private function curl($id, $url, $params)
{
if (self::$settings->getGlobalOption('http_method') == 'post') {
$c = curl_init($url);
curl_setopt($c, CURLOPT_POST, 1);
curl_setopt($c, CURLOPT_POSTFIELDS, $params . '&token_auth=' . self::$settings->getGlobalOption('piwik_token'));
} else {
$c = curl_init($url . '?' . $params . '&token_auth=' . self::$settings->getGlobalOption('piwik_token'));
}
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, !self::$settings->getGlobalOption('disable_ssl_verify'));
curl_setopt($c, CURLOPT_USERAGENT, self::$settings->getGlobalOption('piwik_useragent') == 'php' ? ini_get('user_agent') : self::$settings->getGlobalOption('piwik_useragent_string'));
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_HEADER, $GLOBALS['wp-piwik_debug']);
curl_setopt($c, CURLOPT_TIMEOUT, self::$settings->getGlobalOption('connection_timeout'));
$httpProxyClass = new \WP_HTTP_Proxy();
if ($httpProxyClass->is_enabled() && $httpProxyClass->send_through_proxy($strURL)) {
curl_setopt($c, CURLOPT_PROXY, $httpProxyClass->host());
curl_setopt($c, CURLOPT_PROXYPORT, $httpProxyClass->port());
if ($httpProxyClass->use_authentication()) {
curl_setopt($c, CURLOPT_PROXYUSERPWD, $httpProxyClass->username() . ':' . $httpProxyClass->password());
}
}
$result = curl_exec($c);
if ($GLOBALS['wp-piwik_debug']) {
$header_size = curl_getinfo($c, CURLINFO_HEADER_SIZE);
$header = substr($result, 0, $header_size);
$body = substr($result, $header_size);
$result = $this->unserialize($body);
self::$debug[$id] = array($header, $url . '?' . $params . '&token_auth=...');
} else {
$result = $this->unserialize($result);
}
curl_close($c);
return $result;
}
/**
* Create cURL handle for a HTTP request.
*
* @access public
* @since 2.7.0
*
* @param string $url The request URL.
* @param string|array $args Optional. Override the defaults.
* @return cURL handle
*/
public function createHandle($url, $args = array())
{
$defaults = array('timeout' => 5, 'headers' => array(), 'body' => null);
$r = wp_parse_args($args, $defaults);
$handle = curl_init();
// cURL offers really easy proxy support.
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
curl_setopt($handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($handle, CURLOPT_PROXY, $proxy->host());
curl_setopt($handle, CURLOPT_PROXYPORT, $proxy->port());
if ($proxy->use_authentication()) {
curl_setopt($handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
curl_setopt($handle, CURLOPT_PROXYUSERPWD, $proxy->authentication());
}
}
/*
* CURLOPT_TIMEOUT and CURLOPT_CONNECTTIMEOUT expect integers. Have to use ceil since.
* a value of 0 will allow an unlimited timeout.
*/
$timeout = (int) ceil($r['timeout']);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_TIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_URL, $url);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, true);
/*
* The option doesn't work with safe mode or when open_basedir is set, and there's
* a bug #17490 with redirected POST requests, so handle redirections outside Curl.
*/
curl_setopt($handle, CURLOPT_FOLLOWLOCATION, false);
if (defined('CURLOPT_PROTOCOLS')) {
// PHP 5.2.10 / cURL 7.19.4
curl_setopt($handle, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
}
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
curl_setopt($handle, CURLOPT_HEADER, false);
// cURL expects full header strings in each element.
$headers = array();
foreach ($r['headers'] as $name => $value) {
$headers[] = "{$name}: {$value}";
}
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
/**
* Fires before the cURL request is executed.
*
* Cookies are not currently handled by the HTTP API. This action allows
* plugins to handle cookies themselves.
*
* @since 2.8.0
*
* @param resource &$handle The cURL handle returned by curl_init().
* @param array $r The HTTP request arguments.
* @param string $url The request URL.
*/
do_action_ref_array('http_api_curl', array(&$handle, $r, $url));
return $handle;
}
function getS3($key, $secret, $useservercerts, $disableverify, $nossl)
{
global $updraftplus;
if (!class_exists('UpdraftPlus_S3')) {
require_once UPDRAFTPLUS_DIR . '/includes/S3.php';
}
if (!class_exists('WP_HTTP_Proxy')) {
require_once ABSPATH . 'wp-includes/class-http.php';
}
$proxy = new WP_HTTP_Proxy();
$s3 = new UpdraftPlus_S3($key, $secret);
if ($proxy->is_enabled()) {
# WP_HTTP_Proxy returns empty strings where we want nulls
$user = $proxy->username();
if (empty($user)) {
$user = null;
$pass = null;
} else {
$pass = $proxy->password();
if (empty($pass)) {
$pass = null;
}
}
$port = (int) $proxy->port();
if (empty($port)) {
$port = 8080;
}
$s3->setProxy($proxy->host(), $user, $pass, CURLPROXY_HTTP, $port);
}
if (!$nossl) {
$curl_version = function_exists('curl_version') ? curl_version() : array('features' => null);
$curl_ssl_supported = $curl_version['features'] & CURL_VERSION_SSL;
if ($curl_ssl_supported) {
$s3->useSSL = true;
if ($disableverify) {
$s3->useSSLValidation = false;
$updraftplus->log("S3: Disabling verification of SSL certificates");
}
if ($useservercerts) {
$updraftplus->log("S3: Using the server's SSL certificates");
} else {
$s3->SSLCACert = UPDRAFTPLUS_DIR . '/includes/cacert.pem';
}
} else {
$updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted.");
}
} else {
$s3->useSSL = false;
$updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted.");
}
return $s3;
}
/**
* Send a HTTP request to a URI using cURL extension.
*
* @access public
* @since 2.7.0
*
* @param string $url The request URL.
* @param string|array $args Optional. Override the defaults.
* @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error
*/
public function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
$r = wp_parse_args($args, $defaults);
if (isset($r['headers']['User-Agent'])) {
$r['user-agent'] = $r['headers']['User-Agent'];
unset($r['headers']['User-Agent']);
} elseif (isset($r['headers']['user-agent'])) {
$r['user-agent'] = $r['headers']['user-agent'];
unset($r['headers']['user-agent']);
}
// Construct Cookie: header if any cookies are set.
WP_Http::buildCookieHeader($r);
$handle = curl_init();
// cURL offers really easy proxy support.
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
curl_setopt($handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($handle, CURLOPT_PROXY, $proxy->host());
curl_setopt($handle, CURLOPT_PROXYPORT, $proxy->port());
if ($proxy->use_authentication()) {
curl_setopt($handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
curl_setopt($handle, CURLOPT_PROXYUSERPWD, $proxy->authentication());
}
}
$is_local = isset($r['local']) && $r['local'];
$ssl_verify = isset($r['sslverify']) && $r['sslverify'];
if ($is_local) {
/** This filter is documented in wp-includes/class-http.php */
$ssl_verify = apply_filters('https_local_ssl_verify', $ssl_verify);
} elseif (!$is_local) {
/** This filter is documented in wp-includes/class-http.php */
$ssl_verify = apply_filters('https_ssl_verify', $ssl_verify);
}
/*
* CURLOPT_TIMEOUT and CURLOPT_CONNECTTIMEOUT expect integers. Have to use ceil since.
* a value of 0 will allow an unlimited timeout.
*/
$timeout = (int) ceil($r['timeout']);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_TIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_URL, $url);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify === true ? 2 : false);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify);
curl_setopt($handle, CURLOPT_CAINFO, $r['sslcertificates']);
curl_setopt($handle, CURLOPT_USERAGENT, $r['user-agent']);
/*
* The option doesn't work with safe mode or when open_basedir is set, and there's
* a bug #17490 with redirected POST requests, so handle redirections outside Curl.
*/
curl_setopt($handle, CURLOPT_FOLLOWLOCATION, false);
if (defined('CURLOPT_PROTOCOLS')) {
// PHP 5.2.10 / cURL 7.19.4
curl_setopt($handle, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
}
switch ($r['method']) {
case 'HEAD':
curl_setopt($handle, CURLOPT_NOBODY, true);
break;
case 'POST':
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
case 'PUT':
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
default:
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, $r['method']);
if (!is_null($r['body'])) {
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
}
break;
}
if (true === $r['blocking']) {
curl_setopt($handle, CURLOPT_HEADERFUNCTION, array($this, 'stream_headers'));
curl_setopt($handle, CURLOPT_WRITEFUNCTION, array($this, 'stream_body'));
}
curl_setopt($handle, CURLOPT_HEADER, false);
if (isset($r['limit_response_size'])) {
$this->max_body_length = intval($r['limit_response_size']);
} else {
$this->max_body_length = false;
}
// If streaming to a file open a file handle, and setup our curl streaming handler.
if ($r['stream']) {
if (!WP_DEBUG) {
$this->stream_handle = @fopen($r['filename'], 'w+');
} else {
$this->stream_handle = fopen($r['filename'], 'w+');
}
if (!$this->stream_handle) {
return new WP_Error('http_request_failed', sprintf(__('Could not open handle for fopen() to %s'), $r['filename']));
}
} else {
$this->stream_handle = false;
}
if (!empty($r['headers'])) {
// cURL expects full header strings in each element.
$headers = array();
foreach ($r['headers'] as $name => $value) {
$headers[] = "{$name}: {$value}";
}
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
}
if ($r['httpversion'] == '1.0') {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
} else {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
}
/**
* Fires before the cURL request is executed.
*
* Cookies are not currently handled by the HTTP API. This action allows
* plugins to handle cookies themselves.
*
* @since 2.8.0
*
* @param resource &$handle The cURL handle returned by curl_init().
* @param array $r The HTTP request arguments.
* @param string $url The request URL.
