Пример #1
0
 function admin_init()
 {
     add_action('core_upgrade_preamble', array($this, 'core_upgrade_preamble'));
     add_action('admin_action_upgrade-plugin', array($this, 'admin_action_upgrade_pluginortheme'));
     add_action('admin_action_upgrade-theme', array($this, 'admin_action_upgrade_pluginortheme'));
     add_action('admin_head', array($this, 'admin_head'));
     add_filter((is_multisite() ? 'network_admin_' : '') . 'plugin_action_links', array($this, 'plugin_action_links'), 10, 2);
     add_action('wp_ajax_updraft_download_backup', array($this, 'updraft_download_backup'));
     add_action('wp_ajax_updraft_ajax', array($this, 'updraft_ajax_handler'));
     add_action('wp_ajax_plupload_action', array($this, 'plupload_action'));
     add_action('wp_ajax_plupload_action2', array($this, 'plupload_action2'));
     global $updraftplus, $wp_version, $pagenow;
     add_filter('updraftplus_dirlist_others', array($updraftplus, 'backup_others_dirlist'));
     add_filter('updraftplus_dirlist_uploads', array($updraftplus, 'backup_uploads_dirlist'));
     // First, the checks that are on all (admin) pages:
     $service = UpdraftPlus_Options::get_updraft_option('updraft_service');
     if (UpdraftPlus_Options::user_can_manage() && ('googledrive' === $service || is_array($service) && in_array('googledrive', $service)) && UpdraftPlus_Options::get_updraft_option('updraft_googledrive_clientid', '') != '' && UpdraftPlus_Options::get_updraft_option('updraft_googledrive_token', '') == '') {
         add_action('all_admin_notices', array($this, 'show_admin_warning_googledrive'));
     }
     if (UpdraftPlus_Options::user_can_manage() && ('dropbox' === $service || is_array($service) && in_array('dropbox', $service)) && UpdraftPlus_Options::get_updraft_option('updraft_dropboxtk_request_token', '') == '') {
         add_action('all_admin_notices', array($this, 'show_admin_warning_dropbox'));
     }
     if (UpdraftPlus_Options::user_can_manage() && $this->disk_space_check(1024 * 1024 * 35) === false) {
         add_action('all_admin_notices', array($this, 'show_admin_warning_diskspace'));
     }
     // Next, the actions that only come on the UpdraftPlus page
     if ($pagenow != UpdraftPlus_Options::admin_page() || empty($_REQUEST['page']) || 'updraftplus' != $_REQUEST['page']) {
         return;
     }
     if (UpdraftPlus_Options::user_can_manage() && defined('DISABLE_WP_CRON') && DISABLE_WP_CRON == true) {
         add_action('all_admin_notices', array($this, 'show_admin_warning_disabledcron'));
     }
     if (UpdraftPlus_Options::get_updraft_option('updraft_debug_mode')) {
         @ini_set('display_errors', 1);
         @error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
         add_action('all_admin_notices', array($this, 'show_admin_debug_warning'));
     }
     # Avoid false positives, by attempting to raise the limit (as happens when we actually do a backup)
     @set_time_limit(900);
     $max_execution_time = (int) @ini_get('max_execution_time');
     if ($max_execution_time > 0 && $max_execution_time < 20) {
         add_action('all_admin_notices', array($this, 'show_admin_warning_execution_time'));
     }
     // LiteSpeed has a generic problem with terminating cron jobs
     if (isset($_SERVER['SERVER_SOFTWARE']) && strpos($_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') !== false) {
         if (!is_file(ABSPATH . '.htaccess') || !preg_match('/noabort/i', file_get_contents(ABSPATH . '.htaccess'))) {
             add_action('all_admin_notices', array($this, 'show_admin_warning_litespeed'));
         }
     }
     if (version_compare($wp_version, '3.2', '<')) {
         add_action('all_admin_notices', array($this, 'show_admin_warning_wordpressversion'));
     }
     wp_enqueue_script('updraftplus-admin-ui', UPDRAFTPLUS_URL . '/includes/updraft-admin-ui.js', array('jquery', 'jquery-ui-dialog', 'plupload-all'), '31');
     wp_localize_script('updraftplus-admin-ui', 'updraftlion', array('sendonlyonwarnings' => __('Send a report only when there are warnings/errors', 'updraftplus'), 'wholebackup' => __('When the Email storage method is enabled, also send the entire backup', 'updraftplus'), 'emailsizelimits' => esc_attr(sprintf(__('Be aware that mail servers tend to have size limits; typically around %s Mb; backups larger than any limits will likely not arrive.', 'updraftplus'), '10-20')), 'rescanning' => __('Rescanning (looking for backups that you have uploaded manually into the internal backup store)...', 'updraftplus'), 'enteremailhere' => esc_attr(__('To send to more than one address, separate each address with a comma.', 'updraftplus')), 'excludedeverything' => __('If you exclude both the database and the files, then you have excluded everything!', 'updraftplus'), 'restoreproceeding' => __('The restore operation has begun. Do not press stop or close your browser until it reports itself as having finished.', 'updraftplus'), 'unexpectedresponse' => __('Unexpected response:', 'updraftplus'), 'servererrorcode' => __('The web server returned an error code (try again, or check your web server logs)', 'updraftplus'), 'newuserpass' => __("The new user's RackSpace