[ Index ]

PHP Cross Reference of WordPress

title

Body

[close]

/wp-admin/includes/ -> class-wp-site-health.php (source)

   1  <?php
   2  /**
   3   * Class for looking up a site's health based on a user's WordPress environment.
   4   *
   5   * @package WordPress
   6   * @subpackage Site_Health
   7   * @since 5.2.0
   8   */
   9  
  10  class WP_Site_Health {
  11      private static $instance = null;
  12  
  13      private $mysql_min_version_check;
  14      private $mysql_rec_version_check;
  15  
  16      public $is_mariadb                           = false;
  17      private $mysql_server_version                = '';
  18      private $health_check_mysql_required_version = '5.5';
  19      private $health_check_mysql_rec_version      = '';
  20  
  21      public $php_memory_limit;
  22  
  23      public $schedules;
  24      public $crons;
  25      public $last_missed_cron     = null;
  26      public $last_late_cron       = null;
  27      private $timeout_missed_cron = null;
  28      private $timeout_late_cron   = null;
  29  
  30      /**
  31       * WP_Site_Health constructor.
  32       *
  33       * @since 5.2.0
  34       */
  35  	public function __construct() {
  36          $this->maybe_create_scheduled_event();
  37  
  38          // Save memory limit before it's affected by wp_raise_memory_limit( 'admin' ).
  39          $this->php_memory_limit = ini_get( 'memory_limit' );
  40  
  41          $this->timeout_late_cron   = 0;
  42          $this->timeout_missed_cron = - 5 * MINUTE_IN_SECONDS;
  43  
  44          if ( defined( 'DISABLE_WP_CRON' ) && DISABLE_WP_CRON ) {
  45              $this->timeout_late_cron   = - 15 * MINUTE_IN_SECONDS;
  46              $this->timeout_missed_cron = - 1 * HOUR_IN_SECONDS;
  47          }
  48  
  49          add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
  50  
  51          add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) );
  52          add_action( 'wp_site_health_scheduled_check', array( $this, 'wp_cron_scheduled_check' ) );
  53      }
  54  
  55      /**
  56       * Return an instance of the WP_Site_Health class, or create one if none exist yet.
  57       *
  58       * @since 5.4.0
  59       *
  60       * @return WP_Site_Health|null
  61       */
  62  	public static function get_instance() {
  63          if ( null === self::$instance ) {
  64              self::$instance = new WP_Site_Health();
  65          }
  66  
  67          return self::$instance;
  68      }
  69  
  70      /**
  71       * Enqueues the site health scripts.
  72       *
  73       * @since 5.2.0
  74       */
  75  	public function enqueue_scripts() {
  76          $screen = get_current_screen();
  77          if ( 'site-health' !== $screen->id && 'dashboard' !== $screen->id ) {
  78              return;
  79          }
  80  
  81          $health_check_js_variables = array(
  82              'screen'      => $screen->id,
  83              'nonce'       => array(
  84                  'site_status'        => wp_create_nonce( 'health-check-site-status' ),
  85                  'site_status_result' => wp_create_nonce( 'health-check-site-status-result' ),
  86              ),
  87              'site_status' => array(
  88                  'direct' => array(),
  89                  'async'  => array(),
  90                  'issues' => array(
  91                      'good'        => 0,
  92                      'recommended' => 0,
  93                      'critical'    => 0,
  94                  ),
  95              ),
  96          );
  97  
  98          $issue_counts = get_transient( 'health-check-site-status-result' );
  99  
 100          if ( false !== $issue_counts ) {
 101              $issue_counts = json_decode( $issue_counts );
 102  
 103              $health_check_js_variables['site_status']['issues'] = $issue_counts;
 104          }
 105  
 106          if ( 'site-health' === $screen->id && ! isset( $_GET['tab'] ) ) {
 107              $tests = WP_Site_Health::get_tests();
 108  
 109              // Don't run https test on localhost.
 110              if ( 'localhost' === preg_replace( '|https?://|', '', get_site_url() ) ) {
 111                  unset( $tests['direct']['https_status'] );
 112              }
 113  
 114              foreach ( $tests['direct'] as $test ) {
 115                  if ( is_string( $test['test'] ) ) {
 116                      $test_function = sprintf(
 117                          'get_test_%s',
 118                          $test['test']
 119                      );
 120  
 121                      if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) {
 122                          $health_check_js_variables['site_status']['direct'][] = $this->perform_test( array( $this, $test_function ) );
 123                          continue;
 124                      }
 125                  }
 126  
 127                  if ( is_callable( $test['test'] ) ) {
 128                      $health_check_js_variables['site_status']['direct'][] = $this->perform_test( $test['test'] );
 129                  }
 130              }
 131  
 132              foreach ( $tests['async'] as $test ) {
 133                  if ( is_string( $test['test'] ) ) {
 134                      $health_check_js_variables['site_status']['async'][] = array(
 135                          'test'      => $test['test'],
 136                          'completed' => false,
 137                      );
 138                  }
 139              }
 140          }
 141  
 142          wp_localize_script( 'site-health', 'SiteHealth', $health_check_js_variables );
 143      }
 144  
 145      /**
 146       * Run a Site Health test directly.
 147       *
 148       * @since 5.4.0
 149       *
 150       * @param callable $callback
 151       * @return mixed|void
 152       */
 153  	private function perform_test( $callback ) {
 154          /**
 155           * Filters the output of a finished Site Health test.
 156           *
 157           * @since 5.3.0
 158           *
 159           * @param array $test_result {
 160           *     An associative array of test result data.
 161           *
 162           *     @type string $label       A label describing the test, and is used as a header in the output.
 163           *     @type string $status      The status of the test, which can be a value of `good`, `recommended` or `critical`.
 164           *     @type array  $badge {
 165           *         Tests are put into categories which have an associated badge shown, these can be modified and assigned here.
 166           *
 167           *         @type string $label The test label, for example `Performance`.
 168           *         @type string $color Default `blue`. A string representing a color to use for the label.
 169           *     }
 170           *     @type string $description A more descriptive explanation of what the test looks for, and why it is important for the end user.
 171           *     @type string $actions     An action to direct the user to where they can resolve the issue, if one exists.
 172           *     @type string $test        The name of the test being ran, used as a reference point.
 173           * }
 174           */
 175          return apply_filters( 'site_status_test_result', call_user_func( $callback ) );
 176      }
 177  
 178      /**
 179       * Run the SQL version checks.
 180       *
 181       * These values are used in later tests, but the part of preparing them is more easily managed
 182       * early in the class for ease of access and discovery.
 183       *
 184       * @since 5.2.0
 185       *
 186       * @global wpdb $wpdb WordPress database abstraction object.
 187       */
 188  	private function prepare_sql_data() {
 189          global $wpdb;
 190  
 191          if ( $wpdb->use_mysqli ) {
 192              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_server_info
 193              $mysql_server_type = mysqli_get_server_info( $wpdb->dbh );
 194          } else {
 195              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_server_info,PHPCompatibility.Extensions.RemovedExtensions.mysql_DeprecatedRemoved
 196              $mysql_server_type = mysql_get_server_info( $wpdb->dbh );
 197          }
 198  
 199          $this->mysql_server_version = $wpdb->get_var( 'SELECT VERSION()' );
 200  
 201          $this->health_check_mysql_rec_version = '5.6';
 202  
 203          if ( stristr( $mysql_server_type, 'mariadb' ) ) {
 204              $this->is_mariadb                     = true;
 205              $this->health_check_mysql_rec_version = '10.0';
 206          }
 207  
 208          $this->mysql_min_version_check = version_compare( '5.5', $this->mysql_server_version, '<=' );
 209          $this->mysql_rec_version_check = version_compare( $this->health_check_mysql_rec_version, $this->mysql_server_version, '<=' );
 210      }
 211  
 212      /**
 213       * Test if `wp_version_check` is blocked.
 214       *
 215       * It's possible to block updates with the `wp_version_check` filter, but this can't be checked
 216       * during an Ajax call, as the filter is never introduced then.
 217       *
 218       * This filter overrides a standard page request if it's made by an admin through the Ajax call
 219       * with the right query argument to check for this.
 220       *
 221       * @since 5.2.0
 222       */
 223  	public function check_wp_version_check_exists() {
 224          if ( ! is_admin() || ! is_user_logged_in() || ! current_user_can( 'update_core' ) || ! isset( $_GET['health-check-test-wp_version_check'] ) ) {
 225              return;
 226          }
 227  
 228          echo ( has_filter( 'wp_version_check', 'wp_version_check' ) ? 'yes' : 'no' );
 229  
 230          die();
 231      }
 232  
 233      /**
 234       * Tests for WordPress version and outputs it.
 235       *
 236       * Gives various results depending on what kind of updates are available, if any, to encourage
 237       * the user to install security updates as a priority.
 238       *
 239       * @since 5.2.0
 240       *
 241       * @return array The test result.
 242       */
 243  	public function get_test_wordpress_version() {
 244          $result = array(
 245              'label'       => '',
 246              'status'      => '',
 247              'badge'       => array(
 248                  'label' => __( 'Performance' ),
 249                  'color' => 'blue',
 250              ),
 251              'description' => '',
 252              'actions'     => '',
 253              'test'        => 'wordpress_version',
 254          );
 255  
 256          $core_current_version = get_bloginfo( 'version' );
 257          $core_updates         = get_core_updates();
 258  
 259          if ( ! is_array( $core_updates ) ) {
 260              $result['status'] = 'recommended';
 261  
 262              $result['label'] = sprintf(
 263                  /* translators: %s: Your current version of WordPress. */
 264                  __( 'WordPress version %s' ),
 265                  $core_current_version
 266              );
 267  
 268              $result['description'] = sprintf(
 269                  '<p>%s</p>',
 270                  __( 'We were unable to check if any new versions of WordPress are available.' )
 271              );
 272  
 273              $result['actions'] = sprintf(
 274                  '<a href="%s">%s</a>',
 275                  esc_url( admin_url( 'update-core.php?force-check=1' ) ),
 276                  __( 'Check for updates manually' )
 277              );
 278          } else {
 279              foreach ( $core_updates as $core => $update ) {
 280                  if ( 'upgrade' === $update->response ) {
 281                      $current_version = explode( '.', $core_current_version );
 282                      $new_version     = explode( '.', $update->version );
 283  
 284                      $current_major = $current_version[0] . '.' . $current_version[1];
 285                      $new_major     = $new_version[0] . '.' . $new_version[1];
 286  
 287                      $result['label'] = sprintf(
 288                          /* translators: %s: The latest version of WordPress available. */
 289                          __( 'WordPress update available (%s)' ),
 290                          $update->version
 291                      );
 292  
 293                      $result['actions'] = sprintf(
 294                          '<a href="%s">%s</a>',
 295                          esc_url( admin_url( 'update-core.php' ) ),
 296                          __( 'Install the latest version of WordPress' )
 297                      );
 298  
 299                      if ( $current_major !== $new_major ) {
 300                          // This is a major version mismatch.
 301                          $result['status']      = 'recommended';
 302                          $result['description'] = sprintf(
 303                              '<p>%s</p>',
 304                              __( 'A new version of WordPress is available.' )
 305                          );
 306                      } else {
 307                          // This is a minor version, sometimes considered more critical.
 308                          $result['status']         = 'critical';
 309                          $result['badge']['label'] = __( 'Security' );
 310                          $result['description']    = sprintf(
 311                              '<p>%s</p>',
 312                              __( 'A new minor update is available for your site. Because minor updates often address security, it&#8217;s important to install them.' )
 313                          );
 314                      }
 315                  } else {
 316                      $result['status'] = 'good';
 317                      $result['label']  = sprintf(
 318                          /* translators: %s: The current version of WordPress installed on this site. */
 319                          __( 'Your version of WordPress (%s) is up to date' ),
 320                          $core_current_version
 321                      );
 322  
 323                      $result['description'] = sprintf(
 324                          '<p>%s</p>',
 325                          __( 'You are currently running the latest version of WordPress available, keep it up!' )
 326                      );
 327                  }
 328              }
 329          }
 330  
 331          return $result;
 332      }
 333  
 334      /**
 335       * Test if plugins are outdated, or unnecessary.
