[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-admin/includes/ -> class-wp-site-health.php (source)

   1  <?php
   2  /**
   3   * Class for looking up a site's health based on a user's WordPress environment.
   4   *
   5   * @package WordPress
   6   * @subpackage Site_Health
   7   * @since 5.2.0
   8   */
   9  
  10  class WP_Site_Health {
  11      private static $instance = null;
  12  
  13      private $mysql_min_version_check;
  14      private $mysql_rec_version_check;
  15  
  16      public $is_mariadb                           = false;
  17      private $mysql_server_version                = '';
  18      private $health_check_mysql_required_version = '5.5';
  19      private $health_check_mysql_rec_version      = '';
  20  
  21      public $php_memory_limit;
  22  
  23      public $schedules;
  24      public $crons;
  25      public $last_missed_cron     = null;
  26      public $last_late_cron       = null;
  27      private $timeout_missed_cron = null;
  28      private $timeout_late_cron   = null;
  29  
  30      /**
  31       * WP_Site_Health constructor.
  32       *
  33       * @since 5.2.0
  34       */
  35  	public function __construct() {
  36          $this->maybe_create_scheduled_event();
  37  
  38          // Save memory limit before it's affected by wp_raise_memory_limit( 'admin' ).
  39          $this->php_memory_limit = ini_get( 'memory_limit' );
  40  
  41          $this->timeout_late_cron   = 0;
  42          $this->timeout_missed_cron = - 5 * MINUTE_IN_SECONDS;
  43  
  44          if ( defined( 'DISABLE_WP_CRON' ) && DISABLE_WP_CRON ) {
  45              $this->timeout_late_cron   = - 15 * MINUTE_IN_SECONDS;
  46              $this->timeout_missed_cron = - 1 * HOUR_IN_SECONDS;
  47          }
  48  
  49          add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
  50  
  51          add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) );
  52          add_action( 'wp_site_health_scheduled_check', array( $this, 'wp_cron_scheduled_check' ) );
  53      }
  54  
  55      /**
  56       * Return an instance of the WP_Site_Health class, or create one if none exist yet.
  57       *
  58       * @since 5.4.0
  59       *
  60       * @return WP_Site_Health|null
  61       */
  62  	public static function get_instance() {
  63          if ( null === self::$instance ) {
  64              self::$instance = new WP_Site_Health();
  65          }
  66  
  67          return self::$instance;
  68      }
  69  
  70      /**
  71       * Enqueues the site health scripts.
  72       *
  73       * @since 5.2.0
  74       */
  75  	public function enqueue_scripts() {
  76          $screen = get_current_screen();
  77          if ( 'site-health' !== $screen->id && 'dashboard' !== $screen->id ) {
  78              return;
  79          }
  80  
  81          $health_check_js_variables = array(
  82              'screen'      => $screen->id,
  83              'nonce'       => array(
  84                  'site_status'        => wp_create_nonce( 'health-check-site-status' ),
  85                  'site_status_result' => wp_create_nonce( 'health-check-site-status-result' ),
  86              ),
  87              'site_status' => array(
  88                  'direct' => array(),
  89                  'async'  => array(),
  90                  'issues' => array(
  91                      'good'        => 0,
  92                      'recommended' => 0,
  93                      'critical'    => 0,
  94                  ),
  95              ),
  96          );
  97  
  98          $issue_counts = get_transient( 'health-check-site-status-result' );
  99  
 100          if ( false !== $issue_counts ) {
 101              $issue_counts = json_decode( $issue_counts );
 102  
 103              $health_check_js_variables['site_status']['issues'] = $issue_counts;
 104          }
 105  
 106          if ( 'site-health' === $screen->id && ! isset( $_GET['tab'] ) ) {
 107              $tests = WP_Site_Health::get_tests();
 108  
 109              // Don't run https test on development environments.
 110              if ( $this->is_development_environment() ) {
 111                  unset( $tests['direct']['https_status'] );
 112              }
 113  
 114              foreach ( $tests['direct'] as $test ) {
 115                  if ( is_string( $test['test'] ) ) {
 116                      $test_function = sprintf(
 117                          'get_test_%s',
 118                          $test['test']
 119                      );
 120  
 121                      if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) {
 122                          $health_check_js_variables['site_status']['direct'][] = $this->perform_test( array( $this, $test_function ) );
 123                          continue;
 124                      }
 125                  }
 126  
 127                  if ( is_callable( $test['test'] ) ) {
 128                      $health_check_js_variables['site_status']['direct'][] = $this->perform_test( $test['test'] );
 129                  }
 130              }
 131  
 132              foreach ( $tests['async'] as $test ) {
 133                  if ( is_string( $test['test'] ) ) {
 134                      $health_check_js_variables['site_status']['async'][] = array(
 135                          'test'      => $test['test'],
 136                          'has_rest'  => ( isset( $test['has_rest'] ) ? $test['has_rest'] : false ),
 137                          'completed' => false,
 138                      );
 139                  }
 140              }
 141          }
 142  
 143          wp_localize_script( 'site-health', 'SiteHealth', $health_check_js_variables );
 144      }
 145  
 146      /**
 147       * Run a Site Health test directly.
 148       *
 149       * @since 5.4.0
 150       *
 151       * @param callable $callback
 152       * @return mixed|void
 153       */
 154  	private function perform_test( $callback ) {
 155          /**
 156           * Filters the output of a finished Site Health test.
 157           *
 158           * @since 5.3.0
 159           *
 160           * @param array $test_result {
 161           *     An associative array of test result data.
 162           *
 163           *     @type string $label       A label describing the test, and is used as a header in the output.
 164           *     @type string $status      The status of the test, which can be a value of `good`, `recommended` or `critical`.
 165           *     @type array  $badge {
 166           *         Tests are put into categories which have an associated badge shown, these can be modified and assigned here.
 167           *
 168           *         @type string $label The test label, for example `Performance`.
 169           *         @type string $color Default `blue`. A string representing a color to use for the label.
 170           *     }
 171           *     @type string $description A more descriptive explanation of what the test looks for, and why it is important for the end user.
 172           *     @type string $actions     An action to direct the user to where they can resolve the issue, if one exists.
 173           *     @type string $test        The name of the test being ran, used as a reference point.
 174           * }
 175           */
 176          return apply_filters( 'site_status_test_result', call_user_func( $callback ) );
 177      }
 178  
 179      /**
 180       * Run the SQL version checks.
 181       *
 182       * These values are used in later tests, but the part of preparing them is more easily managed
 183       * early in the class for ease of access and discovery.
 184       *
 185       * @since 5.2.0
 186       *
 187       * @global wpdb $wpdb WordPress database abstraction object.
 188       */
 189  	private function prepare_sql_data() {
 190          global $wpdb;
 191  
 192          if ( $wpdb->use_mysqli ) {
 193              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_server_info
 194              $mysql_server_type = mysqli_get_server_info( $wpdb->dbh );
 195          } else {
 196              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_server_info,PHPCompatibility.Extensions.RemovedExtensions.mysql_DeprecatedRemoved
 197              $mysql_server_type = mysql_get_server_info( $wpdb->dbh );
 198          }
 199  
 200          $this->mysql_server_version = $wpdb->get_var( 'SELECT VERSION()' );
 201  
 202          $this->health_check_mysql_rec_version = '5.6';
 203  
 204          if ( stristr( $mysql_server_type, 'mariadb' ) ) {
 205              $this->is_mariadb                     = true;
 206              $this->health_check_mysql_rec_version = '10.0';
 207          }
 208  
 209          $this->mysql_min_version_check = version_compare( '5.5', $this->mysql_server_version, '<=' );
 210          $this->mysql_rec_version_check = version_compare( $this->health_check_mysql_rec_version, $this->mysql_server_version, '<=' );
 211      }
 212  
 213      /**
 214       * Test if `wp_version_check` is blocked.
 215       *
 216       * It's possible to block updates with the `wp_version_check` filter, but this can't be checked
 217       * during an Ajax call, as the filter is never introduced then.
 218       *
 219       * This filter overrides a standard page request if it's made by an admin through the Ajax call
 220       * with the right query argument to check for this.
 221       *
 222       * @since 5.2.0
 223       */
 224  	public function check_wp_version_check_exists() {
 225          if ( ! is_admin() || ! is_user_logged_in() || ! current_user_can( 'update_core' ) || ! isset( $_GET['health-check-test-wp_version_check'] ) ) {
 226              return;
 227          }
 228  
 229          echo ( has_filter( 'wp_version_check', 'wp_version_check' ) ? 'yes' : 'no' );
 230  
 231          die();
 232      }
 233  
 234      /**
 235       * Tests for WordPress version and outputs it.
 236       *
 237       * Gives various results depending on what kind of updates are available, if any, to encourage
 238       * the user to install security updates as a priority.
 239       *
 240       * @since 5.2.0
 241       *
 242       * @return array The test result.
 243       */
 244  	public function get_test_wordpress_version() {
 245          $result = array(
 246              'label'       => '',
 247              'status'      => '',
 248              'badge'       => array(
 249                  'label' => __( 'Performance' ),
 250                  'color' => 'blue',
 251              ),
 252              'description' => '',
 253              'actions'     => '',
 254              'test'        => 'wordpress_version',
 255          );
 256  
 257          $core_current_version = get_bloginfo( 'version' );
 258          $core_updates         = get_core_updates();
 259  
 260          if ( ! is_array( $core_updates ) ) {
 261              $result['status'] = 'recommended';
 262  
 263              $result['label'] = sprintf(
 264                  /* translators: %s: Your current version of WordPress. */
 265                  __( 'WordPress version %s' ),
 266                  $core_current_version
 267              );
 268  
 269              $result['description'] = sprintf(
 270                  '<p>%s</p>',
 271                  __( 'We were unable to check if any new versions of WordPress are available.' )
 272              );
 273  
 274              $result['actions'] = sprintf(
 275                  '<a href="%s">%s</a>',
 276                  esc_url( admin_url( 'update-core.php?force-check=1' ) ),
 277                  __( 'Check for updates manually' )
 278              );
 279          } else {
 280              foreach ( $core_updates as $core => $update ) {
 281                  if ( 'upgrade' === $update->response ) {
 282                      $current_version = explode( '.', $core_current_version );
 283                      $new_version     = explode( '.', $update->version );
 284  
 285                      $current_major = $current_version[0] . '.' . $current_version[1];
 286                      $new_major     = $new_version[0] . '.' . $new_version[1];
 287  
 288                      $result['label'] = sprintf(
 289                          /* translators: %s: The latest version of WordPress available. */
 290                          __( 'WordPress update available (%s)' ),
 291                          $update->version
 292                      );
 293  
 294                      $result['actions'] = sprintf(
 295                          '<a href="%s">%s</a>',
 296                          esc_url( admin_url( 'update-core.php' ) ),
 297                          __( 'Install the latest version of WordPress' )
 298                      );
 299  
 300                      if ( $current_major !== $new_major ) {
 301                          // This is a major version mismatch.
 302                          $result['status']      = 'recommended';
 303                          $result['description'] = sprintf(
 304                              '<p>%s</p>',
 305                              __( 'A new version of WordPress is available.' )
 306                          );
 307                      } else {
 308                          // This is a minor version, sometimes considered more critical.
 309                          $result['status']         = 'critical';
 310                          $result['badge']['label'] = __( 'Security' );
 311                          $result['description']    = sprintf(
 312                              '<p>%s</p>',
 313                              __( 'A new minor update is available for your site. Because minor updates often address security, it&#8217;s important to install them.' )
 314                          );
 315                      }
 316                  } else {
 317                      $result['status'] = 'good';
 318                      $result['label']  = sprintf(
 319                          /* translators: %s: The current version of WordPress installed on this site. */
 320                          __( 'Your version of WordPress (%s) is up to date' ),
 321                          $core_current_version
 322                      );
 323  
 324                      $result['description'] = sprintf(
 325                          '<p>%s</p>',
 326                          __( 'You are currently running the latest version of WordPress available, keep it up!' )
 327                      );
 328                  }
 329              }
 330          }
 331  
 332          return $result;
 333      }
 334  
 335      /**
 336       * Test if plugins are outdated, or unnecessary.