*/
do_action_ref_array('http_api_curl', array(&$handle, $r, $url));
// We don't need to return the body, so don't. Just execute request and return.
if (!$r['blocking']) {
curl_exec($handle);
if ($curl_error = curl_error($handle)) {
curl_close($handle);
return new WP_Error('http_request_failed', $curl_error);
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
curl_close($handle);
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
curl_close($handle);
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
}
curl_exec($handle);
$theHeaders = WP_Http::processHeaders($this->headers, $url);
$theBody = $this->body;
$bytes_written_total = $this->bytes_written_total;
$this->headers = '';
$this->body = '';
$this->bytes_written_total = 0;
$curl_error = curl_errno($handle);
// If an error occurred, or, no response.
if ($curl_error || 0 == strlen($theBody) && empty($theHeaders['headers'])) {
if (CURLE_WRITE_ERROR == $curl_error) {
if (!$this->max_body_length || $this->max_body_length != $bytes_written_total) {
if ($r['stream']) {
curl_close($handle);
fclose($this->stream_handle);
return new WP_Error('http_request_failed', __('Failed to write request to temporary file.'));
} else {
curl_close($handle);
return new WP_Error('http_request_failed', curl_error($handle));
}
}
} else {
if ($curl_error = curl_error($handle)) {
curl_close($handle);
return new WP_Error('http_request_failed', $curl_error);
}
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
curl_close($handle);
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
}
curl_close($handle);
if ($r['stream']) {
fclose($this->stream_handle);
}
$response = array('headers' => $theHeaders['headers'], 'body' => null, 'response' => $theHeaders['response'], 'cookies' => $theHeaders['cookies'], 'filename' => $r['filename']);
// Handle redirects.
if (false !== ($redirect_response = WP_HTTP::handle_redirects($url, $r, $response))) {
return $redirect_response;
}
if (true === $r['decompress'] && true === WP_Http_Encoding::should_decode($theHeaders['headers'])) {
$theBody = WP_Http_Encoding::decompress($theBody);
}
$response['body'] = $theBody;
return $response;
}
/**
* Send a HTTP request to a URI using cURL extension.
*
* @access public
* @since 2.7.0
*
* @param string $url
* @param str|array $args Optional. Override the defaults.
* @return array 'headers', 'body', 'cookies' and 'response' keys.
*/
function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
$r = wp_parse_args($args, $defaults);
if (isset($r['headers']['User-Agent'])) {
$r['user-agent'] = $r['headers']['User-Agent'];
unset($r['headers']['User-Agent']);
} else {
if (isset($r['headers']['user-agent'])) {
$r['user-agent'] = $r['headers']['user-agent'];
unset($r['headers']['user-agent']);
}
}
// Construct Cookie: header if any cookies are set.
WP_Http::buildCookieHeader($r);
// cURL extension will sometimes fail when the timeout is less than 1 as it may round down
// to 0, which gives it unlimited timeout.
if ($r['timeout'] > 0 && $r['timeout'] < 1) {
$r['timeout'] = 1;
}
$handle = curl_init();
// cURL offers really easy proxy support.
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
$isPHP5 = version_compare(PHP_VERSION, '5.0.0', '>=');
if ($isPHP5) {
curl_setopt($handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($handle, CURLOPT_PROXY, $proxy->host());
curl_setopt($handle, CURLOPT_PROXYPORT, $proxy->port());
} else {
curl_setopt($handle, CURLOPT_PROXY, $proxy->host() . ':' . $proxy->port());
}
if ($proxy->use_authentication()) {
if ($isPHP5) {
curl_setopt($handle, CURLOPT_PROXYAUTH, CURLAUTH_BASIC);
}
curl_setopt($handle, CURLOPT_PROXYUSERPWD, $proxy->authentication());
}
}
$is_local = isset($args['local']) && $args['local'];
$ssl_verify = isset($args['sslverify']) && $args['sslverify'];
if ($is_local) {
$ssl_verify = apply_filters('https_local_ssl_verify', $ssl_verify);
} elseif (!$is_local) {
$ssl_verify = apply_filters('https_ssl_verify', $ssl_verify);
}
curl_setopt($handle, CURLOPT_URL, $url);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify);
curl_setopt($handle, CURLOPT_USERAGENT, $r['user-agent']);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, $r['timeout']);
curl_setopt($handle, CURLOPT_TIMEOUT, $r['timeout']);
curl_setopt($handle, CURLOPT_MAXREDIRS, $r['redirection']);
switch ($r['method']) {
case 'HEAD':
curl_setopt($handle, CURLOPT_NOBODY, true);
break;
case 'POST':
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
case 'PUT':
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
}
if (true === $r['blocking']) {
curl_setopt($handle, CURLOPT_HEADER, true);
} else {
curl_setopt($handle, CURLOPT_HEADER, false);
}
// The option doesn't work with safe mode or when open_basedir is set.
if (!ini_get('safe_mode') && !ini_get('open_basedir')) {
curl_setopt($handle, CURLOPT_FOLLOWLOCATION, true);
}
if (!empty($r['headers'])) {
// cURL expects full header strings in each element
$headers = array();
foreach ($r['headers'] as $name => $value) {
$headers[] = "{$name}: {$value}";
}
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
}
if ($r['httpversion'] == '1.0') {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
} else {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
}
// Cookies are not handled by the HTTP API currently. Allow for plugin authors to handle it
// themselves... Although, it is somewhat pointless without some reference.
do_action_ref_array('http_api_curl', array(&$handle));
// We don't need to return the body, so don't. Just execute request and return.
if (!$r['blocking']) {
curl_exec($handle);
curl_close($handle);
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
}
$theResponse = curl_exec($handle);
if (!empty($theResponse)) {
$headerLength = curl_getinfo($handle, CURLINFO_HEADER_SIZE);
$theHeaders = trim(substr($theResponse, 0, $headerLength));
$theBody = substr($theResponse, $headerLength);
if (false !== strrpos($theHeaders, "\r\n\r\n")) {
$headerParts = explode("\r\n\r\n", $theHeaders);
$theHeaders = $headerParts[count($headerParts) - 1];
}
$theHeaders = WP_Http::processHeaders($theHeaders);
} else {
if ($curl_error = curl_error($handle)) {
return new WP_Error('http_request_failed', $curl_error);
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
$theHeaders = array('headers' => array(), 'cookies' => array());
$theBody = '';
}
$response = array();
$response['code'] = curl_getinfo($handle, CURLINFO_HTTP_CODE);
$response['message'] = get_status_header_desc($response['code']);
curl_close($handle);
if (true === $r['decompress'] && true === WP_Http_Encoding::should_decode($theHeaders['headers'])) {
$theBody = WP_Http_Encoding::decompress($theBody);
}
return array('headers' => $theHeaders['headers'], 'body' => $theBody, 'response' => $response, 'cookies' => $theHeaders['cookies']);
}
/**
* Send a HTTP request to a URI using PHP Streams.
*
* @see WP_Http::request For default options descriptions.
*
* @since 2.7.0
* @since 3.7.0 Combined with the fsockopen transport and switched to stream_socket_client().
*
* @access public
* @param string $url The request URL.
* @param string|array $args Optional. Override the defaults.
* @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error
*/
public function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
$r = wp_parse_args($args, $defaults);
if (isset($r['headers']['User-Agent'])) {
$r['user-agent'] = $r['headers']['User-Agent'];
unset($r['headers']['User-Agent']);
} elseif (isset($r['headers']['user-agent'])) {
$r['user-agent'] = $r['headers']['user-agent'];
unset($r['headers']['user-agent']);
}
// Construct Cookie: header if any cookies are set.
WP_Http::buildCookieHeader($r);
$arrURL = parse_url($url);
$connect_host = $arrURL['host'];
$secure_transport = $arrURL['scheme'] == 'ssl' || $arrURL['scheme'] == 'https';
if (!isset($arrURL['port'])) {
if ($arrURL['scheme'] == 'ssl' || $arrURL['scheme'] == 'https') {
$arrURL['port'] = 443;
$secure_transport = true;
} else {
$arrURL['port'] = 80;
}
}
// Always pass a Path, defaulting to the root in cases such as http://example.com
if (!isset($arrURL['path'])) {
$arrURL['path'] = '/';
}
if (isset($r['headers']['Host']) || isset($r['headers']['host'])) {
if (isset($r['headers']['Host'])) {
$arrURL['host'] = $r['headers']['Host'];
} else {
$arrURL['host'] = $r['headers']['host'];
}
unset($r['headers']['Host'], $r['headers']['host']);
}
/*
* Certain versions of PHP have issues with 'localhost' and IPv6, It attempts to connect
* to ::1, which fails when the server is not set up for it. For compatibility, always
* connect to the IPv4 address.
*/
if ('localhost' == strtolower($connect_host)) {
$connect_host = '127.0.0.1';
}
$connect_host = $secure_transport ? 'ssl://' . $connect_host : 'tcp://' . $connect_host;
$is_local = isset($r['local']) && $r['local'];
$ssl_verify = isset($r['sslverify']) && $r['sslverify'];
if ($is_local) {
/**
* Filter whether SSL should be verified for local requests.
*
* @since 2.8.0
*
* @param bool $ssl_verify Whether to verify the SSL connection. Default true.
*/
$ssl_verify = apply_filters('https_local_ssl_verify', $ssl_verify);
} elseif (!$is_local) {
/**
* Filter whether SSL should be verified for non-local requests.
*
* @since 2.8.0
*
* @param bool $ssl_verify Whether to verify the SSL connection. Default true.
*/
$ssl_verify = apply_filters('https_ssl_verify', $ssl_verify);
}
$proxy = new WP_HTTP_Proxy();
$context = stream_context_create(array('ssl' => array('verify_peer' => $ssl_verify, 'capture_peer_cert' => $ssl_verify, 'SNI_enabled' => true, 'cafile' => $r['sslcertificates'], 'allow_self_signed' => !$ssl_verify)));
$timeout = (int) floor($r['timeout']);
$utimeout = $timeout == $r['timeout'] ? 0 : 1000000 * $r['timeout'] % 1000000;
$connect_timeout = max($timeout, 1);
// Store error number.
$connection_error = null;
// Store error string.
$connection_error_str = null;
if (!WP_DEBUG) {
// In the event that the SSL connection fails, silence the many PHP Warnings.
if ($secure_transport) {
$error_reporting = error_reporting(0);
}
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
$handle = @stream_socket_client('tcp://' . $proxy->host() . ':' . $proxy->port(), $connection_error, $connection_error_str, $connect_timeout, STREAM_CLIENT_CONNECT, $context);
} else {
$handle = @stream_socket_client($connect_host . ':' . $arrURL['port'], $connection_error, $connection_error_str, $connect_timeout, STREAM_CLIENT_CONNECT, $context);
}
if ($secure_transport) {
error_reporting($error_reporting);
}
} else {
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
$handle = stream_socket_client('tcp://' . $proxy->host() . ':' . $proxy->port(), $connection_error, $connection_error_str, $connect_timeout, STREAM_CLIENT_CONNECT, $context);
} else {
$handle = stream_socket_client($connect_host . ':' . $arrURL['port'], $connection_error, $connection_error_str, $connect_timeout, STREAM_CLIENT_CONNECT, $context);
}
}
if (false === $handle) {
// SSL connection failed due to expired/invalid cert, or, OpenSSL configuration is broken.
if ($secure_transport && 0 === $connection_error && '' === $connection_error_str) {
return new WP_Error('http_request_failed', __('The SSL certificate for the host could not be verified.'));
}
return new WP_Error('http_request_failed', $connection_error . ': ' . $connection_error_str);
}
// Verify that the SSL certificate is valid for this request.
if ($secure_transport && $ssl_verify && !$proxy->is_enabled()) {
if (!self::verify_ssl_certificate($handle, $arrURL['host'])) {
return new WP_Error('http_request_failed', __('The SSL certificate for the host could not be verified.'));
}
}
stream_set_timeout($handle, $timeout, $utimeout);
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
//Some proxies require full URL in this field.