 336       *
 337       * The tests checks if your plugins are up to date, and encourages you to remove any
 338       * that are not in use.
 339       *
 340       * @since 5.2.0
 341       *
 342       * @return array The test result.
 343       */
 344  	public function get_test_plugin_version() {
 345          $result = array(
 346              'label'       => __( 'Your plugins are all up to date' ),
 347              'status'      => 'good',
 348              'badge'       => array(
 349                  'label' => __( 'Security' ),
 350                  'color' => 'blue',
 351              ),
 352              'description' => sprintf(
 353                  '<p>%s</p>',
 354                  __( 'Plugins extend your site&#8217;s functionality with things like contact forms, ecommerce and much more. That means they have deep access to your site, so it&#8217;s vital to keep them up to date.' )
 355              ),
 356              'actions'     => sprintf(
 357                  '<p><a href="%s">%s</a></p>',
 358                  esc_url( admin_url( 'plugins.php' ) ),
 359                  __( 'Manage your plugins' )
 360              ),
 361              'test'        => 'plugin_version',
 362          );
 363  
 364          $plugins        = get_plugins();
 365          $plugin_updates = get_plugin_updates();
 366  
 367          $plugins_have_updates = false;
 368          $plugins_active       = 0;
 369          $plugins_total        = 0;
 370          $plugins_need_update  = 0;
 371  
 372          // Loop over the available plugins and check their versions and active state.
 373          foreach ( $plugins as $plugin_path => $plugin ) {
 374              $plugins_total++;
 375  
 376              if ( is_plugin_active( $plugin_path ) ) {
 377                  $plugins_active++;
 378              }
 379  
 380              $plugin_version = $plugin['Version'];
 381  
 382              if ( array_key_exists( $plugin_path, $plugin_updates ) ) {
 383                  $plugins_need_update++;
 384                  $plugins_have_updates = true;
 385              }
 386          }
 387  
 388          // Add a notice if there are outdated plugins.
 389          if ( $plugins_need_update > 0 ) {
 390              $result['status'] = 'critical';
 391  
 392              $result['label'] = __( 'You have plugins waiting to be updated' );
 393  
 394              $result['description'] .= sprintf(
 395                  '<p>%s</p>',
 396                  sprintf(
 397                      /* translators: %d: The number of outdated plugins. */
 398                      _n(
 399                          'Your site has %d plugin waiting to be updated.',
 400                          'Your site has %d plugins waiting to be updated.',
 401                          $plugins_need_update
 402                      ),
 403                      $plugins_need_update
 404                  )
 405              );
 406  
 407              $result['actions'] .= sprintf(
 408                  '<p><a href="%s">%s</a></p>',
 409                  esc_url( network_admin_url( 'plugins.php?plugin_status=upgrade' ) ),
 410                  __( 'Update your plugins' )
 411              );
 412          } else {
 413              if ( 1 === $plugins_active ) {
 414                  $result['description'] .= sprintf(
 415                      '<p>%s</p>',
 416                      __( 'Your site has 1 active plugin, and it is up to date.' )
 417                  );
 418              } else {
 419                  $result['description'] .= sprintf(
 420                      '<p>%s</p>',
 421                      sprintf(
 422                          /* translators: %d: The number of active plugins. */
 423                          _n(
 424                              'Your site has %d active plugin, and it is up to date.',
 425                              'Your site has %d active plugins, and they are all up to date.',
 426                              $plugins_active
 427                          ),
 428                          $plugins_active
 429                      )
 430                  );
 431              }
 432          }
 433  
 434          // Check if there are inactive plugins.
 435          if ( $plugins_total > $plugins_active && ! is_multisite() ) {
 436              $unused_plugins = $plugins_total - $plugins_active;
 437  
 438              $result['status'] = 'recommended';
 439  
 440              $result['label'] = __( 'You should remove inactive plugins' );
 441  
 442              $result['description'] .= sprintf(
 443                  '<p>%s %s</p>',
 444                  sprintf(
 445                      /* translators: %d: The number of inactive plugins. */
 446                      _n(
 447                          'Your site has %d inactive plugin.',
 448                          'Your site has %d inactive plugins.',
 449                          $unused_plugins
 450                      ),
 451                      $unused_plugins
 452                  ),
 453                  __( 'Inactive plugins are tempting targets for attackers. If you&#8217;re not going to use a plugin, we recommend you remove it.' )
 454              );
 455  
 456              $result['actions'] .= sprintf(
 457                  '<p><a href="%s">%s</a></p>',
 458                  esc_url( admin_url( 'plugins.php?plugin_status=inactive' ) ),
 459                  __( 'Manage inactive plugins' )
 460              );
 461          }
 462  
 463          return $result;
 464      }
 465  
 466      /**
 467       * Test if themes are outdated, or unnecessary.
 468       *
 469       * –°hecks if your site has a default theme (to fall back on if there is a need),
 470       * if your themes are up to date and, finally, encourages you to remove any themes
 471       * that are not needed.
 472       *
 473       * @since 5.2.0
 474       *
 475       * @return array The test results.
 476       */
 477  	public function get_test_theme_version() {
 478          $result = array(
 479              'label'       => __( 'Your themes are all up to date' ),
 480              'status'      => 'good',
 481              'badge'       => array(
 482                  'label' => __( 'Security' ),
 483                  'color' => 'blue',
 484              ),
 485              'description' => sprintf(
 486                  '<p>%s</p>',
 487                  __( 'Themes add your site&#8217;s look and feel. It&#8217;s important to keep them up to date, to stay consistent with your brand and keep your site secure.' )
 488              ),
 489              'actions'     => sprintf(
 490                  '<p><a href="%s">%s</a></p>',
 491                  esc_url( admin_url( 'themes.php' ) ),
 492                  __( 'Manage your themes' )
 493              ),
 494              'test'        => 'theme_version',
 495          );
 496  
 497          $theme_updates = get_theme_updates();
 498  
 499          $themes_total        = 0;
 500          $themes_need_updates = 0;
 501          $themes_inactive     = 0;
 502  
 503          // This value is changed during processing to determine how many themes are considered a reasonable amount.
 504          $allowed_theme_count = 1;
 505  
 506          $has_default_theme   = false;
 507          $has_unused_themes   = false;
 508          $show_unused_themes  = true;
 509          $using_default_theme = false;
 510  
 511          // Populate a list of all themes available in the install.
 512          $all_themes   = wp_get_themes();
 513          $active_theme = wp_get_theme();
 514  
 515          // If WP_DEFAULT_THEME doesn't exist, fall back to the latest core default theme.
 516          $default_theme = wp_get_theme( WP_DEFAULT_THEME );
 517          if ( ! $default_theme->exists() ) {
 518              $default_theme = WP_Theme::get_core_default_theme();
 519          }
 520  
 521          if ( $default_theme ) {
 522              $has_default_theme = true;
 523  
 524              if (
 525                  $active_theme->get_stylesheet() === $default_theme->get_stylesheet()
 526              ||
 527                  is_child_theme() && $active_theme->get_template() === $default_theme->get_template()
 528              ) {
 529                  $using_default_theme = true;
 530              }
 531          }
 532  
 533          foreach ( $all_themes as $theme_slug => $theme ) {
 534              $themes_total++;
 535  
 536              if ( array_key_exists( $theme_slug, $theme_updates ) ) {
 537                  $themes_need_updates++;
 538              }
 539          }
 540  
 541          // If this is a child theme, increase the allowed theme count by one, to account for the parent.
 542          if ( is_child_theme() ) {
 543              $allowed_theme_count++;
 544          }
 545  
 546          // If there's a default theme installed and not in use, we count that as allowed as well.
 547          if ( $has_default_theme && ! $using_default_theme ) {
 548              $allowed_theme_count++;
 549          }
 550  
 551          if ( $themes_total > $allowed_theme_count ) {
 552              $has_unused_themes = true;
 553              $themes_inactive   = ( $themes_total - $allowed_theme_count );
 554          }
 555  
 556          // Check if any themes need to be updated.
 557          if ( $themes_need_updates > 0 ) {
 558              $result['status'] = 'critical';
 559  
 560              $result['label'] = __( 'You have themes waiting to be updated' );
 561  
 562              $result['description'] .= sprintf(
 563                  '<p>%s</p>',
 564                  sprintf(
 565                      /* translators: %d: The number of outdated themes. */
 566                      _n(
 567                          'Your site has %d theme waiting to be updated.',
 568                          'Your site has %d themes waiting to be updated.',
 569                          $themes_need_updates
 570                      ),
 571                      $themes_need_updates
 572                  )
 573              );
 574          } else {
 575              // Give positive feedback about the site being good about keeping things up to date.
 576              if ( 1 === $themes_total ) {
 577                  $result['description'] .= sprintf(
 578                      '<p>%s</p>',
 579                      __( 'Your site has 1 installed theme, and it is up to date.' )
 580                  );
 581              } else {
 582                  $result['description'] .= sprintf(
 583                      '<p>%s</p>',
 584                      sprintf(
 585                          /* translators: %d: The number of themes. */
 586                          _n(
 587                              'Your site has %d installed theme, and it is up to date.',
 588                              'Your site has %d installed themes, and they are all up to date.',
 589                              $themes_total
 590                          ),
 591                          $themes_total
 592                      )
 593                  );
 594              }
 595          }
 596  
 597          if ( $has_unused_themes && $show_unused_themes && ! is_multisite() ) {
 598  
 599              // This is a child theme, so we want to be a bit more explicit in our messages.
 600              if ( $active_theme->parent() ) {
 601                  // Recommend removing inactive themes, except a default theme, your current one, and the parent theme.
 602                  $result['status'] = 'recommended';
 603  
 604                  $result['label'] = __( 'You should remove inactive themes' );
 605  
 606                  if ( $using_default_theme ) {
 607                      $result['description'] .= sprintf(
 608                          '<p>%s %s</p>',
 609                          sprintf(
 610                              /* translators: %d: The number of inactive themes. */
 611                              _n(
 612                                  'Your site has %d inactive theme.',
 613                                  'Your site has %d inactive themes.',
 614                                  $themes_inactive
 615                              ),
 616                              $themes_inactive
 617                          ),
 618                          sprintf(
 619                              /* translators: 1: The currently active theme. 2: The active theme's parent theme. */
 620                              __( 'To enhance your site&#8217;s security, we recommend you remove any themes you&#8217;re not using. You should keep your current theme, %1$s, and %2$s, its parent theme.' ),
 621                              $active_theme->name,
 622                              $active_theme->parent()->name
 623                          )
 624                      );
 625                  } else {
 626                      $result['description'] .= sprintf(
 627                          '<p>%s %s</p>',
 628                          sprintf(
 629                              /* translators: %d: The number of inactive themes. */
 630                              _n(
 631                                  'Your site has %d inactive theme.',
 632                                  'Your site has %d inactive themes.',
 633                                  $themes_inactive
 634                              ),
 635                              $themes_inactive
 636                          ),
 637                          sprintf(
 638                              /* translators: 1: The default theme for WordPress. 2: The currently active theme. 3: The active theme's parent theme. */
 639                              __( 'To enhance your site&#8217;s security, we recommend you remove any themes you&#8217;re not using. You should keep %1$s, the default WordPress theme, %2$s, your current theme, and %3$s, its parent theme.' ),
 640                              $default_theme ? $default_theme->name : WP_DEFAULT_THEME,
 641                              $active_theme->name,
 642                              $active_theme->parent()->name
 643                          )
 644                      );
 645                  }
 646              } else {
 647                  // Recommend removing all inactive themes.
