private function curl($id, $url, $params) { if (self::$settings->getGlobalOption('http_method') == 'post') { $c = curl_init($url); curl_setopt($c, CURLOPT_POST, 1); curl_setopt($c, CURLOPT_POSTFIELDS, $params . '&token_auth=' . self::$settings->getGlobalOption('piwik_token')); } else { $c = curl_init($url . '?' . $params . '&token_auth=' . self::$settings->getGlobalOption('piwik_token')); } curl_setopt($c, CURLOPT_SSL_VERIFYPEER, !self::$settings->getGlobalOption('disable_ssl_verify')); curl_setopt($c, CURLOPT_USERAGENT, self::$settings->getGlobalOption('piwik_useragent') == 'php' ? ini_get('user_agent') : self::$settings->getGlobalOption('piwik_useragent_string')); curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); curl_setopt($c, CURLOPT_HEADER, $GLOBALS['wp-piwik_debug']); curl_setopt($c, CURLOPT_TIMEOUT, self::$settings->getGlobalOption('connection_timeout')); $httpProxyClass = new \WP_HTTP_Proxy(); if ($httpProxyClass->is_enabled() && $httpProxyClass->send_through_proxy($strURL)) { curl_setopt($c, CURLOPT_PROXY, $httpProxyClass->host()); curl_setopt($c, CURLOPT_PROXYPORT, $httpProxyClass->port()); if ($httpProxyClass->use_authentication()) { curl_setopt($c, CURLOPT_PROXYUSERPWD, $httpProxyClass->username() . ':' . $httpProxyClass->password()); } } $result = curl_exec($c); if ($GLOBALS['wp-piwik_debug']) { $header_size = curl_getinfo($c, CURLINFO_HEADER_SIZE); $header = substr($result, 0, $header_size); $body = substr($result, $header_size); $result = $this->unserialize($body); self::$debug[$id] = array($header, $url . '?' . $params . '&token_auth=...'); } else { $result = $this->unserialize($result); } curl_close($c); return $result; }
function getS3($key, $secret, $useservercerts, $disableverify, $nossl) { global $updraftplus; if (!class_exists('UpdraftPlus_S3')) { require_once UPDRAFTPLUS_DIR . '/includes/S3.php'; } if (!class_exists('WP_HTTP_Proxy')) { require_once ABSPATH . 'wp-includes/class-http.php'; } $proxy = new WP_HTTP_Proxy(); $s3 = new UpdraftPlus_S3($key, $secret); if ($proxy->is_enabled()) { # WP_HTTP_Proxy returns empty strings where we want nulls $user = $proxy->username(); if (empty($user)) { $user = null; $pass = null; } else { $pass = $proxy->password(); if (empty($pass)) { $pass = null; } } $port = (int) $proxy->port(); if (empty($port)) { $port = 8080; } $s3->setProxy($proxy->host(), $user, $pass, CURLPROXY_HTTP, $port); } if (!$nossl) { $curl_version = function_exists('curl_version') ? curl_version() : array('features' => null); $curl_ssl_supported = $curl_version['features'] & CURL_VERSION_SSL; if ($curl_ssl_supported) { $s3->useSSL = true; if ($disableverify) { $s3->useSSLValidation = false; $updraftplus->log("S3: Disabling verification of SSL certificates"); } if ($useservercerts) { $updraftplus->log("S3: Using the server's SSL certificates"); } else { $s3->SSLCACert = UPDRAFTPLUS_DIR . '/includes/cacert.pem'; } } else { $updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted."); } } else { $s3->useSSL = false; $updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted."); } return $s3; }
/** * Send an HTTP request to a URI. * * Please note: The only URI that are supported in the HTTP Transport implementation * are the HTTP and HTTPS protocols. * * @access public * @since 2.7.0 * * @param string $url The request URL. * @param string|array $args { * Optional. Array or string of HTTP request arguments. * * @type string $method Request method. Accepts 'GET', 'POST', 'HEAD', or 'PUT'. * Some transports technically allow others, but should not be * assumed. Default 'GET'. * @type int $timeout How long the connection should stay open in seconds. Default 5. * @type int $redirection Number of allowed redirects. Not supported by all transports * Default 5. * @type string $httpversion Version of the HTTP protocol to use. Accepts '1.0' and '1.1'. * Default '1.0'. * @type string $user-agent User-agent value sent. * Default WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ). * @type bool $reject_unsafe_urls Whether to pass URLs through wp_http_validate_url(). * Default false. * @type bool $blocking Whether the calling code requires the result of the request. * If set to false, the request will be sent to the remote server, * and processing returned to the calling code immediately, the caller * will know if the request succeeded or failed, but will not receive * any response from the remote server. Default true. * @type string|array $headers Array or string of headers to send with the request. * Default empty array. * @type array $cookies List of cookies to send with the request. Default empty array. * @type string|array $body Body to send with the request. Default null. * @type bool $compress Whether to compress the $body when sending the request. * Default false. * @type bool $decompress Whether to decompress a compressed response. If set to false and * compressed content is returned in the response anyway, it will * need to be separately decompressed. Default true. * @type bool $sslverify Whether to verify SSL for the request. Default true. * @type string sslcertificates Absolute path to an SSL certificate .crt file. * Default ABSPATH . WPINC . '/certificates/ca-bundle.crt'. * @type bool $stream Whether to stream to a file. If set to true and no filename was * given, it will be droped it in the WP temp dir and its name will * be set using the basename of the URL. Default false. * @type string $filename Filename of the file to write to when streaming. $stream