console password is (this will not be shown again):", 'updraftplus'), 'trying' => __('Trying...', 'updraftplus'), 'calculating' => __('calculating...', 'updraftplus'), 'begunlooking' => __('Begun looking for this entity', 'updraftplus'), 'stilldownloading' => __('Some files are still downloading or being processed - please wait.', 'updraftplus'), 'processing' => __('Processing files - please wait...', 'updraftplus'), 'emptyresponse' => __('Error: the server sent an empty response.', 'updraftplus'), 'warnings' => __('Warnings:', 'updraftplus'), 'errors' => __('Errors:', 'updraftplus'), 'jsonnotunderstood' => __('Error: the server sent us a response (JSON) which we did not understand.', 'updraftplus'), 'error' => __('Error:', 'updraftplus'), 'fileready' => __('File ready.', 'updraftplus'), 'youshould' => __('You should:', 'updraftplus'), 'deletefromserver' => __('Delete from your web server', 'updraftplus'), 'downloadtocomputer' => __('Download to your computer', 'updraftplus'), 'andthen' => __('and then, if you wish,', 'updraftplus'), 'notunderstood' => __('Download error: the server sent us a response which we did not understand.', 'updraftplus'), 'requeststart' => __('Requesting start of backup...', 'updraftplus'), 'phpinfo' => __('PHP information', 'updraftplus'), 'delete_old_dirs' => __('Delete Old Directories', 'updraftplus'), 'raw' => __('Raw backup history', 'updraftplus'), 'notarchive' => __('This file does not appear to be an UpdraftPlus backup archive (such files are .zip or .gz files which have a name like: backup_(time)_(site name)_(code)_(type).(zip|gz)). However, UpdraftPlus archives are standard zip/SQL files - so if you are sure that your file has the right format, then you can rename it to match that pattern.', 'updraftplus'), 'makesure' => __('(make sure that you were trying to upload a zip file previously created by UpdraftPlus)', 'updraftplus'), 'uploaderror' => __('Upload error:', 'updraftplus'), 'notdba' => __('This file does not appear to be an UpdraftPlus encrypted database archive (such files are .gz.crypt files which have a name like: backup_(time)_(site name)_(code)_db.crypt.gz).', 'updraftplus'), 'uploaderr' => __('Upload error', 'updraftplus'), 'followlink' => __('Follow this link to attempt decryption and download the database file to your computer.', 'updraftplus'), 'thiskey' => __('This decryption key will be attempted:', 'updraftplus'), 'unknownresp' => __('Unknown server response:', 'updraftplus'), 'ukrespstatus' => __('Unknown server response status:', 'updraftplus'), 'uploaded' => __('The file was uploaded.', 'updraftplus'), 'backupnow' => __('Backup Now', 'updraftplus'), 'cancel' => __('Cancel', 'updraftplus'), 'deletebutton' => __('Delete', 'updraftplus'), 'createbutton' => __('Create', 'updraftplus'), 'close' => __('Close', 'updraftplus'), 'restore' => __('Restore', 'updraftplus')));
 }
Пример #2
0
 function admin_init()
 {
     add_action('admin_head', array($this, 'admin_head'));
     add_filter('plugin_action_links', array($this, 'plugin_action_links'), 10, 2);
     add_action('wp_ajax_updraft_download_backup', array($this, 'updraft_download_backup'));
     add_action('wp_ajax_updraft_ajax', array($this, 'updraft_ajax_handler'));
     add_action('wp_ajax_plupload_action', array($this, 'plupload_action'));
     add_action('wp_ajax_plupload_action2', array($this, 'plupload_action2'));
     global $updraftplus, $wp_version, $pagenow;
     add_filter('updraftplus_dirlist_others', array($updraftplus, 'backup_others_dirlist'));
     // First, the checks that are on all (admin) pages:
     if (UpdraftPlus_Options::user_can_manage() && UpdraftPlus_Options::get_updraft_option('updraft_service') == "googledrive" && UpdraftPlus_Options::get_updraft_option('updraft_googledrive_clientid', '') != '' && UpdraftPlus_Options::get_updraft_option('updraft_googledrive_token', '') == '') {
         add_action('admin_notices', array($this, 'show_admin_warning_googledrive'));
     }
     if (UpdraftPlus_Options::user_can_manage() && UpdraftPlus_Options::get_updraft_option('updraft_service') == "dropbox" && UpdraftPlus_Options::get_updraft_option('updraft_dropboxtk_request_token', '') == '') {
         add_action('admin_notices', array($this, 'show_admin_warning_dropbox'));
     }
     if (UpdraftPlus_Options::user_can_manage() && $this->disk_space_check(1024 * 1024 * 35) === false) {
         add_action('admin_notices', array($this, 'show_admin_warning_diskspace'));
     }
     // Next, the actions that only come on settings pages
     // if ($pagenow != 'options-general.php') return;
     // Next, the actions that only come on the UpdraftPlus page
     if ($pagenow != 'options-general.php' || !isset($_REQUEST['page']) || 'updraftplus' != $_REQUEST['page']) {
         return;
     }
     if (UpdraftPlus_Options::get_updraft_option('updraft_debug_mode')) {
         @ini_set('display_errors', 1);
         @error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
         add_action('admin_notices', array($this, 'show_admin_debug_warning'));
     }
     // W3 Total Cache's object cache eats transients during cron jobs. Reported to them many times by multiple people.