 648                  $result['status'] = 'recommended';
 649  
 650                  $result['label'] = __( 'You should remove inactive themes' );
 651  
 652                  if ( $using_default_theme ) {
 653                      $result['description'] .= sprintf(
 654                          '<p>%s %s</p>',
 655                          sprintf(
 656                              /* translators: 1: The amount of inactive themes. 2: The currently active theme. */
 657                              _n(
 658                                  'Your site has %1$d inactive theme, other than %2$s, your active theme.',
 659                                  'Your site has %1$d inactive themes, other than %2$s, your active theme.',
 660                                  $themes_inactive
 661                              ),
 662                              $themes_inactive,
 663                              $active_theme->name
 664                          ),
 665                          __( 'We recommend removing any unused themes to enhance your site&#8217;s security.' )
 666                      );
 667                  } else {
 668                      $result['description'] .= sprintf(
 669                          '<p>%s %s</p>',
 670                          sprintf(
 671                              /* translators: 1: The amount of inactive themes. 2: The default theme for WordPress. 3: The currently active theme. */
 672                              _n(
 673                                  'Your site has %1$d inactive theme, other than %2$s, the default WordPress theme, and %3$s, your active theme.',
 674                                  'Your site has %1$d inactive themes, other than %2$s, the default WordPress theme, and %3$s, your active theme.',
 675                                  $themes_inactive
 676                              ),
 677                              $themes_inactive,
 678                              $default_theme ? $default_theme->name : WP_DEFAULT_THEME,
 679                              $active_theme->name
 680                          ),
 681                          __( 'We recommend removing any unused themes to enhance your site&#8217;s security.' )
 682                      );
 683                  }
 684              }
 685          }
 686  
 687          // If no default Twenty* theme exists.
 688          if ( ! $has_default_theme ) {
 689              $result['status'] = 'recommended';
 690  
 691              $result['label'] = __( 'Have a default theme available' );
 692  
 693              $result['description'] .= sprintf(
 694                  '<p>%s</p>',
 695                  __( 'Your site does not have any default theme. Default themes are used by WordPress automatically if anything is wrong with your chosen theme.' )
 696              );
 697          }
 698  
 699          return $result;
 700      }
 701  
 702      /**
 703       * Test if the supplied PHP version is supported.
 704       *
 705       * @since 5.2.0
 706       *
 707       * @return array The test results.
 708       */
 709  	public function get_test_php_version() {
 710          $response = wp_check_php_version();
 711  
 712          $result = array(
 713              'label'       => sprintf(
 714                  /* translators: %s: The current PHP version. */
 715                  __( 'Your site is running the current version of PHP (%s)' ),
 716                  PHP_VERSION
 717              ),
 718              'status'      => 'good',
 719              'badge'       => array(
 720                  'label' => __( 'Performance' ),
 721                  'color' => 'blue',
 722              ),
 723              'description' => sprintf(
 724                  '<p>%s</p>',
 725                  sprintf(
 726                      /* translators: %s: The minimum recommended PHP version. */
 727                      __( 'PHP is the programming language used to build and maintain WordPress. Newer versions of PHP are faster and more secure, so staying up to date will help your site&#8217;s overall performance and security. The minimum recommended version of PHP is %s.' ),
 728                      $response ? $response['recommended_version'] : ''
 729                  )
 730              ),
 731              'actions'     => sprintf(
 732                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
 733                  esc_url( wp_get_update_php_url() ),
 734                  __( 'Learn more about updating PHP' ),
 735                  /* translators: Accessibility text. */
 736                  __( '(opens in a new tab)' )
 737              ),
 738              'test'        => 'php_version',
 739          );
 740  
 741          // PHP is up to date.
 742          if ( ! $response || version_compare( PHP_VERSION, $response['recommended_version'], '>=' ) ) {
 743              return $result;
 744          }
 745  
 746          // The PHP version is older than the recommended version, but still receiving active support.
 747          if ( $response['is_supported'] ) {
 748              $result['label'] = sprintf(
 749                  /* translators: %s: The server PHP version. */
 750                  __( 'Your site is running an older version of PHP (%s)' ),
 751                  PHP_VERSION
 752              );
 753              $result['status'] = 'recommended';
 754  
 755              return $result;
 756          }
 757  
 758          // The PHP version is only receiving security fixes.
 759          if ( $response['is_secure'] ) {
 760              $result['label'] = sprintf(
 761                  /* translators: %s: The server PHP version. */
 762                  __( 'Your site is running an older version of PHP (%s), which should be updated' ),
 763                  PHP_VERSION
 764              );
 765              $result['status'] = 'recommended';
 766  
 767              return $result;
 768          }
 769  
 770          // Anything no longer secure must be updated.
 771          $result['label'] = sprintf(
 772              /* translators: %s: The server PHP version. */
 773              __( 'Your site is running an outdated version of PHP (%s), which requires an update' ),
 774              PHP_VERSION
 775          );
 776          $result['status']         = 'critical';
 777          $result['badge']['label'] = __( 'Security' );
 778  
 779          return $result;
 780      }
 781  
 782      /**
 783       * Check if the passed extension or function are available.
 784       *
 785       * Make the check for available PHP modules into a simple boolean operator for a cleaner test runner.
 786       *
 787       * @since 5.2.0
 788       * @since 5.3.0 The `$constant` and `$class` parameters were added.
 789       *
 790       * @param string $extension Optional. The extension name to test. Default null.
 791       * @param string $function  Optional. The function name to test. Default null.
 792       * @param string $constant  Optional. The constant name to test for. Default null.
 793       * @param string $class     Optional. The class name to test for. Default null.
 794       * @return bool Whether or not the extension and function are available.
 795       */
 796  	private function test_php_extension_availability( $extension = null, $function = null, $constant = null, $class = null ) {
 797          // If no extension or function is passed, claim to fail testing, as we have nothing to test against.
 798          if ( ! $extension && ! $function && ! $constant && ! $class ) {
 799              return false;
 800          }
 801  
 802          if ( $extension && ! extension_loaded( $extension ) ) {
 803              return false;
 804          }
 805          if ( $function && ! function_exists( $function ) ) {
 806              return false;
 807          }
 808          if ( $constant && ! defined( $constant ) ) {
 809              return false;
 810          }
 811          if ( $class && ! class_exists( $class ) ) {
 812              return false;
 813          }
 814  
 815          return true;
 816      }
 817  
 818      /**
 819       * Test if required PHP modules are installed on the host.
 820       *
 821       * This test builds on the recommendations made by the WordPress Hosting Team
 822       * as seen at https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions
 823       *
 824       * @since 5.2.0
 825       *
 826       * @return array
 827       */
 828  	public function get_test_php_extensions() {
 829          $result = array(
 830              'label'       => __( 'Required and recommended modules are installed' ),
 831              'status'      => 'good',
 832              'badge'       => array(
 833                  'label' => __( 'Performance' ),
 834                  'color' => 'blue',
 835              ),
 836              'description' => sprintf(
 837                  '<p>%s</p><p>%s</p>',
 838                  __( 'PHP modules perform most of the tasks on the server that make your site run. Any changes to these must be made by your server administrator.' ),
 839                  sprintf(
 840                      /* translators: 1: Link to the hosting group page about recommended PHP modules. 2: Additional link attributes. 3: Accessibility text. */
 841                      __( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ),
 842                      /* translators: Localized team handbook, if one exists. */
 843                      esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ),
 844                      'target="_blank" rel="noopener noreferrer"',
 845                      sprintf(
 846                          ' <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>',
 847                          /* translators: Accessibility text. */
 848                          __( '(opens in a new tab)' )
 849                      )
 850                  )
 851              ),
 852              'actions'     => '',
 853              'test'        => 'php_extensions',
 854          );
 855  
 856          $modules = array(
 857              'curl'      => array(
 858                  'function' => 'curl_version',
 859                  'required' => false,
 860              ),
 861              'dom'       => array(
 862                  'class'    => 'DOMNode',
 863                  'required' => false,
 864              ),
 865              'exif'      => array(
 866                  'function' => 'exif_read_data',
 867                  'required' => false,
 868              ),
 869              'fileinfo'  => array(
 870                  'function' => 'finfo_file',
 871                  'required' => false,
 872              ),
 873              'hash'      => array(
 874                  'function' => 'hash',
 875                  'required' => false,
 876              ),
 877              'json'      => array(
 878                  'function' => 'json_last_error',
 879                  'required' => true,
 880              ),
 881              'mbstring'  => array(
 882                  'function' => 'mb_check_encoding',
 883                  'required' => false,
 884              ),
 885              'mysqli'    => array(
 886                  'function' => 'mysqli_connect',
 887                  'required' => false,
 888              ),
 889              'libsodium' => array(
 890                  'constant'            => 'SODIUM_LIBRARY_VERSION',
 891                  'required'            => false,
 892                  'php_bundled_version' => '7.2.0',
 893              ),
 894              'openssl'   => array(
 895                  'function' => 'openssl_encrypt',
 896                  'required' => false,
 897              ),
 898              'pcre'      => array(
 899                  'function' => 'preg_match',
 900                  'required' => false,
 901              ),
 902              'imagick'   => array(
 903                  'extension' => 'imagick',
 904                  'required'  => false,
 905              ),
 906              'mod_xml'   => array(
 907                  'extension' => 'libxml',
 908                  'required'  => false,
 909              ),
 910              'zip'       => array(
 911                  'class'    => 'ZipArchive',
 912                  'required' => false,
 913              ),
 914              'filter'    => array(
 915                  'function' => 'filter_list',
 916                  'required' => false,
 917              ),
 918              'gd'        => array(
 919                  'extension'    => 'gd',
 920                  'required'     => false,
 921                  'fallback_for' => 'imagick',
 922              ),
 923              'iconv'     => array(
 924                  'function' => 'iconv',
 925                  'required' => false,
 926              ),
 927              'mcrypt'    => array(
 928                  'extension'    => 'mcrypt',
 929                  'required'     => false,
 930                  'fallback_for' => 'libsodium',
 931              ),
 932              'simplexml' => array(
 933                  'extension'    => 'simplexml',
 934                  'required'     => false,
 935                  'fallback_for' => 'mod_xml',
 936              ),
 937              'xmlreader' => array(
 938                  'extension'    => 'xmlreader',
 939                  'required'     => false,
 940                  'fallback_for' => 'mod_xml',
 941              ),
 942              'zlib'      => array(
 943                  'extension'    => 'zlib',
 944                  'required'     => false,
 945                  'fallback_for' => 'zip',
 946              ),
 947          );
 948  
 949          /**
 950           * An array representing all the modules we wish to test for.
 951           *
 952           * @since 5.2.0
 953           * @since 5.3.0 The `$constant` and `$class` parameters were added.
 954           *
 955           * @param array $modules {
 956           *     An associative array of modules to test for.
 957           *
 958           *     @type array ...$0 {
 959           *         An associative array of module properties used during testing.
 960           *         One of either `$function` or `$extension` must be provided, or they will fail by default.
 961           *
 962           *         @type string $function     Optional. A function name to test for the existence of.
 963           *         @type string $extension    Optional. An extension to check if is loaded in PHP.
 964           *         @type string $constant     Optional. A constant name to check for to verify an extension exists.
 965           *         @type string $class        Optional. A class name to check for to verify an extension exists.
 966           *         @type bool   $required     Is this a required feature or not.
 967           *         @type string $fallback_for Optional. The module this module replaces as a fallback.
 968           *     }
 969           * }
 970           */
 971          $modules = apply_filters( 'site_status_test_php_modules', $modules );
 972  
 973          $failures = array();
 974  
 975          foreach ( $modules as $library => $module ) {
 976              $extension  = ( isset( $module['extension'] ) ? $module['extension'] : null );
 977              $function   = ( isset( $module['function'] ) ? $module['function'] : null );
 978              $constant   = ( isset( $module['constant'] ) ? $module['constant'] : null );
 979              $class_name = ( isset( $module['class'] ) ? $module['class'] : null );
 980  
 981              // If this module is a fallback for another function, check if that other function passed.