must be * set to true. Default null. * @type int $limit_response_size Size in bytes to limit the response to. Default null. * * } * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. * A WP_Error instance upon error. */ public function request($url, $args = array()) { $defaults = array('method' => 'GET', 'timeout' => apply_filters('http_request_timeout', 5), 'redirection' => apply_filters('http_request_redirection_count', 5), 'httpversion' => apply_filters('http_request_version', '1.0'), 'user-agent' => apply_filters('http_headers_useragent', 'WordPress/' . get_bloginfo('version') . '; ' . get_bloginfo('url')), 'reject_unsafe_urls' => apply_filters('http_request_reject_unsafe_urls', false), 'blocking' => true, 'headers' => array(), 'cookies' => array(), 'body' => null, 'compress' => false, 'decompress' => true, 'sslverify' => true, 'sslcertificates' => ABSPATH . WPINC . '/certificates/ca-bundle.crt', 'stream' => false, 'filename' => null, 'limit_response_size' => null); // Pre-parse for the HEAD checks. $args = wp_parse_args($args); // By default, Head requests do not cause redirections. if (isset($args['method']) && 'HEAD' == $args['method']) { $defaults['redirection'] = 0; } $r = wp_parse_args($args, $defaults); /** * Filters the arguments used in an HTTP request. * * @since 2.7.0 * * @param array $r An array of HTTP request arguments. * @param string $url The request URL. */ $r = apply_filters('http_request_args', $r, $url); // The transports decrement this, store a copy of the original value for loop purposes. if (!isset($r['_redirection'])) { $r['_redirection'] = $r['redirection']; } /** * Filters whether to preempt an HTTP request's return value. * * Returning a non-false value from the filter will short-circuit the HTTP request and return * early with that value. A filter should return either: * * - An array containing 'headers', 'body', 'response', 'cookies', and 'filename' elements * - A WP_Error instance * - boolean false (to avoid short-circuiting the response) * * Returning any other value may result in unexpected behaviour. * * @since 2.9.0 * * @param false|array|WP_Error $preempt Whether to preempt an HTTP request's return value. Default false. * @param array $r HTTP request arguments. * @param string $url The request URL. */ $pre = apply_filters('pre_http_request', false, $r, $url); if (false !== $pre) { return $pre; } if (function_exists('wp_kses_bad_protocol')) { if ($r['reject_unsafe_urls']) { $url = wp_http_validate_url($url); } if ($url) { $url = wp_kses_bad_protocol($url, array('http', 'https', 'ssl')); } } $arrURL = @parse_url($url); if (empty($url) || empty($arrURL['scheme'])) { return new WP_Error('http_request_failed', __('A valid URL was not provided.')); } if ($this->block_request($url)) { return new WP_Error('http_request_failed', __('User has blocked requests through HTTP.')); } // If we are streaming to a file but no filename was given drop it in the WP temp dir // and pick its name using the basename of the $url if ($r['stream']) { if (empty($r['filename'])) { $r['filename'] = get_temp_dir() . basename($url); } // Force some settings if we are streaming to a file and check for existence and perms of destination directory $r['blocking'] = true; if (!wp_is_writable(dirname($r['filename']))) { return new WP_Error('http_request_failed', __('Destination directory for file streaming does not exist or is not writable.')); } } if (is_null($r['headers'])) { $r['headers'] = array(); } // WP allows passing in headers as a string, weirdly. if (!is_array($r['headers'])) { $processedHeaders = WP_Http::processHeaders($r['headers']); $r['headers'] = $processedHeaders['headers']; } // Setup arguments $headers = $r['headers']; $data = $r['body']; $type = $r['method']; $options = array('timeout' => $r['timeout'], 'useragent' => $r['user-agent'], 'blocking' => $r['blocking'], 'hooks' => new WP_HTTP_Requests_Hooks($url, $r)); // Ensure redirects follow browser behaviour. $options['hooks']->register('requests.before_redirect', array(get_class(), 'browser_redirect_compatibility')); if ($r['stream']) { $options['filename'] = $r['filename']; } if (empty($r['redirection'])) { $options['follow_redirects'] = false; } else { $options['redirects'] = $r['redirection']; } // Use byte limit, if we can if (isset($r['limit_response_size'])) { $options['max_bytes'] = $r['limit_response_size']; } // If we've got cookies, use and convert them to Requests_Cookie. if (!empty($r['cookies'])) { $options['cookies'] = WP_Http::normalize_cookies($r['cookies']); } // SSL certificate handling if (!$r['sslverify']) { $options['verify'] = false; $options['verifyname'] = false; } else { $options['verify'] = $r['sslcertificates']; } // All non-GET/HEAD requests should put the arguments in the form body. if ('HEAD' !== $type && 'GET' !