'OK') {
\t\t\t\t\t\twindow.location.href = '{$href}?page={$ourpageslug}&udm_refresh=1&udm_clearcred=1&tab=addons';
\t\t\t\t\t} else if (response == 'BADAUTH') {
\t\t\t\t\t\talert("{$notgrantedlogin}");
\t\t\t\t\t} else {
\t\t\t\t\t\talert("{$ukresponse} "+response);
\t\t\t\t\t}
\t\t\t\t\tjQuery('#udm_pleasewait').fadeOut();
\t\t\t\t});
\t\t\t}
\t\t</script>
ENDHERE;
}
$this->update_js = '';
echo '<h3 style="clear:left; margin-top: 10px;">' . __('UpdraftPlus Addons', 'updraftplus') . '</h3><div>';
$addons = $updraftplus_addons2->get_available_addons();
$this->plugin_update_url = 'update-core.php';
# Can we get a direct update URL?
$updates_available = get_site_transient('update_plugins');
if (is_object($updates_available) && isset($updates_available->response) && isset($updraftplus_addons2->plug_updatechecker) && isset($updraftplus_addons2->plug_updatechecker->pluginFile) && isset($updates_available->response[$updraftplus_addons2->plug_updatechecker->pluginFile])) {
$file = $updraftplus_addons2->plug_updatechecker->pluginFile;
$this->plugin_update_url = wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&updraftplus_noautobackup=1&plugin=') . $file, 'upgrade-plugin_' . $file);
$this->update_js = '<script>jQuery(document).ready(function() { jQuery(\'#updraftaddons_updatewarning\').html(\'' . __('An update containing your addons is available for UpdraftPlus - please follow this link to get it.', 'updraftplus') . '\') });</script>';
}
$first = '';
$second = '';
$third = '';
if (is_array($addons)) {
foreach ($addons as $key => $addon) {
extract($addon);
if (empty($addon['latestversion'])) {
$latestversion = false;
}
if (empty($addon['installedversion'])) {
$installedversion = false;
}
if (empty($addon['installed']) && $installedversion == false) {
$installed = false;
}
$unclaimed = isset($unclaimed_available[$key]) ? $unclaimed_available[$key] : false;
$is_assigned = isset($assigned[$key]) ? $assigned[$key] : false;
$box = $this->addonbox($key, $name, $shopurl, $description, trim($installedversion), trim($latestversion), $installed, $unclaimed, $is_assigned, $have_all);
if ($is_assigned) {
$first .= $box;
} elseif (!empty($unclaimed)) {
$second .= $box;
} else {
$third .= $box;
}
}
} else {
echo "<em>" . __('An error occurred when trying to retrieve your add-ons.', 'updraftplus') . "</em>";
}
echo $first . $second . $third;
echo <<<ENDHERE
\t\t</div>
ENDHERE;
echo $this->update_js;
// TODO: Show their support package, if any - ?
if (is_array($updraftplus_addons2->user_support)) {
// Keys:
}
echo '<h3>' . __('UpdraftPlus Support', 'updraftplus') . '</h3>
<ul>
<li style="list-style:disc inside;">' . __('Need to get support?', 'updraftplus') . ' <a href="' . $mother . '/support/">' . __('Go here', 'updraftplus') . "</a>.</li>\n</ul>";
if ($this->connected) {
echo "<hr>";
$this->show_credentials_form($enter_credentials_begin, $enter_credentials_end);
}
echo '</div>';
}
public function admin_menu()
{
global $pagenow;
