[ Index ]

PHP Cross Reference of WordPress

title

Body

[close]

/wp-admin/includes/ -> class-wp-site-health-auto-updates.php (source)

   1  <?php
   2  /**
   3   * Class for testing automatic updates in the WordPress code.
   4   *
   5   * @package WordPress
   6   * @subpackage Site_Health
   7   * @since 5.2.0
   8   */
   9  
  10  class WP_Site_Health_Auto_Updates {
  11      /**
  12       * WP_Site_Health_Auto_Updates constructor.
  13       *
  14       * @since 5.2.0
  15       */
  16  	public function __construct() {
  17          require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
  18      }
  19  
  20  
  21      /**
  22       * Run tests to determine if auto-updates can run.
  23       *
  24       * @since 5.2.0
  25       *
  26       * @return array The test results.
  27       */
  28  	public function run_tests() {
  29          $tests = array(
  30              $this->test_constants( 'WP_AUTO_UPDATE_CORE', array( true, 'minor' ) ),
  31              $this->test_wp_version_check_attached(),
  32              $this->test_filters_automatic_updater_disabled(),
  33              $this->test_wp_automatic_updates_disabled(),
  34              $this->test_if_failed_update(),
  35              $this->test_vcs_abspath(),
  36              $this->test_check_wp_filesystem_method(),
  37              $this->test_all_files_writable(),
  38              $this->test_accepts_dev_updates(),
  39              $this->test_accepts_minor_updates(),
  40          );
  41  
  42          $tests = array_filter( $tests );
  43          $tests = array_map(
  44              function( $test ) {
  45                  $test = (object) $test;
  46  
  47                  if ( empty( $test->severity ) ) {
  48                      $test->severity = 'warning';
  49                  }
  50  
  51                  return $test;
  52              },
  53              $tests
  54          );
  55  
  56          return $tests;
  57      }
  58  
  59      /**
  60       * Test if auto-updates related constants are set correctly.
  61       *
  62       * @since 5.2.0
  63       * @since 5.5.1 The `$value` parameter can accept an array.
  64       *
  65       * @param string $constant         The name of the constant to check.
  66       * @param bool|string|array $value The value that the constant should be, if set,
  67       *                                 or an array of acceptable values.
  68       * @return array The test results.
  69       */
  70  	public function test_constants( $constant, $value ) {
  71          $acceptable_values = (array) $value;
  72  
  73          if ( defined( $constant ) && ! in_array( constant( $constant ), $acceptable_values, true ) ) {
  74              return array(
  75                  'description' => sprintf(
  76                      /* translators: %s: Name of the constant used. */
  77                      __( 'The %s constant is defined and enabled.' ),
  78                      "<code>$constant</code>"
  79                  ),
  80                  'severity'    => 'fail',
  81              );
  82          }
  83      }
  84  
  85      /**
  86       * Check if updates are intercepted by a filter.
  87       *
  88       * @since 5.2.0
  89       *
  90       * @return array The test results.
  91       */
  92  	public function test_wp_version_check_attached() {
  93          if ( ! is_main_site() ) {
  94              return;
  95          }
  96  
  97          $cookies = wp_unslash( $_COOKIE );
  98          $timeout = 10;
  99          $headers = array(
 100              'Cache-Control' => 'no-cache',
 101          );
 102          /** This filter is documented in wp-includes/class-wp-http-streams.php */
 103          $sslverify = apply_filters( 'https_local_ssl_verify', false );
 104  
 105          // Include Basic auth in loopback requests.
 106          if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
 107              $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
 108          }
 109  
 110          $url = add_query_arg(
 111              array(
 112                  'health-check-test-wp_version_check' => true,
 113              ),
 114              admin_url( 'site-health.php' )
 115          );
 116  
 117          $test = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
 118  
 119          if ( is_wp_error( $test ) ) {
 120              return array(
 121                  'description' => sprintf(
 122                      /* translators: %s: Name of the filter used. */
 123                      __( 'Could not confirm that the %s filter is available.' ),
 124                      '<code>wp_version_check()</code>'
 125                  ),
 126                  'severity'    => 'warning',
 127              );
 128          }
 129  
 130          $response = wp_remote_retrieve_body( $test );
 131  
 132          if ( 'yes' !== $response ) {
 133              return array(