$requestPath = $url;
} else {
$requestPath = $arrURL['path'] . (isset($arrURL['query']) ? '?' . $arrURL['query'] : '');
}
$strHeaders = strtoupper($r['method']) . ' ' . $requestPath . ' HTTP/' . $r['httpversion'] . "\r\n";
$include_port_in_host_header = $proxy->is_enabled() && $proxy->send_through_proxy($url) || 'http' == $arrURL['scheme'] && 80 != $arrURL['port'] || 'https' == $arrURL['scheme'] && 443 != $arrURL['port'];
if ($include_port_in_host_header) {
$strHeaders .= 'Host: ' . $arrURL['host'] . ':' . $arrURL['port'] . "\r\n";
} else {
$strHeaders .= 'Host: ' . $arrURL['host'] . "\r\n";
}
if (isset($r['user-agent'])) {
$strHeaders .= 'User-agent: ' . $r['user-agent'] . "\r\n";
}
if (is_array($r['headers'])) {
foreach ((array) $r['headers'] as $header => $headerValue) {
$strHeaders .= $header . ': ' . $headerValue . "\r\n";
}
} else {
$strHeaders .= $r['headers'];
}
if ($proxy->use_authentication()) {
$strHeaders .= $proxy->authentication_header() . "\r\n";
}
$strHeaders .= "\r\n";
if (!is_null($r['body'])) {
$strHeaders .= $r['body'];
}
fwrite($handle, $strHeaders);
if (!$r['blocking']) {
stream_set_blocking($handle, 0);
fclose($handle);
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
}
$strResponse = '';
$bodyStarted = false;
$keep_reading = true;
$block_size = 4096;
if (isset($r['limit_response_size'])) {
$block_size = min($block_size, $r['limit_response_size']);
}
// If streaming to a file setup the file handle.
if ($r['stream']) {
if (!WP_DEBUG) {
$stream_handle = @fopen($r['filename'], 'w+');
} else {
$stream_handle = fopen($r['filename'], 'w+');
}
if (!$stream_handle) {
return new WP_Error('http_request_failed', sprintf(__('Could not open handle for fopen() to %s'), $r['filename']));
}
$bytes_written = 0;
while (!feof($handle) && $keep_reading) {
$block = fread($handle, $block_size);
if (!$bodyStarted) {
$strResponse .= $block;
if (strpos($strResponse, "\r\n\r\n")) {
$process = WP_Http::processResponse($strResponse);
$bodyStarted = true;
$block = $process['body'];
unset($strResponse);
$process['body'] = '';
}
}
$this_block_size = strlen($block);
if (isset($r['limit_response_size']) && $bytes_written + $this_block_size > $r['limit_response_size']) {
$this_block_size = $r['limit_response_size'] - $bytes_written;
$block = substr($block, 0, $this_block_size);
}
$bytes_written_to_file = fwrite($stream_handle, $block);
if ($bytes_written_to_file != $this_block_size) {
fclose($handle);
fclose($stream_handle);
return new WP_Error('http_request_failed', __('Failed to write request to temporary file.'));
}
$bytes_written += $bytes_written_to_file;
$keep_reading = !isset($r['limit_response_size']) || $bytes_written < $r['limit_response_size'];
}
fclose($stream_handle);
} else {
$header_length = 0;
while (!feof($handle) && $keep_reading) {
$block = fread($handle, $block_size);
$strResponse .= $block;
if (!$bodyStarted && strpos($strResponse, "\r\n\r\n")) {
$header_length = strpos($strResponse, "\r\n\r\n") + 4;
$bodyStarted = true;
}
$keep_reading = !$bodyStarted || !isset($r['limit_response_size']) || strlen($strResponse) < $header_length + $r['limit_response_size'];
}
$process = WP_Http::processResponse($strResponse);
unset($strResponse);
}
fclose($handle);
$arrHeaders = WP_Http::processHeaders($process['headers'], $url);
$response = array('headers' => $arrHeaders['headers'], 'body' => null, 'response' => $arrHeaders['response'], 'cookies' => $arrHeaders['cookies'], 'filename' => $r['filename']);
// Handle redirects.
if (false !== ($redirect_response = WP_Http::handle_redirects($url, $r, $response))) {
return $redirect_response;
}
// If the body was chunk encoded, then decode it.
if (!empty($process['body']) && isset($arrHeaders['headers']['transfer-encoding']) && 'chunked' == $arrHeaders['headers']['transfer-encoding']) {
$process['body'] = WP_Http::chunkTransferDecode($process['body']);
}
if (true === $r['decompress'] && true === WP_Http_Encoding::should_decode($arrHeaders['headers'])) {
$process['body'] = WP_Http_Encoding::decompress($process['body']);
}
if (isset($r['limit_response_size']) && strlen($process['body']) > $r['limit_response_size']) {
$process['body'] = substr($process['body'], 0, $r['limit_response_size']);
}
$response['body'] = $process['body'];
return $response;
}
public function http_post($post_options)
{
@(include ABSPATH . WPINC . '/version.php');
$http_credentials = $this->http_credentials;
if (is_a($this->http_transport, 'GuzzleHttp\\Client')) {
// https://guzzle.readthedocs.org/en/5.3/clients.html
$client = $this->http_transport;
$guzzle_options = array('body' => $post_options['body'], 'headers' => array('User-Agent' => 'WordPress/' . $wp_version . '; class-udrpc.php-Guzzle/' . $this->version . '; ' . get_bloginfo('url')), 'exceptions' => false, 'timeout' => $post_options['timeout']);
if (!class_exists('WP_HTTP_Proxy')) {
require_once ABSPATH . WPINC . '/class-http.php';
}
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled()) {
$user = $proxy->username();
$pass = $proxy->password();
$host = $proxy->host();
$port = (int) $proxy->port();
if (empty($port)) {
$port = 8080;
}
if (!empty($host) && $proxy->send_through_proxy($this->destination_url)) {
$proxy_auth = '';
if (!empty($user)) {
$proxy_auth = $user;
if (!empty($pass)) {
$proxy_auth .= ':' . $pass;
}
$proxy_auth .= '@';
}
$guzzle_options['proxy'] = array('http' => "http://{$proxy_auth}{$host}:{$port}", 'https' => "http://{$proxy_auth}{$host}:{$port}");
}
}
if (defined('UDRPC_GUZZLE_SSL_VERIFY')) {
$verify = UDRPC_GUZZLE_SSL_VERIFY;
} elseif (file_exists(ABSPATH . WPINC . '/certificates/ca-bundle.crt')) {
$verify = ABSPATH . WPINC . '/certificates/ca-bundle.crt';
} else {
$verify = true;
}
$guzzle_options['verify'] = apply_filters('udrpc_guzzle_verify', $verify);
if (!empty($http_credentials['username'])) {
$authentication_method = empty($http_credentials['authentication_method']) ? 'basic' : $http_credentials['authentication_method'];
$password = empty($http_credentials['password']) ? '' : $http_credentials['password'];
$guzzle_options['auth'] = array($http_credentials['username'], $password, $authentication_method);
}
$response = $client->post($this->destination_url, apply_filters('udrpc_guzzle_options', $guzzle_options, $this));
$formatted_response = array('response' => array('code' => $response->getStatusCode()), 'body' => $response->getBody());
return $formatted_response;
} else {
$post_options['user-agent'] = 'WordPress/' . $wp_version . '; class-udrpc.php/' . $this->version . '; ' . get_bloginfo('url');
if (!empty($http_credentials['username'])) {
$authentication_type = empty($http_credentials['authentication_type']) ? 'basic' : $http_credentials['authentication_type'];
if ('basic' != $authentication_type) {
return new WP_Error('unsupported_http_authentication_type', 'Only HTTP basic authentication is supported (for other types, use Guzzle)');
}
$password = empty($http_credentials['password']) ? '' : $http_credentials['password'];
$post_options['headers'] = array('Authorization' => 'Basic ' . base64_encode($http_credentials['username'] . ':' . $password));
}
return wp_remote_post($this->destination_url, $post_options);
}
}
public function getS3($key, $secret, $useservercerts, $disableverify, $nossl, $endpoint = null)
{
if (!empty($this->s3_object) && !is_wp_error($this->s3_object)) {
return $this->s3_object;
}
// Saved in case the object needs recreating for the corner-case where there is no permission to look up the bucket location
$this->got_with = array('key' => $key, 'secret' => $secret, 'useservercerts' => $useservercerts, 'disableverify' => $disableverify, 'nossl' => $nossl);
if ('' == $key || '' == $secret) {
return new WP_Error('no_settings', __('No settings were found', 'updraftplus'));
}
global $updraftplus;
$use_s3_class = $this->indicate_s3_class();
if (!class_exists('WP_HTTP_Proxy')) {
require_once ABSPATH . WPINC . '/class-http.php';
}
$proxy = new WP_HTTP_Proxy();
$use_ssl = true;
$ssl_ca = true;
if (!$nossl) {
$curl_version = function_exists('curl_version') ? curl_version() : array('features' => null);
$curl_ssl_supported = $curl_version['features'] & CURL_VERSION_SSL;
if ($curl_ssl_supported) {
if ($disableverify) {
$ssl_ca = false;
//$s3->setSSL(true, false);
$updraftplus->log("S3: Disabling verification of SSL certificates");
} else {
if ($useservercerts) {
$updraftplus->log("S3: Using the server's SSL certificates");
$ssl_ca = 'system';
} else {
$ssl_ca = file_exists(UPDRAFTPLUS_DIR . '/includes/cacert.pem') ? UPDRAFTPLUS_DIR . '/includes/cacert.pem' : true;
}
}
} else {
$use_ssl = false;
$updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted.");
}
} else {
$use_ssl = false;
$updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted.");
}
try {
$s3 = new $use_s3_class($key, $secret, $use_ssl, $ssl_ca, $endpoint);
} catch (Exception $e) {
$updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')');
$updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), $key), 'S3');
return new WP_Error('s3_init_failed', sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')');
}
if ($proxy->is_enabled()) {
# WP_HTTP_Proxy returns empty strings where we want nulls
$user = $proxy->username();
if (empty($user)) {
$user = null;
$pass = null;
} else {
$pass = $proxy->password();
if (empty($pass)) {
$pass = null;
}
}
$port = (int) $proxy->port();
if (empty($port)) {
$port = 8080;
}
$s3->setProxy($proxy->host(), $user, $pass, CURLPROXY_HTTP, $port);
}
// Old: from before we passed the SSL options when getting the object
// if (!$nossl) {
// $curl_version = (function_exists('curl_version')) ? curl_version() : array('features' => null);
// $curl_ssl_supported = ($curl_version['features'] & CURL_VERSION_SSL);
// if ($curl_ssl_supported) {
// if ($disableverify) {
// $s3->setSSL(true, false);
// $updraftplus->log("S3: Disabling verification of SSL certificates");
// } else {
// $s3->setSSL(true, true);
// }
// if ($useservercerts) {
// $updraftplus->log("S3: Using the server's SSL certificates");
// } else {
// $s3->setSSLAuth(null, null, UPDRAFTPLUS_DIR.'/includes/cacert.pem');
// }
// } else {
// $s3->setSSL(false, false);
// $updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted.");
// }
// } else {
// $s3->setSSL(false, false);
// $updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted.");
// }
$this->s3_object = $s3;
return $this->s3_object;
}
/**
* Execute an API call
* @todo Improve error handling
* @param string $method The HTTP method
* @param string $url The API endpoint
* @param string $call The API method to call
* @param array $additional Additional parameters
* @return string|object stdClass
*/
public function fetch($method, $url, $call, array $additional = array())
{
// Get the signed request URL
$request = $this->getSignedRequest($method, $url, $call, $additional);
// Initialise and execute a cURL request
$handle = curl_init($request['url']);
// Get the default options array
$options = $this->defaultOptions;
if (!UpdraftPlus_Options::get_updraft_option('updraft_ssl_useservercerts')) {
$options[CURLOPT_CAINFO] = UPDRAFTPLUS_DIR . '/includes/cacert.pem';
}
if (UpdraftPlus_Options::get_updraft_option('updraft_ssl_disableverify')) {
$options[CURLOPT_SSL_VERIFYPEER] = false;
} else {
$options[CURLOPT_SSL_VERIFYPEER] = true;
}
if (!class_exists('WP_HTTP_Proxy')) {
require_once ABSPATH . WPINC . '/class-http.php';
}
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled()) {
# WP_HTTP_Proxy returns empty strings if nothing is set
$user = $proxy->username();
$pass = $proxy->password();
$host = $proxy->host();
$port = (int) $proxy->port();
if (empty($port)) {
$port = 8080;
}
if (!empty($host) && $proxy->send_through_proxy($request['url'])) {
$options[CURLOPT_PROXY] = $host;
$options[CURLOPT_PROXYTYPE] = CURLPROXY_HTTP;
$options[CURLOPT_PROXYPORT] = $port;
if (!empty($user) && !empty($pass)) {
$options[CURLOPT_PROXYAUTH] = CURLAUTH_ANY;
$options[CURLOPT_PROXYUSERPWD] = sprintf('%s:%s', $user, $pass);
}
}
}
if (isset($request['headers'])) {
$options[CURLOPT_HTTPHEADER] = $request['headers'];
}
/*
Add check to see if it's an API v2 call if so then json encode the contents. This is so that it is backwards compatible with API v1 endpoints.
