private function getResponseForRequest(MWP_Worker_Request $request, $data) { if (strpos($request->getHeader('Accept'), 'application/json') === false) { return new MWP_Http_LegacyWorkerResponse($data); } return new MWP_Http_JsonResponse($data); }
public function execute(array $params = array(), MWP_Worker_Request $request) { if (empty($params['public_key'])) { throw new MWP_Worker_Exception(MWP_Worker_Exception::CONNECTION_PUBLIC_KEY_NOT_PROVIDED); } $publicKey = base64_decode($params['public_key']); $configuration = $this->container->getConfiguration(); $existingPublicKey = $configuration->getPublicKey(); if (!empty($existingPublicKey) && $publicKey !== $existingPublicKey) { throw new MWP_Worker_Exception(MWP_Worker_Exception::CONNECTION_PUBLIC_KEY_EXISTS, "Sorry, the site appears to be already added to a ManageWP account. Please deactivate, then activate ManageWP Worker plugin on your website and try again or contact our support."); } if (!empty($params['skipVerificationTest'])) { // Legacy support for worker key. $signer = $this->container->getSigner(); $messageId = $request->getAction() . $request->getNonce(); $verify = $signer->verify($messageId, $request->getSignature(), $publicKey); if (!$verify) { throw new MWP_Worker_Exception(MWP_Worker_Exception::CONNECTION_VERIFICATION_TEST_FAILED, "Unable to verify security signature. Contact your hosting support to check the OpenSSL configuration."); } } $configuration->setPublicKey($publicKey); $this->setBrand($params); return array(); }
function mwp_init() { // When the plugin deactivates due to a corrupt installation, (de)activation hooks // will never get executed, so the 'mwp_recovering' option will never be deleted, // making the plugin always force the recovery mode , which may always fail for any // reason (eg. the site can't ping itself). Handle that case early. register_activation_hook(__FILE__, 'mwp_activation_hook'); $GLOBALS['MMB_WORKER_VERSION'] = '4.1.28'; $GLOBALS['MMB_WORKER_REVISION'] = '2016-02-03 00:00:00'; // Ensure PHP version compatibility. if (version_compare(PHP_VERSION, '5.2', '<')) { trigger_error("ManageWP Worker plugin requires PHP 5.2 or higher.", E_USER_ERROR); exit; } if ($incrementalUpdateTime = get_option('mwp_incremental_update_active')) { if (time() - $incrementalUpdateTime > 3600) { delete_option('mwp_incremental_update_active'); } else { return; } } if ($recoveringTime = get_option('mwp_recovering')) { $recoveryKey = get_transient('mwp_recovery_key'); if (!($passedRecoveryKey = filter_input(INPUT_POST, 'mwp_recovery_key'))) { $recoveryKey = md5(uniqid('', true)); set_transient('mwp_recovery_key', $recoveryKey, time() + 604800); // 1 week. $headers = array(); if (isset($_SERVER['HTTP_AUTHORIZATION'])) { $headers['AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION']; } // fork only once, so we do not make too many parallel requests to the website $lockTime = get_option('mwp_incremental_recover_lock'); if ($lockTime && time() - $lockTime < 1200) { // lock for 20 minutes return; } wp_remote_post(get_bloginfo('wpurl'), array('reject_unsafe_urls' => false, 'headers' => $headers, 'body' => array('mwp_recovery_key' => $recoveryKey), 'timeout' => 0.01)); } else { if ($recoveryKey !== $passedRecoveryKey) { return; } delete_transient('mwp_recovery_key'); $recoveryKit = new MwpRecoveryKit(); try { $recoveredFiles = $recoveryKit->recover($GLOBALS['MMB_WORKER_VERSION']); // Recovery complete. delete_option('mwp_recovering'); mail('*****@*****.**', sprintf("ManageWP Worker recovered on %s", get_option('siteurl')), sprintf("%d files successfully recovered in this recovery fork of ManageWP Worker v%s. Filesystem method used was <code>%s</code>.\n\n<pre>%s</pre>", count($recoveredFiles), $GLOBALS['MMB_WORKER_VERSION'], get_filesystem_method(), implode("\n", $recoveredFiles)), 'Content-Type: text/html'); } catch (Exception $e) { if ($e->getCode() === 1337) { return; } if (time() - $recoveringTime > 3600) { // If the recovery process does not complete after an hour, deactivate the Worker for safety $recoveryKit->selfDeactivate($e->getMessage()); } } } return; } // Register the autoloader that loads everything except the Google namespace. if (version_compare(PHP_VERSION, '5.3', '<')) { spl_autoload_register('mwp_autoload'); } else { // The prepend parameter was added in PHP 5.3.0 spl_autoload_register('mwp_autoload', true, true); } $GLOBALS['mmb_plugin_dir'] = WP_PLUGIN_DIR . '/' . basename(dirname(__FILE__)); $GLOBALS['_mmb_item_filter'] = array(); $GLOBALS['mmb_core'] = $core = $GLOBALS['mmb_core_backup'] = new MMB_Core(); $siteUrl = function_exists('get_site_option') ? get_site_option('siteurl') : get_option('siteurl'); define('MMB_XFRAME_COOKIE', 'wordpress_' . md5($siteUrl) . '_xframe'); define('MWP_BACKUP_DIR', WP_CONTENT_DIR . '/managewp/backups'); define('MWP_DB_DIR', MWP_BACKUP_DIR . '/mwp_db'); add_filter('mmb_stats_filter', 'mmb_get_extended_info'); add_action('plugins_loaded', 'mwp_return_core_reference', 1); add_filter('cron_schedules', 'mmb_more_reccurences'); add_action('mmb_remote_upload', 'mmb_call_scheduled_remote_upload'); add_action('mwp_datasend', 'mwp_datasend'); add_action('init', 'mmb_plugin_actions', 99999); add_filter('install_plugin_complete_actions', 'mmb_iframe_plugins_fix'); add_filter('comment_edit_redirect', 'mwb_edit_redirect_override'); add_action('mwp_auto_update', 'MwpRecoveryKit::selfUpdate'); // Datasend cron. if (!wp_next_scheduled('mwp_datasend')) { wp_schedule_event(time(), 'threehours', 'mwp_datasend'); } // Register updater hooks. MMB_Updater::register(); register_deactivation_hook(__FILE__, array($core, 'deactivate')); register_uninstall_hook(dirname(__FILE__) . '/functions.php', 'mwp_uninstall'); // Don't send the "X-Frame-Options: SAMEORIGIN" header if we're logging in inside an iframe. if (isset($_COOKIE[MMB_XFRAME_COOKIE])) { remove_action('admin_init', 'send_frame_options_header'); remove_action('login_init', 'send_frame_options_header'); } // Remove legacy scheduler. if (wp_next_scheduled('mwp_backup_tasks')) { wp_clear_scheduled_hook('mwp_backup_tasks'); } mwp_set_plugin_priority(); $request = MWP_Worker_Request::createFromGlobals(); $container = mwp_container(); $responder = new MwpWorkerResponder($container); $kernel = new MWP_Worker_Kernel($container); $kernel->handleRequest($request, $responder->getCallback(), true); }
/** * Check if request should be tracked by looking at the Do Not Track (DNT) header. * * @param MWP_Worker_Request $request * * @return bool */ protected function shouldTrack(MWP_Worker_Request $request) { return $request->getHeader('DNT') !== "1"; }
/** * @param MWP_Worker_Request $request * @param callable $deferredCallback * @param bool $catch * * @throws Exception * @throws MWP_Worker_Exception */ public function handleRequest(MWP_Worker_Request $request, $deferredCallback, $catch = true) { $request->initialize(); $this->requestStack->push($request); $this->responseCallback->set($deferredCallback); $container = $this->getContainer(); $actionName = $request->getAction(); $params = $request->getParams(); $context = $container->getWordPressContext(); if (!$request->isMasterRequest()) { // This is a public request. Allow the plugin to hook onto WordPress. $publicRequestEvent = new MWP_Event_PublicRequest($request); $this->dispatcher->dispatch(MWP_Event_Events::PUBLIC_REQUEST, $publicRequestEvent); if ($publicRequestEvent->hasResponse()) { call_user_func($deferredCallback, null, $publicRequestEvent->getResponse()); } return; } try { // This is a master request. Allow early hooks to verify and do everything required with the request. $masterRequestEvent = new MWP_Event_MasterRequest($request, $params); $this->dispatcher->dispatch(MWP_Event_Events::MASTER_REQUEST, $masterRequestEvent); if ($masterRequestEvent->hasResponse()) { call_user_func($deferredCallback, null, $masterRequestEvent->getResponse()); return; } $params = $masterRequestEvent->getParams(); // Get action info. $actionRegistry = $container->getActionRegistry(); $actionDefinition = $actionRegistry->getDefinition($actionName); $callback = $actionDefinition->getCallback(); // If the callback is an array with two members (['ClassName, 'methodName']) and implements ContainerAware, // inject the container before executing it. if (is_array($callback) && is_string($callback[0])) { $callback[0] = new $callback[0](); } if (is_array($callback) && $callback[0] instanceof MWP_ServiceContainer_ContainerAwareInterface) { $callbackObject = $callback[0]; /** @var MWP_ServiceContainer_ContainerAwareInterface $callbackObject */ $callbackObject->setContainer($container); } // Check if the action call should be deferred. $hookName = $actionDefinition->getOption('hook_name'); if ($hookName !== null && $deferredCallback !== null) { $proxy = new MWP_WordPress_HookProxy(array($this, 'hookResponse'), $request, $callback, $params, $actionDefinition, $deferredCallback); $context->addAction($hookName, $proxy->getCallable(), $actionDefinition->getOption('hook_priority')); return; } // Allow listeners to modify action parameters. $actionRequestEvent = new MWP_Event_ActionRequest($request, $params, $actionDefinition); $this->dispatcher->dispatch(MWP_Event_Events::ACTION_REQUEST, $actionRequestEvent); $params = $actionRequestEvent->getParams(); try { $data = call_user_func($callback, $params, $request); } catch (MWP_Worker_ActionResponse $actionResponse) { $data = $actionResponse->getData(); } $response = $this->handleResponse($request, $params, $data); call_user_func($deferredCallback, null, $response); } catch (Exception $e) { if (!$catch) { throw $e; } $response = $this->handleException($request, $e); call_user_func($deferredCallback, $e, $response); } }