     if (defined('W3TC') && W3TC == true) {
         if (function_exists('w3_instance')) {
             $modules = w3_instance('W3_ModuleStatus');
             if ($modules->is_enabled('objectcache')) {
                 add_action('admin_notices', array($this, 'show_admin_warning_w3_total_cache'));
             }
         }
     }
     // LiteSpeed has a generic problem with terminating cron jobs
     if (isset($_SERVER['SERVER_SOFTWARE']) && strpos($_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') !== false) {
         if (!is_file(ABSPATH . '.htaccess') || !preg_match('/noabort/i', file_get_contents(ABSPATH . '.htaccess'))) {
             add_action('admin_notices', array($this, 'show_admin_warning_litespeed'));
         }
     }
     if (version_compare($wp_version, '3.2', '<')) {
         add_action('admin_notices', array($this, 'show_admin_warning_wordpressversion'));
     }
     wp_enqueue_script('jquery');
     wp_enqueue_script('jquery-ui-dialog');
     wp_enqueue_script('plupload-all');
     wp_register_script('updraftplus-plupload', UPDRAFTPLUS_URL . '/includes/ud-plupload.js', array('jquery'));
     wp_enqueue_script('updraftplus-plupload');
 }
Пример #3
0
 public function handle_url_actions()
 {
     // First, basic security check: must be an admin page, with ability to manage options, with the right parameters
     // Also, only on GET because WordPress on the options page repeats parameters sometimes when POST-ing via the _wp_referer field
     if (isset($_SERVER['REQUEST_METHOD']) && 'GET' == $_SERVER['REQUEST_METHOD'] && isset($_GET['action'])) {
         if (preg_match("/^updraftmethod-([a-z]+)-([a-z]+)\$/", $_GET['action'], $matches) && file_exists(UPDRAFTPLUS_DIR . '/methods/' . $matches[1] . '.php') && UpdraftPlus_Options::user_can_manage()) {
             $_GET['page'] = 'updraftplus';
             $_REQUEST['page'] = 'updraftplus';
             $method = $matches[1];
             require_once UPDRAFTPLUS_DIR . '/methods/' . $method . '.php';
             $call_class = "UpdraftPlus_BackupModule_" . $method;
             $call_method = "action_" . $matches[2];
             $backup_obj = new $call_class();
             add_action('http_request_args', array($this, 'modify_http_options'));
             try {
                 if (method_exists($backup_obj, $call_method)) {
                     call_user_func(array($backup_obj, $call_method));
                 } elseif (method_exists($backup_obj, 'action_handler')) {
                     call_user_func(array($backup_obj, 'action_handler'), $matches[2]);
                 }
             } catch (Exception $e) {
                 $this->log(sprintf(__("%s error: %s", 'updraftplus'), $method, $e->getMessage() . ' (' . $e->getCode() . ')', 'error'));
             }
             remove_action('http_request_args', array($this, 'modify_http_options'));
         } elseif (isset($_GET['page']) && $_GET['page'] == 'updraftplus' && $_GET['action'] == 'downloadlog' && isset($_GET['updraftplus_backup_nonce']) && preg_match("/^[0-9a-f]{12}\$/", $_GET['updraftplus_backup_nonce']) && UpdraftPlus_Options::user_can_manage()) {
             // No WordPress nonce is needed here or for the next, since the backup is already nonce-based
             $updraft_dir = $this->backups_dir_location();
             $log_file = $updraft_dir . '/log.' . $_GET['updraftplus_backup_nonce'] . '.txt';
             if (is_readable($log_file)) {
                 header('Content-type: text/plain');
                 if (!empty($_GET['force_download'])) {
                     header('Content-Disposition: attachment; filename="' . basename($log_file) . '"');
                 }
                 readfile($log_file);
                 exit;
             } else {
                 add_action('all_admin_notices', array($this, 'show_admin_warning_unreadablelog'));
             }
         } elseif (isset($_GET['page']) && $_GET['page'] == 'updraftplus' && $_GET['action'] == 'downloadfile' && isset($_GET['updraftplus_file']) && preg_match('/^backup_([\\-0-9]{15})_.*_([0-9a-f]{12})-db([0-9]+)?+\\.(gz\\.crypt)$/i', $_GET['updraftplus_file']) && UpdraftPlus_Options::user_can_manage()) {
             $updraft_dir = $this->backups_dir_location();
             $spool_file = $updraft_dir . '/' . basename($_GET['updraftplus_file']);
             if (is_readable($spool_file)) {
                 $dkey = isset($_GET['decrypt_key']) ? $_GET['decrypt_key'] : "";
                 $this->spool_file('db', $spool_file, $dkey);
                 exit;
             } else {
                 add_action('all_admin_notices', array($this, 'show_admin_warning_unreadablefile'));
             }
         }
     }
 }
Пример #4
0
 public function updraft_ajax_savesettings()
 {
     global $updraftplus;
     if (empty($_POST) || empty($_POST['subaction']) || 'savesettings' != $_POST['subaction'] || !isset($_POST['nonce']) || !is_user_logged_in() || !UpdraftPlus_Options::user_can_manage() || !wp_verify_nonce($_POST['nonce'], 'updraftplus-settings-nonce')) {
         die('Security check');
     }
     if (empty($_POST['settings']) || !is_string($_POST['settings'])) {
         die('Invalid data');
     }
     parse_str($_POST['settings'], $posted_settings);
     // We now have $posted_settings as an array
     echo json_encode($this->save_settings($posted_settings));
     die;
 }
Пример #5
0
 public function plupload_action2()
 {
     @set_time_limit(900);
     global $updraftplus;
     if (!UpdraftPlus_Options::user_can_manage()) {
         exit;
     }
     check_ajax_referer('updraft-uploader');
     $updraft_dir = $updraftplus->backups_dir_location();
     if (!is_writable($updraft_dir)) {
         exit;
     }
     add_filter('upload_dir', array($this, 'upload_dir'));
     add_filter('sanitize_file_name', array($this, 'sanitize_file_name'));
     // handle file upload
     $farray = array('test_form' => true, 'action' => 'plupload_action2');
     $farray['test_type'] = false;
     $farray['ext'] = 'crypt';
     $farray['type'] = 'application/octet-stream';
     if (isset($_POST['chunks'])) {
         // 			$farray['ext'] = 'zip';
         // 			$farray['type'] = 'application/zip';
     } else {
         $farray['unique_filename_callback'] = array($this, 'unique_filename_callback');
     }
     $status = wp_handle_upload($_FILES['async-upload'], $farray);
     remove_filter('upload_dir', array($this, 'upload_dir'));