 337       *
 338       * The tests checks if your plugins are up to date, and encourages you to remove any
 339       * that are not in use.
 340       *
 341       * @since 5.2.0
 342       *
 343       * @return array The test result.
 344       */
 345  	public function get_test_plugin_version() {
 346          $result = array(
 347              'label'       => __( 'Your plugins are all up to date' ),
 348              'status'      => 'good',
 349              'badge'       => array(
 350                  'label' => __( 'Security' ),
 351                  'color' => 'blue',
 352              ),
 353              'description' => sprintf(
 354                  '<p>%s</p>',
 355                  __( 'Plugins extend your site&#8217;s functionality with things like contact forms, ecommerce and much more. That means they have deep access to your site, so it&#8217;s vital to keep them up to date.' )
 356              ),
 357              'actions'     => sprintf(
 358                  '<p><a href="%s">%s</a></p>',
 359                  esc_url( admin_url( 'plugins.php' ) ),
 360                  __( 'Manage your plugins' )
 361              ),
 362              'test'        => 'plugin_version',
 363          );
 364  
 365          $plugins        = get_plugins();
 366          $plugin_updates = get_plugin_updates();
 367  
 368          $plugins_have_updates = false;
 369          $plugins_active       = 0;
 370          $plugins_total        = 0;
 371          $plugins_need_update  = 0;
 372  
 373          // Loop over the available plugins and check their versions and active state.
 374          foreach ( $plugins as $plugin_path => $plugin ) {
 375              $plugins_total++;
 376  
 377              if ( is_plugin_active( $plugin_path ) ) {
 378                  $plugins_active++;
 379              }
 380  
 381              $plugin_version = $plugin['Version'];
 382  
 383              if ( array_key_exists( $plugin_path, $plugin_updates ) ) {
 384                  $plugins_need_update++;
 385                  $plugins_have_updates = true;
 386              }
 387          }
 388  
 389          // Add a notice if there are outdated plugins.
 390          if ( $plugins_need_update > 0 ) {
 391              $result['status'] = 'critical';
 392  
 393              $result['label'] = __( 'You have plugins waiting to be updated' );
 394  
 395              $result['description'] .= sprintf(
 396                  '<p>%s</p>',
 397                  sprintf(
 398                      /* translators: %d: The number of outdated plugins. */
 399                      _n(
 400                          'Your site has %d plugin waiting to be updated.',
 401                          'Your site has %d plugins waiting to be updated.',
 402                          $plugins_need_update
 403                      ),
 404                      $plugins_need_update
 405                  )
 406              );
 407  
 408              $result['actions'] .= sprintf(
 409                  '<p><a href="%s">%s</a></p>',
 410                  esc_url( network_admin_url( 'plugins.php?plugin_status=upgrade' ) ),
 411                  __( 'Update your plugins' )
 412              );
 413          } else {
 414              if ( 1 === $plugins_active ) {
 415                  $result['description'] .= sprintf(
 416                      '<p>%s</p>',
 417                      __( 'Your site has 1 active plugin, and it is up to date.' )
 418                  );
 419              } else {
 420                  $result['description'] .= sprintf(
 421                      '<p>%s</p>',
 422                      sprintf(
 423                          /* translators: %d: The number of active plugins. */
 424                          _n(
 425                              'Your site has %d active plugin, and it is up to date.',
 426                              'Your site has %d active plugins, and they are all up to date.',
 427                              $plugins_active
 428                          ),
 429                          $plugins_active
 430                      )
 431                  );
 432              }
 433          }
 434  
 435          // Check if there are inactive plugins.
 436          if ( $plugins_total > $plugins_active && ! is_multisite() ) {
 437              $unused_plugins = $plugins_total - $plugins_active;
 438  
 439              $result['status'] = 'recommended';
 440  
 441              $result['label'] = __( 'You should remove inactive plugins' );
 442  
 443              $result['description'] .= sprintf(
 444                  '<p>%s %s</p>',
 445                  sprintf(
 446                      /* translators: %d: The number of inactive plugins. */
 447                      _n(
 448                          'Your site has %d inactive plugin.',
 449                          'Your site has %d inactive plugins.',
 450                          $unused_plugins
 451                      ),
 452                      $unused_plugins
 453                  ),
 454                  __( 'Inactive plugins are tempting targets for attackers. If you&#8217;re not going to use a plugin, we recommend you remove it.' )
 455              );
 456  
 457              $result['actions'] .= sprintf(
 458                  '<p><a href="%s">%s</a></p>',
 459                  esc_url( admin_url( 'plugins.php?plugin_status=inactive' ) ),
 460                  __( 'Manage inactive plugins' )
 461              );
 462          }
 463  
 464          return $result;
 465      }
 466  
 467      /**
 468       * Test if themes are outdated, or unnecessary.
 469       *
 470       * –°hecks if your site has a default theme (to fall back on if there is a need),
 471       * if your themes are up to date and, finally, encourages you to remove any themes
 472       * that are not needed.
 473       *
 474       * @since 5.2.0
 475       *
 476       * @return array The test results.
 477       */
 478  	public function get_test_theme_version() {
 479          $result = array(
 480              'label'       => __( 'Your themes are all up to date' ),
 481              'status'      => 'good',
 482              'badge'       => array(
 483                  'label' => __( 'Security' ),
 484                  'color' => 'blue',
 485              ),
 486              'description' => sprintf(
 487                  '<p>%s</p>',
 488                  __( 'Themes add your site&#8217;s look and feel. It&#8217;s important to keep them up to date, to stay consistent with your brand and keep your site secure.' )
 489              ),
 490              'actions'     => sprintf(
 491                  '<p><a href="%s">%s</a></p>',
 492                  esc_url( admin_url( 'themes.php' ) ),
 493                  __( 'Manage your themes' )
 494              ),
 495              'test'        => 'theme_version',
 496          );
 497  
 498          $theme_updates = get_theme_updates();
 499  
 500          $themes_total        = 0;
 501          $themes_need_updates = 0;
 502          $themes_inactive     = 0;
 503  
 504          // This value is changed during processing to determine how many themes are considered a reasonable amount.
 505          $allowed_theme_count = 1;
 506  
 507          $has_default_theme   = false;
 508          $has_unused_themes   = false;
 509          $show_unused_themes  = true;
 510          $using_default_theme = false;
 511  
 512          // Populate a list of all themes available in the install.
 513          $all_themes   = wp_get_themes();
 514          $active_theme = wp_get_theme();
 515  
 516          // If WP_DEFAULT_THEME doesn't exist, fall back to the latest core default theme.
 517          $default_theme = wp_get_theme( WP_DEFAULT_THEME );
 518          if ( ! $default_theme->exists() ) {
 519              $default_theme = WP_Theme::get_core_default_theme();
 520          }
 521  
 522          if ( $default_theme ) {
 523              $has_default_theme = true;
 524  
 525              if (
 526                  $active_theme->get_stylesheet() === $default_theme->get_stylesheet()
 527              ||
 528                  is_child_theme() && $active_theme->get_template() === $default_theme->get_template()
 529              ) {
 530                  $using_default_theme = true;
 531              }
 532          }
 533  
 534          foreach ( $all_themes as $theme_slug => $theme ) {
 535              $themes_total++;
 536  
 537              if ( array_key_exists( $theme_slug, $theme_updates ) ) {
 538                  $themes_need_updates++;
 539              }
 540          }
 541  
 542          // If this is a child theme, increase the allowed theme count by one, to account for the parent.
 543          if ( is_child_theme() ) {
 544              $allowed_theme_count++;
 545          }
 546  
 547          // If there's a default theme installed and not in use, we count that as allowed as well.
 548          if ( $has_default_theme && ! $using_default_theme ) {
 549              $allowed_theme_count++;
 550          }
 551  
 552          if ( $themes_total > $allowed_theme_count ) {
 553              $has_unused_themes = true;
 554              $themes_inactive   = ( $themes_total - $allowed_theme_count );
 555          }
 556  
 557          // Check if any themes need to be updated.
 558          if ( $themes_need_updates > 0 ) {
 559              $result['status'] = 'critical';
 560  
 561              $result['label'] = __( 'You have themes waiting to be updated' );
 562  
 563              $result['description'] .= sprintf(
 564                  '<p>%s</p>',
 565                  sprintf(
 566                      /* translators: %d: The number of outdated themes. */
 567                      _n(
 568                          'Your site has %d theme waiting to be updated.',
 569                          'Your site has %d themes waiting to be updated.',
 570                          $themes_need_updates
 571                      ),
 572                      $themes_need_updates
 573                  )
 574              );
 575          } else {
 576              // Give positive feedback about the site being good about keeping things up to date.
 577              if ( 1 === $themes_total ) {
 578                  $result['description'] .= sprintf(
 579                      '<p>%s</p>',
 580                      __( 'Your site has 1 installed theme, and it is up to date.' )
 581                  );
 582              } else {
 583                  $result['description'] .= sprintf(
 584                      '<p>%s</p>',
 585                      sprintf(
 586                          /* translators: %d: The number of themes. */
 587                          _n(
 588                              'Your site has %d installed theme, and it is up to date.',
 589                              'Your site has %d installed themes, and they are all up to date.',
 590                              $themes_total
 591                          ),
 592                          $themes_total
 593                      )
 594                  );
 595              }
 596          }
 597  
 598          if ( $has_unused_themes && $show_unused_themes && ! is_multisite() ) {
 599  
 600              // This is a child theme, so we want to be a bit more explicit in our messages.
 601              if ( $active_theme->parent() ) {
 602                  // Recommend removing inactive themes, except a default theme, your current one, and the parent theme.
 603                  $result['status'] = 'recommended';
 604  
 605                  $result['label'] = __( 'You should remove inactive themes' );
 606  
 607                  if ( $using_default_theme ) {
 608                      $result['description'] .= sprintf(
 609                          '<p>%s %s</p>',
 610                          sprintf(
 611                              /* translators: %d: The number of inactive themes. */
 612                              _n(
 613                                  'Your site has %d inactive theme.',
 614                                  'Your site has %d inactive themes.',
 615                                  $themes_inactive
 616                              ),
 617                              $themes_inactive
 618                          ),
 619                          sprintf(
 620                              /* translators: 1: The currently active theme. 2: The active theme's parent theme. */
 621                              __( 'To enhance your site&#8217;s security, we recommend you remove any themes you&#8217;re not using. You should keep your current theme, %1$s, and %2$s, its parent theme.' ),
 622                              $active_theme->name,
 623                              $active_theme->parent()->name
 624                          )
 625                      );
 626                  } else {
 627                      $result['description'] .= sprintf(
 628                          '<p>%s %s</p>',
 629                          sprintf(
 630                              /* translators: %d: The number of inactive themes. */
 631                              _n(
 632                                  'Your site has %d inactive theme.',
 633                                  'Your site has %d inactive themes.',
 634                                  $themes_inactive
 635                              ),
 636                              $themes_inactive
 637                          ),
 638                          sprintf(
 639                              /* translators: 1: The default theme for WordPress. 2: The currently active theme. 3: The active theme's parent theme. */
 640                              __( 'To enhance your site&#8217;s security, we recommend you remove any themes you&#8217;re not using. You should keep %1$s, the default WordPress theme, %2$s, your current theme, and %3$s, its parent theme.' ),
 641                              $default_theme ? $default_theme->name : WP_DEFAULT_THEME,
 642                              $active_theme->name,
 643                              $active_theme->parent()->name
 644                          )
 645                      );
 646                  }
 647              } else {
 648                  // Recommend removing all inactive themes.
