[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

title

Body

[close]

/wp-admin/includes/ -> class-wp-site-health.php (source)

   1  <?php
   2  /**
   3   * Class for looking up a site's health based on a user's WordPress environment.
   4   *
   5   * @package WordPress
   6   * @subpackage Site_Health
   7   * @since 5.2.0
   8   */
   9  
  10  class WP_Site_Health {
  11      private $mysql_min_version_check;
  12      private $mysql_rec_version_check;
  13  
  14      public  $is_mariadb                          = false;
  15      private $mysql_server_version                = '';
  16      private $health_check_mysql_required_version = '5.5';
  17      private $health_check_mysql_rec_version      = '';
  18  
  19      public $schedules;
  20      public $crons;
  21      public $last_missed_cron = null;
  22  
  23      /**
  24       * WP_Site_Health constructor.
  25       *
  26       * @since 5.2.0
  27       */
  28  	public function __construct() {
  29          $this->prepare_sql_data();
  30  
  31          add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
  32  
  33          add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) );
  34      }
  35  
  36      /**
  37       * Enqueues the site health scripts.
  38       *
  39       * @since 5.2.0
  40       */
  41  	public function enqueue_scripts() {
  42          $screen = get_current_screen();
  43          if ( 'site-health' !== $screen->id ) {
  44              return;
  45          }
  46  
  47          $health_check_js_variables = array(
  48              'screen'      => $screen->id,
  49              'nonce'       => array(
  50                  'site_status'        => wp_create_nonce( 'health-check-site-status' ),
  51                  'site_status_result' => wp_create_nonce( 'health-check-site-status-result' ),
  52              ),
  53              'site_status' => array(
  54                  'direct' => array(),
  55                  'async'  => array(),
  56                  'issues' => array(
  57                      'good'        => 0,
  58                      'recommended' => 0,
  59                      'critical'    => 0,
  60                  ),
  61              ),
  62          );
  63  
  64          $issue_counts = get_transient( 'health-check-site-status-result' );
  65  
  66          if ( false !== $issue_counts ) {
  67              $issue_counts = json_decode( $issue_counts );
  68  
  69              $health_check_js_variables['site_status']['issues'] = $issue_counts;
  70          }
  71  
  72          if ( 'site-health' === $screen->id && ! isset( $_GET['tab'] ) ) {
  73              $tests = WP_Site_Health::get_tests();
  74  
  75              // Don't run https test on localhost
  76              if ( 'localhost' === preg_replace( '|https?://|', '', get_site_url() ) ) {
  77                  unset( $tests['direct']['https_status'] );
  78              }
  79  
  80              foreach ( $tests['direct'] as $test ) {
  81                  if ( is_string( $test['test'] ) ) {
  82                      $test_function = sprintf(
  83                          'get_test_%s',
  84                          $test['test']
  85                      );
  86  
  87                      if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) {
  88                          $health_check_js_variables['site_status']['direct'][] = call_user_func( array( $this, $test_function ) );
  89                          continue;
  90                      }
  91                  }
  92  
  93                  if ( is_callable( $test['test'] ) ) {
  94                      $health_check_js_variables['site_status']['direct'][] = call_user_func( $test['test'] );
  95                  }
  96              }
  97  
  98              foreach ( $tests['async'] as $test ) {
  99                  if ( is_string( $test['test'] ) ) {
 100                      $health_check_js_variables['site_status']['async'][] = array(
 101                          'test'      => $test['test'],
 102                          'completed' => false,
 103                      );
 104                  }
 105              }
 106          }
 107  
 108          wp_localize_script( 'site-health', 'SiteHealth', $health_check_js_variables );
 109      }
 110  
 111      /**
 112       * Run the SQL version checks.
 113       *
 114       * These values are used in later tests, but the part of preparing them is more easily managed early
 115       * in the class for ease of access and discovery.
 116       *
 117       * @since 5.2.0
 118       *
 119       * @global wpdb $wpdb WordPress database abstraction object.