 982              if ( isset( $module['fallback_for'] ) ) {
 983                  /*
 984                   * If that other function has a failure, mark this module as required for usual operations.
 985                   * If that other function hasn't failed, skip this test as it's only a fallback.
 986                   */
 987                  if ( isset( $failures[ $module['fallback_for'] ] ) ) {
 988                      $module['required'] = true;
 989                  } else {
 990                      continue;
 991                  }
 992              }
 993  
 994              if ( ! $this->test_php_extension_availability( $extension, $function, $constant, $class_name ) && ( ! isset( $module['php_bundled_version'] ) || version_compare( PHP_VERSION, $module['php_bundled_version'], '<' ) ) ) {
 995                  if ( $module['required'] ) {
 996                      $result['status'] = 'critical';
 997  
 998                      $class         = 'error';
 999                      $screen_reader = __( 'Error' );
1000                      $message       = sprintf(
1001                          /* translators: %s: The module name. */
1002                          __( 'The required module, %s, is not installed, or has been disabled.' ),
1003                          $library
1004                      );
1005                  } else {
1006                      $class         = 'warning';
1007                      $screen_reader = __( 'Warning' );
1008                      $message       = sprintf(
1009                          /* translators: %s: The module name. */
1010                          __( 'The optional module, %s, is not installed, or has been disabled.' ),
1011                          $library
1012                      );
1013                  }
1014  
1015                  if ( ! $module['required'] && 'good' === $result['status'] ) {
1016                      $result['status'] = 'recommended';
1017                  }
1018  
1019                  $failures[ $library ] = "<span class='dashicons $class'><span class='screen-reader-text'>$screen_reader</span></span> $message";
1020              }
1021          }
1022  
1023          if ( ! empty( $failures ) ) {
1024              $output = '<ul>';
1025  
1026              foreach ( $failures as $failure ) {
1027                  $output .= sprintf(
1028                      '<li>%s</li>',
1029                      $failure
1030                  );
1031              }
1032  
1033              $output .= '</ul>';
1034          }
1035  
1036          if ( 'good' !== $result['status'] ) {
1037              if ( 'recommended' === $result['status'] ) {
1038                  $result['label'] = __( 'One or more recommended modules are missing' );
1039              }
1040              if ( 'critical' === $result['status'] ) {
1041                  $result['label'] = __( 'One or more required modules are missing' );
1042              }
1043  
1044              $result['description'] .= $output;
1045          }
1046  
1047          return $result;
1048      }
1049  
1050      /**
1051       * Test if the PHP default timezone is set to UTC.
1052       *
1053       * @since 5.3.1
1054       *
1055       * @return array The test results.
1056       */
1057  	public function get_test_php_default_timezone() {
1058          $result = array(
1059              'label'       => __( 'PHP default timezone is valid' ),
1060              'status'      => 'good',
1061              'badge'       => array(
1062                  'label' => __( 'Performance' ),
1063                  'color' => 'blue',
1064              ),
1065              'description' => sprintf(
1066                  '<p>%s</p>',
1067                  __( 'PHP default timezone was configured by WordPress on loading. This is necessary for correct calculations of dates and times.' )
1068              ),
1069              'actions'     => '',
1070              'test'        => 'php_default_timezone',
1071          );
1072  
1073          if ( 'UTC' !== date_default_timezone_get() ) {
1074              $result['status'] = 'critical';
1075  
1076              $result['label'] = __( 'PHP default timezone is invalid' );
1077  
1078              $result['description'] = sprintf(
1079                  '<p>%s</p>',
1080                  sprintf(
1081                      /* translators: %s: date_default_timezone_set() */
1082                      __( 'PHP default timezone was changed after WordPress loading by a %s function call. This interferes with correct calculations of dates and times.' ),
1083                      '<code>date_default_timezone_set()</code>'
1084                  )
1085              );
1086          }
1087  
1088          return $result;
1089      }
1090  
1091      /**
1092       * Test if there's an active PHP session that can affect loopback requests.
1093       *
1094       * @since 5.5.0
1095       *
1096       * @return array The test results.
1097       */
1098  	public function get_test_php_sessions() {
1099          $result = array(
1100              'label'       => __( 'No PHP sessions detected' ),
1101              'status'      => 'good',
1102              'badge'       => array(
1103                  'label' => __( 'Performance' ),
1104                  'color' => 'blue',
1105              ),
1106              'description' => sprintf(
1107                  '<p>%s</p>',
1108                  sprintf(
1109                      /* translators: 1: session_start(), 2: session_write_close() */
1110                      __( 'PHP sessions created by a %1$s function call may interfere with REST API and loopback requests. An active session should be closed by %2$s before making any HTTP requests.' ),
1111                      '<code>session_start()</code>',
1112                      '<code>session_write_close()</code>'
1113                  )
1114              ),
1115              'test'        => 'php_sessions',
1116          );
1117  
1118          if ( function_exists( 'session_status' ) && PHP_SESSION_ACTIVE === session_status() ) {
1119              $result['status'] = 'critical';
1120  
1121              $result['label'] = __( 'An active PHP session was detected' );
1122  
1123              $result['description'] = sprintf(
1124                  '<p>%s</p>',
1125                  sprintf(
1126                      /* translators: 1: session_start(), 2: session_write_close() */
1127                      __( 'A PHP session was created by a %1$s function call. This interferes with REST API and loopback requests. The session should be closed by %2$s before making any HTTP requests.' ),
1128                      '<code>session_start()</code>',
1129                      '<code>session_write_close()</code>'
1130                  )
1131              );
1132          }
1133  
1134          return $result;
1135      }
1136  
1137      /**
1138       * Test if the SQL server is up to date.
1139       *
1140       * @since 5.2.0
1141       *
1142       * @return array The test results.
1143       */
1144  	public function get_test_sql_server() {
1145          if ( ! $this->mysql_server_version ) {
1146              $this->prepare_sql_data();
1147          }
1148  
1149          $result = array(
1150              'label'       => __( 'SQL server is up to date' ),
1151              'status'      => 'good',
1152              'badge'       => array(
1153                  'label' => __( 'Performance' ),
1154                  'color' => 'blue',
1155              ),
1156              'description' => sprintf(
1157                  '<p>%s</p>',
1158                  __( 'The SQL server is a required piece of software for the database WordPress uses to store all your site&#8217;s content and settings.' )
1159              ),
1160              'actions'     => sprintf(
1161                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1162                  /* translators: Localized version of WordPress requirements if one exists. */
1163                  esc_url( __( 'https://wordpress.org/about/requirements/' ) ),
1164                  __( 'Learn more about what WordPress requires to run.' ),
1165                  /* translators: Accessibility text. */
1166                  __( '(opens in a new tab)' )
1167              ),
1168              'test'        => 'sql_server',
1169          );
1170  
1171          $db_dropin = file_exists( WP_CONTENT_DIR . '/db.php' );
1172  
1173          if ( ! $this->mysql_rec_version_check ) {
1174              $result['status'] = 'recommended';
1175  
1176              $result['label'] = __( 'Outdated SQL server' );
1177  
1178              $result['description'] .= sprintf(
1179                  '<p>%s</p>',
1180                  sprintf(
1181                      /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server recommended version number. */
1182                      __( 'For optimal performance and security reasons, we recommend running %1$s version %2$s or higher. Contact your web hosting company to correct this.' ),
1183                      ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ),
1184                      $this->health_check_mysql_rec_version
1185                  )
1186              );
1187          }
1188  
1189          if ( ! $this->mysql_min_version_check ) {
1190              $result['status'] = 'critical';
1191  
1192              $result['label']          = __( 'Severely outdated SQL server' );
1193              $result['badge']['label'] = __( 'Security' );
1194  
1195              $result['description'] .= sprintf(
1196                  '<p>%s</p>',
1197                  sprintf(
1198                      /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server minimum version number. */
1199                      __( 'WordPress requires %1$s version %2$s or higher. Contact your web hosting company to correct this.' ),
1200                      ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ),
1201                      $this->health_check_mysql_required_version
1202                  )
1203              );
1204          }
1205  
1206          if ( $db_dropin ) {
1207              $result['description'] .= sprintf(
1208                  '<p>%s</p>',
1209                  wp_kses(
1210                      sprintf(
1211                          /* translators: 1: The name of the drop-in. 2: The name of the database engine. */
1212                          __( 'You are using a %1$s drop-in which might mean that a %2$s database is not being used.' ),
1213                          '<code>wp-content/db.php</code>',
1214                          ( $this->is_mariadb ? 'MariaDB' : 'MySQL' )
1215                      ),
1216                      array(
1217                          'code' => true,
1218                      )
1219                  )
1220              );
1221          }
1222  
1223          return $result;
1224      }
1225  
1226      /**
1227       * Test if the database server is capable of using utf8mb4.
1228       *
1229       * @since 5.2.0
1230       *
1231       * @return array The test results.
1232       */
1233  	public function get_test_utf8mb4_support() {
1234          global $wpdb;
1235  
1236          if ( ! $this->mysql_server_version ) {
1237              $this->prepare_sql_data();
1238          }
1239  
1240          $result = array(
1241              'label'       => __( 'UTF8MB4 is supported' ),
1242              'status'      => 'good',
1243              'badge'       => array(
1244                  'label' => __( 'Performance' ),
1245                  'color' => 'blue',
1246              ),
1247              'description' => sprintf(
1248                  '<p>%s</p>',
1249                  __( 'UTF8MB4 is the character set WordPress prefers for database storage because it safely supports the widest set of characters and encodings, including Emoji, enabling better support for non-English languages.' )
1250              ),
1251              'actions'     => '',
1252              'test'        => 'utf8mb4_support',
1253          );
1254  
1255          if ( ! $this->is_mariadb ) {
1256              if ( version_compare( $this->mysql_server_version, '5.5.3', '<' ) ) {
1257                  $result['status'] = 'recommended';
1258  
1259                  $result['label'] = __( 'utf8mb4 requires a MySQL update' );
1260  
1261                  $result['description'] .= sprintf(
1262                      '<p>%s</p>',
1263                      sprintf(
1264                          /* translators: %s: Version number. */
1265                          __( 'WordPress&#8217; utf8mb4 support requires MySQL version %s or greater. Please contact your server administrator.' ),
1266                          '5.5.3'
1267                      )
1268                  );
1269              } else {
1270                  $result['description'] .= sprintf(
1271                      '<p>%s</p>',
1272                      __( 'Your MySQL version supports utf8mb4.' )
1273                  );
1274              }
1275          } else { // MariaDB introduced utf8mb4 support in 5.5.0.
1276              if ( version_compare( $this->mysql_server_version, '5.5.0', '<' ) ) {
1277                  $result['status'] = 'recommended';
1278  
1279                  $result['label'] = __( 'utf8mb4 requires a MariaDB update' );
1280  
1281                  $result['description'] .= sprintf(
1282                      '<p>%s</p>',
1283                      sprintf(
1284                          /* translators: %s: Version number. */
1285                          __( 'WordPress&#8217; utf8mb4 support requires MariaDB version %s or greater. Please contact your server administrator.' ),
1286                          '5.5.0'
1287                      )
1288                  );
1289              } else {
1290                  $result['description'] .= sprintf(
1291                      '<p>%s</p>',
1292                      __( 'Your MariaDB version supports utf8mb4.' )
1293                  );
1294              }
1295          }
1296  
1297          if ( $wpdb->use_mysqli ) {
1298              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_client_info
1299              $mysql_client_version = mysqli_get_client_info();
1300          } else {
1301              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_client_info,PHPCompatibility.Extensions.RemovedExtensions.mysql_DeprecatedRemoved
1302              $mysql_client_version = mysql_get_client_info();
1303          }
1304  
1305          /*
1306           * libmysql has supported utf8mb4 since 5.5.3, same as the MySQL server.