== $type) { $options['data_format'] = 'body'; } /** * Filters whether SSL should be verified for non-local requests. * * @since 2.8.0 * * @param bool $ssl_verify Whether to verify the SSL connection. Default true. */ $options['verify'] = apply_filters('https_ssl_verify', $options['verify']); // Check for proxies. $proxy = new WP_HTTP_Proxy(); if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) { $options['proxy'] = new Requests_Proxy_HTTP($proxy->host() . ':' . $proxy->port()); if ($proxy->use_authentication()) { $options['proxy']->use_authentication = true; $options['proxy']->user = $proxy->username(); $options['proxy']->pass = $proxy->password(); } } // Avoid issues where mbstring.func_overload is enabled mbstring_binary_safe_encoding(); try { $requests_response = Requests::request($url, $headers, $data, $type, $options); // Convert the response into an array $http_response = new WP_HTTP_Requests_Response($requests_response, $r['filename']); $response = $http_response->to_array(); // Add the original object to the array. $response['http_response'] = $http_response; } catch (Requests_Exception $e) { $response = new WP_Error('http_request_failed', $e->getMessage()); } reset_mbstring_encoding(); /** * Fires after an HTTP API response is received and before the response is returned. * * @since 2.8.0 * * @param array|WP_Error $response HTTP response or WP_Error object. * @param string $context Context under which the hook is fired. * @param string $class HTTP transport used. * @param array $args HTTP request arguments. * @param string $url The request URL. */ do_action('http_api_debug', $response, 'response', 'Requests', $r, $url); if (is_wp_error($response)) { return $response; } if (!$r['blocking']) { return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array(), 'http_response' => null); } /** * Filters the HTTP API response immediately before the response is returned. * * @since 2.9.0 * * @param array $response HTTP response. * @param array $r HTTP request arguments. * @param string $url The request URL. */ return apply_filters('http_response', $response, $r, $url); }
public function getS3($key, $secret, $useservercerts, $disableverify, $nossl, $endpoint = null) { if (!empty($this->s3_object) && !is_wp_error($this->s3_object)) { return $this->s3_object; } // Saved in case the object needs recreating for the corner-case where there is no permission to look up the bucket location $this->got_with = array('key' => $key, 'secret' => $secret, 'useservercerts' => $useservercerts, 'disableverify' => $disableverify, 'nossl' => $nossl); if ('' == $key || '' == $secret) { return new WP_Error('no_settings', __('No settings were found', 'updraftplus')); } global $updraftplus; $use_s3_class = $this->indicate_s3_class(); if (!class_exists('WP_HTTP_Proxy')) { require_once ABSPATH . WPINC . '/class-http.php'; } $proxy = new WP_HTTP_Proxy(); $use_ssl = true; $ssl_ca = true; if (!$nossl) { $curl_version = function_exists('curl_version') ? curl_version() : array('features' => null); $curl_ssl_supported = $curl_version['features'] & CURL_VERSION_SSL; if ($curl_ssl_supported) { if ($disableverify) { $ssl_ca = false; //$s3->setSSL(true, false); $updraftplus->log("S3: Disabling verification of SSL certificates"); } else { if ($useservercerts) { $updraftplus->log("S3: Using the server's SSL certificates"); $ssl_ca = 'system'; } else { $ssl_ca = file_exists(UPDRAFTPLUS_DIR . '/includes/cacert.pem') ? UPDRAFTPLUS_DIR . '/includes/cacert.pem' : true; } } } else { $use_ssl = false; $updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted."); } } else { $use_ssl = false; $updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted."); } try { $s3 = new $use_s3_class($key, $secret, $use_ssl, $ssl_ca, $endpoint); } catch (Exception $e) { $updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')'); $updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), $key), 'S3'); return new WP_Error('s3_init_failed', sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')'); } if ($proxy->is_enabled()) { # WP_HTTP_Proxy returns empty strings where we want nulls $user = $proxy->username(); if (empty($user)) { $user = null; $pass = null; } else { $pass = $proxy->password(); if (empty($pass)) { $pass = null; } } $port = (int) $proxy->port(); if (empty($port)) { $port = 8080; } $s3->setProxy($proxy->host(), $user, $pass, CURLPROXY_HTTP, $port); } // Old: from before we passed the SSL options when getting the object // if (!$nossl) { // $curl_version = (function_exists('curl_version')) ? curl_version() : array('features' => null); // $curl_ssl_supported = ($curl_version['features'] & CURL_VERSION_SSL); // if ($curl_ssl_supported) { // if ($disableverify) { // $s3->setSSL(true, false); // $updraftplus->log("S3: Disabling verification of SSL certificates"); // } else { // $s3->setSSL(true, true); // } // if ($useservercerts) { // $updraftplus->log("S3: Using the server's SSL certificates"); // } else { // $s3->setSSLAuth(null, null, UPDRAFTPLUS_DIR.'/includes/cacert.pem'); // } // } else { // $s3->setSSL(false, false); // $updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted."); // } // } else { // $s3->setSSL(false, false); // $updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted."); // } $this->s3_object = $s3; return $this->s3_object; }
public function http_post($post_options) { @(include ABSPATH . WPINC . '/version.php'); $http_credentials = $this->http_credentials; if (is_a($this->http_transport, 'GuzzleHttp\\Client')) { // https://guzzle.readthedocs.org/en/5.3/clients.html $client = $this->http_transport; $guzzle_options = array('body' => $post_options['body'], 'headers' => array('User-Agent' => 'WordPress/' . $wp_version . '; class-udrpc.php-Guzzle/' . $this->version . '; ' . get_bloginfo('url')), 'exceptions' => false, 'timeout' => $post_options['timeout']); if (!class_exists('WP_HTTP_Proxy')) { require_once ABSPATH . WPINC . '/class-http.php'; } $proxy = new WP_HTTP_Proxy(); if ($proxy->is_enabled()) { $user = $proxy->username(); $pass = $proxy->password(); $host = $proxy->host(); $port = (int) $proxy->port(); if (empty($port)) { $port = 8080; } if (!empty($host) && $proxy->send_through_proxy($this->destination_url)) { $proxy_auth = ''; if (!empty($user)) { $proxy_auth = $user; if (!empty($pass)) { $proxy_auth .