[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

title

Body

[close]

/wp-admin/includes/ -> class-wp-site-health-auto-updates.php (source)

   1  <?php
   2  /**
   3   * Class for testing automatic updates in the WordPress code.
   4   *
   5   * @package WordPress
   6   * @subpackage Site_Health
   7   * @since 5.2.0
   8   */
   9  
  10  class WP_Site_Health_Auto_Updates {
  11      /**
  12       * WP_Site_Health_Auto_Updates constructor.
  13       * @since 5.2.0
  14       */
  15  	public function __construct() {
  16          include_once  ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
  17      }
  18  
  19  
  20      /**
  21       * Run tests to determine if auto-updates can run.
  22       *
  23       * @since 5.2.0
  24       *
  25       * @return array The test results.
  26       */
  27  	public function run_tests() {
  28          $tests = array(
  29              $this->test_constants( 'WP_AUTO_UPDATE_CORE', true ),
  30              $this->test_wp_version_check_attached(),
  31              $this->test_filters_automatic_updater_disabled(),
  32              $this->test_wp_automatic_updates_disabled(),
  33              $this->test_if_failed_update(),
  34              $this->test_vcs_abspath(),
  35              $this->test_check_wp_filesystem_method(),
  36              $this->test_all_files_writable(),
  37              $this->test_accepts_dev_updates(),
  38              $this->test_accepts_minor_updates(),
  39          );
  40  
  41          $tests = array_filter( $tests );
  42          $tests = array_map(
  43              function( $test ) {
  44                  $test = (object) $test;
  45  
  46                  if ( empty( $test->severity ) ) {
  47                      $test->severity = 'warning';
  48                  }
  49  
  50                  return $test;
  51              },
  52              $tests
  53          );
  54  
  55          return $tests;
  56      }
  57  
  58      /**
  59       * Test if auto-updates related constants are set correctly.
  60       *
  61       * @since 5.2.0
  62       *
  63       * @param string $constant The name of the constant to check.
  64       * @param bool   $value    The value that the constant should be, if set.
  65       * @return array The test results.
  66       */
  67  	public function test_constants( $constant, $value ) {
  68          if ( defined( $constant ) && constant( $constant ) != $value ) {
  69              return array(
  70                  'description' => sprintf(
  71                      /* translators: %s: Name of the constant used. */
  72                      __( 'The %s constant is defined and enabled.' ),
  73                      "<code>$constant</code>"
  74                  ),
  75                  'severity'    => 'fail',
  76              );
  77          }
  78      }
  79  
  80      /**
  81       * Check if updates are intercepted by a filter.
  82       *
  83       * @since 5.2.0
  84       *
  85       * @return array The test results.
  86       */
  87  	public function test_wp_version_check_attached() {
  88          if ( ! is_main_site() ) {
  89              return;
  90          }
  91  
  92          $cookies = wp_unslash( $_COOKIE );
  93          $timeout = 10;
  94          $headers = array(
  95              'Cache-Control' => 'no-cache',
  96          );
  97          /** This filter is documented in wp-includes/class-wp-http-streams.php */
  98          $sslverify = apply_filters( 'https_local_ssl_verify', false );
  99  
 100          // Include Basic auth in loopback requests.
 101          if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
 102              $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
 103          }
 104  
 105          $url = add_query_arg(
 106              array(
 107                  'health-check-test-wp_version_check' => true,
 108              ),
 109              admin_url( 'site-health.php' )
 110          );
 111  
 112          $test = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
 113  
 114          if ( is_wp_error( $test ) ) {
 115              return array(
 116                  'description' => sprintf(
 117                      /* translators: %s: Name of the filter used. */
 118                      __( 'Could not confirm that the %s filter is available.' ),
 119                      '<code>wp_version_check()</code>'
 120                  ),
 121                  'severity'    => 'warning',
 122              );
 123          }
 124  
 125          $response = wp_remote_retrieve_body( $test );
 126  
 127          if ( 'yes' !== $response ) {
 128              return array(
 129                  'description' => sprintf(
 130                      /* translators: %s: Name of the filter used. */
 131                      __( 'A plugin has prevented updates by disabling %s.' ),
 132                      '<code>wp_version_check()</code>'
 133                  ),
 134                  'severity'    => 'fail',
 135              );
 136          }
 137      }
 138  
 139      /**
 140       * Check if automatic updates are disabled by a filter.