# Do we want to display a notice about the upcoming or past expiry of their UpdraftPlus subscription?
if (!empty($this->plug_updatechecker) && !empty($this->plug_updatechecker->optionName) && current_user_can('update_plugins')) {
#(!is_multisite() && 'options-general.php' == $pagenow) || (is_multisite() && 'settings.php' == $pagenow) ||
if ('plugins.php' == $pagenow || 'update-core.php' == $pagenow || ('options-general.php' == $pagenow || 'admin.php' == $pagenow) && !empty($_REQUEST['page']) && 'updraftplus' == $_REQUEST['page']) {
$do_expiry_check = true;
$dismiss = '';
} elseif (is_admin()) {
$dismissed_until = UpdraftPlus_Options::get_updraft_option('updraftplus_dismissedexpiry', 0);
if ($dismissed_until <= time()) {
$do_expiry_check = true;
$dismiss = '<div style="float:right; position: relative; top:-24px;" class="ud-expiry-dismiss"><a href="#" onclick="jQuery(\'.ud-expiry-dismiss\').parent().slideUp(); jQuery.post(ajaxurl, {action: \'updraft_ajax\', subaction: \'dismissexpiry\', nonce: \'' . wp_create_nonce('updraftplus-credentialtest-nonce') . '\' });">' . sprintf(__('Dismiss from main dashboard (for %s weeks)', 'updraftplus'), 2) . '</a></div>';
}
}
}
$oval = is_object($this->plug_updatechecker) ? get_site_option($this->plug_updatechecker->optionName, null) : null;
$updateskey = 'x-spm-expiry';
$supportkey = 'x-spm-support-expiry';
$yourversionkey = 'x-spm-yourversion-tested';
if (is_object($oval) && !empty($oval->update) && is_object($oval->update) && !empty($oval->update->{$yourversionkey}) && UpdraftPlus_Options::user_can_manage() && (!defined('UPDRAFTPLUS_DISABLECOMPATNOTICE') || true != UPDRAFTPLUS_DISABLECOMPATNOTICE)) {
// Prevent false-positives
if (file_exists(UPDRAFTPLUS_DIR . '/readme.txt') && ($fp = fopen(UPDRAFTPLUS_DIR . '/readme.txt', 'r'))) {
$file_data = fread($fp, 1024);
if (preg_match("/^Tested up to: (\\d+\\.\\d+).*(\r|\n)/", $file_data, $matches)) {
$readme_says = $matches[1];
}
fclose($fp);
}
global $wp_version;
include ABSPATH . WPINC . '/version.php';
$compare_wp_version = preg_match('/^(\\d+\\.\\d+)\\..*$/', $wp_version, $wmatches) ? $wmatches[1] : $wp_version;
$compare_tested_version = $oval->update->{$yourversionkey};
if (!empty($readme_says) && version_compare($readme_says, $compare_tested_version, '>')) {
$compare_tested_version = $readme_says;
}
#$compare_tested_version = (preg_match('/^(\d+\.\d+)\.*$/', $oval->update->$yourversionkey, $wmatches)) ? $wmatches[1] : $oval->update->$yourversionkey;
if (version_compare($compare_wp_version, $compare_tested_version, '>')) {
$this->admin_notices['yourversiontested'] = '<strong>' . __('Warning', 'updraftplus') . ':</strong> ' . sprintf(__('The installed version of UpdraftPlus Backup/Restore has not been tested on your version of WordPress (%s).', 'updraftplus'), $wp_version) . ' ' . sprintf(__('It has been tested up to version %s.', 'updraftplus'), $compare_tested_version) . ' <a href="https://updraftplus.com/seeing-warning-versions-wordpress-updraftplus-tested/">' . __('You should update UpdraftPlus to make sure that you have a version that has been tested for compatibility.', 'updraftplus') . '</a>';
}
}
if (!empty($do_expiry_check) && is_object($oval) && !empty($oval->update) && is_object($oval->update) && !empty($oval->update->{$updateskey})) {
if (preg_match('/(^|)expired_?(\\d+)?(,|$)/', $oval->update->{$updateskey}, $matches)) {
if (empty($matches[2])) {
$this->admin_notices['updatesexpired'] = __('Your paid access to UpdraftPlus updates for this site has expired. You will no longer receive updates to UpdraftPlus.', 'updraftplus') . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To regain access to updates (including future features and compatibility with future WordPress releases) and support, please renew.', 'updraftplus') . '</a>' . $dismiss;
} else {
$this->admin_notices['updatesexpired'] = sprintf(__('Your paid access to UpdraftPlus updates for %s add-ons on this site has expired.', 'updraftplus'), $matches[2]) . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To regain access to updates (including future features and compatibility with future WordPress releases) and support, please renew.', 'updraftplus') . '</a>' . $dismiss;
}
}