     remove_filter('sanitize_file_name', array($this, 'sanitize_file_name'));
     if (isset($status['error'])) {
         echo 'ERROR:' . $status['error'];
         exit;
     }
     // If this was the chunk, then we should instead be concatenating onto the final file
     if (isset($_POST['chunks']) && isset($_POST['chunk']) && preg_match('/^[0-9]+$/', $_POST['chunk'])) {
         $final_file = basename($_POST['name']);
         rename($status['file'], $updraft_dir . '/' . $final_file . '.' . $_POST['chunk'] . '.zip.tmp');
         $status['file'] = $updraft_dir . '/' . $final_file . '.' . $_POST['chunk'] . '.zip.tmp';
         // Final chunk? If so, then stich it all back together
         if ($_POST['chunk'] == $_POST['chunks'] - 1) {
             if ($wh = fopen($updraft_dir . '/' . $final_file, 'wb')) {
                 for ($i = 0; $i < $_POST['chunks']; $i++) {
                     $rf = $updraft_dir . '/' . $final_file . '.' . $i . '.zip.tmp';
                     if ($rh = fopen($rf, 'rb')) {
                         while ($line = fread($rh, 32768)) {
                             fwrite($wh, $line);
                         }
                         fclose($rh);
                         @unlink($rf);
                     }
                 }
                 fclose($wh);
                 $status['file'] = $updraft_dir . '/' . $final_file;
             }
         }
     }
     if (!isset($_POST['chunks']) || isset($_POST['chunk']) && $_POST['chunk'] == $_POST['chunks'] - 1) {
         $file = basename($status['file']);
         if (!preg_match('/^backup_([\\-0-9]{15})_.*_([0-9a-f]{12})-db([0-9]+)?\\.(gz\\.crypt)$/i', $file)) {
             @unlink($status['file']);
             echo 'ERROR:' . __('Bad filename format - this does not look like an encrypted database file created by UpdraftPlus', 'updraftplus');
             exit;
         }
     }
     // send the uploaded file url in response
     // 		echo 'OK:'.$status['url'];
     echo 'OK:' . $file;
     exit;
 }
Пример #6
0
    public function options_printpage()
    {
        if (!UpdraftPlus_Options::user_can_manage()) {
            wp_die(__('You do not have sufficient permissions to access this page.'));
        }
        $options = $this->options->get_option(UDADDONS2_SLUG . '_options');
        $user_and_pass_at_top = empty($options['email']) ? true : false;
        $title = htmlspecialchars($this->title);
        $mother = $this->mother;
        echo <<<ENDHERE
\t<div class="wrap">
\t\t
ENDHERE;
        $enter_credentials_begin = UpdraftPlus_Options::options_form_begin('', false);
        if (is_multisite()) {
            $enter_credentials_begin .= '<input type="hidden" name="action" value="update">';
        }
        $interested = htmlspecialchars(__('Interested in knowing about your UpdraftPlus.Com password security? Read about it here.', 'updraftplus'));
        $connect = htmlspecialchars(__('Connect', 'updraftplus'));
        $enter_credentials_end = <<<ENDHERE
\t\t\t<p style="margin-left: 258px;">
\t\t\t\t<input id="ud_connectsubmit" type="submit" class="button-primary" value="{$connect}" />
\t\t\t</p>
\t\t\t<p style="margin-left: 258px; font-size: 70%"><em><a href="http://updraftplus.com/faqs/tell-me-about-my-updraftplus-com-account/">{$interested}</a></em></p>
\t\t</form>
ENDHERE;
        global $updraftplus_addons2;
        // 		$this->connected = (!empty($options['email']) && !empty($options['password'])) ? $updraftplus_addons2->connection_status() : false;
        $this->connected = !empty($options['email']) ? $updraftplus_addons2->connection_status() : false;
        if (true !== $this->connected) {
            if (is_wp_error($this->connected)) {
                $connection_errors = array();
                foreach ($this->connected->get_error_messages() as $key => $msg) {
                    $connection_errors[] = $msg;
                }
            } else {
                if (!empty($options['email']) && !empty($options['password'])) {
                    $connection_errors = array(__('An unknown error occurred when trying to connect to UpdraftPlus.Com', 'updraftplus'));
                }
            }
            $this->connected = false;
        }
        if ($this->connected) {
            echo '<p style="clear: both; float: left;">' . __('You are presently <strong>connected</strong> to an UpdraftPlus.Com account.', 'updraftplus');
            echo ' <a href="#" onclick="jQuery(\'#ud_connectsubmit\').click();">' . __('If you bought new add-ons, then follow this link to refresh your connection', 'updraftplus') . '</a>.';
            if (!empty($options['password'])) {
                echo ' ' . __("Note that after you have claimed your add-ons, you can remove your password (but not the email address) from the settings below, without affecting this site's access to updates.", 'updraftplus');
            }
        } else {
            // 			$oval = is_object($this->plug_updatechecker) ? get_site_option($this->plug_updatechecker->optionName, null) : null;
            // 			// Detect the case where the password has been removed
            // 			if (is_object($oval) && !empty($oval->lastCheck) && time()-$oval->lastCheck < 86400*8) {
            // 			} else {
            echo "<p>" . __('You are presently <strong>not connected</strong> to an UpdraftPlus.Com account.', 'updraftplus');
            // 			}
        }
        echo '</p>';
        if (isset($connection_errors)) {
            echo '<div class="error"><p><strong>' . __('Errors occurred when trying to connect to UpdraftPlus.Com:', 'updraftplus') . '</strong></p><ul>';
            foreach ($connection_errors as $err) {
                echo '<li style="list-style:disc inside;">' . $err . '</li>';
            }
            echo '</ul></div>';
        }
        global $updraftplus_addons2;
        $sid = $updraftplus_addons2->siteid();
        $home_url = home_url();
        // Enumerate possible unclaimed/re-claimable purchases, and what should be active on this site
        $unclaimed_available = array();
        $assigned = array();
        $have_all = false;
        if ($this->connected && isset($updraftplus_addons2->user_addons) && is_array($updraftplus_addons2->user_addons)) {
            foreach ($updraftplus_addons2->user_addons as $akey => $addon) {
                // Keys: site, sitedescription, key, status