 120       */
 121  	private function prepare_sql_data() {
 122          global $wpdb;
 123  
 124          if ( method_exists( $wpdb, 'db_version' ) ) {
 125              if ( $wpdb->use_mysqli ) {
 126                  // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_server_info
 127                  $mysql_server_type = mysqli_get_server_info( $wpdb->dbh );
 128              } else {
 129                  // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_server_info
 130                  $mysql_server_type = mysql_get_server_info( $wpdb->dbh );
 131              }
 132  
 133              $this->mysql_server_version = $wpdb->get_var( 'SELECT VERSION()' );
 134          }
 135  
 136          $this->health_check_mysql_rec_version = '5.6';
 137  
 138          if ( stristr( $mysql_server_type, 'mariadb' ) ) {
 139              $this->is_mariadb                     = true;
 140              $this->health_check_mysql_rec_version = '10.0';
 141          }
 142  
 143          $this->mysql_min_version_check = version_compare( '5.5', $this->mysql_server_version, '<=' );
 144          $this->mysql_rec_version_check = version_compare( $this->health_check_mysql_rec_version, $this->mysql_server_version, '<=' );
 145      }
 146  
 147      /**
 148       * Test if `wp_version_check` is blocked.
 149       *
 150       * It's possible to block updates with the `wp_version_check` filter, but this can't be checked during an
 151       * AJAX call, as the filter is never introduced then.
 152       *
 153       * This filter overrides a normal page request if it's made by an admin through the AJAX call with the
 154       * right query argument to check for this.
 155       *
 156       * @since 5.2.0
 157       */
 158  	public function check_wp_version_check_exists() {
 159          if ( ! is_admin() || ! is_user_logged_in() || ! current_user_can( 'update_core' ) || ! isset( $_GET['health-check-test-wp_version_check'] ) ) {
 160              return;
 161          }
 162  
 163          echo ( has_filter( 'wp_version_check', 'wp_version_check' ) ? 'yes' : 'no' );
 164  
 165          die();
 166      }
 167  
 168      /**
 169       * Tests for WordPress version and outputs it.
 170       *
 171       * Gives various results depending on what kind of updates are available, if any, to encourage the
 172       * user to install security updates as a priority.
 173       *
 174       * @since 5.2.0
 175       *
 176       * @return array The test result.
 177       */
 178  	public function get_test_wordpress_version() {
 179          $result = array(
 180              'label'       => '',
 181              'status'      => '',
 182              'badge'       => array(
 183                  'label' => __( 'Performance' ),
 184                  'color' => 'blue',
 185              ),
 186              'description' => '',
 187              'actions'     => '',
 188              'test'        => 'wordpress_version',
 189          );
 190  
 191          $core_current_version = get_bloginfo( 'version' );
 192          $core_updates         = get_core_updates();
 193  
 194          if ( ! is_array( $core_updates ) ) {
 195              $result['status'] = 'recommended';
 196  
 197              $result['label'] = sprintf(
 198                  // translators: %s: Your current version of WordPress.
 199                  __( 'WordPress version %s' ),
 200                  $core_current_version
 201              );
 202  
 203              $result['description'] = sprintf(
 204                  '<p>%s</p>',
 205                  __( 'We were unable to check if any new versions of WordPress are available.' )
 206              );
 207  
 208              $result['actions'] = sprintf(
 209                  '<a href="%s">%s</a>',
 210                  esc_url( admin_url( 'update-core.php?force-check=1' ) ),
 211                  __( 'Check for updates manually' )
 212              );
 213          } else {
 214              foreach ( $core_updates as $core => $update ) {
 215                  if ( 'upgrade' === $update->response ) {
 216                      $current_version = explode( '.', $core_current_version );
 217                      $new_version     = explode( '.', $update->version );
 218  
 219                      $current_major = $current_version[0] . '.' . $current_version[1];
 220                      $new_major     = $new_version[0] . '.' . $new_version[1];
 221  
 222                      $result['label'] = sprintf(
 223                          // translators: %s: The latest version of WordPress available.
 224                          __( 'WordPress update available (%s)' ),
 225                          $update->version
 226                      );
 227  
 228                      $result['actions'] = sprintf(
 229                          '<a href="%s">%s</a>',
 230                          esc_url( admin_url( 'update-core.php' ) ),
 231                          __( 'Install the latest version of WordPress' )
 232                      );
 233  
 234                      if ( $current_major !== $new_major ) {
 235                          // This is a major version mismatch.