 649                  $result['status'] = 'recommended';
 650  
 651                  $result['label'] = __( 'You should remove inactive themes' );
 652  
 653                  if ( $using_default_theme ) {
 654                      $result['description'] .= sprintf(
 655                          '<p>%s %s</p>',
 656                          sprintf(
 657                              /* translators: 1: The amount of inactive themes. 2: The currently active theme. */
 658                              _n(
 659                                  'Your site has %1$d inactive theme, other than %2$s, your active theme.',
 660                                  'Your site has %1$d inactive themes, other than %2$s, your active theme.',
 661                                  $themes_inactive
 662                              ),
 663                              $themes_inactive,
 664                              $active_theme->name
 665                          ),
 666                          __( 'We recommend removing any unused themes to enhance your site&#8217;s security.' )
 667                      );
 668                  } else {
 669                      $result['description'] .= sprintf(
 670                          '<p>%s %s</p>',
 671                          sprintf(
 672                              /* translators: 1: The amount of inactive themes. 2: The default theme for WordPress. 3: The currently active theme. */
 673                              _n(
 674                                  'Your site has %1$d inactive theme, other than %2$s, the default WordPress theme, and %3$s, your active theme.',
 675                                  'Your site has %1$d inactive themes, other than %2$s, the default WordPress theme, and %3$s, your active theme.',
 676                                  $themes_inactive
 677                              ),
 678                              $themes_inactive,
 679                              $default_theme ? $default_theme->name : WP_DEFAULT_THEME,
 680                              $active_theme->name
 681                          ),
 682                          __( 'We recommend removing any unused themes to enhance your site&#8217;s security.' )
 683                      );
 684                  }
 685              }
 686          }
 687  
 688          // If no default Twenty* theme exists.
 689          if ( ! $has_default_theme ) {
 690              $result['status'] = 'recommended';
 691  
 692              $result['label'] = __( 'Have a default theme available' );
 693  
 694              $result['description'] .= sprintf(
 695                  '<p>%s</p>',
 696                  __( 'Your site does not have any default theme. Default themes are used by WordPress automatically if anything is wrong with your chosen theme.' )
 697              );
 698          }
 699  
 700          return $result;
 701      }
 702  
 703      /**
 704       * Test if the supplied PHP version is supported.
 705       *
 706       * @since 5.2.0
 707       *
 708       * @return array The test results.
 709       */
 710  	public function get_test_php_version() {
 711          $response = wp_check_php_version();
 712  
 713          $result = array(
 714              'label'       => sprintf(
 715                  /* translators: %s: The current PHP version. */
 716                  __( 'Your site is running the current version of PHP (%s)' ),
 717                  PHP_VERSION
 718              ),
 719              'status'      => 'good',
 720              'badge'       => array(
 721                  'label' => __( 'Performance' ),
 722                  'color' => 'blue',
 723              ),
 724              'description' => sprintf(
 725                  '<p>%s</p>',
 726                  sprintf(
 727                      /* translators: %s: The minimum recommended PHP version. */
 728                      __( 'PHP is the programming language used to build and maintain WordPress. Newer versions of PHP are faster and more secure, so staying up to date will help your site&#8217;s overall performance and security. The minimum recommended version of PHP is %s.' ),
 729                      $response ? $response['recommended_version'] : ''
 730                  )
 731              ),
 732              'actions'     => sprintf(
 733                  '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
 734                  esc_url( wp_get_update_php_url() ),
 735                  __( 'Learn more about updating PHP' ),
 736                  /* translators: Accessibility text. */
 737                  __( '(opens in a new tab)' )
 738              ),
 739              'test'        => 'php_version',
 740          );
 741  
 742          // PHP is up to date.
 743          if ( ! $response || version_compare( PHP_VERSION, $response['recommended_version'], '>=' ) ) {
 744              return $result;
 745          }
 746  
 747          // The PHP version is older than the recommended version, but still receiving active support.
 748          if ( $response['is_supported'] ) {
 749              $result['label'] = sprintf(
 750                  /* translators: %s: The server PHP version. */
 751                  __( 'Your site is running an older version of PHP (%s)' ),
 752                  PHP_VERSION
 753              );
 754              $result['status'] = 'recommended';
 755  
 756              return $result;
 757          }
 758  
 759          // The PHP version is only receiving security fixes.
 760          if ( $response['is_secure'] ) {
 761              $result['label'] = sprintf(
 762                  /* translators: %s: The server PHP version. */
 763                  __( 'Your site is running an older version of PHP (%s), which should be updated' ),
 764                  PHP_VERSION
 765              );
 766              $result['status'] = 'recommended';
 767  
 768              return $result;
 769          }
 770  
 771          // Anything no longer secure must be updated.
 772          $result['label'] = sprintf(
 773              /* translators: %s: The server PHP version. */
 774              __( 'Your site is running an outdated version of PHP (%s), which requires an update' ),
 775              PHP_VERSION
 776          );
 777          $result['status']         = 'critical';
 778          $result['badge']['label'] = __( 'Security' );
 779  
 780          return $result;
 781      }
 782  
 783      /**
 784       * Check if the passed extension or function are available.
 785       *
 786       * Make the check for available PHP modules into a simple boolean operator for a cleaner test runner.
 787       *
 788       * @since 5.2.0
 789       * @since 5.3.0 The `$constant` and `$class` parameters were added.
 790       *
 791       * @param string $extension Optional. The extension name to test. Default null.
 792       * @param string $function  Optional. The function name to test. Default null.
 793       * @param string $constant  Optional. The constant name to test for. Default null.
 794       * @param string $class     Optional. The class name to test for. Default null.
 795       * @return bool Whether or not the extension and function are available.
 796       */
 797  	private function test_php_extension_availability( $extension = null, $function = null, $constant = null, $class = null ) {
 798          // If no extension or function is passed, claim to fail testing, as we have nothing to test against.
 799          if ( ! $extension && ! $function && ! $constant && ! $class ) {
 800              return false;
 801          }
 802  
 803          if ( $extension && ! extension_loaded( $extension ) ) {
 804              return false;
 805          }
 806          if ( $function && ! function_exists( $function ) ) {
 807              return false;
 808          }
 809          if ( $constant && ! defined( $constant ) ) {
 810              return false;
 811          }
 812          if ( $class && ! class_exists( $class ) ) {
 813              return false;
 814          }
 815  
 816          return true;
 817      }
 818  
 819      /**
 820       * Test if required PHP modules are installed on the host.
 821       *
 822       * This test builds on the recommendations made by the WordPress Hosting Team
 823       * as seen at https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions
 824       *
 825       * @since 5.2.0
 826       *
 827       * @return array
 828       */
 829  	public function get_test_php_extensions() {
 830          $result = array(
 831              'label'       => __( 'Required and recommended modules are installed' ),
 832              'status'      => 'good',
 833              'badge'       => array(
 834                  'label' => __( 'Performance' ),
 835                  'color' => 'blue',
 836              ),
 837              'description' => sprintf(
 838                  '<p>%s</p><p>%s</p>',
 839                  __( 'PHP modules perform most of the tasks on the server that make your site run. Any changes to these must be made by your server administrator.' ),
 840                  sprintf(
 841                      /* translators: 1: Link to the hosting group page about recommended PHP modules. 2: Additional link attributes. 3: Accessibility text. */
 842                      __( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ),
 843                      /* translators: Localized team handbook, if one exists. */
 844                      esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ),
 845                      'target="_blank" rel="noopener"',
 846                      sprintf(
 847                          ' <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>',
 848                          /* translators: Accessibility text. */
 849                          __( '(opens in a new tab)' )
 850                      )
 851                  )
 852              ),
 853              'actions'     => '',
 854              'test'        => 'php_extensions',
 855          );
 856  
 857          $modules = array(
 858              'curl'      => array(
 859                  'function' => 'curl_version',
 860                  'required' => false,
 861              ),
 862              'dom'       => array(
 863                  'class'    => 'DOMNode',
 864                  'required' => false,
 865              ),
 866              'exif'      => array(
 867                  'function' => 'exif_read_data',
 868                  'required' => false,
 869              ),
 870              'fileinfo'  => array(
 871                  'function' => 'finfo_file',
 872                  'required' => false,
 873              ),
 874              'hash'      => array(
 875                  'function' => 'hash',
 876                  'required' => false,
 877              ),
 878              'json'      => array(
 879                  'function' => 'json_last_error',
 880                  'required' => true,
 881              ),
 882              'mbstring'  => array(
 883                  'function' => 'mb_check_encoding',
 884                  'required' => false,
 885              ),
 886              'mysqli'    => array(
 887                  'function' => 'mysqli_connect',
 888                  'required' => false,
 889              ),
 890              'libsodium' => array(
 891                  'constant'            => 'SODIUM_LIBRARY_VERSION',
 892                  'required'            => false,
 893                  'php_bundled_version' => '7.2.0',
 894              ),
 895              'openssl'   => array(
 896                  'function' => 'openssl_encrypt',
 897                  'required' => false,
 898              ),
 899              'pcre'      => array(
 900                  'function' => 'preg_match',
 901                  'required' => false,
 902              ),
 903              'imagick'   => array(
 904                  'extension' => 'imagick',
 905                  'required'  => false,
 906              ),
 907              'mod_xml'   => array(
 908                  'extension' => 'libxml',
 909                  'required'  => false,
 910              ),
 911              'zip'       => array(
 912                  'class'    => 'ZipArchive',
 913                  'required' => false,
 914              ),
 915              'filter'    => array(
 916                  'function' => 'filter_list',
 917                  'required' => false,
 918              ),
 919              'gd'        => array(
 920                  'extension'    => 'gd',
 921                  'required'     => false,
 922                  'fallback_for' => 'imagick',
 923              ),
 924              'iconv'     => array(
 925                  'function' => 'iconv',
 926                  'required' => false,
 927              ),
 928              'mcrypt'    => array(
 929                  'extension'    => 'mcrypt',
 930                  'required'     => false,
 931                  'fallback_for' => 'libsodium',
 932              ),
 933              'simplexml' => array(
 934                  'extension'    => 'simplexml',
 935                  'required'     => false,
 936                  'fallback_for' => 'mod_xml',
 937              ),
 938              'xmlreader' => array(
 939                  'extension'    => 'xmlreader',
 940                  'required'     => false,
 941                  'fallback_for' => 'mod_xml',
 942              ),
 943              'zlib'      => array(
 944                  'extension'    => 'zlib',
 945                  'required'     => false,
 946                  'fallback_for' => 'zip',
 947              ),
 948          );
 949  
 950          /**
 951           * An array representing all the modules we wish to test for.
 952           *
 953           * @since 5.2.0
 954           * @since 5.3.0 The `$constant` and `$class` parameters were added.
 955           *
 956           * @param array $modules {
 957           *     An associative array of modules to test for.
 958           *
 959           *     @type array ...$0 {
 960           *         An associative array of module properties used during testing.
 961           *         One of either `$function` or `$extension` must be provided, or they will fail by default.
 962           *
 963           *         @type string $function     Optional. A function name to test for the existence of.
 964           *         @type string $extension    Optional. An extension to check if is loaded in PHP.
 965           *         @type string $constant     Optional. A constant name to check for to verify an extension exists.
 966           *         @type string $class        Optional. A class name to check for to verify an extension exists.
 967           *         @type bool   $required     Is this a required feature or not.
 968           *         @type string $fallback_for Optional. The module this module replaces as a fallback.
 969           *     }
 970           * }
 971           */
 972          $modules = apply_filters( 'site_status_test_php_modules', $modules );
 973  
 974          $failures = array();
 975  
 976          foreach ( $modules as $library => $module ) {
 977              $extension  = ( isset( $module['extension'] ) ? $module['extension'] : null );
 978              $function   = ( isset( $module['function'] ) ? $module['function'] : null );
 979              $constant   = ( isset( $module['constant'] ) ? $module['constant'] : null );
 980              $class_name = ( isset( $module['class'] ) ? $module['class'] : null );
 981  
 982              // If this module is a fallback for another function, check if that other function passed.
 983              if ( isset( $module['fallback_for'] ) ) {
 984                  /*
 985                   * If that other function has a failure, mark this module as required for usual operations.
 986                   * If that other function hasn't failed, skip this test as it's only a fallback.