                if (isset($addon['status']) && 'active' == $addon['status'] && isset($addon['site']) && ('unclaimed' == $addon['site'] || 'unlimited' == $addon['site'])) {
                    $key = $addon['key'];
                    $unclaimed_available[$key] = array('eid' => $akey, 'status' => 'available');
                } elseif (isset($addon['status']) && 'active' == $addon['status'] && isset($addon['site']) && $addon['site'] == $sid) {
                    $key = $addon['key'];
                    $assigned[$key] = $akey;
                    if ('all' == $key) {
                        $have_all = true;
                    }
                } elseif (isset($addon['sitedescription']) && ($home_url === $addon['sitedescription'] || 0 === strpos($addon['sitedescription'], $home_url . ' - '))) {
                    # Is assigned to a site with the same URL as this one - allow a reclaim
                    $key = $addon['key'];
                    $unclaimed_available[$key] = array('eid' => $akey, 'status' => 'reclaimable');
                }
            }
        }
        if (!$this->connected) {
            $this->show_credentials_form($enter_credentials_begin, $enter_credentials_end);
        }
        $email = isset($options['email']) ? $options['email'] : '';
        $pass = isset($options['password']) ? base64_encode($options['password']) : '';
        $sn = base64_encode(get_bloginfo('name'));
        $su = base64_encode($home_url);
        $ourpageslug = UDADDONS2_PAGESLUG;
        $mother = $this->mother;
        //$href = (is_multisite()) ? 'settings.php' : 'options-general.php';
        $href = UpdraftPlus_Options::admin_page_url();
        if (count($unclaimed_available) > 0) {
            $nonce = wp_create_nonce('udmanager-nonce');
            $pleasewait = htmlspecialchars(__('Please wait whilst we make the claim...', 'updraftplus'));
            $notgranted = esc_js(__('Claim not granted - perhaps you have already used this purchase somewhere else?', 'updraftplus'));
            $notgrantedlogin = esc_js(__('Claim not granted - your account login details were wrong', 'updraftplus'));
            $ukresponse = esc_js(__('An unknown response was received. Response was:', 'updraftplus'));
            echo <<<ENDHERE
\t\t<div id="udm_pleasewait" class="updated" style="border: 1px solid; padding: 10px; margin-top: 10px; margin-bottom: 10px; clear: both; float: left; display:none;"><strong>{$pleasewait}</strong></div>
\t\t<script type="text/javascript">
\t\t\tfunction udm_claim(key) {
\t\t\t\tvar data = {
\t\t\t\t\t\taction: 'udaddons_claimaddon',
\t\t\t\t\t\tnonce: '{$nonce}',
\t\t\t\t\t\tkey: key
\t\t\t\t};
\t\t\t\tjQuery('#udm_pleasewait').fadeIn();
\t\t\t\tjQuery.post(ajaxurl, data, function(response) {
\t\t\t\t\tif ('ERR' == response) {
\t\t\t\t\t\talert("{$notgranted}");
\t\t\t\t\t} else if (response == 'OK') {
\t\t\t\t\t\twindow.location.href = '{$href}?page={$ourpageslug}&udm_refresh=1&udm_clearcred=1&tab=addons';
\t\t\t\t\t} else if (response == 'BADAUTH') {
\t\t\t\t\t\talert("{$notgrantedlogin}");
\t\t\t\t\t} else {
\t\t\t\t\t\talert("{$ukresponse} "+response);
\t\t\t\t\t}
\t\t\t\t\tjQuery('#udm_pleasewait').fadeOut();
\t\t\t\t});
\t\t\t}
\t\t</script>
ENDHERE;
        }
        $this->update_js = '';
        echo '<h3 style="clear:left; margin-top: 10px;">' . __('UpdraftPlus Addons', 'updraftplus') . '</h3><div>';
        $addons = $updraftplus_addons2->get_available_addons();
        $this->plugin_update_url = 'update-core.php';
        # Can we get a direct update URL?
        $updates_available = get_site_transient('update_plugins');
        if (is_object($updates_available) && isset($updates_available->response) && isset($updraftplus_addons2->plug_updatechecker) && isset($updraftplus_addons2->plug_updatechecker->pluginFile) && isset($updates_available->response[$updraftplus_addons2->plug_updatechecker->pluginFile])) {
            $file = $updraftplus_addons2->plug_updatechecker->pluginFile;
            $this->plugin_update_url = wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&updraftplus_noautobackup=1&plugin=') . $file, 'upgrade-plugin_' . $file);
            $this->update_js = '<script>jQuery(document).ready(function() { jQuery(\'#updraftaddons_updatewarning\').html(\'' . __('An update containing your addons is available for UpdraftPlus - please follow this link to get it.', 'updraftplus') . '\') });</script>';
        }
        $first = '';
        $second = '';
        $third = '';
        if (is_array($addons)) {
            foreach ($addons as $key => $addon) {
                extract($addon);
                if (empty($addon['latestversion'])) {
                    $latestversion = false;
                }
                if (empty($addon['installedversion'])) {
                    $installedversion = false;
                }
                if (empty($addon['installed']) && $installedversion == false) {
                    $installed = false;
                }
                $unclaimed = isset($unclaimed_available[$key]) ? $unclaimed_available[$key] : false;
                $is_assigned = isset($assigned[$key]) ? $assigned[$key] : false;
                $box = $this->addonbox($key, $name, $shopurl, $description, trim($installedversion), trim($latestversion), $installed, $unclaimed, $is_assigned, $have_all);
                if ($is_assigned) {
                    $first .= $box;
                } elseif (!empty($unclaimed)) {
                    $second .= $box;
                } else {
                    $third .= $box;
                }
            }
        } else {
            echo "<em>" . __('An error occurred when trying to retrieve your add-ons.', 'updraftplus') . "</em>";
        }
        echo $first . $second . $third;
        echo <<<ENDHERE
\t\t</div>
ENDHERE;
        echo $this->update_js;
        // TODO: Show their support package, if any - ?
        if (is_array($updraftplus_addons2->user_support)) {
            // Keys:
        }
        echo '<h3>' . __('UpdraftPlus Support', 'updraftplus') . '</h3>
<ul>
<li style="list-style:disc inside;">' . __('Need to get support?', 'updraftplus') . ' <a href="' . $mother . '/support/">' . __('Go here', 'updraftplus') . "</a>.</li>\n</ul>";
        if ($this->connected) {
            echo "<hr>";
            $this->show_credentials_form($enter_credentials_begin, $enter_credentials_end);
        }
        echo '</div>';
    }
Пример #7
0
 public function admin_menu()
 {
     global $pagenow;