 134                  'description' => sprintf(
 135                      /* translators: %s: Name of the filter used. */
 136                      __( 'A plugin has prevented updates by disabling %s.' ),
 137                      '<code>wp_version_check()</code>'
 138                  ),
 139                  'severity'    => 'fail',
 140              );
 141          }
 142      }
 143  
 144      /**
 145       * Check if automatic updates are disabled by a filter.
 146       *
 147       * @since 5.2.0
 148       *
 149       * @return array The test results.
 150       */
 151  	public function test_filters_automatic_updater_disabled() {
 152          /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */
 153          if ( apply_filters( 'automatic_updater_disabled', false ) ) {
 154              return array(
 155                  'description' => sprintf(
 156                      /* translators: %s: Name of the filter used. */
 157                      __( 'The %s filter is enabled.' ),
 158                      '<code>automatic_updater_disabled</code>'
 159                  ),
 160                  'severity'    => 'fail',
 161              );
 162          }
 163      }
 164  
 165      /**
 166       * Check if automatic updates are disabled.
 167       *
 168       * @since 5.3.0
 169       *
 170       * @return array|bool The test results. False if auto-updates are enabled.
 171       */
 172  	public function test_wp_automatic_updates_disabled() {
 173          if ( ! class_exists( 'WP_Automatic_Updater' ) ) {
 174              require_once ABSPATH . 'wp-admin/includes/class-wp-automatic-updater.php';
 175          }
 176  
 177          $auto_updates = new WP_Automatic_Updater();
 178  
 179          if ( ! $auto_updates->is_disabled() ) {
 180              return false;
 181          }
 182  
 183          return array(
 184              'description' => __( 'All automatic updates are disabled.' ),
 185              'severity'    => 'fail',
 186          );
 187      }
 188  
 189      /**
 190       * Check if automatic updates have tried to run, but failed, previously.
 191       *
 192       * @since 5.2.0
 193       *
 194       * @return array|bool The test results. False if the auto-updates failed.
 195       */
 196  	function test_if_failed_update() {
 197          $failed = get_site_option( 'auto_core_update_failed' );
 198  
 199          if ( ! $failed ) {
 200              return false;
 201          }
 202  
 203          if ( ! empty( $failed['critical'] ) ) {
 204              $description  = __( 'A previous automatic background update ended with a critical failure, so updates are now disabled.' );
 205              $description .= ' ' . __( 'You would have received an email because of this.' );
 206              $description .= ' ' . __( "When you've been able to update using the \"Update Now\" button on Dashboard > Updates, we'll clear this error for future update attempts." );
 207              $description .= ' ' . sprintf(
 208                  /* translators: %s: Code of error shown. */
 209                  __( 'The error code was %s.' ),
 210                  '<code>' . $failed['error_code'] . '</code>'
 211              );
 212              return array(
 213                  'description' => $description,
 214                  'severity'    => 'warning',
 215              );
 216          }
 217  
 218          $description = __( 'A previous automatic background update could not occur.' );
 219          if ( empty( $failed['retry'] ) ) {
 220              $description .= ' ' . __( 'You would have received an email because of this.' );
 221          }
 222  
 223          $description .= ' ' . __( "We'll try again with the next release." );
 224          $description .= ' ' . sprintf(
 225              /* translators: %s: Code of error shown. */
 226              __( 'The error code was %s.' ),
 227              '<code>' . $failed['error_code'] . '</code>'
 228          );
 229          return array(
 230              'description' => $description,
 231              'severity'    => 'warning',
 232          );
 233      }
 234  
 235      /**
 236       * Check if WordPress is controlled by a VCS (Git, Subversion etc).
 237       *
 238       * @since 5.2.0
 239       *
 240       * @return array The test results.
 241       */
 242  	public function test_vcs_abspath() {
 243          $context_dirs = array( ABSPATH );
 244          $vcs_dirs     = array( '.svn', '.git', '.hg', '.bzr' );
 245          $check_dirs   = array();
 246  
 247          foreach ( $context_dirs as $context_dir ) {
 248              // Walk up from $context_dir to the root.
 249              do {
 250                  $check_dirs[] = $context_dir;
 251  
 252                  // Once we've hit '/' or 'C:\', we need to stop. dirname will keep returning the input here.
 253                  if ( dirname( $context_dir ) === $context_dir ) {