= ':' . $pass; } $proxy_auth .= '@'; } $guzzle_options['proxy'] = array('http' => "http://{$proxy_auth}{$host}:{$port}", 'https' => "http://{$proxy_auth}{$host}:{$port}"); } } if (defined('UDRPC_GUZZLE_SSL_VERIFY')) { $verify = UDRPC_GUZZLE_SSL_VERIFY; } elseif (file_exists(ABSPATH . WPINC . '/certificates/ca-bundle.crt')) { $verify = ABSPATH . WPINC . '/certificates/ca-bundle.crt'; } else { $verify = true; } $guzzle_options['verify'] = apply_filters('udrpc_guzzle_verify', $verify); if (!empty($http_credentials['username'])) { $authentication_method = empty($http_credentials['authentication_method']) ? 'basic' : $http_credentials['authentication_method']; $password = empty($http_credentials['password']) ? '' : $http_credentials['password']; $guzzle_options['auth'] = array($http_credentials['username'], $password, $authentication_method); } $response = $client->post($this->destination_url, apply_filters('udrpc_guzzle_options', $guzzle_options, $this)); $formatted_response = array('response' => array('code' => $response->getStatusCode()), 'body' => $response->getBody()); return $formatted_response; } else { $post_options['user-agent'] = 'WordPress/' . $wp_version . '; class-udrpc.php/' . $this->version . '; ' . get_bloginfo('url'); if (!empty($http_credentials['username'])) { $authentication_type = empty($http_credentials['authentication_type']) ? 'basic' : $http_credentials['authentication_type']; if ('basic' != $authentication_type) { return new WP_Error('unsupported_http_authentication_type', 'Only HTTP basic authentication is supported (for other types, use Guzzle)'); } $password = empty($http_credentials['password']) ? '' : $http_credentials['password']; $post_options['headers'] = array('Authorization' => 'Basic ' . base64_encode($http_credentials['username'] . ':' . $password)); } return wp_remote_post($this->destination_url, $post_options); } }
protected function getS3($key, $secret, $useservercerts, $disableverify, $nossl) { if (!empty($this->s3_object) && !is_wp_error($this->s3_object)) { return $this->s3_object; } if ('' == $key || '' == $secret) { return new WP_Error('no_settings', __('No settings were found', 'updraftplus')); } global $updraftplus; if (!class_exists('UpdraftPlus_S3')) { require_once UPDRAFTPLUS_DIR . '/includes/S3.php'; } if (!class_exists('WP_HTTP_Proxy')) { require_once ABSPATH . WPINC . '/class-http.php'; } $proxy = new WP_HTTP_Proxy(); $s3 = new UpdraftPlus_S3($key, $secret); if ($proxy->is_enabled()) { # WP_HTTP_Proxy returns empty strings where we want nulls $user = $proxy->username(); if (empty($user)) { $user = null; $pass = null; } else { $pass = $proxy->password(); if (empty($pass)) { $pass = null; } } $port = (int) $proxy->port(); if (empty($port)) { $port = 8080; } $s3->setProxy($proxy->host(), $user, $pass, CURLPROXY_HTTP, $port); } if (!$nossl) { $curl_version = function_exists('curl_version') ? curl_version() : array('features' => null); $curl_ssl_supported = $curl_version['features'] & CURL_VERSION_SSL; if ($curl_ssl_supported) { if ($disableverify) { $s3->setSSL(true, false); $updraftplus->log("S3: Disabling verification of SSL certificates"); } else { $s3->setSSL(true, true); } if ($useservercerts) { $updraftplus->log("S3: Using the server's SSL certificates"); } else { $s3->setSSLAuth(null, null, UPDRAFTPLUS_DIR . '/includes/cacert.pem'); } } else { $s3->setSSL(false, false); $updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted."); } } else { $s3->setSSL(false, false); $updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted."); } $this->s3_object = $s3; return $this->s3_object; }
/** * Execute an API call * @todo Improve error handling * @param string $method The HTTP method * @param string $url The API endpoint * @param string $call The API method to call * @param array $additional Additional parameters * @return string|object stdClass */ public function fetch($method, $url, $call, array $additional = array()) { // Get the signed request URL $request = $this->getSignedRequest($method, $url, $call, $additional); // Initialise and execute a cURL request $handle = curl_init($request['url']); // Get the default options array $options = $this->defaultOptions; if (!UpdraftPlus_Options::get_updraft_option('updraft_ssl_useservercerts')) { $options[CURLOPT_CAINFO] = UPDRAFTPLUS_DIR . '/includes/cacert.pem'; } if (UpdraftPlus_Options::get_updraft_option('updraft_ssl_disableverify')) { $options[CURLOPT_SSL_VERIFYPEER] = false; } else { $options[CURLOPT_SSL_VERIFYPEER] = true; } if (!class_exists('WP_HTTP_Proxy')) { require_once ABSPATH . WPINC . '/class-http.php'; } $proxy = new WP_HTTP_Proxy(); if ($proxy->is_enabled()) { # WP_HTTP_Proxy returns empty strings if nothing is set $user = $proxy->username(); $pass = $proxy->password(); $host = $proxy->host(); $port = (int) $proxy->port(); if (empty($port)) { $port = 8080; } if (!empty($host) && $proxy->send_through_proxy($request['url'])) { $options[CURLOPT_PROXY] = $host; $options[CURLOPT_PROXYTYPE] = CURLPROXY_HTTP; $options[CURLOPT_PROXYPORT] = $port; if (!empty($user) && !empty($pass)) { $options[CURLOPT_PROXYAUTH] = CURLAUTH_ANY; $options[CURLOPT_PROXYUSERPWD] = sprintf('%s:%s', $user, $pass); } } } if ($method == 'GET' && $this->outFile) { // GET $options[CURLOPT_RETURNTRANSFER] = false; $options[CURLOPT_HEADER] = false; $options[CURLOPT_FILE] = $this->outFile; $options[CURLOPT_BINARYTRANSFER] = true; $options[CURLOPT_FAILONERROR] = true; if (isset($additional['headers'])) { $options[CURLOPT_HTTPHEADER] = $additional['headers']; } $this->outFile = null; } elseif ($method == 'POST') { // POST $options[CURLOPT_POST] = true; $options[CURLOPT_POSTFIELDS] = $request['postfields']; } elseif ($method == 'PUT' && $this->inFile) { // PUT $options[CURLOPT_PUT] = true; $options[CURLOPT_INFILE] = $this->inFile; // @todo Update so the data is not loaded into memory to get its size $options[CURLOPT_INFILESIZE] = strlen(stream_get_contents($this->inFile)); fseek($this->inFile, 0); $this->inFile = null; } // Set the cURL options at once curl_setopt_array($handle, $options); // Execute, get any error and close $response = curl_exec($handle); $error = curl_error($handle); $getinfo = curl_getinfo($handle); curl_close($handle); //Check if a cURL error has occured if ($response === false) { throw new Dropbox_CurlException($error); } else { // Parse the response if it is a string if (is_string($response)) { $response = $this->parse($response); } // Set the last response $this->lastResponse = $response; $code = !empty($response['code']) ? $response['code'] : $getinfo['http_code']; // The API doesn't return an error message for the 304 status code... // 304's are only returned when the path supplied during metadata calls has not been modified if ($code == 304) { $response['body'] = new stdClass(); $response['body']->error = 'The folder contents have not changed'; } // Check if an error occurred and throw an Exception if (!empty($response['body']->error)) { // Dropbox returns error messages inconsistently... if ($response['body']->error instanceof stdClass) { $array = array_values((array) $response['body']->error); $message = $array[0]; } else { $message = $response['body']->error; } // Throw an Exception with the appropriate with the appropriate message and code switch ($code) { case 304: throw new Dropbox_NotModifiedException($message, 304); case 400: throw new Dropbox_BadRequestException($message, 400); case 404: throw new Dropbox_NotFoundException($message, 404); case 406: throw new Dropbox_NotAcceptableException($message, 406); case 415: throw new Dropbox_UnsupportedMediaTypeException($message, 415); default: throw new Dropbox_Exception($message, $code); } } return $response; } }
public function getS3($key, $secret, $useservercerts, $disableverify, $nossl, $endpoint = null, $sse = false) { if (!empty($this->s3_object) && !is_wp_error($this->s3_object)) { return $this->s3_object; } if (is_string($key)) { $key = trim($key); } if (is_string($secret)) { $secret = trim($secret); } // Saved in case the object needs recreating for the corner-case where there is no permission to look up the bucket location $this->got_with = array('key' => $key, 'secret' => $secret, 'useservercerts' => $useservercerts, 'disableverify' => $disableverify, 'nossl' => $nossl, 'server_side_encryption' => $sse); if (is_wp_error($key)) { return $key; } if ('' == $key || '' == $secret) { return new WP_Error('no_settings', __('No settings were found - please go to the Settings tab and check your settings', 'updraftplus')); } global $updraftplus; $use_s3_class = $this->indicate_s3_class(); if (!class_exists('WP_HTTP_Proxy')) { require_once ABSPATH . WPINC . '/class-http.php'; } $proxy = new WP_HTTP_Proxy(); $use_ssl = true; $ssl_ca = true; if (!$nossl) { $curl_version = function_exists('curl_version') ? curl_version() : array('features' => null); $curl_ssl_supported = $curl_version['features'] & CURL_VERSION_SSL; if ($curl_ssl_supported) { if ($disableverify) { $ssl_ca = false; //$s3->setSSL(true, false); $updraftplus->log("S3: Disabling verification of SSL certificates"); } else { if ($useservercerts) { $updraftplus->log("S3: Using the server's SSL certificates"); $ssl_ca = 'system'; } else { $ssl_ca = file_exists(UPDRAFTPLUS_DIR . '/includes/cacert.pem') ? UPDRAFTPLUS_DIR . '/includes/cacert.pem' : true; } } } else { $use_ssl = false; $updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted."); } } else { $use_ssl = false; $updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted."); } try { $s3 = new $use_s3_class($key, $secret, $use_ssl, $ssl_ca, $endpoint); } catch (Exception $e) { // Catch a specific PHP engine bug - see HS#6364 if ('UpdraftPlus_S3_Compat' == $use_s3_class && is_a($e, 'InvalidArgumentException') && false !== strpos('Invalid signature type: s3', $e->getMessage())) { require_once UPDRAFTPLUS_DIR . '/includes/S3.php'; $use_s3_class = 'UpdraftPlus_S3'; $try_again = true; } else { $updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')'); $updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), $key), 'S3'); return new WP_Error('s3_init_failed', sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')'); } } if (!empty($try_again)) { try { $s3 = new $use_s3_class($key, $secret, $use_ssl, $ssl_ca, $endpoint); } catch (Exception $e) { $updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')'); $updraftplus->log(sprintf(__('%s Error: Failed to initialise', 'updraftplus'), $key), 'S3'); return new WP_Error('s3_init_failed', sprintf(__('%s Error: Failed to initialise', 'updraftplus'), 'S3') . ": " . $e->getMessage() . ' (line: ' . $e->getLine() . ', file: ' . $e->getFile() . ')'); } $updraftplus->log("S3: Hit a PHP engine bug - had to switch to the older S3 library (which is incompatible with signatureV4, which may cause problems later on if using a region that requires it)"); } if ($proxy->is_enabled()) { # WP_HTTP_Proxy returns empty strings where we want nulls $user = $proxy->username(); if (empty($user)) { $user = null; $pass = null; } else { $pass = $proxy->password(); if (empty($pass)) { $pass = null; } } $port = (int) $proxy->port(); if (empty($port)) { $port = 8080; } $s3->setProxy($proxy->host(), $user, $pass, CURLPROXY_HTTP, $port); } // Old: from before we passed the SSL options when getting the object // if (!