 987                   */
 988                  if ( isset( $failures[ $module['fallback_for'] ] ) ) {
 989                      $module['required'] = true;
 990                  } else {
 991                      continue;
 992                  }
 993              }
 994  
 995              if ( ! $this->test_php_extension_availability( $extension, $function, $constant, $class_name ) && ( ! isset( $module['php_bundled_version'] ) || version_compare( PHP_VERSION, $module['php_bundled_version'], '<' ) ) ) {
 996                  if ( $module['required'] ) {
 997                      $result['status'] = 'critical';
 998  
 999                      $class         = 'error';
1000                      $screen_reader = __( 'Error' );
1001                      $message       = sprintf(
1002                          /* translators: %s: The module name. */
1003                          __( 'The required module, %s, is not installed, or has been disabled.' ),
1004                          $library
1005                      );
1006                  } else {
1007                      $class         = 'warning';
1008                      $screen_reader = __( 'Warning' );
1009                      $message       = sprintf(
1010                          /* translators: %s: The module name. */
1011                          __( 'The optional module, %s, is not installed, or has been disabled.' ),
1012                          $library
1013                      );
1014                  }
1015  
1016                  if ( ! $module['required'] && 'good' === $result['status'] ) {
1017                      $result['status'] = 'recommended';
1018                  }
1019  
1020                  $failures[ $library ] = "<span class='dashicons $class'><span class='screen-reader-text'>$screen_reader</span></span> $message";
1021              }
1022          }
1023  
1024          if ( ! empty( $failures ) ) {
1025              $output = '<ul>';
1026  
1027              foreach ( $failures as $failure ) {
1028                  $output .= sprintf(
1029                      '<li>%s</li>',
1030                      $failure
1031                  );
1032              }
1033  
1034              $output .= '</ul>';
1035          }
1036  
1037          if ( 'good' !== $result['status'] ) {
1038              if ( 'recommended' === $result['status'] ) {
1039                  $result['label'] = __( 'One or more recommended modules are missing' );
1040              }
1041              if ( 'critical' === $result['status'] ) {
1042                  $result['label'] = __( 'One or more required modules are missing' );
1043              }
1044  
1045              $result['description'] .= $output;
1046          }
1047  
1048          return $result;
1049      }
1050  
1051      /**
1052       * Test if the PHP default timezone is set to UTC.
1053       *
1054       * @since 5.3.1
1055       *
1056       * @return array The test results.
1057       */
1058  	public function get_test_php_default_timezone() {
1059          $result = array(
1060              'label'       => __( 'PHP default timezone is valid' ),
1061              'status'      => 'good',
1062              'badge'       => array(
1063                  'label' => __( 'Performance' ),
1064                  'color' => 'blue',
1065              ),
1066              'description' => sprintf(
1067                  '<p>%s</p>',
1068                  __( 'PHP default timezone was configured by WordPress on loading. This is necessary for correct calculations of dates and times.' )
1069              ),
1070              'actions'     => '',
1071              'test'        => 'php_default_timezone',
1072          );
1073  
1074          if ( 'UTC' !== date_default_timezone_get() ) {
1075              $result['status'] = 'critical';
1076  
1077              $result['label'] = __( 'PHP default timezone is invalid' );
1078  
1079              $result['description'] = sprintf(
1080                  '<p>%s</p>',
1081                  sprintf(
1082                      /* translators: %s: date_default_timezone_set() */
1083                      __( 'PHP default timezone was changed after WordPress loading by a %s function call. This interferes with correct calculations of dates and times.' ),
1084                      '<code>date_default_timezone_set()</code>'
1085                  )
1086              );
1087          }
1088  
1089          return $result;
1090      }
1091  
1092      /**
1093       * Test if there's an active PHP session that can affect loopback requests.
1094       *
1095       * @since 5.5.0
1096       *
1097       * @return array The test results.
1098       */
1099  	public function get_test_php_sessions() {
1100          $result = array(
1101              'label'       => __( 'No PHP sessions detected' ),
1102              'status'      => 'good',
1103              'badge'       => array(
1104                  'label' => __( 'Performance' ),
1105                  'color' => 'blue',
1106              ),
1107              'description' => sprintf(
1108                  '<p>%s</p>',
1109                  sprintf(
1110                      /* translators: 1: session_start(), 2: session_write_close() */
1111                      __( 'PHP sessions created by a %1$s function call may interfere with REST API and loopback requests. An active session should be closed by %2$s before making any HTTP requests.' ),
1112                      '<code>session_start()</code>',
1113                      '<code>session_write_close()</code>'
1114                  )
1115              ),
1116              'test'        => 'php_sessions',
1117          );
1118  
1119          if ( function_exists( 'session_status' ) && PHP_SESSION_ACTIVE === session_status() ) {
1120              $result['status'] = 'critical';
1121  
1122              $result['label'] = __( 'An active PHP session was detected' );
1123  
1124              $result['description'] = sprintf(
1125                  '<p>%s</p>',
1126                  sprintf(
1127                      /* translators: 1: session_start(), 2: session_write_close() */
1128                      __( 'A PHP session was created by a %1$s function call. This interferes with REST API and loopback requests. The session should be closed by %2$s before making any HTTP requests.' ),
1129                      '<code>session_start()</code>',
1130                      '<code>session_write_close()</code>'
1131                  )
1132              );
1133          }
1134  
1135          return $result;
1136      }
1137  
1138      /**
1139       * Test if the SQL server is up to date.
1140       *
1141       * @since 5.2.0
1142       *
1143       * @return array The test results.
1144       */
1145  	public function get_test_sql_server() {
1146          if ( ! $this->mysql_server_version ) {
1147              $this->prepare_sql_data();
1148          }
1149  
1150          $result = array(
1151              'label'       => __( 'SQL server is up to date' ),
1152              'status'      => 'good',
1153              'badge'       => array(
1154                  'label' => __( 'Performance' ),
1155                  'color' => 'blue',
1156              ),
1157              'description' => sprintf(
1158                  '<p>%s</p>',
1159                  __( 'The SQL server is a required piece of software for the database WordPress uses to store all your site&#8217;s content and settings.' )
1160              ),
1161              'actions'     => sprintf(
1162                  '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1163                  /* translators: Localized version of WordPress requirements if one exists. */
1164                  esc_url( __( 'https://wordpress.org/about/requirements/' ) ),
1165                  __( 'Learn more about what WordPress requires to run.' ),
1166                  /* translators: Accessibility text. */
1167                  __( '(opens in a new tab)' )
1168              ),
1169              'test'        => 'sql_server',
1170          );
1171  
1172          $db_dropin = file_exists( WP_CONTENT_DIR . '/db.php' );
1173  
1174          if ( ! $this->mysql_rec_version_check ) {
1175              $result['status'] = 'recommended';
1176  
1177              $result['label'] = __( 'Outdated SQL server' );
1178  
1179              $result['description'] .= sprintf(
1180                  '<p>%s</p>',
1181                  sprintf(
1182                      /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server recommended version number. */
1183                      __( 'For optimal performance and security reasons, we recommend running %1$s version %2$s or higher. Contact your web hosting company to correct this.' ),
1184                      ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ),
1185                      $this->health_check_mysql_rec_version
1186                  )
1187              );
1188          }
1189  
1190          if ( ! $this->mysql_min_version_check ) {
1191              $result['status'] = 'critical';
1192  
1193              $result['label']          = __( 'Severely outdated SQL server' );
1194              $result['badge']['label'] = __( 'Security' );
1195  
1196              $result['description'] .= sprintf(
1197                  '<p>%s</p>',
1198                  sprintf(
1199                      /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server minimum version number. */
1200                      __( 'WordPress requires %1$s version %2$s or higher. Contact your web hosting company to correct this.' ),
1201                      ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ),
1202                      $this->health_check_mysql_required_version
1203                  )
1204              );
1205          }
1206  
1207          if ( $db_dropin ) {
1208              $result['description'] .= sprintf(
1209                  '<p>%s</p>',
1210                  wp_kses(
1211                      sprintf(
1212                          /* translators: 1: The name of the drop-in. 2: The name of the database engine. */
1213                          __( 'You are using a %1$s drop-in which might mean that a %2$s database is not being used.' ),
1214                          '<code>wp-content/db.php</code>',
1215                          ( $this->is_mariadb ? 'MariaDB' : 'MySQL' )
1216                      ),
1217                      array(
1218                          'code' => true,
1219                      )
1220                  )
1221              );
1222          }
1223  
1224          return $result;
1225      }
1226  
1227      /**
1228       * Test if the database server is capable of using utf8mb4.
1229       *
1230       * @since 5.2.0
1231       *
1232       * @return array The test results.
1233       */
1234  	public function get_test_utf8mb4_support() {
1235          global $wpdb;
1236  
1237          if ( ! $this->mysql_server_version ) {
1238              $this->prepare_sql_data();
1239          }
1240  
1241          $result = array(
1242              'label'       => __( 'UTF8MB4 is supported' ),
1243              'status'      => 'good',
1244              'badge'       => array(
1245                  'label' => __( 'Performance' ),
1246                  'color' => 'blue',
1247              ),
1248              'description' => sprintf(
1249                  '<p>%s</p>',
1250                  __( 'UTF8MB4 is the character set WordPress prefers for database storage because it safely supports the widest set of characters and encodings, including Emoji, enabling better support for non-English languages.' )
1251              ),
1252              'actions'     => '',
1253              'test'        => 'utf8mb4_support',
1254          );
1255  
1256          if ( ! $this->is_mariadb ) {
1257              if ( version_compare( $this->mysql_server_version, '5.5.3', '<' ) ) {
1258                  $result['status'] = 'recommended';
1259  
1260                  $result['label'] = __( 'utf8mb4 requires a MySQL update' );
1261  
1262                  $result['description'] .= sprintf(
1263                      '<p>%s</p>',
1264                      sprintf(
1265                          /* translators: %s: Version number. */
1266                          __( 'WordPress&#8217; utf8mb4 support requires MySQL version %s or greater. Please contact your server administrator.' ),
1267                          '5.5.3'
1268                      )
1269                  );
1270              } else {
1271                  $result['description'] .= sprintf(
1272                      '<p>%s</p>',
1273                      __( 'Your MySQL version supports utf8mb4.' )
1274                  );
1275              }
1276          } else { // MariaDB introduced utf8mb4 support in 5.5.0.
1277              if ( version_compare( $this->mysql_server_version, '5.5.0', '<' ) ) {
1278                  $result['status'] = 'recommended';
1279  
1280                  $result['label'] = __( 'utf8mb4 requires a MariaDB update' );
1281  
1282                  $result['description'] .= sprintf(
1283                      '<p>%s</p>',
1284                      sprintf(
1285                          /* translators: %s: Version number. */
1286                          __( 'WordPress&#8217; utf8mb4 support requires MariaDB version %s or greater. Please contact your server administrator.' ),
1287                          '5.5.0'
1288                      )
1289                  );
1290              } else {
1291                  $result['description'] .= sprintf(
1292                      '<p>%s</p>',
1293                      __( 'Your MariaDB version supports utf8mb4.' )
1294                  );
1295              }
1296          }
1297  
1298          if ( $wpdb->use_mysqli ) {
1299              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_client_info
1300              $mysql_client_version = mysqli_get_client_info();
1301          } else {
1302              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_client_info,PHPCompatibility.Extensions.RemovedExtensions.mysql_DeprecatedRemoved
1303              $mysql_client_version = mysql_get_client_info();
1304          }
1305  
1306          /*
1307           * libmysql has supported utf8mb4 since 5.5.3, same as the MySQL server.
1308           * mysqlnd has supported utf8mb4 since 5.0.9.