*/
if (isset($additional['api_v2']) && !empty($request['postfields'])) {
$request['postfields'] = json_encode($request['postfields']);
}
if ($method == 'GET' && $this->outFile) {
// GET
$options[CURLOPT_RETURNTRANSFER] = false;
$options[CURLOPT_HEADER] = false;
$options[CURLOPT_FILE] = $this->outFile;
$options[CURLOPT_BINARYTRANSFER] = true;
$options[CURLOPT_FAILONERROR] = true;
/*
Not sure if this is used, keeping it here for backwards compatibility at the moment.
With API v2 the headers are set in the $request they are set above if they are set.
*/
if (isset($additional['headers'])) {
$options[CURLOPT_HTTPHEADER] = $additional['headers'];
}
$this->outFile = null;
} elseif ($method == 'POST' && $this->outFile) {
// POST
$options[CURLOPT_POST] = true;
$options[CURLOPT_RETURNTRANSFER] = false;
$options[CURLOPT_HEADER] = false;
$options[CURLOPT_FILE] = $this->outFile;
$options[CURLOPT_BINARYTRANSFER] = true;
$options[CURLOPT_FAILONERROR] = true;
$this->outFile = null;
} elseif ($method == 'POST' && $this->inFile) {
// POST
$options[CURLOPT_POST] = true;
$options[CURLOPT_POSTFIELDS] = $this->inFile;
} elseif ($method == 'POST') {
// POST
$options[CURLOPT_POST] = true;
$options[CURLOPT_POSTFIELDS] = $request['postfields'];
} elseif ($method == 'PUT' && $this->inFile) {
// PUT
$options[CURLOPT_PUT] = true;
$options[CURLOPT_INFILE] = $this->inFile;
// @todo Update so the data is not loaded into memory to get its size
$options[CURLOPT_INFILESIZE] = strlen(stream_get_contents($this->inFile));
fseek($this->inFile, 0);
$this->inFile = null;
}
// Set the cURL options at once
curl_setopt_array($handle, $options);
// Execute, get any error and close
$response = curl_exec($handle);
$error = curl_error($handle);
$getinfo = curl_getinfo($handle);
curl_close($handle);
//Check if a cURL error has occured
if ($response === false) {
throw new Dropbox_CurlException($error);
} else {
// Parse the response if it is a string
if (is_string($response)) {
$response = $this->parse($response);
}
// Set the last response
$this->lastResponse = $response;
$code = !empty($response['code']) ? $response['code'] : $getinfo['http_code'];
// The API doesn't return an error message for the 304 status code...
// 304's are only returned when the path supplied during metadata calls has not been modified
if ($code == 304) {
$response['body'] = new stdClass();
$response['body']->error = 'The folder contents have not changed';
}
// Check if an error occurred and throw an Exception
if (!empty($response['body']->error)) {
// Dropbox returns error messages inconsistently...
if ($response['body']->error instanceof stdClass) {
$array = array_values((array) $response['body']->error);
//Dropbox API v2 only throws 409 errors if this error is a incorrect_offset then we need the entire error array not just the message. PHP Exception messages have to be a string so JSON encode the array.
if (strpos($array[0], 'incorrect_offset') !== false) {
$message = json_encode($array);
} elseif (strpos($array[0], 'lookup_failed') !== false) {
//re-structure the array so it is correctly formatted for API
//Note: Dropbox v2 returns different errors at different stages hence this fix
$correctOffset = array('0' => $array[1]->{'.tag'}, '1' => $array[1]->correct_offset);
$message = json_encode($correctOffset);
} else {
$message = $array[0];
}
} else {
$message = $response['body']->error;
}
// Throw an Exception with the appropriate with the appropriate message and code
switch ($code) {
case 304:
throw new Dropbox_NotModifiedException($message, 304);
case 400:
throw new Dropbox_BadRequestException($message, 400);
case 404:
throw new Dropbox_NotFoundException($message, 404);
case 406:
throw new Dropbox_NotAcceptableException($message, 406);
case 415:
throw new Dropbox_UnsupportedMediaTypeException($message, 415);
case 401:
//401 means oauth token is expired continue to manually handle the exception depending on the situation
continue;
case 409:
//409 in API V2 every error will return with a 409 to find out what the error is the error description should be checked.
throw new Dropbox_Exception($message, $code);
default:
throw new Dropbox_Exception($message, $code);
}
}
return $response;
}
}
/**
* Get the S3 response
*
* @return object | false
*/
public function getResponse()
{
$query = '';
if (sizeof($this->parameters) > 0) {
$query = substr($this->uri, -1) !== '?' ? '?' : '&';
foreach ($this->parameters as $var => $value) {
if ($value == null || $value == '') {
$query .= $var . '&';
} else {
$query .= $var . '=' . rawurlencode($value) . '&';
}
}
$query = substr($query, 0, -1);
$this->uri .= $query;
if (array_key_exists('acl', $this->parameters) || array_key_exists('location', $this->parameters) || array_key_exists('torrent', $this->parameters) || array_key_exists('logging', $this->parameters) || array_key_exists('partNumber', $this->parameters) || array_key_exists('uploads', $this->parameters) || array_key_exists('uploadId', $this->parameters)) {
$this->resource .= $query;
}
}
$url = (UpdraftPlus_S3::$useSSL ? 'https://' : 'http://') . ($this->headers['Host'] !== '' ? $this->headers['Host'] : $this->endpoint) . $this->uri;
//var_dump('bucket: ' . $this->bucket, 'uri: ' . $this->uri, 'resource: ' . $this->resource, 'url: ' . $url);
// Basic setup
$curl = curl_init();
curl_setopt($curl, CURLOPT_USERAGENT, 'S3/php');
if (UpdraftPlus_S3::$useSSL) {
// SSL Validation can now be optional for those with broken OpenSSL installations
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, UpdraftPlus_S3::$useSSLValidation ? 2 : 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, UpdraftPlus_S3::$useSSLValidation ? 1 : 0);
if (UpdraftPlus_S3::$sslKey !== null) {
curl_setopt($curl, CURLOPT_SSLKEY, UpdraftPlus_S3::$sslKey);
}
if (UpdraftPlus_S3::$sslCert !== null) {
curl_setopt($curl, CURLOPT_SSLCERT, UpdraftPlus_S3::$sslCert);
}
if (UpdraftPlus_S3::$sslCACert !== null) {
curl_setopt($curl, CURLOPT_CAINFO, UpdraftPlus_S3::$sslCACert);
}
}
curl_setopt($curl, CURLOPT_URL, $url);
$wp_proxy = new WP_HTTP_Proxy();
if (UpdraftPlus_S3::$proxy != null && isset(UpdraftPlus_S3::$proxy['host']) && $wp_proxy->send_through_proxy($url)) {
curl_setopt($curl, CURLOPT_PROXY, UpdraftPlus_S3::$proxy['host']);
curl_setopt($curl, CURLOPT_PROXYTYPE, UpdraftPlus_S3::$proxy['type']);
if (!empty(UpdraftPlus_S3::$proxy['port'])) {
curl_setopt($curl, CURLOPT_PROXYPORT, UpdraftPlus_S3::$proxy['port']);
}
if (isset(UpdraftPlus_S3::$proxy['user'], UpdraftPlus_S3::$proxy['pass']) && UpdraftPlus_S3::$proxy['user'] != null && UpdraftPlus_S3::$proxy['pass'] != null) {
curl_setopt($curl, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
curl_setopt($curl, CURLOPT_PROXYUSERPWD, sprintf('%s:%s', UpdraftPlus_S3::$proxy['user'], UpdraftPlus_S3::$proxy['pass']));
}
}
// Headers
$headers = array();
$amz = array();
foreach ($this->amzHeaders as $header => $value) {
if (strlen($value) > 0) {
$headers[] = $header . ': ' . $value;
}
}
foreach ($this->headers as $header => $value) {
if (strlen($value) > 0) {
$headers[] = $header . ': ' . $value;
}
}
// Collect AMZ headers for signature
foreach ($this->amzHeaders as $header => $value) {
if (strlen($value) > 0) {
$amz[] = strtolower($header) . ':' . $value;
}
}
// AMZ headers must be sorted
if (sizeof($amz) > 0) {
//sort($amz);
usort($amz, array(&$this, '__sortMetaHeadersCmp'));
$amz = "\n" . implode("\n", $amz);
} else {
$amz = '';
}
if (UpdraftPlus_S3::hasAuth()) {
// Authorization string (CloudFront stringToSign should only contain a date)
if ($this->headers['Host'] == 'cloudfront.amazonaws.com') {
$headers[] = 'Authorization: ' . UpdraftPlus_S3::__getSignature($this->headers['Date']);
} else {
$headers[] = 'Authorization: ' . UpdraftPlus_S3::__getSignature($this->verb . "\n" . $this->headers['Content-MD5'] . "\n" . $this->headers['Content-Type'] . "\n" . $this->headers['Date'] . $amz . "\n" . $this->resource);
}
}
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, false);
curl_setopt($curl, CURLOPT_WRITEFUNCTION, array(&$this, '__responseWriteCallback'));
curl_setopt($curl, CURLOPT_HEADERFUNCTION, array(&$this, '__responseHeaderCallback'));
@curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
// Request types
switch ($this->verb) {
case 'GET':
break;
case 'PUT':
case 'POST':
if ($this->fp !== false) {
curl_setopt($curl, CURLOPT_PUT, true);
curl_setopt($curl, CURLOPT_INFILE, $this->fp);
if ($this->size >= 0) {
curl_setopt($curl, CURLOPT_INFILESIZE, $this->size);
}
} elseif ($this->data !== false) {
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $this->verb);
curl_setopt($curl, CURLOPT_POSTFIELDS, $this->data);
curl_setopt($curl, CURLOPT_INFILESIZE, strlen($this->data));
} else {
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $this->verb);
}
break;
case 'HEAD':
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'HEAD');
curl_setopt($curl, CURLOPT_NOBODY, true);
break;
case 'DELETE':
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'DELETE');
break;
default:
break;
}
// Execute, grab errors
if (curl_exec($curl)) {
$this->response->code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
} else {
$this->response->error = array('code' => curl_errno($curl), 'message' => curl_error($curl), 'resource' => $this->resource);
}
@curl_close($curl);
// Parse body into XML
if ($this->response->error === false && isset($this->response->headers['type']) && $this->response->headers['type'] == 'application/xml' && isset($this->response->body)) {
$this->response->body = simplexml_load_string($this->response->body);
// Grab S3 errors
if (!in_array($this->response->code, array(200, 204, 206)) && isset($this->response->body->Code, $this->response->body->Message)) {
$this->response->error = array('code' => (string) $this->response->body->Code, 'message' => (string) $this->response->body->Message);
if (isset($this->response->body->Resource)) {
$this->response->error['resource'] = (string) $this->response->body->Resource;
}
unset($this->response->body);
}
}
// Clean up file resources
if ($this->fp !== false && is_resource($this->fp)) {
fclose($this->fp);
}
return $this->response;
}
/**
* Read and parse the content of the general settings template.