if (preg_match('/(^|,)soonpartial_(\\d+)_(\\d+)($|,)/', $oval->update->{$updateskey}, $matches)) {
$this->admin_notices['updatesexpiringsoon'] = sprintf(__('Your paid access to UpdraftPlus updates for %s of the %s add-ons on this site will soon expire.', 'updraftplus'), $matches[2], $matches[3]) . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To retain your access, and maintain access to updates (including future features and compatibility with future WordPress releases) and support, please renew.', 'updraftplus') . '</a>' . $dismiss;
} elseif (preg_match('/(^|,)soon($|,)/', $oval->update->{$updateskey})) {
$this->admin_notices['updatesexpiringsoon'] = __('Your paid access to UpdraftPlus updates for this site will soon expire.', 'updraftplus') . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To retain your access, and maintain access to updates (including future features and compatibility with future WordPress releases) and support, please renew.', 'updraftplus') . '</a>' . $dismiss;
}
} elseif (!empty($do_expiry_check) && is_object($oval) && !empty($oval->update) && is_object($oval->update) && !empty($oval->update->{$supportkey})) {
if ('expired' == $oval->update->{$supportkey}) {
$this->admin_notices['supportexpired'] = __('Your paid access to UpdraftPlus support has expired.', 'updraftplus') . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To regain your access, please renew.', 'updraftplus') . '</a>' . $dismiss;
} elseif ('soon' == $oval->update->{$supportkey}) {
$this->admin_notices['supportsoonexpiring'] = __('Your paid access to UpdraftPlus support will soon expire.', 'updraftplus') . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To maintain your access to support, please renew.', 'updraftplus') . '</a>' . $dismiss;
}
}
add_action('all_admin_notices', array($this, 'admin_notices'));
if (!function_exists('is_plugin_active')) {
require_once ABSPATH . 'wp-admin/includes/plugin.php';
}
if (is_plugin_active('updraftplus-addons/updraftplus-addons.php')) {
deactivate_plugins('updraftplus-addons/updraftplus-addons.php');
if (('options-general.php' == $pagenow || 'settings.php' == $pagenow) && !empty($_REQUEST['page']) && 'updraftplus-addons' == $_REQUEST['page']) {
wp_redirect($this->addons_admin_url());
exit;
}
// Do nothing more this time to avoid duplication
return;
} elseif (is_dir(WP_PLUGIN_DIR . '/updraftplus-addons') && current_user_can('delete_plugins')) {
# Exists, but not active - nag them
if (!is_multisite() && 'options-general.php' == $pagenow || is_multisite() && 'settings.php' == $pagenow || 'plugins.php' == $pagenow) {
add_action('all_admin_notices', array($this, 'deinstall_udaddons'));
}
}
if (class_exists('UpdraftPlusAddons')) {
return;
}
// Refresh, if specifically requested
if ('options-general.php' == $pagenow || is_multisite() && 'settings.php' == $pagenow && isset($_GET['udm_refresh'])) {
if ($this->plug_updatechecker) {
$this->plug_updatechecker->checkForUpdates();
}
}
require_once UDADDONS2_DIR . '/options.php';
$this->options = new UpdraftPlusAddOns_Options2($this->slug, __('UpdraftPlus Addons', 'updraftplus'), $this->url);
}
public function get_fragment($fragment)
{
if (false === ($updraftplus_admin = $this->_load_ud_admin()) || false === ($updraftplus = $this->_load_ud())) {
return $this->_generic_error_response('no_updraftplus');
}
if (!UpdraftPlus_Options::user_can_manage()) {
return $this->_generic_error_response('updraftplus_permission_denied');
}
if (is_array($fragment)) {
$data = $fragment['data'];
$fragment = $fragment['fragment'];
}
$error = false;
switch ($fragment) {
case 's3_new_api_user_form':
ob_start();
do_action('updraft_s3_print_new_api_user_form', false);
$output = ob_get_contents();
ob_end_clean();
break;
case 'backupnow_modal_contents':
$updraft_dir = $updraftplus->backups_dir_location();
if (!$updraftplus->really_is_writable($updraft_dir)) {
$output = array('error' => true, 'html' => __("The 'Backup Now' button is disabled as your backup directory is not writable (go to the 'Settings' tab and find the relevant option).", 'updraftplus'));
} else {
$output = array('html' => $updraftplus_admin->backupnow_modal_contents());
}
break;
case 'panel_download_and_restore':