1307           * mysqlnd has supported utf8mb4 since 5.0.9.
1308           */
1309          if ( false !== strpos( $mysql_client_version, 'mysqlnd' ) ) {
1310              $mysql_client_version = preg_replace( '/^\D+([\d.]+).*/', '$1', $mysql_client_version );
1311              if ( version_compare( $mysql_client_version, '5.0.9', '<' ) ) {
1312                  $result['status'] = 'recommended';
1313  
1314                  $result['label'] = __( 'utf8mb4 requires a newer client library' );
1315  
1316                  $result['description'] .= sprintf(
1317                      '<p>%s</p>',
1318                      sprintf(
1319                          /* translators: 1: Name of the library, 2: Number of version. */
1320                          __( 'WordPress&#8217; utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ),
1321                          'mysqlnd',
1322                          '5.0.9'
1323                      )
1324                  );
1325              }
1326          } else {
1327              if ( version_compare( $mysql_client_version, '5.5.3', '<' ) ) {
1328                  $result['status'] = 'recommended';
1329  
1330                  $result['label'] = __( 'utf8mb4 requires a newer client library' );
1331  
1332                  $result['description'] .= sprintf(
1333                      '<p>%s</p>',
1334                      sprintf(
1335                          /* translators: 1: Name of the library, 2: Number of version. */
1336                          __( 'WordPress&#8217; utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ),
1337                          'libmysql',
1338                          '5.5.3'
1339                      )
1340                  );
1341              }
1342          }
1343  
1344          return $result;
1345      }
1346  
1347      /**
1348       * Test if the site can communicate with WordPress.org.
1349       *
1350       * @since 5.2.0
1351       *
1352       * @return array The test results.
1353       */
1354  	public function get_test_dotorg_communication() {
1355          $result = array(
1356              'label'       => __( 'Can communicate with WordPress.org' ),
1357              'status'      => '',
1358              'badge'       => array(
1359                  'label' => __( 'Security' ),
1360                  'color' => 'blue',
1361              ),
1362              'description' => sprintf(
1363                  '<p>%s</p>',
1364                  __( 'Communicating with the WordPress servers is used to check for new versions, and to both install and update WordPress core, themes or plugins.' )
1365              ),
1366              'actions'     => '',
1367              'test'        => 'dotorg_communication',
1368          );
1369  
1370          $wp_dotorg = wp_remote_get(
1371              'https://api.wordpress.org',
1372              array(
1373                  'timeout' => 10,
1374              )
1375          );
1376          if ( ! is_wp_error( $wp_dotorg ) ) {
1377              $result['status'] = 'good';
1378          } else {
1379              $result['status'] = 'critical';
1380  
1381              $result['label'] = __( 'Could not reach WordPress.org' );
1382  
1383              $result['description'] .= sprintf(
1384                  '<p>%s</p>',
1385                  sprintf(
1386                      '<span class="error"><span class="screen-reader-text">%s</span></span> %s',
1387                      __( 'Error' ),
1388                      sprintf(
1389                          /* translators: 1: The IP address WordPress.org resolves to. 2: The error returned by the lookup. */
1390                          __( 'Your site is unable to reach WordPress.org at %1$s, and returned the error: %2$s' ),
1391                          gethostbyname( 'api.wordpress.org' ),
1392                          $wp_dotorg->get_error_message()
1393                      )
1394                  )
1395              );
1396  
1397              $result['actions'] = sprintf(
1398                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1399                  /* translators: Localized Support reference. */
1400                  esc_url( __( 'https://wordpress.org/support' ) ),
1401                  __( 'Get help resolving this issue.' ),
1402                  /* translators: Accessibility text. */
1403                  __( '(opens in a new tab)' )
1404              );
1405          }
1406  
1407          return $result;
1408      }
1409  
1410      /**
1411       * Test if debug information is enabled.
1412       *
1413       * When WP_DEBUG is enabled, errors and information may be disclosed to site visitors,
1414       * or logged to a publicly accessible file.
1415       *
1416       * Debugging is also frequently left enabled after looking for errors on a site,
1417       * as site owners do not understand the implications of this.
1418       *
1419       * @since 5.2.0
1420       *
1421       * @return array The test results.
1422       */
1423  	public function get_test_is_in_debug_mode() {
1424          $result = array(
1425              'label'       => __( 'Your site is not set to output debug information' ),
1426              'status'      => 'good',
1427              'badge'       => array(
1428                  'label' => __( 'Security' ),
1429                  'color' => 'blue',
1430              ),
1431              'description' => sprintf(
1432                  '<p>%s</p>',
1433                  __( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' )
1434              ),
1435              'actions'     => sprintf(
1436                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1437                  /* translators: Documentation explaining debugging in WordPress. */
1438                  esc_url( __( 'https://wordpress.org/support/article/debugging-in-wordpress/' ) ),
1439                  __( 'Learn more about debugging in WordPress.' ),
1440                  /* translators: Accessibility text. */
1441                  __( '(opens in a new tab)' )
1442              ),
1443              'test'        => 'is_in_debug_mode',
1444          );
1445  
1446          if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
1447              if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
1448                  $result['label'] = __( 'Your site is set to log errors to a potentially public file.' );
1449  
1450                  $result['status'] = ( 0 === strpos( ini_get( 'error_log' ), ABSPATH ) ) ? 'critical' : 'recommended';
1451  
1452                  $result['description'] .= sprintf(
1453                      '<p>%s</p>',
1454                      sprintf(
1455                          /* translators: %s: WP_DEBUG_LOG */
1456                          __( 'The value, %s, has been added to this website&#8217;s configuration file. This means any errors on the site will be written to a file which is potentially available to all users.' ),
1457                          '<code>WP_DEBUG_LOG</code>'
1458                      )
1459                  );
1460              }
1461  
1462              if ( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ) {
1463                  $result['label'] = __( 'Your site is set to display errors to site visitors' );
1464  
1465                  $result['status'] = 'critical';
1466  
1467                  $result['description'] .= sprintf(
1468                      '<p>%s</p>',
1469                      sprintf(
1470                          /* translators: 1: WP_DEBUG_DISPLAY, 2: WP_DEBUG */
1471                          __( 'The value, %1$s, has either been enabled by %2$s or added to your configuration file. This will make errors display on the front end of your site.' ),
1472                          '<code>WP_DEBUG_DISPLAY</code>',
1473                          '<code>WP_DEBUG</code>'
1474                      )
1475                  );
1476              }
1477          }
1478  
1479          return $result;
1480      }
1481  
1482      /**
1483       * Test if your site is serving content over HTTPS.
1484       *
1485       * Many sites have varying degrees of HTTPS support, the most common of which is sites that have it
1486       * enabled, but only if you visit the right site address.
1487       *
1488       * @since 5.2.0
1489       *
1490       * @return array The test results.
1491       */
1492  	public function get_test_https_status() {
1493          $result = array(
1494              'label'       => __( 'Your website is using an active HTTPS connection.' ),
1495              'status'      => 'good',
1496              'badge'       => array(
1497                  'label' => __( 'Security' ),
1498                  'color' => 'blue',
1499              ),
1500              'description' => sprintf(
1501                  '<p>%s</p>',
1502                  __( 'An HTTPS connection is a more secure way of browsing the web. Many services now have HTTPS as a requirement. HTTPS allows you to take advantage of new features that can increase site speed, improve search rankings, and gain the trust of your visitors by helping to protect their online privacy.' )
1503              ),
1504              'actions'     => sprintf(
1505                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1506                  /* translators: Documentation explaining HTTPS and why it should be used. */
1507                  esc_url( __( 'https://wordpress.org/support/article/why-should-i-use-https/' ) ),
1508                  __( 'Learn more about why you should use HTTPS' ),
1509                  /* translators: Accessibility text. */
1510                  __( '(opens in a new tab)' )
1511              ),
1512              'test'        => 'https_status',
1513          );
1514  
1515          if ( is_ssl() ) {
1516              $wp_url   = get_bloginfo( 'wpurl' );
1517              $site_url = get_bloginfo( 'url' );
1518  
1519              if ( 'https' !== substr( $wp_url, 0, 5 ) || 'https' !== substr( $site_url, 0, 5 ) ) {
1520                  $result['status'] = 'recommended';
1521  
1522                  $result['label'] = __( 'Only parts of your site are using HTTPS' );
1523  
1524                  $result['description'] = sprintf(
1525                      '<p>%s</p>',
1526                      sprintf(
1527                          /* translators: %s: URL to General Settings screen. */
1528                          __( 'You are accessing this website using HTTPS, but your <a href="%s">WordPress Address</a> is not set up to use HTTPS by default.' ),
1529                          esc_url( admin_url( 'options-general.php' ) )
1530                      )
1531                  );
1532  
1533                  $result['actions'] .= sprintf(
1534                      '<p><a href="%s">%s</a></p>',
1535                      esc_url( admin_url( 'options-general.php' ) ),
1536                      __( 'Update your site addresses' )
1537                  );
1538              }
1539          } else {
1540              $result['status'] = 'recommended';
1541  
1542              $result['label'] = __( 'Your site does not use HTTPS' );
1543          }
1544  
1545          return $result;
1546      }
1547  
1548      /**
1549       * Check if the HTTP API can handle SSL/TLS requests.
1550       *
1551       * @since 5.2.0
1552       *
1553       * @return array The test results.
1554       */
1555  	public function get_test_ssl_support() {
1556          $result = array(
1557              'label'       => '',
1558              'status'      => '',
1559              'badge'       => array(
1560                  'label' => __( 'Security' ),
1561                  'color' => 'blue',
1562              ),
1563              'description' => sprintf(
1564                  '<p>%s</p>',
1565                  __( 'Securely communicating between servers are needed for transactions such as fetching files, conducting sales on store sites, and much more.' )
1566              ),
1567              'actions'     => '',
1568              'test'        => 'ssl_support',
1569          );
1570  
1571          $supports_https = wp_http_supports( array( 'ssl' ) );
1572  
1573          if ( $supports_https ) {
1574              $result['status'] = 'good';
1575  
1576              $result['label'] = __( 'Your site can communicate securely with other services' );
1577          } else {
1578              $result['status'] = 'critical';
1579  
1580              $result['label'] = __( 'Your site is unable to communicate securely with other services' );
1581  
1582              $result['description'] .= sprintf(
1583                  '<p>%s</p>',
1584                  __( 'Talk to your web host about OpenSSL support for PHP.' )
1585              );
1586          }
1587  
1588          return $result;
1589      }
1590  
1591      /**
1592       * Test if scheduled events run as intended.
1593       *
1594       * If scheduled events are not running, this may indicate something with WP_Cron is not working
1595       * as intended, or that there are orphaned events hanging around from older code.
1596       *
1597       * @since 5.2.0
1598       *
1599       * @return array The test results.
