/**
* Performs a safe (local) redirect, using hq_redirect().
*
* Checks whether the $location is using an allowed host, if it has an absolute
* path. A plugin can therefore set or remove allowed host(s) to or from the
* list.
*
* If the host is not allowed, then the redirect defaults to hq-admin on the siteurl
* instead. This prevents malicious redirects which redirect to another host,
* but only used in a few places.
*
* @since 0.0.1
*/
function hq_safe_redirect($location, $status = 302)
{
// Need to look at the URL the way it will end up in hq_redirect()
$location = hq_sanitize_redirect($location);
/**
* Filter the redirect fallback URL for when the provided redirect is not safe (local).
*
* @since 0.0.1
*
* @param string $fallback_url The fallback URL to use by default.
* @param int $status The redirect status.
*/
$location = hq_validate_redirect($location, apply_filters('hq_safe_redirect_fallback', admin_url(), $status));
hq_redirect($location, $status);
}
/**
* Attempts activation of plugin in a "sandbox" and redirects on success.
*
* A plugin that is already activated will not attempt to be activated again.
*
* The way it works is by setting the redirection to the error before trying to
* include the plugin file. If the plugin fails, then the redirection will not
* be overwritten with the success message. Also, the options will not be
* updated and the activation hook will not be called on plugin error.
*
* It should be noted that in no way the below code will actually prevent errors
* within the file. The code should not be used elsewhere to replicate the
* "sandbox", which uses redirection to work.
* {@source 13 1}
*
* If any errors are found or text is outputted, then it will be captured to
* ensure that the success redirection will update the error redirection.
*
* @since 0.0.1
*
* @param string $plugin Plugin path to main plugin file with plugin data.
* @param string $redirect Optional. URL to redirect to.
* @param bool $network_wide Whether to enable the plugin for all sites in the
* network or just the current site. Multisite only. Default is false.
* @param bool $silent Prevent calling activation hooks. Optional, default is false.
* @return HQ_Error|null HQ_Error on invalid file or null on success.
*/
function activate_plugin($plugin, $redirect = '', $network_wide = false, $silent = false)
{
$plugin = plugin_basename(trim($plugin));
if (is_multisite() && ($network_wide || is_network_only_plugin($plugin))) {
$network_wide = true;
$current = get_site_option('active_sitewide_plugins', array());
$_GET['networkwide'] = 1;
// Back compat for plugins looking for this value.
} else {
$current = get_option('active_plugins', array());
}
$valid = validate_plugin($plugin);
if (is_hq_error($valid)) {
return $valid;
}
if ($network_wide && !isset($current[$plugin]) || !$network_wide && !in_array($plugin, $current)) {
if (!empty($redirect)) {
hq_redirect(add_query_arg('_error_nonce', hq_create_nonce('plugin-activation-error_' . $plugin), $redirect));
}
// we'll override this later if the plugin can be included without fatal error
ob_start();
hq_register_plugin_realpath(HQ_PLUGIN_DIR . '/' . $plugin);
$_hq_plugin_file = $plugin;
include_once HQ_PLUGIN_DIR . '/' . $plugin;
$plugin = $_hq_plugin_file;
// Avoid stomping of the $plugin variable in a plugin.
if (!$silent) {
/**
* Fires before a plugin is activated.
*
* If a plugin is silently activated (such as during an update),
* this hook does not fire.
*
* @since 0.0.1
*
* @param string $plugin Plugin path to main plugin file with plugin data.
* @param bool $network_wide Whether to enable the plugin for all sites in the network
* or just the current site. Multisite only. Default is false.
*/
do_action('activate_plugin', $plugin, $network_wide);
/**
* Fires as a specific plugin is being activated.
*
* This hook is the "activation" hook used internally by
* {@see register_activation_hook()}. The dynamic portion of the
* hook name, `$plugin`, refers to the plugin basename.
*
* If a plugin is silently activated (such as during an update),
* this hook does not fire.
*
* @since 0.0.1
*
* @param bool $network_wide Whether to enable the plugin for all sites in the network
* or just the current site. Multisite only. Default is false.
*/
do_action('activate_' . $plugin, $network_wide);
}
if ($network_wide) {
$current = get_site_option('active_sitewide_plugins', array());
$current[$plugin] = time();
update_site_option('active_sitewide_plugins', $current);
} else {
$current = get_option('active_plugins', array());
$current[] = $plugin;
sort($current);
update_option('active_plugins', $current);
}
if (!$silent) {
/**
* Fires after a plugin has been activated.
*
* If a plugin is silently activated (such as during an update),
* this hook does not fire.
*
* @since 0.0.1
*
* @param string $plugin Plugin path to main plugin file with plugin data.
* @param bool $network_wide Whether to enable the plugin for all sites in the network
* or just the current site. Multisite only. Default is false.
*/
do_action('activated_plugin', $plugin, $network_wide);
}
if (ob_get_length() > 0) {
$output = ob_get_clean();
return new HQ_Error('unexpected_output', __('The plugin generated unexpected output.'), $output);
}
ob_end_clean();
}
return null;
}
include HQ_PLUGIN_DIR . "/{$plugin_page}";
}
}
include ABSPATH . 'hq-admin/admin-footer.php';
exit;
} elseif (isset($_GET['import'])) {
$importer = $_GET['import'];
if (!current_user_can('import')) {
hq_die(__('You are not allowed to import.'));
}
if (validate_file($importer)) {
hq_redirect(admin_url('import.php?invalid=' . $importer));
exit;
}
if (!isset($hq_importers[$importer]) || !is_callable($hq_importers[$importer][2])) {
hq_redirect(admin_url('import.php?invalid=' . $importer));
exit;
}
/**
* Fires before an importer screen is loaded.
*
* The dynamic portion of the hook name, `$importer`, refers to the importer slug.
*
* @since 0.0.1
*/
do_action('load-importer-' . $importer);
$parent_file = 'tools.php';
$submenu_file = 'import.php';
$title = __('Import');
if (!isset($_GET['noheader'])) {
require_once ABSPATH . 'hq-admin/admin-header.php';
case 'register':
//TODO: Goyo no multisite
//if ( is_multisite() ) {
if (false) {
/**
* Filter the Multisite sign up URL.
*
* @since 3.0.0
*
* @param string $sign_up_url The sign up URL.
*/
hq_redirect(apply_filters('hq_signup_location', network_site_url('hq-signup.php')));
exit;
}
if (!get_option('users_can_register')) {
hq_redirect(site_url('hq-login.php?registration=disabled'));
exit;
}
$user_login = '';
$user_email = '';
if ($http_post) {
$user_login = $_POST['user_login'];
$user_email = $_POST['user_email'];
$errors = register_new_user($user_login, $user_email);
if (!is_hq_error($errors)) {
$redirect_to = !empty($_POST['redirect_to']) ? $_POST['redirect_to'] : 'hq-login.php?checkemail=registered';
hq_safe_redirect($redirect_to);
exit;
}
}
$registration_redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '';