*
* @return string Parsed HTML code for the general settings panel.
*/
function sucuriscan_settings_general()
{
global $sucuriscan_emails_per_hour, $sucuriscan_maximum_failed_logins, $sucuriscan_verify_ssl_cert;
// Check the nonce here to populate the value through other functions.
$page_nonce = SucuriScanInterface::check_nonce();
// Process all form submissions.
sucuriscan_settings_form_submissions($page_nonce);
// Register the site, get its API key, and store it locally for future usage.
$api_registered_modal = '';
// Whether the form to manually add the API key should be shown or not.
$display_manual_key_form = (bool) (SucuriScanRequest::post(':recover_key') !== false);
if ($page_nonce && SucuriScanRequest::post(':plugin_api_key') !== false) {
$registered = SucuriScanAPI::register_site();
if ($registered) {
$api_registered_modal = SucuriScanTemplate::get_modal('settings-apiregistered', array('Title' => 'Site registered successfully', 'CssClass' => 'sucuriscan-apikey-registered'));
} else {
$display_manual_key_form = true;
}
}
// Get initial variables to decide some things bellow.
$api_key = SucuriScanAPI::get_plugin_key();
$emails_per_hour = SucuriScanOption::get_option(':emails_per_hour');
$maximum_failed_logins = SucuriScanOption::get_option(':maximum_failed_logins');
$verify_ssl_cert = SucuriScanOption::get_option(':verify_ssl_cert');
$audit_report = SucuriScanOption::get_option(':audit_report');
$logs4report = SucuriScanOption::get_option(':logs4report');
$revproxy = SucuriScanOption::get_option(':revproxy');
$invalid_domain = false;
// Check whether the domain name is valid or not.
if (!$api_key) {
$clean_domain = SucuriScan::get_top_level_domain();
$domain_address = @gethostbyname($clean_domain);
$invalid_domain = $domain_address == $clean_domain ? true : false;
}
// Generate the HTML code for the option list in the form select fields.
$emails_per_hour_options = SucuriScanTemplate::get_select_options($sucuriscan_emails_per_hour, $emails_per_hour);
$maximum_failed_logins_options = SucuriScanTemplate::get_select_options($sucuriscan_maximum_failed_logins, $maximum_failed_logins);
$verify_ssl_cert_options = SucuriScanTemplate::get_select_options($sucuriscan_verify_ssl_cert, $verify_ssl_cert);
$template_variables = array('APIKey' => !$api_key ? '<em>(not set)</em>' : $api_key, 'APIKey.RecoverVisibility' => SucuriScanTemplate::visibility(!$api_key && !$display_manual_key_form), 'APIKey.ManualKeyFormVisibility' => SucuriScanTemplate::visibility($display_manual_key_form), 'APIKey.RemoveVisibility' => SucuriScanTemplate::visibility((bool) $api_key), 'InvalidDomainVisibility' => SucuriScanTemplate::visibility($invalid_domain), 'NotifyTo' => SucuriScanOption::get_option(':notify_to'), 'EmailsPerHour' => 'Undefined', 'EmailsPerHourOptions' => $emails_per_hour_options, 'MaximumFailedLogins' => 'Undefined', 'MaximumFailedLoginsOptions' => $maximum_failed_logins_options, 'VerifySSLCert' => 'Undefined', 'VerifySSLCertOptions' => $verify_ssl_cert_options, 'RequestTimeout' => SucuriScanOption::get_option(':request_timeout') . ' seconds', 'DatastorePath' => SucuriScanOption::get_option(':datastore_path'), 'CollectWrongPasswords' => 'No collect passwords', 'ModalWhenAPIRegistered' => $api_registered_modal, 'AuditReportStatus' => 'Enabled', 'AuditReportSwitchText' => 'Disable', 'AuditReportSwitchValue' => 'disable', 'AuditReportSwitchCssClass' => 'button-danger', 'AuditReportLimit' => $logs4report, 'ReverseProxyStatus' => 'Enabled', 'ReverseProxySwitchText' => 'Disable', 'ReverseProxySwitchValue' => 'disable', 'ReverseProxySwitchCssClass' => 'button-danger', 'APIProxy.Host' => 'n/a', 'APIProxy.Port' => 'n/a', 'APIProxy.Username' => 'n/a', 'APIProxy.Password' => 'n/a', 'APIProxy.PasswordType' => 'default', 'APIProxy.PasswordText' => 'empty');
if (array_key_exists($emails_per_hour, $sucuriscan_emails_per_hour)) {
$template_variables['EmailsPerHour'] = $sucuriscan_emails_per_hour[$emails_per_hour];
}
if (array_key_exists($maximum_failed_logins, $sucuriscan_maximum_failed_logins)) {
$template_variables['MaximumFailedLogins'] = $sucuriscan_maximum_failed_logins[$maximum_failed_logins];
}
if (array_key_exists($verify_ssl_cert, $sucuriscan_verify_ssl_cert)) {
$template_variables['VerifySSLCert'] = $sucuriscan_verify_ssl_cert[$verify_ssl_cert];
}
if ($audit_report == 'disabled') {
$template_variables['AuditReportStatus'] = 'Disabled';
$template_variables['AuditReportSwitchText'] = 'Enable';
$template_variables['AuditReportSwitchValue'] = 'enable';
$template_variables['AuditReportSwitchCssClass'] = 'button-success';
}
if ($revproxy == 'disabled') {
$template_variables['ReverseProxyStatus'] = 'Disabled';
$template_variables['ReverseProxySwitchText'] = 'Enable';
$template_variables['ReverseProxySwitchValue'] = 'enable';
$template_variables['ReverseProxySwitchCssClass'] = 'button-success';
}
if (sucuriscan_collect_wrong_passwords() === true) {
$template_variables['CollectWrongPasswords'] = '<span class="sucuriscan-label-error">Yes, collect passwords</span>';
}
// Determine if the API calls with pass through a proxy or not.
if (class_exists('WP_HTTP_Proxy')) {
$wp_http_proxy = new WP_HTTP_Proxy();
if ($wp_http_proxy->is_enabled()) {
$proxy_host = SucuriScan::escape($wp_http_proxy->host());
$proxy_port = SucuriScan::escape($wp_http_proxy->port());
$proxy_username = SucuriScan::escape($wp_http_proxy->username());
$proxy_password = SucuriScan::escape($wp_http_proxy->password());
$template_variables['APIProxy.Host'] = $proxy_host;
$template_variables['APIProxy.Port'] = $proxy_port;
$template_variables['APIProxy.Username'] = $proxy_username;
$template_variables['APIProxy.Password'] = $proxy_password;
$template_variables['APIProxy.PasswordType'] = 'info';
$template_variables['APIProxy.PasswordText'] = 'hidden';
}
}
return SucuriScanTemplate::get_section('settings-general', $template_variables);
}
/**
* Send a HTTP request to a URI using cURL extension.
*
* @access public
* @since 2.7.0
*
* @param string $url
* @param str|array $args Optional. Override the defaults.
* @return array 'headers', 'body', 'response', 'cookies' and 'filename' keys.
*/
function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
$r = wp_parse_args($args, $defaults);
if (isset($r['headers']['User-Agent'])) {
$r['user-agent'] = $r['headers']['User-Agent'];
unset($r['headers']['User-Agent']);
} else {
if (isset($r['headers']['user-agent'])) {
$r['user-agent'] = $r['headers']['user-agent'];
unset($r['headers']['user-agent']);
}
}
// Construct Cookie: header if any cookies are set.
WP_Http::buildCookieHeader($r);
$handle = curl_init();
// cURL offers really easy proxy support.