1600       */
1601  	public function get_test_scheduled_events() {
1602          $result = array(
1603              'label'       => __( 'Scheduled events are running' ),
1604              'status'      => 'good',
1605              'badge'       => array(
1606                  'label' => __( 'Performance' ),
1607                  'color' => 'blue',
1608              ),
1609              'description' => sprintf(
1610                  '<p>%s</p>',
1611                  __( 'Scheduled events are what periodically looks for updates to plugins, themes and WordPress itself. It is also what makes sure scheduled posts are published on time. It may also be used by various plugins to make sure that planned actions are executed.' )
1612              ),
1613              'actions'     => '',
1614              'test'        => 'scheduled_events',
1615          );
1616  
1617          $this->wp_schedule_test_init();
1618  
1619          if ( is_wp_error( $this->has_missed_cron() ) ) {
1620              $result['status'] = 'critical';
1621  
1622              $result['label'] = __( 'It was not possible to check your scheduled events' );
1623  
1624              $result['description'] = sprintf(
1625                  '<p>%s</p>',
1626                  sprintf(
1627                      /* translators: %s: The error message returned while from the cron scheduler. */
1628                      __( 'While trying to test your site&#8217;s scheduled events, the following error was returned: %s' ),
1629                      $this->has_missed_cron()->get_error_message()
1630                  )
1631              );
1632          } elseif ( $this->has_missed_cron() ) {
1633              $result['status'] = 'recommended';
1634  
1635              $result['label'] = __( 'A scheduled event has failed' );
1636  
1637              $result['description'] = sprintf(
1638                  '<p>%s</p>',
1639                  sprintf(
1640                      /* translators: %s: The name of the failed cron event. */
1641                      __( 'The scheduled event, %s, failed to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ),
1642                      $this->last_missed_cron
1643                  )
1644              );
1645          } elseif ( $this->has_late_cron() ) {
1646              $result['status'] = 'recommended';
1647  
1648              $result['label'] = __( 'A scheduled event is late' );
1649  
1650              $result['description'] = sprintf(
1651                  '<p>%s</p>',
1652                  sprintf(
1653                      /* translators: %s: The name of the late cron event. */
1654                      __( 'The scheduled event, %s, is late to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ),
1655                      $this->last_late_cron
1656                  )
1657              );
1658          }
1659  
1660          return $result;
1661      }
1662  
1663      /**
1664       * Test if WordPress can run automated background updates.
1665       *
1666       * Background updates in WordPress are primarily used for minor releases and security updates.
1667       * It's important to either have these working, or be aware that they are intentionally disabled
1668       * for whatever reason.
1669       *
1670       * @since 5.2.0
1671       *
1672       * @return array The test results.
1673       */
1674  	public function get_test_background_updates() {
1675          $result = array(
1676              'label'       => __( 'Background updates are working' ),
1677              'status'      => 'good',
1678              'badge'       => array(
1679                  'label' => __( 'Security' ),
1680                  'color' => 'blue',
1681              ),
1682              'description' => sprintf(
1683                  '<p>%s</p>',
1684                  __( 'Background updates ensure that WordPress can auto-update if a security update is released for the version you are currently using.' )
1685              ),
1686              'actions'     => '',
1687              'test'        => 'background_updates',
1688          );
1689  
1690          if ( ! class_exists( 'WP_Site_Health_Auto_Updates' ) ) {
1691              require_once ABSPATH . 'wp-admin/includes/class-wp-site-health-auto-updates.php';
1692          }
1693  
1694          // Run the auto-update tests in a separate class,
1695          // as there are many considerations to be made.
1696          $automatic_updates = new WP_Site_Health_Auto_Updates();
1697          $tests             = $automatic_updates->run_tests();
1698  
1699          $output = '<ul>';
1700  
1701          foreach ( $tests as $test ) {
1702              $severity_string = __( 'Passed' );
1703  
1704              if ( 'fail' === $test->severity ) {
1705                  $result['label'] = __( 'Background updates are not working as expected' );
1706  
1707                  $result['status'] = 'critical';
1708  
1709                  $severity_string = __( 'Error' );
1710              }
1711  
1712              if ( 'warning' === $test->severity && 'good' === $result['status'] ) {
1713                  $result['label'] = __( 'Background updates may not be working properly' );
1714  
1715                  $result['status'] = 'recommended';
1716  
1717                  $severity_string = __( 'Warning' );
1718              }
1719  
1720              $output .= sprintf(
1721                  '<li><span class="dashicons %s"><span class="screen-reader-text">%s</span></span> %s</li>',
1722                  esc_attr( $test->severity ),
1723                  $severity_string,
1724                  $test->description
1725              );
1726          }
1727  
1728          $output .= '</ul>';
1729  
1730          if ( 'good' !== $result['status'] ) {
1731              $result['description'] .= $output;
1732          }
1733  
1734          return $result;
1735      }
1736  
1737      /**
1738       * Test if plugin and theme auto-updates appear to be configured correctly.
1739       *
1740       * @since 5.5.0
1741       *
1742       * @return array The test results.
1743       */
1744  	public function get_test_plugin_theme_auto_updates() {
1745          $result = array(
1746              'label'       => __( 'Plugin and theme auto-updates appear to be configured correctly' ),
1747              'status'      => 'good',
1748              'badge'       => array(
1749                  'label' => __( 'Security' ),
1750                  'color' => 'blue',
1751              ),
1752              'description' => sprintf(
1753                  '<p>%s</p>',
1754                  __( 'Plugin and theme auto-updates ensure that the latest versions are always installed.' )
1755              ),
1756              'actions'     => '',
1757              'test'        => 'plugin_theme_auto_updates',
1758          );
1759  
1760          $check_plugin_theme_updates = $this->detect_plugin_theme_auto_update_issues();
1761  
1762          $result['status'] = $check_plugin_theme_updates->status;
1763  
1764          if ( 'good' !== $result['status'] ) {
1765              $result['label'] = __( 'Your site may have problems auto-updating plugins and themes' );
1766  
1767              $result['description'] .= sprintf(
1768                  '<p>%s</p>',
1769                  $check_plugin_theme_updates->message
1770              );
1771          }
1772  
1773          return $result;
1774      }
1775  
1776      /**
1777       * Test if loopbacks work as expected.
1778       *
1779       * A loopback is when WordPress queries itself, for example to start a new WP_Cron instance,
1780       * or when editing a plugin or theme. This has shown itself to be a recurring issue,
1781       * as code can very easily break this interaction.
1782       *
1783       * @since 5.2.0
1784       *
1785       * @return array The test results.
1786       */
1787  	public function get_test_loopback_requests() {
1788          $result = array(
1789              'label'       => __( 'Your site can perform loopback requests' ),
1790              'status'      => 'good',
1791              'badge'       => array(
1792                  'label' => __( 'Performance' ),
1793                  'color' => 'blue',
1794              ),
1795              'description' => sprintf(
1796                  '<p>%s</p>',
1797                  __( 'Loopback requests are used to run scheduled events, and are also used by the built-in editors for themes and plugins to verify code stability.' )
1798              ),
1799              'actions'     => '',
1800              'test'        => 'loopback_requests',
1801          );
1802  
1803          $check_loopback = $this->can_perform_loopback();
1804  
1805          $result['status'] = $check_loopback->status;
1806  
1807          if ( 'good' !== $result['status'] ) {
1808              $result['label'] = __( 'Your site could not complete a loopback request' );
1809  
1810              $result['description'] .= sprintf(
1811                  '<p>%s</p>',
1812                  $check_loopback->message
1813              );
1814          }
1815  
1816          return $result;
1817      }
1818  
1819      /**
1820       * Test if HTTP requests are blocked.
1821       *
1822       * It's possible to block all outgoing communication (with the possibility of allowing certain
1823       * hosts) via the HTTP API. This may create problems for users as many features are running as
1824       * services these days.
1825       *
1826       * @since 5.2.0
1827       *
1828       * @return array The test results.
1829       */
1830  	public function get_test_http_requests() {
1831          $result = array(
1832              'label'       => __( 'HTTP requests seem to be working as expected' ),
1833              'status'      => 'good',
1834              'badge'       => array(
1835                  'label' => __( 'Performance' ),
1836                  'color' => 'blue',
1837              ),
1838              'description' => sprintf(
1839                  '<p>%s</p>',
1840                  __( 'It is possible for site maintainers to block all, or some, communication to other sites and services. If set up incorrectly, this may prevent plugins and themes from working as intended.' )
1841              ),
1842              'actions'     => '',
1843              'test'        => 'http_requests',
1844          );
1845  
1846          $blocked = false;
1847          $hosts   = array();
1848  
1849          if ( defined( 'WP_HTTP_BLOCK_EXTERNAL' ) && WP_HTTP_BLOCK_EXTERNAL ) {
1850              $blocked = true;
1851          }
1852  
1853          if ( defined( 'WP_ACCESSIBLE_HOSTS' ) ) {
1854              $hosts = explode( ',', WP_ACCESSIBLE_HOSTS );
1855          }
1856  
1857          if ( $blocked && 0 === sizeof( $hosts ) ) {
1858              $result['status'] = 'critical';
1859  
1860              $result['label'] = __( 'HTTP requests are blocked' );
1861  
1862              $result['description'] .= sprintf(
1863                  '<p>%s</p>',
1864                  sprintf(
1865                      /* translators: %s: Name of the constant used. */
1866                      __( 'HTTP requests have been blocked by the %s constant, with no allowed hosts.' ),
1867                      '<code>WP_HTTP_BLOCK_EXTERNAL</code>'
1868                  )
1869              );
1870          }
1871  
1872          if ( $blocked && 0 < sizeof( $hosts ) ) {
1873              $result['status'] = 'recommended';
1874  
1875              $result['label'] = __( 'HTTP requests are partially blocked' );
1876  
1877              $result['description'] .= sprintf(
1878                  '<p>%s</p>',
1879                  sprintf(
1880                      /* translators: 1: Name of the constant used. 2: List of allowed hostnames. */
1881                      __( 'HTTP requests have been blocked by the %1$s constant, with some allowed hosts: %2$s.' ),
1882                      '<code>WP_HTTP_BLOCK_EXTERNAL</code>',
1883                      implode( ',', $hosts )
1884                  )
1885              );
1886          }
1887  
1888          return $result;
1889      }
1890  
1891      /**
1892       * Test if the REST API is accessible.
1893       *
1894       * Various security measures may block the REST API from working, or it may have been disabled in general.
1895       * This is required for the new block editor to work, so we explicitly test for this.
1896       *
1897       * @since 5.2.0
1898       *
1899       * @return array The test results.
1900       */
1901  	public function get_test_rest_availability() {
1902          $result = array(
1903              'label'       => __( 'The REST API is available' ),
1904              'status'      => 'good',
1905              'badge'       => array(
1906                  'label' => __( 'Performance' ),
1907                  'color' => 'blue',
1908              ),
1909              'description' => sprintf(
1910                  '<p>%s</p>',
1911                  __( 'The REST API is one way WordPress, and other applications, communicate with the server. One example is the block editor screen, which relies on this to display, and save, your posts and pages.' )
1912              ),
1913              'actions'     => '',
1914              'test'        => 'rest_availability',
1915          );
1916  
1917          $cookies = wp_unslash( $_COOKIE );
1918          $timeout = 10;
1919          $headers = array(
1920              'Cache-Control' => 'no-cache',
1921              'X-WP-Nonce'    => wp_create_nonce( 'wp_rest' ),
1922          );
1923          /** This filter is documented in wp-includes/class-wp-http-streams.php */
1924          $sslverify = apply_filters( 'https_local_ssl_verify', false );
1925  
1926          // Include Basic auth in loopback requests.
1927          if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
1928              $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
1929          }
1930  
1931          $url = rest_url( 'wp/v2/types/post' );
1932  
1933          // The context for this is editing with the new block editor.