     # Do we want to display a notice about the upcoming or past expiry of their UpdraftPlus subscription?
     if (!empty($this->plug_updatechecker) && !empty($this->plug_updatechecker->optionName) && current_user_can('update_plugins')) {
         #(!is_multisite() && 'options-general.php' == $pagenow) || (is_multisite() && 'settings.php' == $pagenow) ||
         if ('plugins.php' == $pagenow || 'update-core.php' == $pagenow || ('options-general.php' == $pagenow || 'admin.php' == $pagenow) && !empty($_REQUEST['page']) && 'updraftplus' == $_REQUEST['page']) {
             $do_expiry_check = true;
             $dismiss = '';
         } elseif (is_admin()) {
             $dismissed_until = UpdraftPlus_Options::get_updraft_option('updraftplus_dismissedexpiry', 0);
             if ($dismissed_until <= time()) {
                 $do_expiry_check = true;
                 $dismiss = '<div style="float:right; position: relative; top:-24px;" class="ud-expiry-dismiss"><a href="#" onclick="jQuery(\'.ud-expiry-dismiss\').parent().slideUp(); jQuery.post(ajaxurl, {action: \'updraft_ajax\', subaction: \'dismissexpiry\', nonce: \'' . wp_create_nonce('updraftplus-credentialtest-nonce') . '\' });">' . sprintf(__('Dismiss from main dashboard (for %s weeks)', 'updraftplus'), 2) . '</a></div>';
             }
         }
     }
     $oval = is_object($this->plug_updatechecker) ? get_site_option($this->plug_updatechecker->optionName, null) : null;
     $updateskey = 'x-spm-expiry';
     $supportkey = 'x-spm-support-expiry';
     $yourversionkey = 'x-spm-yourversion-tested';
     if (is_object($oval) && !empty($oval->update) && is_object($oval->update) && !empty($oval->update->{$yourversionkey}) && UpdraftPlus_Options::user_can_manage() && (!defined('UPDRAFTPLUS_DISABLECOMPATNOTICE') || true != UPDRAFTPLUS_DISABLECOMPATNOTICE)) {
         // Prevent false-positives
         if (file_exists(UPDRAFTPLUS_DIR . '/readme.txt') && ($fp = fopen(UPDRAFTPLUS_DIR . '/readme.txt', 'r'))) {
             $file_data = fread($fp, 1024);
             if (preg_match("/^Tested up to: (\\d+\\.\\d+).*(\r|\n)/", $file_data, $matches)) {
                 $readme_says = $matches[1];
             }
             fclose($fp);
         }
         global $wp_version;
         include ABSPATH . WPINC . '/version.php';
         $compare_wp_version = preg_match('/^(\\d+\\.\\d+)\\..*$/', $wp_version, $wmatches) ? $wmatches[1] : $wp_version;
         $compare_tested_version = $oval->update->{$yourversionkey};
         if (!empty($readme_says) && version_compare($readme_says, $compare_tested_version, '>')) {
             $compare_tested_version = $readme_says;
         }
         #$compare_tested_version = (preg_match('/^(\d+\.\d+)\.*$/', $oval->update->$yourversionkey, $wmatches)) ? $wmatches[1] : $oval->update->$yourversionkey;
         if (version_compare($compare_wp_version, $compare_tested_version, '>')) {
             $this->admin_notices['yourversiontested'] = '<strong>' . __('Warning', 'updraftplus') . ':</strong> ' . sprintf(__('The installed version of UpdraftPlus Backup/Restore has not been tested on your version of WordPress (%s).', 'updraftplus'), $wp_version) . ' ' . sprintf(__('It has been tested up to version %s.', 'updraftplus'), $compare_tested_version) . ' <a href="https://updraftplus.com/seeing-warning-versions-wordpress-updraftplus-tested/">' . __('You should update UpdraftPlus to make sure that you have a version that has been tested for compatibility.', 'updraftplus') . '</a>';
         }
     }
     if (!empty($do_expiry_check) && is_object($oval) && !empty($oval->update) && is_object($oval->update) && !empty($oval->update->{$updateskey})) {
         if (preg_match('/(^|)expired_?(\\d+)?(,|$)/', $oval->update->{$updateskey}, $matches)) {
             if (empty($matches[2])) {
                 $this->admin_notices['updatesexpired'] = __('Your paid access to UpdraftPlus updates for this site has expired. You will no longer receive updates to UpdraftPlus.', 'updraftplus') . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To regain access to updates (including future features and compatibility with future WordPress releases) and support, please renew.', 'updraftplus') . '</a>' . $dismiss;
             } else {
                 $this->admin_notices['updatesexpired'] = sprintf(__('Your paid access to UpdraftPlus updates for %s add-ons on this site has expired.', 'updraftplus'), $matches[2]) . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To regain access to updates (including future features and compatibility with future WordPress releases) and support, please renew.', 'updraftplus') . '</a>' . $dismiss;
             }
         }
         if (preg_match('/(^|,)soonpartial_(\\d+)_(\\d+)($|,)/', $oval->update->{$updateskey}, $matches)) {
             $this->admin_notices['updatesexpiringsoon'] = sprintf(__('Your paid access to UpdraftPlus updates for %s of the %s add-ons on this site will soon expire.', 'updraftplus'), $matches[2], $matches[3]) . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To retain your access, and maintain access to updates (including future features and compatibility with future WordPress releases) and support, please renew.', 'updraftplus') . '</a>' . $dismiss;
         } elseif (preg_match('/(^|,)soon($|,)/', $oval->update->{$updateskey})) {
             $this->admin_notices['updatesexpiringsoon'] = __('Your paid access to UpdraftPlus updates for this site will soon expire.', 'updraftplus') . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To retain your access, and maintain access to updates (including future features and compatibility with future WordPress releases) and support, please renew.', 'updraftplus') . '</a>' . $dismiss;
         }
     } elseif (!empty($do_expiry_check) && is_object($oval) && !empty($oval->update) && is_object($oval->update) && !empty($oval->update->{$supportkey})) {
         if ('expired' == $oval->update->{$supportkey}) {
             $this->admin_notices['supportexpired'] = __('Your paid access to UpdraftPlus support has expired.', 'updraftplus') . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To regain your access, please renew.', 'updraftplus') . '</a>' . $dismiss;
         } elseif ('soon' == $oval->update->{$supportkey}) {
             $this->admin_notices['supportsoonexpiring'] = __('Your paid access to UpdraftPlus support will soon expire.', 'updraftplus') . ' <a href="https://updraftplus.com/renewing-updraftplus-purchase/">' . __('To maintain your access to support, please renew.', 'updraftplus') . '</a>' . $dismiss;
         }
     }
     add_action('all_admin_notices', array($this, 'admin_notices'));