$backup_history = UpdraftPlus_Options::get_updraft_option('updraft_backup_history');
if (empty($backup_history)) {
$updraftplus->rebuild_backup_history();
$backup_history = UpdraftPlus_Options::get_updraft_option('updraft_backup_history');
}
$backup_history = is_array($backup_history) ? $backup_history : array();
$output = $updraftplus_admin->settings_downloading_and_restoring($backup_history, true, $data);
break;
case 'disk_usage':
$output = $updraftplus_admin->get_disk_space_used($data);
break;
default:
// We just return a code - translation is done on the other side
$output = 'ud_get_fragment_could_not_return';
$error = true;
break;
}
if (empty($error)) {
return $this->_response(array('output' => $output));
} else {
return $this->_generic_error_response('get_fragment_error', $output);
}
}
public function updraft_ajax_importsettings()
{
global $updraftplus;
if (empty($_POST) || empty($_POST['subaction']) || 'importsettings' != $_POST['subaction'] || !isset($_POST['nonce']) || !is_user_logged_in() || !UpdraftPlus_Options::user_can_manage() || !wp_verify_nonce($_POST['nonce'], 'updraftplus-settings-nonce')) {
die('Security check');
}
if (empty($_POST['settings']) || !is_string($_POST['settings'])) {
die('Invalid data');
}
$this->import_settings($_POST);
}
public function handle_url_actions()
{
// First, basic security check: must be an admin page, with ability to manage options, with the right parameters
// Also, only on GET because WordPress on the options page repeats parameters sometimes when POST-ing via the _wp_referer field
if (isset($_SERVER['REQUEST_METHOD']) && 'GET' == $_SERVER['REQUEST_METHOD'] && isset($_GET['action'])) {
if (preg_match("/^updraftmethod-([a-z]+)-([a-z]+)\$/", $_GET['action'], $matches) && file_exists(UPDRAFTPLUS_DIR . '/methods/' . $matches[1] . '.php') && UpdraftPlus_Options::user_can_manage()) {
$_GET['page'] = 'updraftplus';
$_REQUEST['page'] = 'updraftplus';
$method = $matches[1];
require_once UPDRAFTPLUS_DIR . '/methods/' . $method . '.php';
$call_class = "UpdraftPlus_BackupModule_" . $method;
$call_method = "action_" . $matches[2];
$backup_obj = new $call_class();
add_action('http_request_args', array($this, 'modify_http_options'));
try {
if (method_exists($backup_obj, $call_method)) {
call_user_func(array($backup_obj, $call_method));
} elseif (method_exists($backup_obj, 'action_handler')) {
call_user_func(array($backup_obj, 'action_handler'), $matches[2]);
}
} catch (Exception $e) {
$this->log(sprintf(__("%s error: %s", 'updraftplus'), $method, $e->getMessage() . ' (' . $e->getCode() . ')', 'error'));
}
remove_action('http_request_args', array($this, 'modify_http_options'));
} elseif (isset($_GET['page']) && $_GET['page'] == 'updraftplus' && $_GET['action'] == 'downloadlog' && isset($_GET['updraftplus_backup_nonce']) && preg_match("/^[0-9a-f]{12}\$/", $_GET['updraftplus_backup_nonce']) && UpdraftPlus_Options::user_can_manage()) {
// No WordPress nonce is needed here or for the next, since the backup is already nonce-based
$updraft_dir = $this->backups_dir_location();
$log_file = $updraft_dir . '/log.' . $_GET['updraftplus_backup_nonce'] . '.txt';
if (is_readable($log_file)) {
header('Content-type: text/plain');
if (!empty($_GET['force_download'])) {
header('Content-Disposition: attachment; filename="' . basename($log_file) . '"');
}
readfile($log_file);
exit;
} else {
add_action('all_admin_notices', array($this, 'show_admin_warning_unreadablelog'));
}
} elseif (isset($_GET['page']) && $_GET['page'] == 'updraftplus' && $_GET['action'] == 'downloadfile' && isset($_GET['updraftplus_file']) && preg_match('/^backup_([\\-0-9]{15})_.*_([0-9a-f]{12})-db([0-9]+)?+\\.(gz\\.crypt)$/i', $_GET['updraftplus_file']) && UpdraftPlus_Options::user_can_manage()) {
// Though this (venerable) code uses the action 'downloadfile', in fact, it's not that general: it's just for downloading a decrypted copy of encrypted databases, and nothing else
$updraft_dir = $this->backups_dir_location();
$file = $_GET['updraftplus_file'];
$spool_file = $updraft_dir . '/' . basename($file);
if (is_readable($spool_file)) {
$dkey = isset($_GET['decrypt_key']) ? stripslashes($_GET['decrypt_key']) : '';
$this->spool_file($spool_file, $dkey);
exit;
} else {