$nossl) { // $curl_version = (function_exists('curl_version')) ? curl_version() : array('features' => null); // $curl_ssl_supported = ($curl_version['features'] & CURL_VERSION_SSL); // if ($curl_ssl_supported) { // if ($disableverify) { // $s3->setSSL(true, false); // $updraftplus->log("S3: Disabling verification of SSL certificates"); // } else { // $s3->setSSL(true, true); // } // if ($useservercerts) { // $updraftplus->log("S3: Using the server's SSL certificates"); // } else { // $s3->setSSLAuth(null, null, UPDRAFTPLUS_DIR.'/includes/cacert.pem'); // } // } else { // $s3->setSSL(false, false); // $updraftplus->log("S3: Curl/SSL is not available. Communications will not be encrypted."); // } // } else { // $s3->setSSL(false, false); // $updraftplus->log("SSL was disabled via the user's preference. Communications will not be encrypted."); // } if (method_exists($s3, 'setServerSideEncryption') && (is_a($this, 'UpdraftPlus_BackupModule_updraftvault') || $sse)) { $s3->setServerSideEncryption('AES256'); } $this->s3_object = $s3; return $this->s3_object; }
function sucuriscan_settings_general_apiproxy() { $params = array('APIProxy.Host' => 'no_proxy_host', 'APIProxy.Port' => 'no_proxy_port', 'APIProxy.Username' => 'no_proxy_username', 'APIProxy.Password' => 'no_proxy_password', 'APIProxy.PasswordType' => 'default', 'APIProxy.PasswordText' => 'empty'); if (class_exists('WP_HTTP_Proxy')) { $wp_http_proxy = new WP_HTTP_Proxy(); if ($wp_http_proxy->is_enabled()) { $proxy_host = SucuriScan::escape($wp_http_proxy->host()); $proxy_port = SucuriScan::escape($wp_http_proxy->port()); $proxy_username = SucuriScan::escape($wp_http_proxy->username()); $proxy_password = SucuriScan::escape($wp_http_proxy->password()); $template_variables['APIProxy.Host'] = $proxy_host; $template_variables['APIProxy.Port'] = $proxy_port; $template_variables['APIProxy.Username'] = $proxy_username; $template_variables['APIProxy.Password'] = $proxy_password; $template_variables['APIProxy.PasswordType'] = 'info'; $template_variables['APIProxy.PasswordText'] = 'hidden'; } } return SucuriScanTemplate::get_section('settings-general-apiproxy', $params); }
/** * Call REST API * * @param $strURL Remote file URL */ function callREST($strURL) { $strPiwikURL = self::$aryGlobalSettings['piwik_url']; if (substr($strPiwikURL, -1, 1) != '/') { $strPiwikURL .= '/'; } $strURL = $strPiwikURL . '?module=API' . $strURL; // Use cURL if available if (function_exists('curl_init')) { // Init cURL $c = curl_init($strURL); // Disable SSL peer verification if asked to curl_setopt($c, CURLOPT_SSL_VERIFYPEER, !self::$aryGlobalSettings['disable_ssl_verify']); // Set user agent curl_setopt($c, CURLOPT_USERAGENT, self::$aryGlobalSettings['piwik_useragent'] == 'php' ? ini_get('user_agent') : self::$aryGlobalSettings['piwik_useragent_string']); // Configure cURL CURLOPT_RETURNTRANSFER = 1 curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); // Configure cURL CURLOPT_HEADER = 0 curl_setopt($c, CURLOPT_HEADER, 0); // Set cURL timeout curl_setopt($c, CURLOPT_TIMEOUT, self::$aryGlobalSettings['connection_timeout']); if (WP_HTTP_Proxy::is_enabled() && WP_HTTP_Proxy::send_through_proxy($strURL)) { curl_setopt($c, CURLOPT_PROXY, WP_HTTP_Proxy::host()); curl_setopt($c, CURLOPT_PROXYPORT, WP_HTTP_Proxy::port()); if (WP_HTTP_Proxy::use_authentication()) { curl_setopt($c, CURLOPT_PROXYUSERPWD, WP_HTTP_Proxy::username() . ':' . WP_HTTP_Proxy::password()); } } // Get result $strResult = curl_exec($c); // Close connection curl_close($c); // cURL not available but url fopen allowed } elseif (ini_get('allow_url_fopen')) { // Set timeout $resContext = stream_context_create(array('http' => array('timeout' => self::$aryGlobalSettings['connection_timeout']))); // Get file using file_get_contents $strResult = @file_get_contents($strURL, false, $strContext); // Error: Not possible to get remote file } else { $strResult = serialize(array('result' => 'error', 'message' => 'Remote access to Piwik not possible. Enable allow_url_fopen or CURL.')); } // Return result return $strResult; }
/** * Execute an API call * @todo Improve error handling * @param string $method The HTTP method * @param string $url The API endpoint * @param string $call The API method to call * @param array $additional Additional parameters * @return string|object stdClass */ public function fetch($method, $url, $call, array $additional = array()) { // Get the signed request URL $request = $this->getSignedRequest($method, $url, $call, $additional); // Initialise and execute a cURL request $handle = curl_init($request['url']); // Get the default options array $options = $this->defaultOptions; if (!UpdraftPlus_Options::get_updraft_option('updraft_ssl_useservercerts')) { $options[CURLOPT_CAINFO] = UPDRAFTPLUS_DIR . '/includes/cacert.pem'; } if (UpdraftPlus_Options::get_updraft_option('updraft_ssl_disableverify')) { $options[CURLOPT_SSL_VERIFYPEER] = false; } else { $options[CURLOPT_SSL_VERIFYPEER] = true; } if (!class_exists('WP_HTTP_Proxy')) { require_once ABSPATH . WPINC . '/class-http.php'; } $proxy = new WP_HTTP_Proxy(); if ($proxy->is_enabled()) { # WP_HTTP_Proxy returns empty strings if nothing is set $user = $proxy->username(); $pass = $proxy->password(); $host = $proxy->host(); $port = (int) $proxy->port(); if (empty($port)) { $port = 8080; } if (!empty($host) && $proxy->send_through_proxy($request['url'])) { $options[CURLOPT_PROXY] = $host; $options[CURLOPT_PROXYTYPE] = CURLPROXY_HTTP; $options[CURLOPT_PROXYPORT] = $port; if (!empty($user) && !empty($pass)) { $options[CURLOPT_PROXYAUTH] = CURLAUTH_ANY; $options[CURLOPT_PROXYUSERPWD] = sprintf('%s:%s', $user, $pass); } } } if (isset($request['headers'])) { $options[CURLOPT_HTTPHEADER] = $request['headers']; } /* Add check to see if it's an API v2 call if so then json encode the contents. This is so that it is backwards compatible with API v1 endpoints. */ if (isset($additional['api_v2']) && !empty($request['postfields'])) { $request['postfields'] = json_encode($request['postfields']); } if ($method == 'GET' && $this->outFile) { // GET $options[CURLOPT_RETURNTRANSFER] = false; $options[CURLOPT_HEADER] = false; $options[CURLOPT_FILE] = $this->outFile; $options[CURLOPT_BINARYTRANSFER] = true; $options[CURLOPT_FAILONERROR] = true; /* Not sure if this is used, keeping it here for backwards compatibility at the moment. With API v2 the headers are set in the $request they are set above if they are set. */ if (isset($additional['headers'])) { $options[CURLOPT_HTTPHEADER] = $additional['headers']; } $this->outFile = null; } elseif ($method == 'POST' && $this->outFile) { // POST $options[CURLOPT_POST] = true; $options[CURLOPT_RETURNTRANSFER] = false; $options[CURLOPT_HEADER] = false; $options[CURLOPT_FILE] = $this->outFile; $options[CURLOPT_BINARYTRANSFER] = true; $options[CURLOPT_FAILONERROR] = true; $this->outFile = null; } elseif ($method == 'POST' && $this->inFile) { // POST $options[CURLOPT_POST] = true; $options[CURLOPT_POSTFIELDS] = $this->inFile; } elseif ($method == 'POST') { // POST $options[CURLOPT_POST] = true; $options[CURLOPT_POSTFIELDS] = $request['postfields']; } elseif ($method == 'PUT' && $this->inFile) { // PUT $options[CURLOPT_PUT] = true; $options[CURLOPT_INFILE] = $this->inFile; // @todo Update so the data is not loaded into memory to get its size $options[CURLOPT_INFILESIZE] = strlen(stream_get_contents($this->inFile)); fseek($this->inFile, 0); $this->inFile = null; } // Set the cURL options at once curl_setopt_array($handle, $options); // Execute, get any error and close $response = curl_exec($handle); $error = curl_error($handle); $getinfo = curl_getinfo($handle); curl_close($handle); //Check if a cURL error has occured if ($response === false) { throw new Dropbox_CurlException($error); } else { // Parse the response if it is a string if (is_string($response)) { $response = $this->parse($response); } // Set the last response $this->lastResponse = $response; $code = !empty($response['code']) ? $response['code'] : $getinfo['http_code']; // The API doesn't return an error message for the 304 status code... // 304's are only returned when the path supplied during metadata calls has not been modified if ($code == 304) { $response['body'] = new stdClass(); $response['body']->error = 'The folder contents have not changed'; } // Check if an error occurred and throw an Exception if (!empty($response['body']->error)) { // Dropbox returns error messages inconsistently... if ($response['body']->error instanceof stdClass) { $array = array_values((array) $response['body']->error); //Dropbox API v2 only throws 409 errors if this error is a incorrect_offset then we need the entire error array not just the message. PHP Exception messages have to be a string so JSON encode the array. if (strpos($array[0], 'incorrect_offset') !== false) { $message = json_encode($array); } elseif (strpos($array[0], 'lookup_failed') !== false) { //re-structure the array so it is correctly formatted for API //Note: Dropbox v2 returns different errors at different stages hence this fix $correctOffset = array('0' => $array[1]->{'.tag'}, '1' => $array[1]->correct_offset); $message = json_encode($correctOffset); } else { $message = $array[0]; } } else { $message = $response['body']->error; } // Throw an Exception with the appropriate with the appropriate message and code switch ($code) { case 304: throw new Dropbox_NotModifiedException($message, 304); case 400: throw new Dropbox_BadRequestException($message, 400); case 404: throw new Dropbox_NotFoundException($message, 404); case 406: throw new Dropbox_NotAcceptableException($message, 406); case 415: throw new Dropbox_UnsupportedMediaTypeException($message, 415); case 401: //401 means oauth token is expired continue to manually handle the exception depending on the situation continue; case 409: //409 in API V2 every error will return with a 409 to find out what the error is the error description should be checked. throw new Dropbox_Exception($message, $code); default: throw new Dropbox_Exception($message, $code); } } return $response; } }