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
curl_setopt($handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($handle, CURLOPT_PROXY, $proxy->host());
curl_setopt($handle, CURLOPT_PROXYPORT, $proxy->port());
if ($proxy->use_authentication()) {
curl_setopt($handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
curl_setopt($handle, CURLOPT_PROXYUSERPWD, $proxy->authentication());
}
}
$is_local = isset($args['local']) && $args['local'];
$ssl_verify = isset($args['sslverify']) && $args['sslverify'];
if ($is_local) {
$ssl_verify = apply_filters('https_local_ssl_verify', $ssl_verify);
} elseif (!$is_local) {
$ssl_verify = apply_filters('https_ssl_verify', $ssl_verify);
}
// CURLOPT_TIMEOUT and CURLOPT_CONNECTTIMEOUT expect integers. Have to use ceil since
// a value of 0 will allow an ulimited timeout.
$timeout = (int) ceil($r['timeout']);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_TIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_URL, $url);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify === true ? 2 : false);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify);
curl_setopt($handle, CURLOPT_USERAGENT, $r['user-agent']);
curl_setopt($handle, CURLOPT_MAXREDIRS, $r['redirection']);
switch ($r['method']) {
case 'HEAD':
curl_setopt($handle, CURLOPT_NOBODY, true);
break;
case 'POST':
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
case 'PUT':
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
}
if (true === $r['blocking']) {
curl_setopt($handle, CURLOPT_HEADERFUNCTION, array(&$this, 'stream_headers'));
}
curl_setopt($handle, CURLOPT_HEADER, false);
// If streaming to a file open a file handle, and setup our curl streaming handler
if ($r['stream']) {
if (!WP_DEBUG) {
$stream_handle = @fopen($r['filename'], 'w+');
} else {
$stream_handle = fopen($r['filename'], 'w+');
}
if (!$stream_handle) {
return new WP_Error('http_request_failed', sprintf(__('Could not open handle for fopen() to %s'), $r['filename']));
}
curl_setopt($handle, CURLOPT_FILE, $stream_handle);
}
// The option doesn't work with safe mode or when open_basedir is set.
if (!ini_get('safe_mode') && !ini_get('open_basedir') && 0 !== $r['_redirection']) {
curl_setopt($handle, CURLOPT_FOLLOWLOCATION, true);
}
if (!empty($r['headers'])) {
// cURL expects full header strings in each element
$headers = array();
foreach ($r['headers'] as $name => $value) {
$headers[] = "{$name}: {$value}";
}
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
}
if ($r['httpversion'] == '1.0') {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
} else {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
}
// Cookies are not handled by the HTTP API currently. Allow for plugin authors to handle it
// themselves... Although, it is somewhat pointless without some reference.
do_action_ref_array('http_api_curl', array(&$handle));
// We don't need to return the body, so don't. Just execute request and return.
if (!$r['blocking']) {
curl_exec($handle);
curl_close($handle);
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
}
$theResponse = curl_exec($handle);
$theBody = '';
$theHeaders = WP_Http::processHeaders($this->headers);
if (strlen($theResponse) > 0 && !is_bool($theResponse)) {
// is_bool: when using $args['stream'], curl_exec will return (bool)true
$theBody = $theResponse;
}
// If no response, and It's not a HEAD request with valid headers returned
if (0 == strlen($theResponse) && ('HEAD' != $args['method'] || empty($this->headers))) {
if ($curl_error = curl_error($handle)) {
return new WP_Error('http_request_failed', $curl_error);
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
}
unset($this->headers);
$response = array();
$response['code'] = curl_getinfo($handle, CURLINFO_HTTP_CODE);
$response['message'] = get_status_header_desc($response['code']);
curl_close($handle);
if ($r['stream']) {
fclose($stream_handle);
}
// See #11305 - When running under safe mode, redirection is disabled above. Handle it manually.
if (!empty($theHeaders['headers']['location']) && (ini_get('safe_mode') || ini_get('open_basedir')) && 0 !== $r['_redirection']) {
if ($r['redirection']-- > 0) {
return $this->request($theHeaders['headers']['location'], $r);
} else {
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
}
if (true === $r['decompress'] && true === WP_Http_Encoding::should_decode($theHeaders['headers'])) {
$theBody = WP_Http_Encoding::decompress($theBody);
}
return array('headers' => $theHeaders['headers'], 'body' => $theBody, 'response' => $response, 'cookies' => $theHeaders['cookies'], 'filename' => $r['filename']);
}
public function getS3($key, $secret, $useservercerts, $disableverify, $nossl, $endpoint = null, $sse = false)
{
if (!empty($this->s3_object) && !is_wp_error($this->s3_object)) {
return $this->s3_object;
}
if (is_string($key)) {
$key = trim($key);
}
if (is_string($secret)) {
$secret = trim($secret);
}
// Saved in case the object needs recreating for the corner-case where there is no permission to look up the bucket location
$this->got_with = array('key' => $key, 'secret' => $secret, 'useservercerts' => $useservercerts, 'disableverify' => $disableverify, 'nossl' => $nossl, 'server_side_encryption' => $sse);
if (is_wp_error($key)) {
return $key;
}
if ('' == $key || '' == $secret) {
return new WP_Error('no_settings', __('No settings were found - please go to the Settings tab and check your settings', 'updraftplus'));
}
global $updraftplus;
$use_s3_class = $this->indicate_s3_class();
if (!class_exists('WP_HTTP_Proxy')) {
require_once ABSPATH . WPINC . '/class-http.php';
}
$proxy = new WP_HTTP_Proxy();
$use_ssl = true;
$ssl_ca = true;
if (!$nossl) {
$curl_version = function_exists('curl_version') ? curl_version() : array('features' => null);
$curl_ssl_supported = $curl_version['features'] & CURL_VERSION_SSL;
if ($curl_ssl_supported) {
if ($disableverify) {
$ssl_ca = false;
//$s3->setSSL(true, false);
$updraftplus->log("S3: Disabling verification of SSL certificates");
} else {
if ($useservercerts) {
$updraftplus->log("S3: Using the server's SSL certificates");
$ssl_ca = 'system';
} else {
$ssl_ca = file_exists(UPDRAFTPLUS_DIR . '/includes/cacert.pem') ? UPDRAFTPLUS_DIR . '/includes/cacert.pem' : true;
}
}
} else {
$use_ssl = false;
$updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted.");
}
} else {
$use_ssl = false;
$updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted.");
}
try {
$s3 = new $use_s3_class($key, $secret, $use_ssl, $ssl_ca, $endpoint);
} catch (Exception $e) {
// Catch a specific PHP engine bug - see HS#6364
if ('UpdraftPlus_S3_Compat' == $use_s3_class && is_a($e, 'InvalidArgumentException') && false !== strpos('Invalid signature type: s3', $e->getMessage())) {
require_once UPDRAFTPLUS_DIR . '/includes/S3.php';
$use_s3_class = 'UpdraftPlus_S3';
$try_again = true;
} else {
$updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')');
$updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), $key), 'S3');
return new WP_Error('s3_init_failed', sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')');
}
}
if (!empty($try_again)) {
try {
$s3 = new $use_s3_class($key, $secret, $use_ssl, $ssl_ca, $endpoint);
} catch (Exception $e) {
$updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')');
$updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), $key), 'S3');
return new WP_Error('s3_init_failed', sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')');
}
$updraftplus->log("S3: Hit a PHP engine bug - had to switch to the older S3 library (which is incompatible with signatureV4, which may cause problems later on if using a region that requires it)");
}
if ($proxy->is_enabled()) {
# WP_HTTP_Proxy returns empty strings where we want nulls
$user = $proxy->username();
if (empty($user)) {
$user = null;
$pass = null;
} else {
$pass = $proxy->password();
if (empty($pass)) {
$pass = null;
}
}
$port = (int) $proxy->port();
if (empty($port)) {
$port = 8080;
}
$s3->setProxy($proxy->host(), $user, $pass, CURLPROXY_HTTP, $port);
}
// Old: from before we passed the SSL options when getting the object
// if (!$nossl) {
// $curl_version = (function_exists('curl_version')) ? curl_version() : array('features' => null);
// $curl_ssl_supported = ($curl_version['features'] & CURL_VERSION_SSL);
// if ($curl_ssl_supported) {
// if ($disableverify) {
// $s3->setSSL(true, false);
// $updraftplus->log("S3: Disabling verification of SSL certificates");
// } else {
// $s3->setSSL(true, true);
// }
// if ($useservercerts) {
// $updraftplus->log("S3: Using the server's SSL certificates");
// } else {
// $s3->setSSLAuth(null, null, UPDRAFTPLUS_DIR.'/includes/cacert.pem');
// }
// } else {
// $s3->setSSL(false, false);
// $updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted.");
// }
// } else {
// $s3->setSSL(false, false);
// $updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted.");
// }
if (method_exists($s3, 'setServerSideEncryption') && (is_a($this, 'UpdraftPlus_BackupModule_updraftvault') || $sse)) {
$s3->setServerSideEncryption('AES256');
}
$this->s3_object = $s3;
return $this->s3_object;
}
/**
* Execute an API call
* @todo Improve error handling
* @param string $method The HTTP method
* @param string $url The API endpoint
* @param string $call The API method to call
* @param array $additional Additional parameters
* @return string|object stdClass
*/
public function fetch($method, $url, $call, array $additional = array())
{
// Get the signed request URL
$request = $this->getSignedRequest($method, $url, $call, $additional);
// Initialise and execute a cURL request
$handle = curl_init($request['url']);
// Get the default options array
$options = $this->defaultOptions;
if (!UpdraftPlus_Options::get_updraft_option('updraft_ssl_useservercerts')) {
$options[CURLOPT_CAINFO] = UPDRAFTPLUS_DIR . '/includes/cacert.pem';
}
if (UpdraftPlus_Options::get_updraft_option('updraft_ssl_disableverify')) {
$options[CURLOPT_SSL_VERIFYPEER] = false;
} else {
$options[CURLOPT_SSL_VERIFYPEER] = true;
}
if (!class_exists('WP_HTTP_Proxy')) {
require_once ABSPATH . WPINC . '/class-http.php';
}
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled()) {
# WP_HTTP_Proxy returns empty strings if nothing is set
$user = $proxy->username();
$pass = $proxy->password();
$host = $proxy->host();
$port = (int) $proxy->port();
if (empty($port)) {
$port = 8080;
}
if (!empty($host) && $proxy->send_through_proxy($request['url'])) {
$options[CURLOPT_PROXY] = $host;
$options[CURLOPT_PROXYTYPE] = CURLPROXY_HTTP;
$options[CURLOPT_PROXYPORT] = $port;
if (!empty($user) && !empty($pass)) {
$options[CURLOPT_PROXYAUTH] = CURLAUTH_ANY;
$options[CURLOPT_PROXYUSERPWD] = sprintf('%s:%s', $user, $pass);
}
}
}
if ($method == 'GET' && $this->outFile) {
// GET
$options[CURLOPT_RETURNTRANSFER] = false;
$options[CURLOPT_HEADER] = false;
$options[CURLOPT_FILE] = $this->outFile;
$options[CURLOPT_BINARYTRANSFER] = true;
$options[CURLOPT_FAILONERROR] = true;
if (isset($additional['headers'])) {
$options[CURLOPT_HTTPHEADER] = $additional['headers'];
}
$this->outFile = null;
} elseif ($method == 'POST') {
// POST
$options[CURLOPT_POST] = true;
$options[CURLOPT_POSTFIELDS] = $request['postfields'];
} elseif ($method == 'PUT' && $this->inFile) {
// PUT
$options[CURLOPT_PUT] = true;
$options[CURLOPT_INFILE] = $this->inFile;
// @todo Update so the data is not loaded into memory to get its size
$options[CURLOPT_INFILESIZE] = strlen(stream_get_contents($this->inFile));
fseek($this->inFile, 0);
$this->inFile = null;
}
// Set the cURL options at once
curl_setopt_array($handle, $options);
// Execute, get any error and close
$response = curl_exec($handle);
$error = curl_error($handle);
$getinfo = curl_getinfo($handle);
curl_close($handle);
//Check if a cURL error has occured
if ($response === false) {
throw new Dropbox_CurlException($error);
} else {
// Parse the response if it is a string
if (is_string($response)) {
$response = $this->parse($response);
}
// Set the last response
$this->lastResponse = $response;
$code = !empty($response['code']) ? $response['code'] : $getinfo['http_code'];
// The API doesn't return an error message for the 304 status code...