 254                      break;
 255                  }
 256  
 257                  // Continue one level at a time.
 258              } while ( $context_dir = dirname( $context_dir ) );
 259          }
 260  
 261          $check_dirs = array_unique( $check_dirs );
 262  
 263          // Search all directories we've found for evidence of version control.
 264          foreach ( $vcs_dirs as $vcs_dir ) {
 265              foreach ( $check_dirs as $check_dir ) {
 266                  // phpcs:ignore
 267                  if ( $checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" ) ) {
 268                      break 2;
 269                  }
 270              }
 271          }
 272  
 273          /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */
 274          if ( $checkout && ! apply_filters( 'automatic_updates_is_vcs_checkout', true, ABSPATH ) ) {
 275              return array(
 276                  'description' => sprintf(
 277                      /* translators: 1: Folder name. 2: Version control directory. 3: Filter name. */
 278                      __( 'The folder %1$s was detected as being under version control (%2$s), but the %3$s filter is allowing updates.' ),
 279                      '<code>' . $check_dir . '</code>',
 280                      "<code>$vcs_dir</code>",
 281                      '<code>automatic_updates_is_vcs_checkout</code>'
 282                  ),
 283                  'severity'    => 'info',
 284              );
 285          }
 286  
 287          if ( $checkout ) {
 288              return array(
 289                  'description' => sprintf(
 290                      /* translators: 1: Folder name. 2: Version control directory. */
 291                      __( 'The folder %1$s was detected as being under version control (%2$s).' ),
 292                      '<code>' . $check_dir . '</code>',
 293                      "<code>$vcs_dir</code>"
 294                  ),
 295                  'severity'    => 'warning',
 296              );
 297          }
 298  
 299          return array(
 300              'description' => __( 'No version control systems were detected.' ),
 301              'severity'    => 'pass',
 302          );
 303      }
 304  
 305      /**
 306       * Check if we can access files without providing credentials.
 307       *
 308       * @since 5.2.0
 309       *
 310       * @return array The test results.
 311       */
 312  	function test_check_wp_filesystem_method() {
 313          $skin    = new Automatic_Upgrader_Skin;
 314          $success = $skin->request_filesystem_credentials( false, ABSPATH );
 315  
 316          if ( ! $success ) {
 317              $description  = __( 'Your installation of WordPress prompts for FTP credentials to perform updates.' );
 318              $description .= ' ' . __( '(Your site is performing updates over FTP due to file ownership. Talk to your hosting company.)' );
 319  
 320              return array(
 321                  'description' => $description,
 322                  'severity'    => 'fail',
 323              );
 324          }
 325  
 326          return array(
 327              'description' => __( "Your installation of WordPress doesn't require FTP credentials to perform updates." ),
 328              'severity'    => 'pass',
 329          );
 330      }
 331  
 332      /**
 333       * Check if core files are writable by the web user/group.
 334       *
 335       * @since 5.2.0
 336       *
 337       * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
 338       *
 339       * @return array|bool The test results. False if they're not writeable.
 340       */
 341  	function test_all_files_writable() {
 342          global $wp_filesystem;
 343  
 344          require  ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z
 345  
 346          $skin    = new Automatic_Upgrader_Skin;
 347          $success = $skin->request_filesystem_credentials( false, ABSPATH );
 348  
 349          if ( ! $success ) {
 350              return false;
 351          }
 352  
 353          WP_Filesystem();
 354  
 355          if ( 'direct' !== $wp_filesystem->method ) {
 356              return false;
 357          }
 358  
 359          $checksums = get_core_checksums( $wp_version, 'en_US' );
 360          $dev       = ( false !== strpos( $wp_version, '-' ) );
 361          // Get the last stable version's files and test against that.
 362          if ( ! $checksums && $dev ) {
 363              $checksums = get_core_checksums( (float) $wp_version - 0.1, 'en_US' );
 364          }
 365  
 366          // There aren't always checksums for development releases, so just skip the test if we still can't find any.
 367          if ( ! $checksums && $dev ) {
 368              return false;
 369          }
 370  
 371          if ( ! $checksums ) {
 372              $description = sprintf(