 141       *
 142       * @since 5.2.0
 143       *
 144       * @return array The test results.
 145       */
 146  	public function test_filters_automatic_updater_disabled() {
 147          /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */
 148          if ( apply_filters( 'automatic_updater_disabled', false ) ) {
 149              return array(
 150                  'description' => sprintf(
 151                      /* translators: %s: Name of the filter used. */
 152                      __( 'The %s filter is enabled.' ),
 153                      '<code>automatic_updater_disabled</code>'
 154                  ),
 155                  'severity'    => 'fail',
 156              );
 157          }
 158      }
 159  
 160      /**
 161       * Check if automatic updates are disabled.
 162       *
 163       * @since 5.3.0
 164       *
 165       * @return array|bool The test results. False if auto updates are enabled.
 166       */
 167  	public function test_wp_automatic_updates_disabled() {
 168          if ( ! class_exists( 'WP_Automatic_Updater' ) ) {
 169              require_once( ABSPATH . 'wp-admin/includes/class-wp-automatic-updates.php' );
 170          }
 171  
 172          $auto_updates = new WP_Automatic_Updater();
 173  
 174          if ( ! $auto_updates->is_disabled() ) {
 175              return false;
 176          }
 177  
 178          return array(
 179              'description' => __( 'All automatic updates are disabled.' ),
 180              'severity'    => 'fail',
 181          );
 182      }
 183  
 184      /**
 185       * Check if automatic updates have tried to run, but failed, previously.
 186       *
 187       * @since 5.2.0
 188       *
 189       * @return array|bool The test results. False if the auto updates failed.
 190       */
 191  	function test_if_failed_update() {
 192          $failed = get_site_option( 'auto_core_update_failed' );
 193  
 194          if ( ! $failed ) {
 195              return false;
 196          }
 197  
 198          if ( ! empty( $failed['critical'] ) ) {
 199              $description  = __( 'A previous automatic background update ended with a critical failure, so updates are now disabled.' );
 200              $description .= ' ' . __( 'You would have received an email because of this.' );
 201              $description .= ' ' . __( "When you've been able to update using the \"Update Now\" button on Dashboard > Updates, we'll clear this error for future update attempts." );
 202              $description .= ' ' . sprintf(
 203                  /* translators: %s: Code of error shown. */
 204                  __( 'The error code was %s.' ),
 205                  '<code>' . $failed['error_code'] . '</code>'
 206              );
 207              return array(
 208                  'description' => $description,
 209                  'severity'    => 'warning',
 210              );
 211          }
 212  
 213          $description = __( 'A previous automatic background update could not occur.' );
 214          if ( empty( $failed['retry'] ) ) {
 215              $description .= ' ' . __( 'You would have received an email because of this.' );
 216          }
 217  
 218          $description .= ' ' . __( "We'll try again with the next release." );
 219          $description .= ' ' . sprintf(
 220              /* translators: %s: Code of error shown. */
 221              __( 'The error code was %s.' ),
 222              '<code>' . $failed['error_code'] . '</code>'
 223          );
 224          return array(
 225              'description' => $description,
 226              'severity'    => 'warning',
 227          );
 228      }
 229  
 230      /**
 231       * Check if WordPress is controlled by a VCS (Git, Subversion etc).
 232       *
 233       * @since 5.2.0
 234       *
 235       * @return array The test results.
 236       */
 237  	public function test_vcs_abspath() {
 238          $context_dirs = array( ABSPATH );
 239          $vcs_dirs     = array( '.svn', '.git', '.hg', '.bzr' );
 240          $check_dirs   = array();
 241  
 242          foreach ( $context_dirs as $context_dir ) {
 243              // Walk up from $context_dir to the root.
 244              do {
 245                  $check_dirs[] = $context_dir;
 246  
 247                  // Once we've hit '/' or 'C:\', we need to stop. dirname will keep returning the input here.
 248                  if ( dirname( $context_dir ) == $context_dir ) {
 249                      break;
 250                  }
 251  
 252                  // Continue one level at a time.