// 304's are only returned when the path supplied during metadata calls has not been modified
if ($code == 304) {
$response['body'] = new stdClass();
$response['body']->error = 'The folder contents have not changed';
}
// Check if an error occurred and throw an Exception
if (!empty($response['body']->error)) {
// Dropbox returns error messages inconsistently...
if ($response['body']->error instanceof stdClass) {
$array = array_values((array) $response['body']->error);
$message = $array[0];
} else {
$message = $response['body']->error;
}
// Throw an Exception with the appropriate with the appropriate message and code
switch ($code) {
case 304:
throw new Dropbox_NotModifiedException($message, 304);
case 400:
throw new Dropbox_BadRequestException($message, 400);
case 404:
throw new Dropbox_NotFoundException($message, 404);
case 406:
throw new Dropbox_NotAcceptableException($message, 406);
case 415:
throw new Dropbox_UnsupportedMediaTypeException($message, 415);
default:
throw new Dropbox_Exception($message, $code);
}
}
return $response;
}
}
/**
* Make an HTTP request
*
* @return API results
*/
function http($url, $method, $postfields = NULL)
{
$this->http_info = array();
$ci = curl_init();
/* Curl settings */
curl_setopt($ci, CURLOPT_USERAGENT, $this->useragent);
curl_setopt($ci, CURLOPT_CONNECTTIMEOUT, $this->connecttimeout);
curl_setopt($ci, CURLOPT_TIMEOUT, $this->timeout);
curl_setopt($ci, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ci, CURLOPT_HTTPHEADER, array('Expect:'));
curl_setopt($ci, CURLOPT_SSL_VERIFYPEER, $this->ssl_verifypeer);
curl_setopt($ci, CURLOPT_HEADERFUNCTION, array($this, 'getHeader'));
curl_setopt($ci, CURLOPT_HEADER, FALSE);
/* Proxy Support via WP_HTTP_Proxy */
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
curl_setopt($ci, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($ci, CURLOPT_PROXY, $proxy->host());
curl_setopt($ci, CURLOPT_PROXYPORT, $proxy->port());
if ($proxy->use_authentication()) {
curl_setopt($ci, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
curl_setopt($ci, CURLOPT_PROXYUSERPWD, $proxy->authentication());
}
}
switch ($method) {
case 'POST':
curl_setopt($ci, CURLOPT_POST, TRUE);
if (!empty($postfields)) {
curl_setopt($ci, CURLOPT_POSTFIELDS, $postfields);
}
break;
case 'DELETE':
curl_setopt($ci, CURLOPT_CUSTOMREQUEST, 'DELETE');
if (!empty($postfields)) {
$url = "{$url}?{$postfields}";
}
}
curl_setopt($ci, CURLOPT_URL, $url);
$response = curl_exec($ci);
$this->http_code = curl_getinfo($ci, CURLINFO_HTTP_CODE);
$this->http_info = array_merge($this->http_info, curl_getinfo($ci));
$this->url = $url;
curl_close($ci);
return $response;
}
function sucuriscan_settings_general_apiproxy()
{
$params = array('APIProxy.Host' => 'no_proxy_host', 'APIProxy.Port' => 'no_proxy_port', 'APIProxy.Username' => 'no_proxy_username', 'APIProxy.Password' => 'no_proxy_password', 'APIProxy.PasswordType' => 'default', 'APIProxy.PasswordText' => 'empty');
if (class_exists('WP_HTTP_Proxy')) {
$wp_http_proxy = new WP_HTTP_Proxy();
if ($wp_http_proxy->is_enabled()) {
$proxy_host = SucuriScan::escape($wp_http_proxy->host());
$proxy_port = SucuriScan::escape($wp_http_proxy->port());
$proxy_username = SucuriScan::escape($wp_http_proxy->username());
$proxy_password = SucuriScan::escape($wp_http_proxy->password());
$template_variables['APIProxy.Host'] = $proxy_host;
$template_variables['APIProxy.Port'] = $proxy_port;
$template_variables['APIProxy.Username'] = $proxy_username;
$template_variables['APIProxy.Password'] = $proxy_password;
$template_variables['APIProxy.PasswordType'] = 'info';
$template_variables['APIProxy.PasswordText'] = 'hidden';
}
}
return SucuriScanTemplate::get_section('settings-general-apiproxy', $params);
}
/**
* Call REST API
*
* @param $strURL Remote file URL
*/
function callREST($strURL)
{
$strPiwikURL = self::$aryGlobalSettings['piwik_url'];
if (substr($strPiwikURL, -1, 1) != '/') {
$strPiwikURL .= '/';
}
$strURL = $strPiwikURL . '?module=API' . $strURL;
// Use cURL if available
if (function_exists('curl_init')) {
// Init cURL
$c = curl_init($strURL);
// Disable SSL peer verification if asked to
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, !self::$aryGlobalSettings['disable_ssl_verify']);
// Set user agent
curl_setopt($c, CURLOPT_USERAGENT, self::$aryGlobalSettings['piwik_useragent'] == 'php' ? ini_get('user_agent') : self::$aryGlobalSettings['piwik_useragent_string']);
// Configure cURL CURLOPT_RETURNTRANSFER = 1
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
// Configure cURL CURLOPT_HEADER = 0
curl_setopt($c, CURLOPT_HEADER, 0);
// Set cURL timeout
curl_setopt($c, CURLOPT_TIMEOUT, self::$aryGlobalSettings['connection_timeout']);
if (WP_HTTP_Proxy::is_enabled() && WP_HTTP_Proxy::send_through_proxy($strURL)) {
curl_setopt($c, CURLOPT_PROXY, WP_HTTP_Proxy::host());
curl_setopt($c, CURLOPT_PROXYPORT, WP_HTTP_Proxy::port());
if (WP_HTTP_Proxy::use_authentication()) {
curl_setopt($c, CURLOPT_PROXYUSERPWD, WP_HTTP_Proxy::username() . ':' . WP_HTTP_Proxy::password());
}
}
// Get result
$strResult = curl_exec($c);
// Close connection
curl_close($c);
// cURL not available but url fopen allowed
} elseif (ini_get('allow_url_fopen')) {
// Set timeout
$resContext = stream_context_create(array('http' => array('timeout' => self::$aryGlobalSettings['connection_timeout'])));
// Get file using file_get_contents
$strResult = @file_get_contents($strURL, false, $strContext);
// Error: Not possible to get remote file
} else {
$strResult = serialize(array('result' => 'error', 'message' => 'Remote access to Piwik not possible. Enable allow_url_fopen or CURL.'));
}
// Return result
return $strResult;
}
/**
* Send an HTTP request to a URI.
*
* Please note: The only URI that are supported in the HTTP Transport implementation
* are the HTTP and HTTPS protocols.
*
* @access public
* @since 2.7.0
*
* @param string $url The request URL.
* @param string|array $args {
* Optional. Array or string of HTTP request arguments.
*
* @type string $method Request method. Accepts 'GET', 'POST', 'HEAD', or 'PUT'.
* Some transports technically allow others, but should not be
* assumed. Default 'GET'.
* @type int $timeout How long the connection should stay open in seconds. Default 5.
* @type int $redirection Number of allowed redirects. Not supported by all transports
* Default 5.
* @type string $httpversion Version of the HTTP protocol to use. Accepts '1.0' and '1.1'.
* Default '1.0'.
* @type string $user-agent User-agent value sent.
* Default WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ).
* @type bool $reject_unsafe_urls Whether to pass URLs through wp_http_validate_url().
* Default false.
* @type bool $blocking Whether the calling code requires the result of the request.
* If set to false, the request will be sent to the remote server,
* and processing returned to the calling code immediately, the caller
* will know if the request succeeded or failed, but will not receive
* any response from the remote server. Default true.
* @type string|array $headers Array or string of headers to send with the request.
* Default empty array.
* @type array $cookies List of cookies to send with the request. Default empty array.
* @type string|array $body Body to send with the request. Default null.
* @type bool $compress Whether to compress the $body when sending the request.
* Default false.
* @type bool $decompress Whether to decompress a compressed response. If set to false and
* compressed content is returned in the response anyway, it will
* need to be separately decompressed. Default true.
* @type bool $sslverify Whether to verify SSL for the request. Default true.
* @type string sslcertificates Absolute path to an SSL certificate .crt file.
* Default ABSPATH . WPINC . '/certificates/ca-bundle.crt'.
* @type bool $stream Whether to stream to a file. If set to true and no filename was
* given, it will be droped it in the WP temp dir and its name will
* be set using the basename of the URL. Default false.
* @type string $filename Filename of the file to write to when streaming. $stream must be
* set to true. Default null.
* @type int $limit_response_size Size in bytes to limit the response to. Default null.
*
* }
* @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'.
* A WP_Error instance upon error.