 236                          $result['status']      = 'recommended';
 237                          $result['description'] = sprintf(
 238                              '<p>%s</p>',
 239                              __( 'A new version of WordPress is available.' )
 240                          );
 241                      } else {
 242                          // This is a minor version, sometimes considered more critical.
 243                          $result['status']         = 'critical';
 244                          $result['badge']['label'] = __( 'Security' );
 245                          $result['description']    = sprintf(
 246                              '<p>%s</p>',
 247                              __( 'A new minor update is available for your site. Because minor updates often address security, it&#8217;s important to install them.' )
 248                          );
 249                      }
 250                  } else {
 251                      $result['status'] = 'good';
 252                      $result['label']  = sprintf(
 253                          // translators: %s: The current version of WordPress installed on this site.
 254                          __( 'Your WordPress version is up to date (%s)' ),
 255                          $core_current_version
 256                      );
 257  
 258                      $result['description'] = sprintf(
 259                          '<p>%s</p>',
 260                          __( 'You are currently running the latest version of WordPress available, keep it up!' )
 261                      );
 262                  }
 263              }
 264          }
 265  
 266          return $result;
 267      }
 268  
 269      /**
 270       * Test if plugins are outdated, or unnecessary.
 271       *
 272       * The tests checks if your plugins are up to date, and encourages you to remove any that are not in use.
 273       *
 274       * @since 5.2.0
 275       *
 276       * @return array The test result.
 277       */
 278  	public function get_test_plugin_version() {
 279          $result = array(
 280              'label'       => __( 'Your plugins are up to date' ),
 281              'status'      => 'good',
 282              'badge'       => array(
 283                  'label' => __( 'Security' ),
 284                  'color' => 'blue',
 285              ),
 286              'description' => sprintf(
 287                  '<p>%s</p>',
 288                  __( 'Plugins extend your site&#8217;s functionality with things like contact forms, ecommerce and much more. That means they have deep access to your site, so it&#8217;s vital to keep them up to date.' )
 289              ),
 290              'actions'     => sprintf(
 291                  '<p><a href="%s">%s</a></p>',
 292                  esc_url( admin_url( 'plugins.php' ) ),
 293                  __( 'Manage your plugins' )
 294              ),
 295              'test'        => 'plugin_version',
 296          );
 297  
 298          $plugins        = get_plugins();
 299          $plugin_updates = get_plugin_updates();
 300  
 301          $plugins_have_updates = false;
 302          $plugins_active       = 0;
 303          $plugins_total        = 0;
 304          $plugins_need_update  = 0;
 305  
 306          // Loop over the available plugins and check their versions and active state.
 307          foreach ( $plugins as $plugin_path => $plugin ) {
 308              $plugins_total++;
 309  
 310              if ( is_plugin_active( $plugin_path ) ) {
 311                  $plugins_active++;
 312              }
 313  
 314              $plugin_version = $plugin['Version'];
 315  
 316              if ( array_key_exists( $plugin_path, $plugin_updates ) ) {
 317                  $plugins_need_update++;
 318                  $plugins_have_updates = true;
 319              }
 320          }
 321  
 322          // Add a notice if there are outdated plugins.
 323          if ( $plugins_need_update > 0 ) {
 324              $result['status'] = 'critical';
 325  
 326              $result['label'] = __( 'You have plugins waiting to be updated' );
 327  
 328              $result['description'] .= sprintf(
 329                  '<p>%s</p>',
 330                  sprintf(
 331                      /* translators: %d: The number of outdated plugins. */
 332                      _n(
 333                          'Your site has %d plugin waiting to be updated.',
 334                          'Your site has %d plugins waiting to be updated.',
 335                          $plugins_need_update
 336                      ),
 337                      $plugins_need_update
 338                  )
 339              );
 340  
 341              $result['actions'] .= sprintf(
 342                  '<p><a href="%s">%s</a></p>',
 343                  esc_url( network_admin_url( 'plugins.php?plugin_status=upgrade' ) ),
 344                  __( 'Update your plugins' )
 345              );
 346          } else {
 347              if ( 1 === $plugins_active ) {
 348                  $result['description'] .= sprintf(
 349                      '<p>%s</p>',
 350                      __( 'Your site has 1 active plugin, and it is up to date.' )
 351                  );
 352              } else {
 353                  $result['description'] .= sprintf(
 354                      '<p>%s</p>',
 355                      sprintf(
 356                          /* translators: %d: The number of active plugins. */
 357                          _n(
 358                              'Your site has %d active plugin, and it is up to date.',
 359                              'Your site has %d active plugins, and they are all up to date.',
 360                              $plugins_active
 361                          ),
 362                          $plugins_active
 363                      )
 364                  );
 365              }
 366          }
 367  
 368          // Check if there are inactive plugins.