/** * Read and parse the content of the general settings template. * * @return string Parsed HTML code for the general settings panel. */ function sucuriscan_settings_general() { global $sucuriscan_emails_per_hour, $sucuriscan_maximum_failed_logins, $sucuriscan_verify_ssl_cert; // Check the nonce here to populate the value through other functions. $page_nonce = SucuriScanInterface::check_nonce(); // Process all form submissions. sucuriscan_settings_form_submissions($page_nonce); // Register the site, get its API key, and store it locally for future usage. $api_registered_modal = ''; // Whether the form to manually add the API key should be shown or not. $display_manual_key_form = (bool) (SucuriScanRequest::post(':recover_key') !== false); if ($page_nonce && SucuriScanRequest::post(':plugin_api_key') !== false) { $registered = SucuriScanAPI::register_site(); if ($registered) { $api_registered_modal = SucuriScanTemplate::get_modal('settings-apiregistered', array('Title' => 'Site registered successfully', 'CssClass' => 'sucuriscan-apikey-registered')); } else { $display_manual_key_form = true; } } // Get initial variables to decide some things bellow. $api_key = SucuriScanAPI::get_plugin_key(); $emails_per_hour = SucuriScanOption::get_option(':emails_per_hour'); $maximum_failed_logins = SucuriScanOption::get_option(':maximum_failed_logins'); $verify_ssl_cert = SucuriScanOption::get_option(':verify_ssl_cert'); $audit_report = SucuriScanOption::get_option(':audit_report'); $logs4report = SucuriScanOption::get_option(':logs4report'); $revproxy = SucuriScanOption::get_option(':revproxy'); $invalid_domain = false; // Check whether the domain name is valid or not. if (!$api_key) { $clean_domain = SucuriScan::get_top_level_domain(); $domain_address = @gethostbyname($clean_domain); $invalid_domain = $domain_address == $clean_domain ? true : false; } // Generate the HTML code for the option list in the form select fields. $emails_per_hour_options = SucuriScanTemplate::get_select_options($sucuriscan_emails_per_hour, $emails_per_hour); $maximum_failed_logins_options = SucuriScanTemplate::get_select_options($sucuriscan_maximum_failed_logins, $maximum_failed_logins); $verify_ssl_cert_options = SucuriScanTemplate::get_select_options($sucuriscan_verify_ssl_cert, $verify_ssl_cert); $template_variables = array('APIKey' => !$api_key ? '<em>(not set)</em>' : $api_key, 'APIKey.RecoverVisibility' => SucuriScanTemplate::visibility(!$api_key && !$display_manual_key_form), 'APIKey.ManualKeyFormVisibility' => SucuriScanTemplate::visibility($display_manual_key_form), 'APIKey.RemoveVisibility' => SucuriScanTemplate::visibility((bool) $api_key), 'InvalidDomainVisibility' => SucuriScanTemplate::visibility($invalid_domain), 'NotifyTo' => SucuriScanOption::get_option(':notify_to'), 'EmailsPerHour' => 'Undefined', 'EmailsPerHourOptions' => $emails_per_hour_options, 'MaximumFailedLogins' => 'Undefined', 'MaximumFailedLoginsOptions' => $maximum_failed_logins_options, 'VerifySSLCert' => 'Undefined', 'VerifySSLCertOptions' => $verify_ssl_cert_options, 'RequestTimeout' => SucuriScanOption::get_option(':request_timeout') . ' seconds', 'DatastorePath' => SucuriScanOption::get_option(':datastore_path'), 'CollectWrongPasswords' => 'No collect passwords', 'ModalWhenAPIRegistered' => $api_registered_modal, 'AuditReportStatus' => 'Enabled', 'AuditReportSwitchText' => 'Disable', 'AuditReportSwitchValue' => 'disable', 'AuditReportSwitchCssClass' => 'button-danger', 'AuditReportLimit' => $logs4report, 'ReverseProxyStatus' => 'Enabled', 'ReverseProxySwitchText' => 'Disable', 'ReverseProxySwitchValue' => 'disable', 'ReverseProxySwitchCssClass' => 'button-danger', 'APIProxy.Host' => 'n/a', 'APIProxy.Port' => 'n/a', 'APIProxy.Username' => 'n/a', 'APIProxy.Password' => 'n/a', 'APIProxy.PasswordType' => 'default', 'APIProxy.PasswordText' => 'empty'); if (array_key_exists($emails_per_hour, $sucuriscan_emails_per_hour)) { $template_variables['EmailsPerHour'] = $sucuriscan_emails_per_hour[$emails_per_hour]; } if (array_key_exists($maximum_failed_logins, $sucuriscan_maximum_failed_logins)) { $template_variables['MaximumFailedLogins'] = $sucuriscan_maximum_failed_logins[$maximum_failed_logins]; } if (array_key_exists($verify_ssl_cert, $sucuriscan_verify_ssl_cert)) { $template_variables['VerifySSLCert'] = $sucuriscan_verify_ssl_cert[$verify_ssl_cert]; } if ($audit_report == 'disabled') { $template_variables['AuditReportStatus'] = 'Disabled'; $template_variables['AuditReportSwitchText'] = 'Enable'; $template_variables['AuditReportSwitchValue'] = 'enable'; $template_variables['AuditReportSwitchCssClass'] = 'button-success'; } if ($revproxy == 'disabled') { $template_variables['ReverseProxyStatus'] = 'Disabled'; $template_variables['ReverseProxySwitchText'] = 'Enable'; $template_variables['ReverseProxySwitchValue'] = 'enable'; $template_variables['ReverseProxySwitchCssClass'] = 'button-success'; } if (sucuriscan_collect_wrong_passwords() === true) { $template_variables['CollectWrongPasswords'] = '<span class="sucuriscan-label-error">Yes, collect passwords</span>'; } // Determine if the API calls with pass through a proxy or not. if (class_exists('WP_HTTP_Proxy')) { $wp_http_proxy = new WP_HTTP_Proxy(); if ($wp_http_proxy->is_enabled()) { $proxy_host = SucuriScan::escape($wp_http_proxy->host()); $proxy_port = SucuriScan::escape($wp_http_proxy->port()); $proxy_username = SucuriScan::escape($wp_http_proxy->username()); $proxy_password = SucuriScan::escape($wp_http_proxy->password()); $template_variables['APIProxy.Host'] = $proxy_host; $template_variables['APIProxy.Port'] = $proxy_port; $template_variables['APIProxy.Username'] = $proxy_username; $template_variables['APIProxy.Password'] = $proxy_password; $template_variables['APIProxy.PasswordType'] = 'info'; $template_variables['APIProxy.PasswordText'] = 'hidden'; } } return SucuriScanTemplate::get_section('settings-general', $template_variables); }