add_action('all_admin_notices', array($this, 'show_admin_warning_unreadablefile'));
}
} elseif ($_GET['action'] == 'updraftplus_spool_file' && !empty($_GET['what']) && !empty($_GET['backup_timestamp']) && is_numeric($_GET['backup_timestamp']) && UpdraftPlus_Options::user_can_manage()) {
// At some point, it may be worth merging this with the previous section
$updraft_dir = $this->backups_dir_location();
$findex = isset($_GET['findex']) ? (int) $_GET['findex'] : 0;
$backup_timestamp = $_GET['backup_timestamp'];
$what = $_GET['what'];
$backup_history = UpdraftPlus_Options::get_updraft_option('updraft_backup_history');
$filename = null;
if (isset($backup_history[$backup_timestamp])) {
if ('db' != substr($what, 0, 2)) {
$backupable_entities = $this->get_backupable_file_entities();
if (!isset($backupable_entities[$what])) {
$filename = false;
}
}
if (false !== $filename && isset($backup_history[$backup_timestamp][$what])) {
if (is_string($backup_history[$backup_timestamp][$what]) && 0 == $findex) {
$filename = $backup_history[$backup_timestamp][$what];
} elseif (isset($backup_history[$backup_timestamp][$what][$findex])) {
$filename = $backup_history[$backup_timestamp][$what][$findex];
}
}
}
if (empty($filename) || !is_readable($updraft_dir . '/' . basename($filename))) {
echo json_encode(array('result' => __('UpdraftPlus notice:', 'updraftplus') . ' ' . __('The given file was not found, or could not be read.', 'updraftplus')));
exit;
}
$dkey = isset($_GET['decrypt_key']) ? stripslashes($_GET['decrypt_key']) : "";
$this->spool_file($updraft_dir . '/' . basename($filename), $dkey);
exit;
}
}
}
function handle_url_actions()
{
// First, basic security check: must be an admin page, with ability to manage options, with the right parameters
// Also, only on GET because WordPress on the options page repeats parameters sometimes when POST-ing via the _wp_referer field
if (isset($_SERVER['REQUEST_METHOD']) && 'GET' == $_SERVER['REQUEST_METHOD'] && UpdraftPlus_Options::user_can_manage() && isset($_GET['page']) && $_GET['page'] == 'updraftplus' && isset($_GET['action'])) {
if (preg_match("/^updraftmethod-([a-z]+)-([a-z]+)\$/", $_GET['action'], $matches) && file_exists(UPDRAFTPLUS_DIR . '/methods/' . $matches[1] . '.php')) {
$method = $matches[1];
require_once UPDRAFTPLUS_DIR . '/methods/' . $method . '.php';
$call_class = "UpdraftPlus_BackupModule_" . $method;
$call_method = "action_" . $matches[2];
add_action('http_api_curl', array($this, 'add_curl_capath'));
if (method_exists($call_class, $call_method)) {
call_user_func(array($call_class, $call_method));
}
remove_action('http_api_curl', array($this, 'add_curl_capath'));
} elseif ($_GET['action'] == 'downloadlog' && isset($_GET['updraftplus_backup_nonce']) && preg_match("/^[0-9a-f]{12}\$/", $_GET['updraftplus_backup_nonce'])) {
// No WordPress nonce is needed here or for the next, since the backup is already nonce-based
$updraft_dir = $this->backups_dir_location();
$log_file = $updraft_dir . '/log.' . $_GET['updraftplus_backup_nonce'] . '.txt';
if (is_readable($log_file)) {
header('Content-type: text/plain');
readfile($log_file);
exit;
} else {
add_action('admin_notices', array($this, 'show_admin_warning_unreadablelog'));
}
} elseif ($_GET['action'] == 'downloadfile' && isset($_GET['updraftplus_file']) && preg_match('/^backup_([\\-0-9]{15})_.*_([0-9a-f]{12})-[\\-a-z]+\\.(gz\\.crypt)$/i', $_GET['updraftplus_file'])) {
$updraft_dir = $this->backups_dir_location();
$spool_file = $updraft_dir . '/' . basename($_GET['updraftplus_file']);
if (is_readable($spool_file)) {
$dkey = isset($_GET['decrypt_key']) ? $_GET['decrypt_key'] : "";
$this->spool_file('db', $spool_file, $dkey);
exit;
} else {
add_action('admin_notices', array($this, 'show_admin_warning_unreadablefile'));
}
}
}
}
public function update_wpmu_options($value)
{
if (!UpdraftPlus_Options::user_can_manage()) {
return;
}
$options = $this->addons2_get_option(UDADDONS2_SLUG . '_options');
if (!is_array($options)) {
$options = array();
}
$options['email'] = isset($value['email']) ? $value['email'] : '';
$options['password'] = isset($value['password']) ? $value['password'] : '';
$options = $this->options_validate($options);
$this->addons2_update_option(UDADDONS2_SLUG . '_options', $options);
return true;
}