1934          $url = add_query_arg(
1935              array(
1936                  'context' => 'edit',
1937              ),
1938              $url
1939          );
1940  
1941          $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
1942  
1943          if ( is_wp_error( $r ) ) {
1944              $result['status'] = 'critical';
1945  
1946              $result['label'] = __( 'The REST API encountered an error' );
1947  
1948              $result['description'] .= sprintf(
1949                  '<p>%s</p>',
1950                  sprintf(
1951                      '%s<br>%s',
1952                      __( 'The REST API request failed due to an error.' ),
1953                      sprintf(
1954                          /* translators: 1: The WordPress error message. 2: The WordPress error code. */
1955                          __( 'Error: %1$s (%2$s)' ),
1956                          $r->get_error_message(),
1957                          $r->get_error_code()
1958                      )
1959                  )
1960              );
1961          } elseif ( 200 !== wp_remote_retrieve_response_code( $r ) ) {
1962              $result['status'] = 'recommended';
1963  
1964              $result['label'] = __( 'The REST API encountered an unexpected result' );
1965  
1966              $result['description'] .= sprintf(
1967                  '<p>%s</p>',
1968                  sprintf(
1969                      /* translators: 1: The HTTP error code. 2: The HTTP error message. */
1970                      __( 'The REST API call gave the following unexpected result: (%1$d) %2$s.' ),
1971                      wp_remote_retrieve_response_code( $r ),
1972                      esc_html( wp_remote_retrieve_body( $r ) )
1973                  )
1974              );
1975          } else {
1976              $json = json_decode( wp_remote_retrieve_body( $r ), true );
1977  
1978              if ( false !== $json && ! isset( $json['capabilities'] ) ) {
1979                  $result['status'] = 'recommended';
1980  
1981                  $result['label'] = __( 'The REST API did not behave correctly' );
1982  
1983                  $result['description'] .= sprintf(
1984                      '<p>%s</p>',
1985                      sprintf(
1986                          /* translators: %s: The name of the query parameter being tested. */
1987                          __( 'The REST API did not process the %s query parameter correctly.' ),
1988                          '<code>context</code>'
1989                      )
1990                  );
1991              }
1992          }
1993  
1994          return $result;
1995      }
1996  
1997      /**
1998       * Test if 'file_uploads' directive in PHP.ini is turned off.
1999       *
2000       * @since 5.5.0
2001       *
2002       * @return array The test results.
2003       */
2004  	public function get_test_file_uploads() {
2005          $result = array(
2006              'label'       => __( 'Files can be uploaded.' ),
2007              'status'      => 'good',
2008              'badge'       => array(
2009                  'label' => __( 'Performance' ),
2010                  'color' => 'blue',
2011              ),
2012              'description' => sprintf(
2013                  '<p>%s</p>',
2014                  sprintf(
2015                      /* translators: 1: file_uploads, 2: php.ini */
2016                      __( 'The %1$s directive in %2$s determines if uploading files is allowed on your site.' ),
2017                      '<code>file_uploads</code>',
2018                      '<code>php.ini</code>'
2019                  )
2020              ),
2021              'actions'     => '',
2022              'test'        => 'file_uploads',
2023          );
2024  
2025          if ( ! function_exists( 'ini_get' ) ) {
2026              $result['status']       = 'critical';
2027              $result['description'] .= sprintf(
2028                  /* translators: %s: ini_get() */
2029                  __( 'The %s function has been disabled, some media settings are unavailable because of this.' ),
2030                  '<code>ini_get()</code>'
2031              );
2032              return $result;
2033          }
2034  
2035          if ( empty( ini_get( 'file_uploads' ) ) ) {
2036              $result['status']       = 'critical';
2037              $result['description'] .= sprintf(
2038                  '<p>%s</p>',
2039                  sprintf(
2040                      /* translators: 1: file_uploads, 2: 0 */
2041                      __( '%1$s is set to %2$s. You won\'t be able to upload files on your site.' ),
2042                      '<code>file_uploads</code>',
2043                      '<code>0</code>'
2044                  )
2045              );
2046              return $result;
2047          }
2048  
2049          $post_max_size       = ini_get( 'post_max_size' );
2050          $upload_max_filesize = ini_get( 'upload_max_filesize' );
2051  
2052          if ( wp_convert_hr_to_bytes( $post_max_size ) < wp_convert_hr_to_bytes( $upload_max_filesize ) ) {
2053              $result['label'] = sprintf(
2054                  /* translators: 1: post_max_size, 2: upload_max_filesize */
2055                  __( 'The "%1$s" value is smaller than "%2$s".' ),
2056                  'post_max_size',
2057                  'upload_max_filesize'
2058              );
2059              $result['status']      = 'recommended';
2060              $result['description'] = sprintf(
2061                  '<p>%s</p>',
2062                  sprintf(
2063                      /* translators: 1: post_max_size, 2: upload_max_filesize */
2064                      __( 'The setting for %1$s is smaller than %2$s, this could cause some problems when trying to upload files.' ),
2065                      '<code>post_max_size</code>',
2066                      '<code>upload_max_filesize</code>'
2067                  )
2068              );
2069              return $result;
2070          }
2071  
2072          return $result;
2073      }
2074  
2075      /**
2076       * Return a set of tests that belong to the site status page.
2077       *
2078       * Each site status test is defined here, they may be `direct` tests, that run on page load, or `async` tests
2079       * which will run later down the line via JavaScript calls to improve page performance and hopefully also user
2080       * experiences.
2081       *
2082       * @since 5.2.0
2083       *
2084       * @return array The list of tests to run.
2085       */
2086  	public static function get_tests() {
2087          $tests = array(
2088              'direct' => array(
2089                  'wordpress_version'         => array(
2090                      'label' => __( 'WordPress Version' ),
2091                      'test'  => 'wordpress_version',
2092                  ),
2093                  'plugin_version'            => array(
2094                      'label' => __( 'Plugin Versions' ),
2095                      'test'  => 'plugin_version',
2096                  ),
2097                  'theme_version'             => array(
2098                      'label' => __( 'Theme Versions' ),
2099                      'test'  => 'theme_version',
2100                  ),
2101                  'php_version'               => array(
2102                      'label' => __( 'PHP Version' ),
2103                      'test'  => 'php_version',
2104                  ),
2105                  'php_extensions'            => array(
2106                      'label' => __( 'PHP Extensions' ),
2107                      'test'  => 'php_extensions',
2108                  ),
2109                  'php_default_timezone'      => array(
2110                      'label' => __( 'PHP Default Timezone' ),
2111                      'test'  => 'php_default_timezone',
2112                  ),
2113                  'php_sessions'              => array(
2114                      'label' => __( 'PHP Sessions' ),
2115                      'test'  => 'php_sessions',
2116                  ),
2117                  'sql_server'                => array(
2118                      'label' => __( 'Database Server version' ),
2119                      'test'  => 'sql_server',
2120                  ),
2121                  'utf8mb4_support'           => array(
2122                      'label' => __( 'MySQL utf8mb4 support' ),
2123                      'test'  => 'utf8mb4_support',
2124                  ),
2125                  'https_status'              => array(
2126                      'label' => __( 'HTTPS status' ),
2127                      'test'  => 'https_status',
2128                  ),
2129                  'ssl_support'               => array(
2130                      'label' => __( 'Secure communication' ),
2131                      'test'  => 'ssl_support',
2132                  ),
2133                  'scheduled_events'          => array(
2134                      'label' => __( 'Scheduled events' ),
2135                      'test'  => 'scheduled_events',
2136                  ),
2137                  'http_requests'             => array(
2138                      'label' => __( 'HTTP Requests' ),
2139                      'test'  => 'http_requests',
2140                  ),
2141                  'debug_enabled'             => array(
2142                      'label' => __( 'Debugging enabled' ),
2143                      'test'  => 'is_in_debug_mode',
2144                  ),
2145                  'file_uploads'              => array(
2146                      'label' => __( 'File uploads' ),
2147                      'test'  => 'file_uploads',
2148                  ),
2149                  'plugin_theme_auto_updates' => array(
2150                      'label' => __( 'Plugin and theme auto-updates' ),
2151                      'test'  => 'plugin_theme_auto_updates',
2152                  ),
2153              ),
2154              'async'  => array(
2155                  'dotorg_communication' => array(
2156                      'label' => __( 'Communication with WordPress.org' ),
2157                      'test'  => 'dotorg_communication',
2158                  ),
2159                  'background_updates'   => array(
2160                      'label' => __( 'Background updates' ),
2161                      'test'  => 'background_updates',
2162                  ),
2163                  'loopback_requests'    => array(
2164                      'label' => __( 'Loopback request' ),
2165                      'test'  => 'loopback_requests',
2166                  ),
2167              ),
2168          );
2169  
2170          // Conditionally include REST rules if the function for it exists.
2171          if ( function_exists( 'rest_url' ) ) {
2172              $tests['direct']['rest_availability'] = array(
2173                  'label' => __( 'REST API availability' ),
2174                  'test'  => 'rest_availability',
2175              );
2176          }
2177  
2178          /**
2179           * Add or modify which site status tests are run on a site.
2180           *
2181           * The site health is determined by a set of tests based on best practices from
2182           * both the WordPress Hosting Team, but also web standards in general.
2183           *
2184           * Some sites may not have the same requirements, for example the automatic update
2185           * checks may be handled by a host, and are therefore disabled in core.
2186           * Or maybe you want to introduce a new test, is caching enabled/disabled/stale for example.
2187           *
2188           * Tests may be added either as direct, or asynchronous ones. Any test that may require some time
2189           * to complete should run asynchronously, to avoid extended loading periods within wp-admin.
2190           *
2191           * @since 5.2.0
2192           *
2193           * @param array $test_type {
2194           *     An associative array, where the `$test_type` is either `direct` or
2195           *     `async`, to declare if the test should run via Ajax calls after page load.
2196           *
2197           *     @type array $identifier {
2198           *         `$identifier` should be a unique identifier for the test that should run.
2199           *         Plugins and themes are encouraged to prefix test identifiers with their slug
2200           *         to avoid any collisions between tests.
2201           *
2202           *         @type string $label A friendly label for your test to identify it by.
2203           *         @type mixed  $test  A callable to perform a direct test, or a string Ajax action to be called
2204           *                             to perform an async test.
2205           *     }
2206           * }
2207           */
2208          $tests = apply_filters( 'site_status_tests', $tests );
2209  
2210          // Ensure that the filtered tests contain the required array keys.
2211          $tests = array_merge(
2212              array(
2213                  'direct' => array(),
2214                  'async'  => array(),
2215              ),
2216              $tests
2217          );
2218  
2219          return $tests;
2220      }
2221  
2222      /**
2223       * Add a class to the body HTML tag.
2224       *
2225       * Filters the body class string for admin pages and adds our own class for easier styling.
2226       *
2227       * @since 5.2.0
2228       *
2229       * @param string $body_class The body class string.
2230       * @return string The modified body class string.
2231       */
2232  	public function admin_body_class( $body_class ) {
2233          $screen = get_current_screen();
2234          if ( 'site-health' !== $screen->id ) {
2235              return $body_class;
2236          }
2237  
2238          $body_class .= ' site-health';
2239  
2240          return $body_class;
2241      }
2242  
2243      /**
2244       * Initiate the WP_Cron schedule test cases.
2245       *
2246       * @since 5.2.0
2247       */
2248  	private function wp_schedule_test_init() {
2249          $this->schedules = wp_get_schedules();
2250          $this->get_cron_tasks();
2251      }
2252  
2253      /**
2254       * Populate our list of cron events and store them to a class-wide variable.
2255       *
2256       * @since 5.2.0
2257       */
2258  	private function get_cron_tasks() {
2259          $cron_tasks = _get_cron_array();
2260  
2261          if ( empty( $cron_tasks ) ) {
2262              $this->crons = new WP_Error( 'no_tasks', __( 'No scheduled events exist on this site.' ) );
2263              return;
2264          }
2265  
2266          $this->crons = array();
2267  
2268          foreach ( $cron_tasks as $time => $cron ) {
2269              foreach ( $cron as $hook => $dings ) {
2270                  foreach ( $dings as $sig => $data ) {
2271  
2272                      $this->crons[ "$hook-$sig-$time" ] = (object) array(
2273                          'hook'     => $hook,
2274                          'time'     => $time,
2275                          'sig'      => $sig,
2276                          'args'     => $data['args'],
2277                          'schedule' => $data['schedule'],
2278                          'interval' => isset( $data['interval'] ) ? $data['interval'] : null,
2279                      );
2280  
2281                  }
2282              }
2283          }
2284      }
2285  
2286      /**
2287       * Check if any scheduled tasks have been missed.