*/
public function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => apply_filters('http_request_timeout', 5), 'redirection' => apply_filters('http_request_redirection_count', 5), 'httpversion' => apply_filters('http_request_version', '1.0'), 'user-agent' => apply_filters('http_headers_useragent', 'WordPress/' . get_bloginfo('version') . '; ' . get_bloginfo('url')), 'reject_unsafe_urls' => apply_filters('http_request_reject_unsafe_urls', false), 'blocking' => true, 'headers' => array(), 'cookies' => array(), 'body' => null, 'compress' => false, 'decompress' => true, 'sslverify' => true, 'sslcertificates' => ABSPATH . WPINC . '/certificates/ca-bundle.crt', 'stream' => false, 'filename' => null, 'limit_response_size' => null);
// Pre-parse for the HEAD checks.
$args = wp_parse_args($args);
// By default, Head requests do not cause redirections.
if (isset($args['method']) && 'HEAD' == $args['method']) {
$defaults['redirection'] = 0;
}
$r = wp_parse_args($args, $defaults);
/**
* Filters the arguments used in an HTTP request.
*
* @since 2.7.0
*
* @param array $r An array of HTTP request arguments.
* @param string $url The request URL.
*/
$r = apply_filters('http_request_args', $r, $url);
// The transports decrement this, store a copy of the original value for loop purposes.
if (!isset($r['_redirection'])) {
$r['_redirection'] = $r['redirection'];
}
/**
* Filters whether to preempt an HTTP request's return value.
*
* Returning a non-false value from the filter will short-circuit the HTTP request and return
* early with that value. A filter should return either:
*
* - An array containing 'headers', 'body', 'response', 'cookies', and 'filename' elements
* - A WP_Error instance
* - boolean false (to avoid short-circuiting the response)
*
* Returning any other value may result in unexpected behaviour.
*
* @since 2.9.0
*
* @param false|array|WP_Error $preempt Whether to preempt an HTTP request's return value. Default false.
* @param array $r HTTP request arguments.
* @param string $url The request URL.
*/
$pre = apply_filters('pre_http_request', false, $r, $url);
if (false !== $pre) {
return $pre;
}
if (function_exists('wp_kses_bad_protocol')) {
if ($r['reject_unsafe_urls']) {
$url = wp_http_validate_url($url);
}
if ($url) {
$url = wp_kses_bad_protocol($url, array('http', 'https', 'ssl'));
}
}
$arrURL = @parse_url($url);
if (empty($url) || empty($arrURL['scheme'])) {
return new WP_Error('http_request_failed', __('A valid URL was not provided.'));
}
if ($this->block_request($url)) {
return new WP_Error('http_request_failed', __('User has blocked requests through HTTP.'));
}
// If we are streaming to a file but no filename was given drop it in the WP temp dir
// and pick its name using the basename of the $url
if ($r['stream']) {
if (empty($r['filename'])) {
$r['filename'] = get_temp_dir() . basename($url);
}
// Force some settings if we are streaming to a file and check for existence and perms of destination directory
$r['blocking'] = true;
if (!wp_is_writable(dirname($r['filename']))) {
return new WP_Error('http_request_failed', __('Destination directory for file streaming does not exist or is not writable.'));
}
}
if (is_null($r['headers'])) {
$r['headers'] = array();
}
// WP allows passing in headers as a string, weirdly.
if (!is_array($r['headers'])) {
$processedHeaders = WP_Http::processHeaders($r['headers']);
$r['headers'] = $processedHeaders['headers'];
}
// Setup arguments
$headers = $r['headers'];
$data = $r['body'];
$type = $r['method'];
$options = array('timeout' => $r['timeout'], 'useragent' => $r['user-agent'], 'blocking' => $r['blocking'], 'hooks' => new WP_HTTP_Requests_Hooks($url, $r));
// Ensure redirects follow browser behaviour.
$options['hooks']->register('requests.before_redirect', array(get_class(), 'browser_redirect_compatibility'));
if ($r['stream']) {
$options['filename'] = $r['filename'];
}
if (empty($r['redirection'])) {
$options['follow_redirects'] = false;
} else {
$options['redirects'] = $r['redirection'];
}
// Use byte limit, if we can
if (isset($r['limit_response_size'])) {
$options['max_bytes'] = $r['limit_response_size'];
}
// If we've got cookies, use and convert them to Requests_Cookie.
if (!empty($r['cookies'])) {
$options['cookies'] = WP_Http::normalize_cookies($r['cookies']);
}
// SSL certificate handling
if (!$r['sslverify']) {
$options['verify'] = false;
$options['verifyname'] = false;
} else {
$options['verify'] = $r['sslcertificates'];
}
// All non-GET/HEAD requests should put the arguments in the form body.
if ('HEAD' !== $type && 'GET' !== $type) {
$options['data_format'] = 'body';
}
/**
* Filters whether SSL should be verified for non-local requests.
*
* @since 2.8.0
*
* @param bool $ssl_verify Whether to verify the SSL connection. Default true.
*/
$options['verify'] = apply_filters('https_ssl_verify', $options['verify']);
// Check for proxies.
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
$options['proxy'] = new Requests_Proxy_HTTP($proxy->host() . ':' . $proxy->port());
if ($proxy->use_authentication()) {
$options['proxy']->use_authentication = true;
$options['proxy']->user = $proxy->username();
$options['proxy']->pass = $proxy->password();
}
}
// Avoid issues where mbstring.func_overload is enabled
mbstring_binary_safe_encoding();
try {
$requests_response = Requests::request($url, $headers, $data, $type, $options);
// Convert the response into an array
$http_response = new WP_HTTP_Requests_Response($requests_response, $r['filename']);
$response = $http_response->to_array();
// Add the original object to the array.
$response['http_response'] = $http_response;
} catch (Requests_Exception $e) {
$response = new WP_Error('http_request_failed', $e->getMessage());
}
reset_mbstring_encoding();
/**
* Fires after an HTTP API response is received and before the response is returned.
*
* @since 2.8.0
*
* @param array|WP_Error $response HTTP response or WP_Error object.
* @param string $context Context under which the hook is fired.
* @param string $class HTTP transport used.
* @param array $args HTTP request arguments.
* @param string $url The request URL.
*/
do_action('http_api_debug', $response, 'response', 'Requests', $r, $url);
if (is_wp_error($response)) {
return $response;
}
if (!$r['blocking']) {
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array(), 'http_response' => null);
}
/**
* Filters the HTTP API response immediately before the response is returned.
*
* @since 2.9.0
*
* @param array $response HTTP response.
* @param array $r HTTP request arguments.
* @param string $url The request URL.
*/
return apply_filters('http_response', $response, $r, $url);
}
protected function getS3($key, $secret, $useservercerts, $disableverify, $nossl)
{
if (!empty($this->s3_object) && !is_wp_error($this->s3_object)) {
return $this->s3_object;
}
if ('' == $key || '' == $secret) {
return new WP_Error('no_settings', __('No settings were found', 'updraftplus'));
}
global $updraftplus;
if (!class_exists('UpdraftPlus_S3')) {
require_once UPDRAFTPLUS_DIR . '/includes/S3.php';
}
if (!class_exists('WP_HTTP_Proxy')) {
require_once ABSPATH . WPINC . '/class-http.php';
}
$proxy = new WP_HTTP_Proxy();
$s3 = new UpdraftPlus_S3($key, $secret);
if ($proxy->is_enabled()) {
# WP_HTTP_Proxy returns empty strings where we want nulls
$user = $proxy->username();
if (empty($user)) {
$user = null;
$pass = null;
} else {
$pass = $proxy->password();
if (empty($pass)) {
$pass = null;
}
}
$port = (int) $proxy->port();
if (empty($port)) {
$port = 8080;
}
$s3->setProxy($proxy->host(), $user, $pass, CURLPROXY_HTTP, $port);
}
if (!$nossl) {
$curl_version = function_exists('curl_version') ? curl_version() : array('features' => null);
$curl_ssl_supported = $curl_version['features'] & CURL_VERSION_SSL;
if ($curl_ssl_supported) {
if ($disableverify) {
$s3->setSSL(true, false);
$updraftplus->log("S3: Disabling verification of SSL certificates");
} else {
$s3->setSSL(true, true);
}
if ($useservercerts) {
$updraftplus->log("S3: Using the server's SSL certificates");
} else {
$s3->setSSLAuth(null, null, UPDRAFTPLUS_DIR . '/includes/cacert.pem');
}
} else {
$s3->setSSL(false, false);
$updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted.");
}
} else {
$s3->setSSL(false, false);
$updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted.");
}
$this->s3_object = $s3;
return $this->s3_object;
}
/**
* Set proxy information
*
* @param string $host Proxy hostname and port (localhost:1234)
* @param string $user Proxy username
* @param string $pass Proxy password
* @param constant $type CURL proxy type
* @return void
*/
public function setProxy($host, $user = null, $pass = null, $type = CURLPROXY_SOCKS5, $port = null)
{
$this->proxy = array('host' => $host, 'type' => $type, 'user' => $user, 'pass' => $pass, 'port' => $port);
if (!$host) {
return;
}
$wp_proxy = new WP_HTTP_Proxy();
if ($wp_proxy->send_through_proxy('https://s3.amazonaws.com')) {
global $updraftplus;
$updraftplus->log("setProxy: host={$host}, user={$user}, port={$port}");
// N.B. Currently (02-Feb-15), only support for HTTP proxies has ever been requested for S3 in UpdraftPlus
$proxy_url = 'http://';
if ($user) {
$proxy_url .= $user;
if ($pass) {
$proxy_url .= ":{$pass}";
}
$proxy_url .= "@";
}
$proxy_url .= $host;
if ($port) {
$proxy_url .= ":{$port}";
}
$this->client->setDefaultOption('proxy', $proxy_url);
}
}
function sixscan_common_gather_system_information_for_anonymous_support_ticket()
{
$submission_data = "\n";
$submission_data .= "OS: " . PHP_OS . " \n";
$submission_data .= "Server info: " . print_r($_SERVER, TRUE);
$regdata_status = sixscan_common_is_regdata_present();
$submission_data .= "Regdata present: {$regdata_status}\n";
$write_method = get_option(SIXSCAN_OPTION_WPFS_CONFIG) === FALSE ? "Direct_access" : "WP_filesystem";
$submission_data .= "Write method: {$write_method}\n";
/* Check , whether site can access external resources */
$url = SIXSCAN_BODYGUARD_REGISTER_URL;
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
$is_through_proxy = "true";
} else {
$is_through_proxy = "false";
}
$submission_data .= "Is access through proxy: {$is_through_proxy}\n";
$htaccess_contents = file_get_contents(sixscan_common_get_htaccess_file_path(TRUE));
if ($htaccess_contents == FALSE) {
$htaccess_contents = "Empty";
}
$submission_data .= "Htaccess contents: {$htaccess_contents}\n";
$plugin_list = get_plugins();
$submission_data .= "Plugins: " . print_r($plugin_list, TRUE) . "\n";
$phpinif_info = ini_get_all();
$submission_data .= "phpinfo(): " . print_r($phpinif_info, true) . "\n";
return $submission_data;
}