 253              } while ( $context_dir = dirname( $context_dir ) );
 254          }
 255  
 256          $check_dirs = array_unique( $check_dirs );
 257  
 258          // Search all directories we've found for evidence of version control.
 259          foreach ( $vcs_dirs as $vcs_dir ) {
 260              foreach ( $check_dirs as $check_dir ) {
 261                  // phpcs:ignore
 262                  if ( $checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" ) ) {
 263                      break 2;
 264                  }
 265              }
 266          }
 267  
 268          /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */
 269          if ( $checkout && ! apply_filters( 'automatic_updates_is_vcs_checkout', true, ABSPATH ) ) {
 270              return array(
 271                  'description' => sprintf(
 272                      /* translators: 1: Folder name. 2: Version control directory. 3: Filter name. */
 273                      __( 'The folder %1$s was detected as being under version control (%2$s), but the %3$s filter is allowing updates.' ),
 274                      '<code>' . $check_dir . '</code>',
 275                      "<code>$vcs_dir</code>",
 276                      '<code>automatic_updates_is_vcs_checkout</code>'
 277                  ),
 278                  'severity'    => 'info',
 279              );
 280          }
 281  
 282          if ( $checkout ) {
 283              return array(
 284                  'description' => sprintf(
 285                      /* translators: 1: Folder name. 2: Version control directory. */
 286                      __( 'The folder %1$s was detected as being under version control (%2$s).' ),
 287                      '<code>' . $check_dir . '</code>',
 288                      "<code>$vcs_dir</code>"
 289                  ),
 290                  'severity'    => 'warning',
 291              );
 292          }
 293  
 294          return array(
 295              'description' => __( 'No version control systems were detected.' ),
 296              'severity'    => 'pass',
 297          );
 298      }
 299  
 300      /**
 301       * Check if we can access files without providing credentials.
 302       *
 303       * @since 5.2.0
 304       *
 305       * @return array The test results.
 306       */
 307  	function test_check_wp_filesystem_method() {
 308          $skin    = new Automatic_Upgrader_Skin;
 309          $success = $skin->request_filesystem_credentials( false, ABSPATH );
 310  
 311          if ( ! $success ) {
 312              $description  = __( 'Your installation of WordPress prompts for FTP credentials to perform updates.' );
 313              $description .= ' ' . __( '(Your site is performing updates over FTP due to file ownership. Talk to your hosting company.)' );
 314  
 315              return array(
 316                  'description' => $description,
 317                  'severity'    => 'fail',
 318              );
 319          }
 320  
 321          return array(
 322              'description' => __( "Your installation of WordPress doesn't require FTP credentials to perform updates." ),
 323              'severity'    => 'pass',
 324          );
 325      }
 326  
 327      /**
 328       * Check if core files are writable by the web user/group.
 329       *
 330       * @since 5.2.0
 331       *
 332       * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
 333       *
 334       * @return array|bool The test results. False if they're not writeable.
 335       */
 336  	function test_all_files_writable() {
 337          global $wp_filesystem;
 338  
 339          include  ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z
 340  
 341          $skin    = new Automatic_Upgrader_Skin;
 342          $success = $skin->request_filesystem_credentials( false, ABSPATH );
 343  
 344          if ( ! $success ) {
 345              return false;
 346          }
 347  
 348          WP_Filesystem();
 349  
 350          if ( 'direct' != $wp_filesystem->method ) {
 351              return false;
 352          }
 353  
 354          $checksums = get_core_checksums( $wp_version, 'en_US' );
 355          $dev       = ( false !== strpos( $wp_version, '-' ) );
 356          // Get the last stable version's files and test against that
 357          if ( ! $checksums && $dev ) {
 358              $checksums = get_core_checksums( (float) $wp_version - 0.1, 'en_US' );
 359          }
 360  
 361          // There aren't always checksums for development releases, so just skip the test if we still can't find any
 362          if ( ! $checksums && $dev ) {
 363              return false;
 364          }
 365  
 366          if ( ! $checksums ) {
 367              $description = sprintf(
 368                  /* translators: %s: WordPress version. */