2288       *
2289       * Returns a boolean value of `true` if a scheduled task has been missed and ends processing.
2290       *
2291       * If the list of crons is an instance of WP_Error, returns the instance instead of a boolean value.
2292       *
2293       * @since 5.2.0
2294       *
2295       * @return bool|WP_Error True if a cron was missed, false if not. WP_Error if the cron is set to that.
2296       */
2297  	public function has_missed_cron() {
2298          if ( is_wp_error( $this->crons ) ) {
2299              return $this->crons;
2300          }
2301  
2302          foreach ( $this->crons as $id => $cron ) {
2303              if ( ( $cron->time - time() ) < $this->timeout_missed_cron ) {
2304                  $this->last_missed_cron = $cron->hook;
2305                  return true;
2306              }
2307          }
2308  
2309          return false;
2310      }
2311  
2312      /**
2313       * Check if any scheduled tasks are late.
2314       *
2315       * Returns a boolean value of `true` if a scheduled task is late and ends processing.
2316       *
2317       * If the list of crons is an instance of WP_Error, returns the instance instead of a boolean value.
2318       *
2319       * @since 5.3.0
2320       *
2321       * @return bool|WP_Error True if a cron is late, false if not. WP_Error if the cron is set to that.
2322       */
2323  	public function has_late_cron() {
2324          if ( is_wp_error( $this->crons ) ) {
2325              return $this->crons;
2326          }
2327  
2328          foreach ( $this->crons as $id => $cron ) {
2329              $cron_offset = $cron->time - time();
2330              if (
2331                  $cron_offset >= $this->timeout_missed_cron &&
2332                  $cron_offset < $this->timeout_late_cron
2333              ) {
2334                  $this->last_late_cron = $cron->hook;
2335                  return true;
2336              }
2337          }
2338  
2339          return false;
2340      }
2341  
2342      /**
2343       * Check for potential issues with plugin and theme auto-updates.
2344       *
2345       * Though there is no way to 100% determine if plugin and theme auto-updates are configured
2346       * correctly, a few educated guesses could be made to flag any conditions that would
2347       * potentially cause unexpected behaviors.
2348       *
2349       * @since 5.5.0
2350       *
2351       * @return object The test results.
2352       */
2353  	function detect_plugin_theme_auto_update_issues() {
2354          $mock_plugin = (object) array(
2355              'id'            => 'w.org/plugins/a-fake-plugin',
2356              'slug'          => 'a-fake-plugin',
2357              'plugin'        => 'a-fake-plugin/a-fake-plugin.php',
2358              'new_version'   => '9.9',
2359              'url'           => 'https://wordpress.org/plugins/a-fake-plugin/',
2360              'package'       => 'https://downloads.wordpress.org/plugin/a-fake-plugin.9.9.zip',
2361              'icons'         => array(
2362                  '2x' => 'https://ps.w.org/a-fake-plugin/assets/icon-256x256.png',
2363                  '1x' => 'https://ps.w.org/a-fake-plugin/assets/icon-128x128.png',
2364              ),
2365              'banners'       => array(
2366                  '2x' => 'https://ps.w.org/a-fake-plugin/assets/banner-1544x500.png',
2367                  '1x' => 'https://ps.w.org/a-fake-plugin/assets/banner-772x250.png',
2368              ),
2369              'banners_rtl'   => array(),
2370              'tested'        => '5.5.0',
2371              'requires_php'  => '5.6.20',
2372              'compatibility' => new stdClass(),
2373          );
2374  
2375          $mock_theme = (object) array(
2376              'theme'        => 'a-fake-theme',
2377              'new_version'  => '9.9',
2378              'url'          => 'https://wordpress.org/themes/a-fake-theme/',
2379              'package'      => 'https://downloads.wordpress.org/theme/a-fake-theme.9.9.zip',
2380              'requires'     => '5.0.0',
2381              'requires_php' => '5.6.20',
2382          );
2383  
2384          $type = 'plugin';
2385          /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */
2386          $test_plugins_enabled = apply_filters( "auto_update_{$type}", true, $mock_plugin );
2387  
2388          $type = 'theme';
2389          /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */
2390          $test_themes_enabled = apply_filters( "auto_update_{$type}", true, $mock_theme );
2391  
2392          $ui_enabled_for_plugins = wp_is_auto_update_enabled_for_type( 'plugin' );
2393          $ui_enabled_for_themes  = wp_is_auto_update_enabled_for_type( 'theme' );
2394          $plugin_filter_present  = has_filter( 'auto_update_plugin' );
2395          $theme_filter_present   = has_filter( 'auto_update_theme' );
2396  
2397          if ( ( ! $test_plugins_enabled && $ui_enabled_for_plugins )
2398              || ( ! $test_themes_enabled && $ui_enabled_for_themes )
2399          ) {
2400              return (object) array(
2401                  'status'  => 'critical',
2402                  'message' => __( 'Auto-updates for plugins and/or themes appear to be disabled, but settings are still set to be displayed. This could cause auto-updates to not work as expected.' ),
2403              );
2404          }
2405  
2406          if ( ( ! $test_plugins_enabled && $plugin_filter_present )
2407              && ( ! $test_themes_enabled && $theme_filter_present )
2408          ) {
2409              return (object) array(
2410                  'status'  => 'recommended',
2411                  'message' => __( 'Auto-updates for plugins and themes appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ),
2412              );
2413          } elseif ( ! $test_plugins_enabled && $plugin_filter_present ) {
2414              return (object) array(
2415                  'status'  => 'recommended',
2416                  'message' => __( 'Auto-updates for plugins appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ),
2417              );
2418          } elseif ( ! $test_themes_enabled && $theme_filter_present ) {
2419              return (object) array(
2420                  'status'  => 'recommended',
2421                  'message' => __( 'Auto-updates for themes appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ),
2422              );
2423          }
2424  
2425          return (object) array(
2426              'status'  => 'good',
2427              'message' => __( 'There appear to be no issues with plugin and theme auto-updates.' ),
2428          );
2429      }
2430  
2431      /**
2432       * Run a loopback test on our site.
2433       *
2434       * Loopbacks are what WordPress uses to communicate with itself to start up WP_Cron, scheduled posts,
2435       * make sure plugin or theme edits don't cause site failures and similar.
2436       *
2437       * @since 5.2.0
2438       *
2439       * @return object The test results.
2440       */
2441  	function can_perform_loopback() {
2442          $cookies = wp_unslash( $_COOKIE );
2443          $timeout = 10;
2444          $headers = array(
2445              'Cache-Control' => 'no-cache',
2446          );
2447          /** This filter is documented in wp-includes/class-wp-http-streams.php */
2448          $sslverify = apply_filters( 'https_local_ssl_verify', false );
2449  
2450          // Include Basic auth in loopback requests.
2451          if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
2452              $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
2453          }
2454  
2455          $url = admin_url();
2456  
2457          $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
2458  
2459          if ( is_wp_error( $r ) ) {
2460              return (object) array(
2461                  'status'  => 'critical',
2462                  'message' => sprintf(
2463                      '%s<br>%s',
2464                      __( 'The loopback request to your site failed, this means features relying on them are not currently working as expected.' ),
2465                      sprintf(
2466                          /* translators: 1: The WordPress error message. 2: The WordPress error code. */
2467                          __( 'Error: %1$s (%2$s)' ),
2468                          $r->get_error_message(),
2469                          $r->get_error_code()
2470                      )
2471                  ),
2472              );
2473          }
2474  
2475          if ( 200 !== wp_remote_retrieve_response_code( $r ) ) {
2476              return (object) array(
2477                  'status'  => 'recommended',
2478                  'message' => sprintf(
2479                      /* translators: %d: The HTTP response code returned. */
2480                      __( 'The loopback request returned an unexpected http status code, %d, it was not possible to determine if this will prevent features from working as expected.' ),
2481                      wp_remote_retrieve_response_code( $r )
2482                  ),
2483              );
2484          }
2485  
2486          return (object) array(
2487              'status'  => 'good',
2488              'message' => __( 'The loopback request to your site completed successfully.' ),
2489          );
2490      }
2491  
2492      /**
2493       * Create a weekly cron event, if one does not already exist.
2494       *
2495       * @since 5.4.0
2496       */
2497  	public function maybe_create_scheduled_event() {
2498          if ( ! wp_next_scheduled( 'wp_site_health_scheduled_check' ) && ! wp_installing() ) {
2499              wp_schedule_event( time() + DAY_IN_SECONDS, 'weekly', 'wp_site_health_scheduled_check' );
2500          }
2501      }
2502  
2503      /**
2504       * Run our scheduled event to check and update the latest site health status for the website.
2505       *
2506       * @since 5.4.0
2507       */
2508  	public function wp_cron_scheduled_check() {
2509          // Bootstrap wp-admin, as WP_Cron doesn't do this for us.
2510          require_once trailingslashit( ABSPATH ) . 'wp-admin/includes/admin.php';
2511  
2512          $tests = WP_Site_Health::get_tests();
2513  
2514          $results = array();
2515  
2516          $site_status = array(
2517              'good'        => 0,
2518              'recommended' => 0,
2519              'critical'    => 0,
2520          );
2521  
2522          // Don't run https test on localhost.
2523          if ( 'localhost' === preg_replace( '|https?://|', '', get_site_url() ) ) {
2524              unset( $tests['direct']['https_status'] );
2525          }
2526  
2527          foreach ( $tests['direct'] as $test ) {
2528  
2529              if ( is_string( $test['test'] ) ) {
2530                  $test_function = sprintf(
2531                      'get_test_%s',
2532                      $test['test']
2533                  );
2534  
2535                  if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) {
2536                      $results[] = $this->perform_test( array( $this, $test_function ) );
2537                      continue;
2538                  }
2539              }
2540  
2541              if ( is_callable( $test['test'] ) ) {
2542                  $results[] = $this->perform_test( $test['test'] );
2543              }
2544          }
2545  
2546          foreach ( $tests['async'] as $test ) {
2547              if ( is_string( $test['test'] ) ) {
2548                  if ( isset( $test['has_rest'] ) && $test['has_rest'] ) {
2549                      $result_fetch = wp_remote_post(
2550                          rest_url( $test['test'] ),
2551                          array(
2552                              'body' => array(
2553                                  '_wpnonce' => wp_create_nonce( 'wp_rest' ),
2554                              ),
2555                          )
2556                      );
2557                  } else {
2558                      $result_fetch = wp_remote_post(
2559                          admin_url( 'admin-ajax.php' ),
2560                          array(
2561                              'body' => array(
2562                                  'action'   => $test['test'],
2563                                  '_wpnonce' => wp_create_nonce( 'health-check-site-status' ),
2564                              ),
2565                          )
2566                      );
2567                  }
2568  
2569                  if ( ! is_wp_error( $result_fetch ) ) {
2570                      $result = json_decode( wp_remote_retrieve_body( $result_fetch ), true );
2571                  } else {
2572                      $result = false;
2573                  }
2574  
2575                  if ( is_array( $result ) ) {
2576                      $results[] = $result;
2577                  } else {
2578                      $results[] = array(
2579                          'status' => 'recommended',
2580                          'label'  => __( 'A test is unavailable' ),
2581                      );
2582                  }
2583              }
2584          }
2585  
2586          foreach ( $results as $result ) {
2587              if ( 'critical' === $result['status'] ) {
2588                  $site_status['critical']++;
2589              } elseif ( 'recommended' === $result['status'] ) {
2590                  $site_status['recommended']++;
2591              } else {
2592                  $site_status['good']++;
2593              }
2594          }
2595  
2596          set_transient( 'health-check-site-status-result', wp_json_encode( $site_status ) );
2597      }
2598  }


Generated: Mon Sep 28 01:00:02 2020 Cross-referenced by PHPXref 0.7.1