     if (!function_exists('is_plugin_active')) {
         require_once ABSPATH . 'wp-admin/includes/plugin.php';
     }
     if (is_plugin_active('updraftplus-addons/updraftplus-addons.php')) {
         deactivate_plugins('updraftplus-addons/updraftplus-addons.php');
         if (('options-general.php' == $pagenow || 'settings.php' == $pagenow) && !empty($_REQUEST['page']) && 'updraftplus-addons' == $_REQUEST['page']) {
             wp_redirect($this->addons_admin_url());
             exit;
         }
         // Do nothing more this time to avoid duplication
         return;
     } elseif (is_dir(WP_PLUGIN_DIR . '/updraftplus-addons') && current_user_can('delete_plugins')) {
         # Exists, but not active - nag them
         if (!is_multisite() && 'options-general.php' == $pagenow || is_multisite() && 'settings.php' == $pagenow || 'plugins.php' == $pagenow) {
             add_action('all_admin_notices', array($this, 'deinstall_udaddons'));
         }
     }
     if (class_exists('UpdraftPlusAddons')) {
         return;
     }
     // Refresh, if specifically requested
     if ('options-general.php' == $pagenow || is_multisite() && 'settings.php' == $pagenow && isset($_GET['udm_refresh'])) {
         if ($this->plug_updatechecker) {
             $this->plug_updatechecker->checkForUpdates();
         }
     }
     require_once UDADDONS2_DIR . '/options.php';
     $this->options = new UpdraftPlusAddOns_Options2($this->slug, __('UpdraftPlus Addons', 'updraftplus'), $this->url);
 }
 public function get_fragment($fragment)
 {
     if (false === ($updraftplus_admin = $this->_load_ud_admin()) || false === ($updraftplus = $this->_load_ud())) {
         return $this->_generic_error_response('no_updraftplus');
     }
     if (!UpdraftPlus_Options::user_can_manage()) {
         return $this->_generic_error_response('updraftplus_permission_denied');
     }
     if (is_array($fragment)) {
         $data = $fragment['data'];
         $fragment = $fragment['fragment'];
     }
     $error = false;
     switch ($fragment) {
         case 's3_new_api_user_form':
             ob_start();
             do_action('updraft_s3_print_new_api_user_form', false);
             $output = ob_get_contents();
             ob_end_clean();
             break;
         case 'backupnow_modal_contents':
             $updraft_dir = $updraftplus->backups_dir_location();
             if (!$updraftplus->really_is_writable($updraft_dir)) {
                 $output = array('error' => true, 'html' => __("The 'Backup Now' button is disabled as your backup directory is not writable (go to the 'Settings' tab and find the relevant option).", 'updraftplus'));
             } else {
                 $output = array('html' => $updraftplus_admin->backupnow_modal_contents());
             }
             break;
         case 'panel_download_and_restore':
             $backup_history = UpdraftPlus_Options::get_updraft_option('updraft_backup_history');
             if (empty($backup_history)) {
                 $updraftplus->rebuild_backup_history();
                 $backup_history = UpdraftPlus_Options::get_updraft_option('updraft_backup_history');
             }
             $backup_history = is_array($backup_history) ? $backup_history : array();
             $output = $updraftplus_admin->settings_downloading_and_restoring($backup_history, true, $data);
             break;
         case 'disk_usage':
             $output = $updraftplus_admin->get_disk_space_used($data);
             break;
         default:
             // We just return a code - translation is done on the other side
             $output = 'ud_get_fragment_could_not_return';
             $error = true;
             break;
     }
     if (empty($error)) {
         return $this->_response(array('output' => $output));
     } else {
         return $this->_generic_error_response('get_fragment_error', $output);
     }
 }
Пример #9
0
 public function updraft_ajax_importsettings()
 {
     global $updraftplus;
     if (empty($_POST) || empty($_POST['subaction']) || 'importsettings' != $_POST['subaction'] || !isset($_POST['nonce']) || !is_user_logged_in() || !UpdraftPlus_Options::user_can_manage() || !wp_verify_nonce($_POST['nonce'], 'updraftplus-settings-nonce')) {
         die('Security check');
     }
     if (empty($_POST['settings']) || !is_string($_POST['settings'])) {
         die('Invalid data');
     }
     $this->import_settings($_POST);
 }
 public function handle_url_actions()
 {
     // First, basic security check: must be an admin page, with ability to manage options, with the right parameters
     // Also, only on GET because WordPress on the options page repeats parameters sometimes when POST-ing via the _wp_referer field
     if (isset($_SERVER['REQUEST_METHOD']) && 'GET' == $_SERVER['REQUEST_METHOD'] && isset($_GET['action'])) {
         if (preg_match("/^updraftmethod-([a-z]+)-([a-z]+)\$/", $_GET['action'], $matches) && file_exists(UPDRAFTPLUS_DIR . '/methods/' . $matches[1] . '.php') && UpdraftPlus_Options::user_can_manage()) {
             $_GET['page'] = 'updraftplus';
             $_REQUEST['page'] = 'updraftplus';
             $method = $matches[1];
             require_once UPDRAFTPLUS_DIR . '/methods/' . $method . '.php';
             $call_class = "UpdraftPlus_BackupModule_" . $method;
             $call_method = "action_" . $matches[2];
             $backup_obj = new $call_class();
             add_action('http_request_args', array($this, 'modify_http_options'));
             try {
                 if (method_exists($backup_obj, $call_method)) {
                     call_user_func(array($backup_obj, $call_method));
                 } elseif (method_exists($backup_obj, 'action_handler')) {
                     call_user_func(array($backup_obj, 'action_handler'), $matches[2]);
                 }
             } catch (Exception $e) {
                 $this->log(sprintf(__("%s error: %s", 'updraftplus'), $method, $e->getMessage() . ' (' . $e->getCode() . ')', 'error'));
             }
             remove_action('http_request_args', array($this, 'modify_http_options'));
         } elseif (isset($_GET['page']) && $_GET['page'] == 'updraftplus' && $_GET['action'] == 'downloadlog' && isset($_GET['updraftplus_backup_nonce']) && preg_match("/^[0-9a-f]{12}\$/", $_GET['updraftplus_backup_nonce']) && UpdraftPlus_Options::user_can_manage()) {
             // No WordPress nonce is needed here or for the next, since the backup is already nonce-based
             $updraft_dir = $this->backups_dir_location();
             $log_file = $updraft_dir . '/log.' . $_GET['updraftplus_backup_nonce'] . '.txt';
             if (is_readable($log_file)) {