1309           */
1310          if ( false !== strpos( $mysql_client_version, 'mysqlnd' ) ) {
1311              $mysql_client_version = preg_replace( '/^\D+([\d.]+).*/', '$1', $mysql_client_version );
1312              if ( version_compare( $mysql_client_version, '5.0.9', '<' ) ) {
1313                  $result['status'] = 'recommended';
1314  
1315                  $result['label'] = __( 'utf8mb4 requires a newer client library' );
1316  
1317                  $result['description'] .= sprintf(
1318                      '<p>%s</p>',
1319                      sprintf(
1320                          /* translators: 1: Name of the library, 2: Number of version. */
1321                          __( 'WordPress&#8217; utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ),
1322                          'mysqlnd',
1323                          '5.0.9'
1324                      )
1325                  );
1326              }
1327          } else {
1328              if ( version_compare( $mysql_client_version, '5.5.3', '<' ) ) {
1329                  $result['status'] = 'recommended';
1330  
1331                  $result['label'] = __( 'utf8mb4 requires a newer client library' );
1332  
1333                  $result['description'] .= sprintf(
1334                      '<p>%s</p>',
1335                      sprintf(
1336                          /* translators: 1: Name of the library, 2: Number of version. */
1337                          __( 'WordPress&#8217; utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ),
1338                          'libmysql',
1339                          '5.5.3'
1340                      )
1341                  );
1342              }
1343          }
1344  
1345          return $result;
1346      }
1347  
1348      /**
1349       * Test if the site can communicate with WordPress.org.
1350       *
1351       * @since 5.2.0
1352       *
1353       * @return array The test results.
1354       */
1355  	public function get_test_dotorg_communication() {
1356          $result = array(
1357              'label'       => __( 'Can communicate with WordPress.org' ),
1358              'status'      => '',
1359              'badge'       => array(
1360                  'label' => __( 'Security' ),
1361                  'color' => 'blue',
1362              ),
1363              'description' => sprintf(
1364                  '<p>%s</p>',
1365                  __( 'Communicating with the WordPress servers is used to check for new versions, and to both install and update WordPress core, themes or plugins.' )
1366              ),
1367              'actions'     => '',
1368              'test'        => 'dotorg_communication',
1369          );
1370  
1371          $wp_dotorg = wp_remote_get(
1372              'https://api.wordpress.org',
1373              array(
1374                  'timeout' => 10,
1375              )
1376          );
1377          if ( ! is_wp_error( $wp_dotorg ) ) {
1378              $result['status'] = 'good';
1379          } else {
1380              $result['status'] = 'critical';
1381  
1382              $result['label'] = __( 'Could not reach WordPress.org' );
1383  
1384              $result['description'] .= sprintf(
1385                  '<p>%s</p>',
1386                  sprintf(
1387                      '<span class="error"><span class="screen-reader-text">%s</span></span> %s',
1388                      __( 'Error' ),
1389                      sprintf(
1390                          /* translators: 1: The IP address WordPress.org resolves to. 2: The error returned by the lookup. */
1391                          __( 'Your site is unable to reach WordPress.org at %1$s, and returned the error: %2$s' ),
1392                          gethostbyname( 'api.wordpress.org' ),
1393                          $wp_dotorg->get_error_message()
1394                      )
1395                  )
1396              );
1397  
1398              $result['actions'] = sprintf(
1399                  '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1400                  /* translators: Localized Support reference. */
1401                  esc_url( __( 'https://wordpress.org/support' ) ),
1402                  __( 'Get help resolving this issue.' ),
1403                  /* translators: Accessibility text. */
1404                  __( '(opens in a new tab)' )
1405              );
1406          }
1407  
1408          return $result;
1409      }
1410  
1411      /**
1412       * Test if debug information is enabled.
1413       *
1414       * When WP_DEBUG is enabled, errors and information may be disclosed to site visitors,
1415       * or logged to a publicly accessible file.
1416       *
1417       * Debugging is also frequently left enabled after looking for errors on a site,
1418       * as site owners do not understand the implications of this.
1419       *
1420       * @since 5.2.0
1421       *
1422       * @return array The test results.
1423       */
1424  	public function get_test_is_in_debug_mode() {
1425          $result = array(
1426              'label'       => __( 'Your site is not set to output debug information' ),
1427              'status'      => 'good',
1428              'badge'       => array(
1429                  'label' => __( 'Security' ),
1430                  'color' => 'blue',
1431              ),
1432              'description' => sprintf(
1433                  '<p>%s</p>',
1434                  __( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' )
1435              ),
1436              'actions'     => sprintf(
1437                  '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1438                  /* translators: Documentation explaining debugging in WordPress. */
1439                  esc_url( __( 'https://wordpress.org/support/article/debugging-in-wordpress/' ) ),
1440                  __( 'Learn more about debugging in WordPress.' ),
1441                  /* translators: Accessibility text. */
1442                  __( '(opens in a new tab)' )
1443              ),
1444              'test'        => 'is_in_debug_mode',
1445          );
1446  
1447          if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
1448              if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
1449                  $result['label'] = __( 'Your site is set to log errors to a potentially public file.' );
1450  
1451                  $result['status'] = ( 0 === strpos( ini_get( 'error_log' ), ABSPATH ) ) ? 'critical' : 'recommended';
1452  
1453                  $result['description'] .= sprintf(
1454                      '<p>%s</p>',
1455                      sprintf(
1456                          /* translators: %s: WP_DEBUG_LOG */
1457                          __( 'The value, %s, has been added to this website&#8217;s configuration file. This means any errors on the site will be written to a file which is potentially available to all users.' ),
1458                          '<code>WP_DEBUG_LOG</code>'
1459                      )
1460                  );
1461              }
1462  
1463              if ( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ) {
1464                  $result['label'] = __( 'Your site is set to display errors to site visitors' );
1465  
1466                  $result['status'] = 'critical';
1467  
1468                  // On development environments, set the status to recommended.
1469                  if ( $this->is_development_environment() ) {
1470                      $result['status'] = 'recommended';
1471                  }
1472  
1473                  $result['description'] .= sprintf(
1474                      '<p>%s</p>',
1475                      sprintf(
1476                          /* translators: 1: WP_DEBUG_DISPLAY, 2: WP_DEBUG */
1477                          __( 'The value, %1$s, has either been enabled by %2$s or added to your configuration file. This will make errors display on the front end of your site.' ),
1478                          '<code>WP_DEBUG_DISPLAY</code>',
1479                          '<code>WP_DEBUG</code>'
1480                      )
1481                  );
1482              }
1483          }
1484  
1485          return $result;
1486      }
1487  
1488      /**
1489       * Test if your site is serving content over HTTPS.
1490       *
1491       * Many sites have varying degrees of HTTPS support, the most common of which is sites that have it
1492       * enabled, but only if you visit the right site address.
1493       *
1494       * @since 5.2.0
1495       *
1496       * @return array The test results.
1497       */
1498  	public function get_test_https_status() {
1499          $result = array(
1500              'label'       => __( 'Your website is using an active HTTPS connection.' ),
1501              'status'      => 'good',
1502              'badge'       => array(
1503                  'label' => __( 'Security' ),
1504                  'color' => 'blue',
1505              ),
1506              'description' => sprintf(
1507                  '<p>%s</p>',
1508                  __( 'An HTTPS connection is a more secure way of browsing the web. Many services now have HTTPS as a requirement. HTTPS allows you to take advantage of new features that can increase site speed, improve search rankings, and gain the trust of your visitors by helping to protect their online privacy.' )
1509              ),
1510              'actions'     => sprintf(
1511                  '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1512                  /* translators: Documentation explaining HTTPS and why it should be used. */
1513                  esc_url( __( 'https://wordpress.org/support/article/why-should-i-use-https/' ) ),
1514                  __( 'Learn more about why you should use HTTPS' ),
1515                  /* translators: Accessibility text. */
1516                  __( '(opens in a new tab)' )
1517              ),
1518              'test'        => 'https_status',
1519          );
1520  
1521          if ( is_ssl() ) {
1522              $wp_url   = get_bloginfo( 'wpurl' );
1523              $site_url = get_bloginfo( 'url' );
1524  
1525              if ( 'https' !== substr( $wp_url, 0, 5 ) || 'https' !== substr( $site_url, 0, 5 ) ) {
1526                  $result['status'] = 'recommended';
1527  
1528                  $result['label'] = __( 'Only parts of your site are using HTTPS' );
1529  
1530                  $result['description'] = sprintf(
1531                      '<p>%s</p>',
1532                      sprintf(
1533                          /* translators: %s: URL to General Settings screen. */
1534                          __( 'You are accessing this website using HTTPS, but your <a href="%s">WordPress Address</a> is not set up to use HTTPS by default.' ),
1535                          esc_url( admin_url( 'options-general.php' ) )
1536                      )
1537                  );
1538  
1539                  $result['actions'] .= sprintf(
1540                      '<p><a href="%s">%s</a></p>',
1541                      esc_url( admin_url( 'options-general.php' ) ),
1542                      __( 'Update your site addresses' )
1543                  );
1544              }
1545          } else {
1546              $result['status'] = 'recommended';
1547  
1548              $result['label'] = __( 'Your site does not use HTTPS' );
1549          }
1550  
1551          return $result;
1552      }
1553  
1554      /**
1555       * Check if the HTTP API can handle SSL/TLS requests.
1556       *
1557       * @since 5.2.0
1558       *
1559       * @return array The test results.
1560       */
1561  	public function get_test_ssl_support() {
1562          $result = array(
1563              'label'       => '',
1564              'status'      => '',
1565              'badge'       => array(
1566                  'label' => __( 'Security' ),
1567                  'color' => 'blue',
1568              ),
1569              'description' => sprintf(
1570                  '<p>%s</p>',
1571                  __( 'Securely communicating between servers are needed for transactions such as fetching files, conducting sales on store sites, and much more.' )
1572              ),
1573              'actions'     => '',
1574              'test'        => 'ssl_support',
1575          );
1576  
1577          $supports_https = wp_http_supports( array( 'ssl' ) );
1578  
1579          if ( $supports_https ) {
1580              $result['status'] = 'good';
1581  
1582              $result['label'] = __( 'Your site can communicate securely with other services' );
1583          } else {
1584              $result['status'] = 'critical';
1585  
1586              $result['label'] = __( 'Your site is unable to communicate securely with other services' );
1587  
1588              $result['description'] .= sprintf(
1589                  '<p>%s</p>',
1590                  __( 'Talk to your web host about OpenSSL support for PHP.' )
1591              );
1592          }
1593  
1594          return $result;
1595      }
1596  
1597      /**
1598       * Test if scheduled events run as intended.
1599       *
1600       * If scheduled events are not running, this may indicate something with WP_Cron is not working
1601       * as intended, or that there are orphaned events hanging around from older code.
1602       *
1603       * @since 5.2.0
1604       *
1605       * @return array The test results.
1606       */
1607  	public function get_test_scheduled_events() {
1608          $result = array(
1609              'label'       => __( 'Scheduled events are running' ),
1610              'status'      => 'good',
1611              'badge'       => array(
1612                  'label' => __( 'Performance' ),
1613                  'color' => 'blue',
1614              ),
1615              'description' => sprintf(
1616                  '<p>%s</p>',
1617                  __( 'Scheduled events are what periodically looks for updates to plugins, themes and WordPress itself. It is also what makes sure scheduled posts are published on time. It may also be used by various plugins to make sure that planned actions are executed.' )
1618              ),
1619              'actions'     => '',
1620              'test'        => 'scheduled_events',
1621          );
1622  
1623          $this->wp_schedule_test_init();
1624  
1625          if ( is_wp_error( $this->has_missed_cron() ) ) {
1626              $result['status'] = 'critical';
1627  
1628              $result['label'] = __( 'It was not possible to check your scheduled events' );
1629  
1630              $result['description'] = sprintf(
1631                  '<p>%s</p>',
1632                  sprintf(
1633                      /* translators: %s: The error message returned while from the cron scheduler. */
1634                      __( 'While trying to test your site&#8217;s scheduled events, the following error was returned: %s' ),
1635                      $this->has_missed_cron()->get_error_message()
1636                  )
1637              );
1638          } elseif ( $this->has_missed_cron() ) {
1639              $result['status'] = 'recommended';
1640  
1641              $result['label'] = __( 'A scheduled event has failed' );
1642  
1643              $result['description'] = sprintf(
1644                  '<p>%s</p>',
1645                  sprintf(
1646                      /* translators: %s: The name of the failed cron event. */
1647                      __( 'The scheduled event, %s, failed to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ),
1648                      $this->last_missed_cron
1649                  )
1650              );
1651          } elseif ( $this->has_late_cron() ) {
1652              $result['status'] = 'recommended';
1653  
1654              $result['label'] = __( 'A scheduled event is late' );
1655  
1656              $result['description'] = sprintf(
1657                  '<p>%s</p>',
1658                  sprintf(
1659                      /* translators: %s: The name of the late cron event. */
1660                      __( 'The scheduled event, %s, is late to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ),
1661                      $this->last_late_cron
1662                  )
1663              );
1664          }
1665  
1666          return $result;
1667      }
1668  
1669      /**
1670       * Test if WordPress can run automated background updates.