 369                  __( "Couldn't retrieve a list of the checksums for WordPress %s." ),
 370                  $wp_version
 371              );
 372              $description .= ' ' . __( 'This could mean that connections are failing to WordPress.org.' );
 373              return array(
 374                  'description' => $description,
 375                  'severity'    => 'warning',
 376              );
 377          }
 378  
 379          $unwritable_files = array();
 380          foreach ( array_keys( $checksums ) as $file ) {
 381              if ( 'wp-content' == substr( $file, 0, 10 ) ) {
 382                  continue;
 383              }
 384              if ( ! file_exists( ABSPATH . $file ) ) {
 385                  continue;
 386              }
 387              if ( ! is_writable( ABSPATH . $file ) ) {
 388                  $unwritable_files[] = $file;
 389              }
 390          }
 391  
 392          if ( $unwritable_files ) {
 393              if ( count( $unwritable_files ) > 20 ) {
 394                  $unwritable_files   = array_slice( $unwritable_files, 0, 20 );
 395                  $unwritable_files[] = '...';
 396              }
 397              return array(
 398                  'description' => __( 'Some files are not writable by WordPress:' ) . ' <ul><li>' . implode( '</li><li>', $unwritable_files ) . '</li></ul>',
 399                  'severity'    => 'fail',
 400              );
 401          } else {
 402              return array(
 403                  'description' => __( 'All of your WordPress files are writable.' ),
 404                  'severity'    => 'pass',
 405              );
 406          }
 407      }
 408  
 409      /**
 410       * Check if the install is using a development branch and can use nightly packages.
 411       *
 412       * @since 5.2.0
 413       *
 414       * @return array|bool The test results. False if it isn't a development version.
 415       */
 416  	function test_accepts_dev_updates() {
 417          include  ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z
 418          // Only for dev versions
 419          if ( false === strpos( $wp_version, '-' ) ) {
 420              return false;
 421          }
 422  
 423          if ( defined( 'WP_AUTO_UPDATE_CORE' ) && ( 'minor' === WP_AUTO_UPDATE_CORE || false === WP_AUTO_UPDATE_CORE ) ) {
 424              return array(
 425                  'description' => sprintf(
 426                      /* translators: %s: Name of the constant used. */
 427                      __( 'WordPress development updates are blocked by the %s constant.' ),
 428                      '<code>WP_AUTO_UPDATE_CORE</code>'
 429                  ),
 430                  'severity'    => 'fail',
 431              );
 432          }
 433  
 434          /** This filter is documented in wp-admin/includes/class-core-upgrader.php */
 435          if ( ! apply_filters( 'allow_dev_auto_core_updates', $wp_version ) ) {
 436              return array(
 437                  'description' => sprintf(
 438                      /* translators: %s: Name of the filter used. */
 439                      __( 'WordPress development updates are blocked by the %s filter.' ),
 440                      '<code>allow_dev_auto_core_updates</code>'
 441                  ),
 442                  'severity'    => 'fail',
 443              );
 444          }
 445      }
 446  
 447      /**
 448       * Check if the site supports automatic minor updates.
 449       *
 450       * @since 5.2.0
 451       *
 452       * @return array The test results.
 453       */
 454  	function test_accepts_minor_updates() {
 455          if ( defined( 'WP_AUTO_UPDATE_CORE' ) && false === WP_AUTO_UPDATE_CORE ) {
 456              return array(
 457                  'description' => sprintf(
 458                      /* translators: %s: Name of the constant used. */
 459                      __( 'WordPress security and maintenance releases are blocked by %s.' ),
 460                      "<code>define( 'WP_AUTO_UPDATE_CORE', false );</code>"
 461                  ),
 462                  'severity'    => 'fail',
 463              );
 464          }
 465  
 466          /** This filter is documented in wp-admin/includes/class-core-upgrader.php */
 467          if ( ! apply_filters( 'allow_minor_auto_core_updates', true ) ) {
 468              return array(
 469                  'description' => sprintf(
 470                      /* translators: %s: Name of the filter used. */
 471                      __( 'WordPress security and maintenance releases are blocked by the %s filter.' ),
 472                      '<code>allow_minor_auto_core_updates</code>'
 473                  ),
 474                  'severity'    => 'fail',
 475              );
 476          }
 477      }
 478  }


Generated: Sat Nov 23 20:47:33 2019 Cross-referenced by PHPXref 0.7