                 header('Content-type: text/plain');
                 if (!empty($_GET['force_download'])) {
                     header('Content-Disposition: attachment; filename="' . basename($log_file) . '"');
                 }
                 readfile($log_file);
                 exit;
             } else {
                 add_action('all_admin_notices', array($this, 'show_admin_warning_unreadablelog'));
             }
         } elseif (isset($_GET['page']) && $_GET['page'] == 'updraftplus' && $_GET['action'] == 'downloadfile' && isset($_GET['updraftplus_file']) && preg_match('/^backup_([\\-0-9]{15})_.*_([0-9a-f]{12})-db([0-9]+)?+\\.(gz\\.crypt)$/i', $_GET['updraftplus_file']) && UpdraftPlus_Options::user_can_manage()) {
             // Though this (venerable) code uses the action 'downloadfile', in fact, it's not that general: it's just for downloading a decrypted copy of encrypted databases, and nothing else
             $updraft_dir = $this->backups_dir_location();
             $file = $_GET['updraftplus_file'];
             $spool_file = $updraft_dir . '/' . basename($file);
             if (is_readable($spool_file)) {
                 $dkey = isset($_GET['decrypt_key']) ? stripslashes($_GET['decrypt_key']) : '';
                 $this->spool_file($spool_file, $dkey);
                 exit;
             } else {
                 add_action('all_admin_notices', array($this, 'show_admin_warning_unreadablefile'));
             }
         } elseif ($_GET['action'] == 'updraftplus_spool_file' && !empty($_GET['what']) && !empty($_GET['backup_timestamp']) && is_numeric($_GET['backup_timestamp']) && UpdraftPlus_Options::user_can_manage()) {
             // At some point, it may be worth merging this with the previous section
             $updraft_dir = $this->backups_dir_location();
             $findex = isset($_GET['findex']) ? (int) $_GET['findex'] : 0;
             $backup_timestamp = $_GET['backup_timestamp'];
             $what = $_GET['what'];
             $backup_history = UpdraftPlus_Options::get_updraft_option('updraft_backup_history');
             $filename = null;
             if (isset($backup_history[$backup_timestamp])) {
                 if ('db' != substr($what, 0, 2)) {
                     $backupable_entities = $this->get_backupable_file_entities();
                     if (!isset($backupable_entities[$what])) {
                         $filename = false;
                     }
                 }
                 if (false !== $filename && isset($backup_history[$backup_timestamp][$what])) {
                     if (is_string($backup_history[$backup_timestamp][$what]) && 0 == $findex) {
                         $filename = $backup_history[$backup_timestamp][$what];
                     } elseif (isset($backup_history[$backup_timestamp][$what][$findex])) {
                         $filename = $backup_history[$backup_timestamp][$what][$findex];
                     }
                 }
             }
             if (empty($filename) || !is_readable($updraft_dir . '/' . basename($filename))) {
                 echo json_encode(array('result' => __('UpdraftPlus notice:', 'updraftplus') . ' ' . __('The given file was not found, or could not be read.', 'updraftplus')));
                 exit;
             }
             $dkey = isset($_GET['decrypt_key']) ? stripslashes($_GET['decrypt_key']) : "";
             $this->spool_file($updraft_dir . '/' . basename($filename), $dkey);
             exit;
         }
     }
 }
Пример #11
0
 function handle_url_actions()
 {
     // First, basic security check: must be an admin page, with ability to manage options, with the right parameters
     // Also, only on GET because WordPress on the options page repeats parameters sometimes when POST-ing via the _wp_referer field
     if (isset($_SERVER['REQUEST_METHOD']) && 'GET' == $_SERVER['REQUEST_METHOD'] && UpdraftPlus_Options::user_can_manage() && isset($_GET['page']) && $_GET['page'] == 'updraftplus' && isset($_GET['action'])) {
         if (preg_match("/^updraftmethod-([a-z]+)-([a-z]+)\$/", $_GET['action'], $matches) && file_exists(UPDRAFTPLUS_DIR . '/methods/' . $matches[1] . '.php')) {
             $method = $matches[1];
             require_once UPDRAFTPLUS_DIR . '/methods/' . $method . '.php';
             $call_class = "UpdraftPlus_BackupModule_" . $method;
             $call_method = "action_" . $matches[2];
             add_action('http_api_curl', array($this, 'add_curl_capath'));
             if (method_exists($call_class, $call_method)) {
                 call_user_func(array($call_class, $call_method));
             }
             remove_action('http_api_curl', array($this, 'add_curl_capath'));
         } elseif ($_GET['action'] == 'downloadlog' && isset($_GET['updraftplus_backup_nonce']) && preg_match("/^[0-9a-f]{12}\$/", $_GET['updraftplus_backup_nonce'])) {
             // No WordPress nonce is needed here or for the next, since the backup is already nonce-based
             $updraft_dir = $this->backups_dir_location();
             $log_file = $updraft_dir . '/log.' . $_GET['updraftplus_backup_nonce'] . '.txt';
             if (is_readable($log_file)) {
                 header('Content-type: text/plain');
                 readfile($log_file);
                 exit;
             } else {
                 add_action('admin_notices', array($this, 'show_admin_warning_unreadablelog'));
             }
         } elseif ($_GET['action'] == 'downloadfile' && isset($_GET['updraftplus_file']) && preg_match('/^backup_([\\-0-9]{15})_.*_([0-9a-f]{12})-[\\-a-z]+\\.(gz\\.crypt)$/i', $_GET['updraftplus_file'])) {
             $updraft_dir = $this->backups_dir_location();
             $spool_file = $updraft_dir . '/' . basename($_GET['updraftplus_file']);
             if (is_readable($spool_file)) {
                 $dkey = isset($_GET['decrypt_key']) ? $_GET['decrypt_key'] : "";
                 $this->spool_file('db', $spool_file, $dkey);
                 exit;
             } else {
                 add_action('admin_notices', array($this, 'show_admin_warning_unreadablefile'));
             }
         }
     }
 }
 public function update_wpmu_options($value)
 {
     if (!UpdraftPlus_Options::user_can_manage()) {
         return;
     }
     $options = $this->addons2_get_option(UDADDONS2_SLUG . '_options');
     if (!is_array($options)) {
         $options = array();
     }
     $options['email'] = isset($value['email']) ? $value['email'] : '';
     $options['password'] = isset($value['password']) ? $value['password'] : '';
     $options = $this->options_validate($options);
     $this->addons2_update_option(UDADDONS2_SLUG . '_options', $options);
     return true;
 }