1671       *
1672       * Background updates in WordPress are primarily used for minor releases and security updates.
1673       * It's important to either have these working, or be aware that they are intentionally disabled
1674       * for whatever reason.
1675       *
1676       * @since 5.2.0
1677       *
1678       * @return array The test results.
1679       */
1680  	public function get_test_background_updates() {
1681          $result = array(
1682              'label'       => __( 'Background updates are working' ),
1683              'status'      => 'good',
1684              'badge'       => array(
1685                  'label' => __( 'Security' ),
1686                  'color' => 'blue',
1687              ),
1688              'description' => sprintf(
1689                  '<p>%s</p>',
1690                  __( 'Background updates ensure that WordPress can auto-update if a security update is released for the version you are currently using.' )
1691              ),
1692              'actions'     => '',
1693              'test'        => 'background_updates',
1694          );
1695  
1696          if ( ! class_exists( 'WP_Site_Health_Auto_Updates' ) ) {
1697              require_once  ABSPATH . 'wp-admin/includes/class-wp-site-health-auto-updates.php';
1698          }
1699  
1700          // Run the auto-update tests in a separate class,
1701          // as there are many considerations to be made.
1702          $automatic_updates = new WP_Site_Health_Auto_Updates();
1703          $tests             = $automatic_updates->run_tests();
1704  
1705          $output = '<ul>';
1706  
1707          foreach ( $tests as $test ) {
1708              $severity_string = __( 'Passed' );
1709  
1710              if ( 'fail' === $test->severity ) {
1711                  $result['label'] = __( 'Background updates are not working as expected' );
1712  
1713                  $result['status'] = 'critical';
1714  
1715                  $severity_string = __( 'Error' );
1716              }
1717  
1718              if ( 'warning' === $test->severity && 'good' === $result['status'] ) {
1719                  $result['label'] = __( 'Background updates may not be working properly' );
1720  
1721                  $result['status'] = 'recommended';
1722  
1723                  $severity_string = __( 'Warning' );
1724              }
1725  
1726              $output .= sprintf(
1727                  '<li><span class="dashicons %s"><span class="screen-reader-text">%s</span></span> %s</li>',
1728                  esc_attr( $test->severity ),
1729                  $severity_string,
1730                  $test->description
1731              );
1732          }
1733  
1734          $output .= '</ul>';
1735  
1736          if ( 'good' !== $result['status'] ) {
1737              $result['description'] .= $output;
1738          }
1739  
1740          return $result;
1741      }
1742  
1743      /**
1744       * Test if plugin and theme auto-updates appear to be configured correctly.
1745       *
1746       * @since 5.5.0
1747       *
1748       * @return array The test results.
1749       */
1750  	public function get_test_plugin_theme_auto_updates() {
1751          $result = array(
1752              'label'       => __( 'Plugin and theme auto-updates appear to be configured correctly' ),
1753              'status'      => 'good',
1754              'badge'       => array(
1755                  'label' => __( 'Security' ),
1756                  'color' => 'blue',
1757              ),
1758              'description' => sprintf(
1759                  '<p>%s</p>',
1760                  __( 'Plugin and theme auto-updates ensure that the latest versions are always installed.' )
1761              ),
1762              'actions'     => '',
1763              'test'        => 'plugin_theme_auto_updates',
1764          );
1765  
1766          $check_plugin_theme_updates = $this->detect_plugin_theme_auto_update_issues();
1767  
1768          $result['status'] = $check_plugin_theme_updates->status;
1769  
1770          if ( 'good' !== $result['status'] ) {
1771              $result['label'] = __( 'Your site may have problems auto-updating plugins and themes' );
1772  
1773              $result['description'] .= sprintf(
1774                  '<p>%s</p>',
1775                  $check_plugin_theme_updates->message
1776              );
1777          }
1778  
1779          return $result;
1780      }
1781  
1782      /**
1783       * Test if loopbacks work as expected.
1784       *
1785       * A loopback is when WordPress queries itself, for example to start a new WP_Cron instance,
1786       * or when editing a plugin or theme. This has shown itself to be a recurring issue,
1787       * as code can very easily break this interaction.
1788       *
1789       * @since 5.2.0
1790       *
1791       * @return array The test results.
1792       */
1793  	public function get_test_loopback_requests() {
1794          $result = array(
1795              'label'       => __( 'Your site can perform loopback requests' ),
1796              'status'      => 'good',
1797              'badge'       => array(
1798                  'label' => __( 'Performance' ),
1799                  'color' => 'blue',
1800              ),
1801              'description' => sprintf(
1802                  '<p>%s</p>',
1803                  __( 'Loopback requests are used to run scheduled events, and are also used by the built-in editors for themes and plugins to verify code stability.' )
1804              ),
1805              'actions'     => '',
1806              'test'        => 'loopback_requests',
1807          );
1808  
1809          $check_loopback = $this->can_perform_loopback();
1810  
1811          $result['status'] = $check_loopback->status;
1812  
1813          if ( 'good' !== $result['status'] ) {
1814              $result['label'] = __( 'Your site could not complete a loopback request' );
1815  
1816              $result['description'] .= sprintf(
1817                  '<p>%s</p>',
1818                  $check_loopback->message
1819              );
1820          }
1821  
1822          return $result;
1823      }
1824  
1825      /**
1826       * Test if HTTP requests are blocked.
1827       *
1828       * It's possible to block all outgoing communication (with the possibility of allowing certain
1829       * hosts) via the HTTP API. This may create problems for users as many features are running as
1830       * services these days.
1831       *
1832       * @since 5.2.0
1833       *
1834       * @return array The test results.
1835       */
1836  	public function get_test_http_requests() {
1837          $result = array(
1838              'label'       => __( 'HTTP requests seem to be working as expected' ),
1839              'status'      => 'good',
1840              'badge'       => array(
1841                  'label' => __( 'Performance' ),
1842                  'color' => 'blue',
1843              ),
1844              'description' => sprintf(
1845                  '<p>%s</p>',
1846                  __( 'It is possible for site maintainers to block all, or some, communication to other sites and services. If set up incorrectly, this may prevent plugins and themes from working as intended.' )
1847              ),
1848              'actions'     => '',
1849              'test'        => 'http_requests',
1850          );
1851  
1852          $blocked = false;
1853          $hosts   = array();
1854  
1855          if ( defined( 'WP_HTTP_BLOCK_EXTERNAL' ) && WP_HTTP_BLOCK_EXTERNAL ) {
1856              $blocked = true;
1857          }
1858  
1859          if ( defined( 'WP_ACCESSIBLE_HOSTS' ) ) {
1860              $hosts = explode( ',', WP_ACCESSIBLE_HOSTS );
1861          }
1862  
1863          if ( $blocked && 0 === count( $hosts ) ) {
1864              $result['status'] = 'critical';
1865  
1866              $result['label'] = __( 'HTTP requests are blocked' );
1867  
1868              $result['description'] .= sprintf(
1869                  '<p>%s</p>',
1870                  sprintf(
1871                      /* translators: %s: Name of the constant used. */
1872                      __( 'HTTP requests have been blocked by the %s constant, with no allowed hosts.' ),
1873                      '<code>WP_HTTP_BLOCK_EXTERNAL</code>'
1874                  )
1875              );
1876          }
1877  
1878          if ( $blocked && 0 < count( $hosts ) ) {
1879              $result['status'] = 'recommended';
1880  
1881              $result['label'] = __( 'HTTP requests are partially blocked' );
1882  
1883              $result['description'] .= sprintf(
1884                  '<p>%s</p>',
1885                  sprintf(
1886                      /* translators: 1: Name of the constant used. 2: List of allowed hostnames. */
1887                      __( 'HTTP requests have been blocked by the %1$s constant, with some allowed hosts: %2$s.' ),
1888                      '<code>WP_HTTP_BLOCK_EXTERNAL</code>',
1889                      implode( ',', $hosts )
1890                  )
1891              );
1892          }
1893  
1894          return $result;
1895      }
1896  
1897      /**
1898       * Test if the REST API is accessible.
1899       *
1900       * Various security measures may block the REST API from working, or it may have been disabled in general.
1901       * This is required for the new block editor to work, so we explicitly test for this.
1902       *
1903       * @since 5.2.0
1904       *
1905       * @return array The test results.
1906       */
1907  	public function get_test_rest_availability() {
1908          $result = array(
1909              'label'       => __( 'The REST API is available' ),
1910              'status'      => 'good',
1911              'badge'       => array(
1912                  'label' => __( 'Performance' ),
1913                  'color' => 'blue',
1914              ),
1915              'description' => sprintf(
1916                  '<p>%s</p>',
1917                  __( 'The REST API is one way WordPress, and other applications, communicate with the server. One example is the block editor screen, which relies on this to display, and save, your posts and pages.' )
1918              ),
1919              'actions'     => '',
1920              'test'        => 'rest_availability',
1921          );
1922  
1923          $cookies = wp_unslash( $_COOKIE );
1924          $timeout = 10;
1925          $headers = array(
1926              'Cache-Control' => 'no-cache',
1927              'X-WP-Nonce'    => wp_create_nonce( 'wp_rest' ),
1928          );
1929          /** This filter is documented in wp-includes/class-wp-http-streams.php */
1930          $sslverify = apply_filters( 'https_local_ssl_verify', false );
1931  
1932          // Include Basic auth in loopback requests.
1933          if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
1934              $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
1935          }
1936  
1937          $url = rest_url( 'wp/v2/types/post' );
1938  
1939          // The context for this is editing with the new block editor.
1940          $url = add_query_arg(
1941              array(
1942                  'context' => 'edit',
1943              ),
1944              $url
1945          );
1946  
1947          $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
1948  
1949          if ( is_wp_error( $r ) ) {
1950              $result['status'] = 'critical';
1951  
1952              $result['label'] = __( 'The REST API encountered an error' );
1953  
1954              $result['description'] .= sprintf(
1955                  '<p>%s</p>',
1956                  sprintf(
1957                      '%s<br>%s',
1958                      __( 'The REST API request failed due to an error.' ),
1959                      sprintf(
1960                          /* translators: 1: The WordPress error message. 2: The WordPress error code. */
1961                          __( 'Error: %1$s (%2$s)' ),
1962                          $r->get_error_message(),
1963                          $r->get_error_code()
1964                      )
1965                  )
1966              );
1967          } elseif ( 200 !== wp_remote_retrieve_response_code( $r ) ) {
1968              $result['status'] = 'recommended';
1969  
1970              $result['label'] = __( 'The REST API encountered an unexpected result' );
1971  
1972              $result['description'] .= sprintf(
1973                  '<p>%s</p>',
1974                  sprintf(
1975                      /* translators: 1: The HTTP error code. 2: The HTTP error message. */
1976                      __( 'The REST API call gave the following unexpected result: (%1$d) %2$s.' ),
1977                      wp_remote_retrieve_response_code( $r ),
1978                      esc_html( wp_remote_retrieve_body( $r ) )
1979                  )
1980              );
1981          } else {
1982              $json = json_decode( wp_remote_retrieve_body( $r ), true );
1983  
1984              if ( false !== $json && ! isset( $json['capabilities'] ) ) {
1985                  $result['status'] = 'recommended';
1986  
1987                  $result['label'] = __( 'The REST API did not behave correctly' );
1988  
1989                  $result['description'] .= sprintf(
1990                      '<p>%s</p>',
1991                      sprintf(
1992                          /* translators: %s: The name of the query parameter being tested. */
1993                          __( 'The REST API did not process the %s query parameter correctly.' ),
1994                          '<code>context</code>'
1995                      )
1996                  );
1997              }
1998          }
1999  
2000          return $result;
2001      }
2002  
2003      /**
2004       * Test if 'file_uploads' directive in PHP.ini is turned off.