 373                  /* translators: %s: WordPress version. */
 374                  __( "Couldn't retrieve a list of the checksums for WordPress %s." ),
 375                  $wp_version
 376              );
 377              $description .= ' ' . __( 'This could mean that connections are failing to WordPress.org.' );
 378              return array(
 379                  'description' => $description,
 380                  'severity'    => 'warning',
 381              );
 382          }
 383  
 384          $unwritable_files = array();
 385          foreach ( array_keys( $checksums ) as $file ) {
 386              if ( 'wp-content' === substr( $file, 0, 10 ) ) {
 387                  continue;
 388              }
 389              if ( ! file_exists( ABSPATH . $file ) ) {
 390                  continue;
 391              }
 392              if ( ! is_writable( ABSPATH . $file ) ) {
 393                  $unwritable_files[] = $file;
 394              }
 395          }
 396  
 397          if ( $unwritable_files ) {
 398              if ( count( $unwritable_files ) > 20 ) {
 399                  $unwritable_files   = array_slice( $unwritable_files, 0, 20 );
 400                  $unwritable_files[] = '...';
 401              }
 402              return array(
 403                  'description' => __( 'Some files are not writable by WordPress:' ) . ' <ul><li>' . implode( '</li><li>', $unwritable_files ) . '</li></ul>',
 404                  'severity'    => 'fail',
 405              );
 406          } else {
 407              return array(
 408                  'description' => __( 'All of your WordPress files are writable.' ),
 409                  'severity'    => 'pass',
 410              );
 411          }
 412      }
 413  
 414      /**
 415       * Check if the install is using a development branch and can use nightly packages.
 416       *
 417       * @since 5.2.0
 418       *
 419       * @return array|bool The test results. False if it isn't a development version.
 420       */
 421  	function test_accepts_dev_updates() {
 422          require  ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z
 423          // Only for dev versions.
 424          if ( false === strpos( $wp_version, '-' ) ) {
 425              return false;
 426          }
 427  
 428          if ( defined( 'WP_AUTO_UPDATE_CORE' ) && ( 'minor' === WP_AUTO_UPDATE_CORE || false === WP_AUTO_UPDATE_CORE ) ) {
 429              return array(
 430                  'description' => sprintf(
 431                      /* translators: %s: Name of the constant used. */
 432                      __( 'WordPress development updates are blocked by the %s constant.' ),
 433                      '<code>WP_AUTO_UPDATE_CORE</code>'
 434                  ),
 435                  'severity'    => 'fail',
 436              );
 437          }
 438  
 439          /** This filter is documented in wp-admin/includes/class-core-upgrader.php */
 440          if ( ! apply_filters( 'allow_dev_auto_core_updates', $wp_version ) ) {
 441              return array(
 442                  'description' => sprintf(
 443                      /* translators: %s: Name of the filter used. */
 444                      __( 'WordPress development updates are blocked by the %s filter.' ),
 445                      '<code>allow_dev_auto_core_updates</code>'
 446                  ),
 447                  'severity'    => 'fail',
 448              );
 449          }
 450      }
 451  
 452      /**
 453       * Check if the site supports automatic minor updates.
 454       *
 455       * @since 5.2.0
 456       *
 457       * @return array The test results.
 458       */
 459  	function test_accepts_minor_updates() {
 460          if ( defined( 'WP_AUTO_UPDATE_CORE' ) && false === WP_AUTO_UPDATE_CORE ) {
 461              return array(
 462                  'description' => sprintf(
 463                      /* translators: %s: Name of the constant used. */
 464                      __( 'WordPress security and maintenance releases are blocked by %s.' ),
 465                      "<code>define( 'WP_AUTO_UPDATE_CORE', false );</code>"
 466                  ),
 467                  'severity'    => 'fail',
 468              );
 469          }
 470  
 471          /** This filter is documented in wp-admin/includes/class-core-upgrader.php */
 472          if ( ! apply_filters( 'allow_minor_auto_core_updates', true ) ) {
 473              return array(
 474                  'description' => sprintf(
 475                      /* translators: %s: Name of the filter used. */
 476                      __( 'WordPress security and maintenance releases are blocked by the %s filter.' ),
 477                      '<code>allow_minor_auto_core_updates</code>'
 478                  ),
 479                  'severity'    => 'fail',
 480              );
 481          }
 482      }
 483  }


Generated: Sat Sep 26 01:00:03 2020 Cross-referenced by PHPXref 0.7.1