2005       *
2006       * @since 5.5.0
2007       *
2008       * @return array The test results.
2009       */
2010  	public function get_test_file_uploads() {
2011          $result = array(
2012              'label'       => __( 'Files can be uploaded.' ),
2013              'status'      => 'good',
2014              'badge'       => array(
2015                  'label' => __( 'Performance' ),
2016                  'color' => 'blue',
2017              ),
2018              'description' => sprintf(
2019                  '<p>%s</p>',
2020                  sprintf(
2021                      /* translators: 1: file_uploads, 2: php.ini */
2022                      __( 'The %1$s directive in %2$s determines if uploading files is allowed on your site.' ),
2023                      '<code>file_uploads</code>',
2024                      '<code>php.ini</code>'
2025                  )
2026              ),
2027              'actions'     => '',
2028              'test'        => 'file_uploads',
2029          );
2030  
2031          if ( ! function_exists( 'ini_get' ) ) {
2032              $result['status']       = 'critical';
2033              $result['description'] .= sprintf(
2034                  /* translators: %s: ini_get() */
2035                  __( 'The %s function has been disabled, some media settings are unavailable because of this.' ),
2036                  '<code>ini_get()</code>'
2037              );
2038              return $result;
2039          }
2040  
2041          if ( empty( ini_get( 'file_uploads' ) ) ) {
2042              $result['status']       = 'critical';
2043              $result['description'] .= sprintf(
2044                  '<p>%s</p>',
2045                  sprintf(
2046                      /* translators: 1: file_uploads, 2: 0 */
2047                      __( '%1$s is set to %2$s. You won\'t be able to upload files on your site.' ),
2048                      '<code>file_uploads</code>',
2049                      '<code>0</code>'
2050                  )
2051              );
2052              return $result;
2053          }
2054  
2055          $post_max_size       = ini_get( 'post_max_size' );
2056          $upload_max_filesize = ini_get( 'upload_max_filesize' );
2057  
2058          if ( wp_convert_hr_to_bytes( $post_max_size ) < wp_convert_hr_to_bytes( $upload_max_filesize ) ) {
2059              $result['label'] = sprintf(
2060                  /* translators: 1: post_max_size, 2: upload_max_filesize */
2061                  __( 'The "%1$s" value is smaller than "%2$s".' ),
2062                  'post_max_size',
2063                  'upload_max_filesize'
2064              );
2065              $result['status']      = 'recommended';
2066              $result['description'] = sprintf(
2067                  '<p>%s</p>',
2068                  sprintf(
2069                      /* translators: 1: post_max_size, 2: upload_max_filesize */
2070                      __( 'The setting for %1$s is smaller than %2$s, this could cause some problems when trying to upload files.' ),
2071                      '<code>post_max_size</code>',
2072                      '<code>upload_max_filesize</code>'
2073                  )
2074              );
2075              return $result;
2076          }
2077  
2078          return $result;
2079      }
2080  
2081      /**
2082       * Return a set of tests that belong to the site status page.
2083       *
2084       * Each site status test is defined here, they may be `direct` tests, that run on page load, or `async` tests
2085       * which will run later down the line via JavaScript calls to improve page performance and hopefully also user
2086       * experiences.
2087       *
2088       * @since 5.2.0
2089       * @since 5.6.0 Added support for `has_rest` and `permissions`.
2090       *
2091       * @return array The list of tests to run.
2092       */
2093  	public static function get_tests() {
2094          $tests = array(
2095              'direct' => array(
2096                  'wordpress_version'         => array(
2097                      'label' => __( 'WordPress Version' ),
2098                      'test'  => 'wordpress_version',
2099                  ),
2100                  'plugin_version'            => array(
2101                      'label' => __( 'Plugin Versions' ),
2102                      'test'  => 'plugin_version',
2103                  ),
2104                  'theme_version'             => array(
2105                      'label' => __( 'Theme Versions' ),
2106                      'test'  => 'theme_version',
2107                  ),
2108                  'php_version'               => array(
2109                      'label' => __( 'PHP Version' ),
2110                      'test'  => 'php_version',
2111                  ),
2112                  'php_extensions'            => array(
2113                      'label' => __( 'PHP Extensions' ),
2114                      'test'  => 'php_extensions',
2115                  ),
2116                  'php_default_timezone'      => array(
2117                      'label' => __( 'PHP Default Timezone' ),
2118                      'test'  => 'php_default_timezone',
2119                  ),
2120                  'php_sessions'              => array(
2121                      'label' => __( 'PHP Sessions' ),
2122                      'test'  => 'php_sessions',
2123                  ),
2124                  'sql_server'                => array(
2125                      'label' => __( 'Database Server version' ),
2126                      'test'  => 'sql_server',
2127                  ),
2128                  'utf8mb4_support'           => array(
2129                      'label' => __( 'MySQL utf8mb4 support' ),
2130                      'test'  => 'utf8mb4_support',
2131                  ),
2132                  'https_status'              => array(
2133                      'label' => __( 'HTTPS status' ),
2134                      'test'  => 'https_status',
2135                  ),
2136                  'ssl_support'               => array(
2137                      'label' => __( 'Secure communication' ),
2138                      'test'  => 'ssl_support',
2139                  ),
2140                  'scheduled_events'          => array(
2141                      'label' => __( 'Scheduled events' ),
2142                      'test'  => 'scheduled_events',
2143                  ),
2144                  'http_requests'             => array(
2145                      'label' => __( 'HTTP Requests' ),
2146                      'test'  => 'http_requests',
2147                  ),
2148                  'debug_enabled'             => array(
2149                      'label' => __( 'Debugging enabled' ),
2150                      'test'  => 'is_in_debug_mode',
2151                  ),
2152                  'file_uploads'              => array(
2153                      'label' => __( 'File uploads' ),
2154                      'test'  => 'file_uploads',
2155                  ),
2156                  'plugin_theme_auto_updates' => array(
2157                      'label' => __( 'Plugin and theme auto-updates' ),
2158                      'test'  => 'plugin_theme_auto_updates',
2159                  ),
2160              ),
2161              'async'  => array(
2162                  'dotorg_communication' => array(
2163                      'label'             => __( 'Communication with WordPress.org' ),
2164                      'test'              => rest_url( 'wp-site-health/v1/tests/dotorg-communication' ),
2165                      'has_rest'          => true,
2166                      'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_dotorg_communication' ),
2167                  ),
2168                  'background_updates'   => array(
2169                      'label'             => __( 'Background updates' ),
2170                      'test'              => rest_url( 'wp-site-health/v1/tests/background-updates' ),
2171                      'has_rest'          => true,
2172                      'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_background_updates' ),
2173                  ),
2174                  'loopback_requests'    => array(
2175                      'label'             => __( 'Loopback request' ),
2176                      'test'              => rest_url( 'wp-site-health/v1/tests/loopback-requests' ),
2177                      'has_rest'          => true,
2178                      'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_loopback_requests' ),
2179                  ),
2180              ),
2181          );
2182  
2183          // Conditionally include REST rules if the function for it exists.
2184          if ( function_exists( 'rest_url' ) ) {
2185              $tests['direct']['rest_availability'] = array(
2186                  'label' => __( 'REST API availability' ),
2187                  'test'  => 'rest_availability',
2188              );
2189          }
2190  
2191          /**
2192           * Add or modify which site status tests are run on a site.
2193           *
2194           * The site health is determined by a set of tests based on best practices from
2195           * both the WordPress Hosting Team, but also web standards in general.
2196           *
2197           * Some sites may not have the same requirements, for example the automatic update
2198           * checks may be handled by a host, and are therefore disabled in core.
2199           * Or maybe you want to introduce a new test, is caching enabled/disabled/stale for example.
2200           *
2201           * Tests may be added either as direct, or asynchronous ones. Any test that may require some time
2202           * to complete should run asynchronously, to avoid extended loading periods within wp-admin.
2203           *
2204           * @since 5.2.0
2205           * @since 5.6.0 Added the `async_direct_test` array key.
2206           *
2207           * @param array $test_type {
2208           *     An associative array, where the `$test_type` is either `direct` or
2209           *     `async`, to declare if the test should run via Ajax calls after page load.
2210           *
2211           *     @type array $identifier {
2212           *         `$identifier` should be a unique identifier for the test that should run.
2213           *         Plugins and themes are encouraged to prefix test identifiers with their slug
2214           *         to avoid any collisions between tests.
2215           *
2216           *         @type string   $label             A friendly label for your test to identify it by.
2217           *         @type mixed    $test              A callable to perform a direct test, or a string AJAX action
2218           *                                           to be called to perform an async test.
2219           *         @type boolean  $has_rest          Optional. Denote if `$test` has a REST API endpoint.
2220           *         @type callable $async_direct_test A manner of directly calling the test marked as asynchronous,
2221           *                                           as the scheduled event can not authenticate, and endpoints
2222           *                                           may require authentication.
2223           *     }
2224           * }
2225           */
2226          $tests = apply_filters( 'site_status_tests', $tests );
2227  
2228          // Ensure that the filtered tests contain the required array keys.
2229          $tests = array_merge(
2230              array(
2231                  'direct' => array(),
2232                  'async'  => array(),
2233              ),
2234              $tests
2235          );
2236  
2237          return $tests;
2238      }
2239  
2240      /**
2241       * Add a class to the body HTML tag.
2242       *
2243       * Filters the body class string for admin pages and adds our own class for easier styling.
2244       *
2245       * @since 5.2.0
2246       *
2247       * @param string $body_class The body class string.
2248       * @return string The modified body class string.
2249       */
2250  	public function admin_body_class( $body_class ) {
2251          $screen = get_current_screen();
2252          if ( 'site-health' !== $screen->id ) {
2253              return $body_class;
2254          }
2255  
2256          $body_class .= ' site-health';
2257  
2258          return $body_class;
2259      }
2260  
2261      /**
2262       * Initiate the WP_Cron schedule test cases.
2263       *
2264       * @since 5.2.0
2265       */
2266  	private function wp_schedule_test_init() {
2267          $this->schedules = wp_get_schedules();
2268          $this->get_cron_tasks();
2269      }
2270  
2271      /**
2272       * Populate our list of cron events and store them to a class-wide variable.
2273       *
2274       * @since 5.2.0
2275       */
2276  	private function get_cron_tasks() {
2277          $cron_tasks = _get_cron_array();
2278  
2279          if ( empty( $cron_tasks ) ) {
2280              $this->crons = new WP_Error( 'no_tasks', __( 'No scheduled events exist on this site.' ) );
2281              return;
2282          }
2283  
2284          $this->crons = array();
2285  
2286          foreach ( $cron_tasks as $time => $cron ) {
2287              foreach ( $cron as $hook => $dings ) {
2288                  foreach ( $dings as $sig => $data ) {
2289  
2290                      $this->crons[ "$hook-$sig-$time" ] = (object) array(
2291                          'hook'     => $hook,
2292                          'time'     => $time,
2293                          'sig'      => $sig,
2294                          'args'     => $data['args'],
2295                          'schedule' => $data['schedule'],
2296                          'interval' => isset( $data['interval'] ) ? $data['interval'] : null,
2297                      );
2298  
2299                  }
2300              }
2301          }
2302      }
2303  
2304      /**
2305       * Check if any scheduled tasks have been missed.
2306       *
2307       * Returns a boolean value of `true` if a scheduled task has been missed and ends processing.
2308       *
2309       * If the list of crons is an instance of WP_Error, returns the instance instead of a boolean value.
2310       *
2311       * @since 5.2.0
2312       *
2313       * @return bool|WP_Error True if a cron was missed, false if not. WP_Error if the cron is set to that.
2314       */
2315  	public function has_missed_cron() {
2316          if ( is_wp_error( $this->crons ) ) {
2317              return $this->crons;
2318          }
2319  
2320          foreach ( $this->crons as $id => $cron ) {
2321              if ( ( $cron->time - time() ) < $this->timeout_missed_cron ) {
2322                  $this->last_missed_cron = $cron->hook;
2323                  return true;
2324              }
2325          }
2326  
2327          return false;
2328      }
2329  
2330      /**
2331       * Check if any scheduled tasks are late.
2332       *
2333       * Returns a boolean value of `true` if a scheduled task is late and ends processing.
2334       *
2335       * If the list of crons is an instance of WP_Error, returns the instance instead of a boolean value.
2336       *
2337       * @since 5.3.0
2338       *
2339       * @return bool|WP_Error True if a cron is late, false if not. WP_Error if the cron is set to that.
2340       */
2341  	public function has_late_cron() {
2342          if ( is_wp_error( $this->crons ) ) {
2343              return $this->crons;
2344          }
2345  
2346          foreach ( $this->crons as $id => $cron ) {
2347              $cron_offset = $cron->time - time();
2348              if (
2349                  $cron_offset >= $this->timeout_missed_cron &&
2350                  $cron_offset < $this->timeout_late_cron
2351              ) {
2352                  $this->last_late_cron = $cron->hook;
2353                  return true;
2354              }
2355          }
2356  
2357          return false;
2358      }
2359  
2360      /**
2361       * Check for potential issues with plugin and theme auto-updates.
2362       *
2363       * Though there is no way to 100% determine if plugin and theme auto-updates are configured
2364       * correctly, a few educated guesses could be made to flag any conditions that would
2365       * potentially cause unexpected behaviors.
2366       *
2367       * @since 5.5.0
2368       *
2369       * @return object The test results.
2370       */
2371  	function detect_plugin_theme_auto_update_issues() {
2372          $mock_plugin = (object) array(
2373              'id'            => 'w.org/plugins/a-fake-plugin',
2374              'slug'          => 'a-fake-plugin',
2375              'plugin'        => 'a-fake-plugin/a-fake-plugin.php',
2376              'new_version'   => '9.9',
2377              'url'           => 'https://wordpress.org/plugins/a-fake-plugin/',
2378              'package'       => 'https://downloads.wordpress.org/plugin/a-fake-plugin.9.9.zip',
2379              'icons'         => array(
2380                  '2x' => 'https://ps.w.org/a-fake-plugin/assets/icon-256x256.png',
2381                  '1x' => 'https://ps.w.org/a-fake-plugin/assets/icon-128x128.png',
2382              ),
2383              'banners'       => array(
2384                  '2x' => 'https://ps.w.org/a-fake-plugin/assets/banner-1544x500.png',
2385                  '1x' => 'https://ps.w.org/a-fake-plugin/assets/banner-772x250.png',
2386              ),
2387              'banners_rtl'   => array(),
2388              'tested'        => '5.5.0',
2389              'requires_php'  => '5.6.20',
2390              'compatibility' => new stdClass(),
2391          );
2392  
2393          $mock_theme = (object) array(
2394              'theme'        => 'a-fake-theme',
2395              'new_version'  => '9.9',
2396              'url'          => 'https://wordpress.org/themes/a-fake-theme/',
2397              'package'      => 'https://downloads.wordpress.org/theme/a-fake-theme.9.9.zip',
2398              'requires'     => '5.0.0',
2399              'requires_php' => '5.6.20',
2400          );
2401  
2402          $test_plugins_enabled = wp_is_auto_update_forced_for_item( 'plugin', true, $mock_plugin );
2403          $test_themes_enabled  = wp_is_auto_update_forced_for_item( 'theme', true, $mock_theme );
2404  
2405          $ui_enabled_for_plugins = wp_is_auto_update_enabled_for_type( 'plugin' );
2406          $ui_enabled_for_themes  = wp_is_auto_update_enabled_for_type( 'theme' );
2407          $plugin_filter_present  = has_filter( 'auto_update_plugin' );
2408          $theme_filter_present   = has_filter( 'auto_update_theme' );
2409  
2410          if ( ( ! $test_plugins_enabled && $ui_enabled_for_plugins )
2411              || ( ! $test_themes_enabled && $ui_enabled_for_themes )
2412          ) {
2413              return (object) array(
2414                  'status'  => 'critical',
2415                  'message' => __( 'Auto-updates for plugins and/or themes appear to be disabled, but settings are still set to be displayed. This could cause auto-updates to not work as expected.' ),
2416              );
2417          }
2418  
2419          if ( ( ! $test_plugins_enabled && $plugin_filter_present )
2420              && ( ! $test_themes_enabled && $theme_filter_present )
2421          ) {
2422              return (object) array(
2423                  'status'  => 'recommended',
2424                  'message' => __( 'Auto-updates for plugins and themes appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ),
2425              );
2426          } elseif ( ! $test_plugins_enabled && $plugin_filter_present ) {
2427              return (object) array(
2428                  'status'  => 'recommended',
2429                  'message' => __( 'Auto-updates for plugins appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ),
2430              );
2431          } elseif ( ! $test_themes_enabled && $theme_filter_present ) {
2432              return (object) array(
2433                  'status'  => 'recommended',
2434                  'message' => __( 'Auto-updates for themes appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ),
2435              );
2436          }
2437  
2438          return (object) array(
2439              'status'  => 'good',
2440              'message' => __( 'There appear to be no issues with plugin and theme auto-updates.' ),
2441          );
2442      }
2443  
2444      /**
2445       * Run a loopback test on our site.
2446       *
2447       * Loopbacks are what WordPress uses to communicate with itself to start up WP_Cron, scheduled posts,
2448       * make sure plugin or theme edits don't cause site failures and similar.
2449       *
2450       * @since 5.2.0
2451       *
2452       * @return object The test results.
2453       */
2454  	function can_perform_loopback() {
2455          $cookies = wp_unslash( $_COOKIE );
2456          $timeout = 10;
2457          $headers = array(
2458              'Cache-Control' => 'no-cache',
2459          );
2460          /** This filter is documented in wp-includes/class-wp-http-streams.php */
2461          $sslverify = apply_filters( 'https_local_ssl_verify', false );
2462  
2463          // Include Basic auth in loopback requests.
2464          if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
2465              $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
2466          }
2467  
2468          $url = admin_url();
2469  
2470          $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
2471  
2472          if ( is_wp_error( $r ) ) {
2473              return (object) array(
2474                  'status'  => 'critical',
2475                  'message' => sprintf(
2476                      '%s<br>%s',
2477                      __( 'The loopback request to your site failed, this means features relying on them are not currently working as expected.' ),
2478                      sprintf(
2479                          /* translators: 1: The WordPress error message. 2: The WordPress error code. */
2480                          __( 'Error: %1$s (%2$s)' ),
2481                          $r->get_error_message(),
2482                          $r->get_error_code()
2483                      )
2484                  ),
2485              );
2486          }
2487  
2488          if ( 200 !== wp_remote_retrieve_response_code( $r ) ) {
2489              return (object) array(
2490                  'status'  => 'recommended',
2491                  'message' => sprintf(
2492                      /* translators: %d: The HTTP response code returned. */
2493                      __( 'The loopback request returned an unexpected http status code, %d, it was not possible to determine if this will prevent features from working as expected.' ),
2494                      wp_remote_retrieve_response_code( $r )
2495                  ),
2496              );
2497          }
2498  
2499          return (object) array(
2500              'status'  => 'good',
2501              'message' => __( 'The loopback request to your site completed successfully.' ),
2502          );
2503      }
2504  
2505      /**
2506       * Create a weekly cron event, if one does not already exist.
2507       *
2508       * @since 5.4.0
2509       */
2510  	public function maybe_create_scheduled_event() {
2511          if ( ! wp_next_scheduled( 'wp_site_health_scheduled_check' ) && ! wp_installing() ) {
2512              wp_schedule_event( time() + DAY_IN_SECONDS, 'weekly', 'wp_site_health_scheduled_check' );
2513          }
2514      }
2515  
2516      /**
2517       * Run our scheduled event to check and update the latest site health status for the website.
2518       *
2519       * @since 5.4.0
2520       */
2521  	public function wp_cron_scheduled_check() {
2522          // Bootstrap wp-admin, as WP_Cron doesn't do this for us.
2523          require_once trailingslashit( ABSPATH ) . 'wp-admin/includes/admin.php';
2524  
2525          $tests = WP_Site_Health::get_tests();
2526  
2527          $results = array();
2528  
2529          $site_status = array(
2530              'good'        => 0,
2531              'recommended' => 0,
2532              'critical'    => 0,
2533          );
2534  
2535          // Don't run https test on development environments.
2536          if ( $this->is_development_environment() ) {
2537              unset( $tests['direct']['https_status'] );
2538          }
2539  
2540          foreach ( $tests['direct'] as $test ) {
2541  
2542              if ( is_string( $test['test'] ) ) {
2543                  $test_function = sprintf(
2544                      'get_test_%s',
2545                      $test['test']
2546                  );
2547  
2548                  if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) {
2549                      $results[] = $this->perform_test( array( $this, $test_function ) );
2550                      continue;
2551                  }
2552              }
2553  
2554              if ( is_callable( $test['test'] ) ) {
2555                  $results[] = $this->perform_test( $test['test'] );
2556              }
2557          }
2558  
2559          foreach ( $tests['async'] as $test ) {
2560              // Local endpoints may require authentication, so asynchronous tests can pass a direct test runner as well.
2561              if ( ! empty( $test['async_direct_test'] ) && is_callable( $test['async_direct_test'] ) ) {
2562                  // This test is callable, do so and continue to the next asynchronous check.
2563                  $results[] = $this->perform_test( $test['async_direct_test'] );
2564                  continue;
2565              }
2566  
2567              if ( is_string( $test['test'] ) ) {
2568                  // Check if this test has a REST API endpoint.
2569                  if ( isset( $test['has_rest'] ) && $test['has_rest'] ) {
2570                      $result_fetch = wp_remote_get(
2571                          $test['test'],
2572                          array(
2573                              'body' => array(
2574                                  '_wpnonce' => wp_create_nonce( 'wp_rest' ),
2575                              ),
2576                          )
2577                      );
2578                  } else {
2579                      $result_fetch = wp_remote_post(
2580                          admin_url( 'admin-ajax.php' ),
2581                          array(
2582                              'body' => array(
2583                                  'action'   => $test['test'],
2584                                  '_wpnonce' => wp_create_nonce( 'health-check-site-status' ),
2585                              ),
2586                          )
2587                      );
2588                  }
2589  
2590                  if ( ! is_wp_error( $result_fetch ) && 200 === wp_remote_retrieve_response_code( $result_fetch ) ) {
2591                      $result = json_decode( wp_remote_retrieve_body( $result_fetch ), true );
2592                  } else {
2593                      $result = false;
2594                  }
2595  
2596                  if ( is_array( $result ) ) {
2597                      $results[] = $result;
2598                  } else {
2599                      $results[] = array(
2600                          'status' => 'recommended',
2601                          'label'  => __( 'A test is unavailable' ),
2602                      );
2603                  }
2604              }
2605          }
2606  
2607          foreach ( $results as $result ) {
2608              if ( 'critical' === $result['status'] ) {
2609                  $site_status['critical']++;
2610              } elseif ( 'recommended' === $result['status'] ) {
2611                  $site_status['recommended']++;
2612              } else {
2613                  $site_status['good']++;
2614              }
2615          }
2616  
2617          set_transient( 'health-check-site-status-result', wp_json_encode( $site_status ) );
2618      }
2619  
2620      /**
2621       * Checks if the current environment type is set to 'development' or 'local'.
2622       *
2623       * @since 5.6.0
2624       *
2625       * @return bool True if it is a development environment, false if not.
2626       */
2627  	public function is_development_environment() {
2628          return in_array( wp_get_environment_type(), array( 'development', 'local' ), true );
2629      }
2630  
2631  }


Generated : Mon Oct 26 08:20:01 2020 Cross-referenced by PHPXref