 369          if ( $plugins_total > $plugins_active && ! is_multisite() ) {
 370              $unused_plugins = $plugins_total - $plugins_active;
 371  
 372              $result['status'] = 'recommended';
 373  
 374              $result['label'] = __( 'You should remove inactive plugins' );
 375  
 376              $result['description'] .= sprintf(
 377                  '<p>%s %s</p>',
 378                  sprintf(
 379                      /* translators: %d: The number of inactive plugins. */
 380                      _n(
 381                          'Your site has %d inactive plugin.',
 382                          'Your site has %d inactive plugins.',
 383                          $unused_plugins
 384                      ),
 385                      $unused_plugins
 386                  ),
 387                  __( 'Inactive plugins are tempting targets for attackers. If you&#8217;re not going to use a plugin, we recommend you remove it.' )
 388              );
 389  
 390              $result['actions'] .= sprintf(
 391                  '<p><a href="%s">%s</a></p>',
 392                  esc_url( admin_url( 'plugins.php?plugin_status=inactive' ) ),
 393                  __( 'Manage inactive plugins' )
 394              );
 395          }
 396  
 397          return $result;
 398      }
 399  
 400      /**
 401       * Test if themes are outdated, or unnecessary.
 402       *
 403       * The tests checks if your site has a default theme (to fall back on if there is a need), if your themes
 404       * are up to date and, finally, encourages you to remove any themes that are not needed.
 405       *
 406       * @since 5.2.0
 407       *
 408       * @return array The test results.
 409       */
 410  	public function get_test_theme_version() {
 411          $result = array(
 412              'label'       => __( 'Your themes are up to date' ),
 413              'status'      => 'good',
 414              'badge'       => array(
 415                  'label' => __( 'Security' ),
 416                  'color' => 'blue',
 417              ),
 418              'description' => sprintf(
 419                  '<p>%s</p>',
 420                  __( 'Themes add your site&#8217;s look and feel. It&#8217;s important to keep them up to date, to stay consistent with your brand and keep your site secure.' )
 421              ),
 422              'actions'     => sprintf(
 423                  '<p><a href="%s">%s</a></p>',
 424                  esc_url( admin_url( 'themes.php' ) ),
 425                  __( 'Manage your themes' )
 426              ),
 427              'test'        => 'theme_version',
 428          );
 429  
 430          $theme_updates = get_theme_updates();
 431  
 432          $themes_total        = 0;
 433          $themes_need_updates = 0;
 434          $themes_inactive     = 0;
 435  
 436          // This value is changed during processing to determine how many themes are considered a reasonable amount.
 437          $allowed_theme_count = 1;
 438  
 439          $has_default_theme   = false;
 440          $has_unused_themes   = false;
 441          $show_unused_themes  = true;
 442          $using_default_theme = false;
 443  
 444          // Populate a list of all themes available in the install.
 445          $all_themes   = wp_get_themes();
 446          $active_theme = wp_get_theme();
 447  
 448          foreach ( $all_themes as $theme_slug => $theme ) {
 449              $themes_total++;
 450  
 451              if ( WP_DEFAULT_THEME === $theme_slug ) {
 452                  $has_default_theme = true;
 453  
 454                  if ( get_stylesheet() === $theme_slug ) {
 455                      $using_default_theme = true;
 456                  }
 457              }
 458  
 459              if ( array_key_exists( $theme_slug, $theme_updates ) ) {
 460                  $themes_need_updates++;
 461              }
 462          }
 463  
 464          // If this is a child theme, increase the allowed theme count by one, to account for the parent.
 465          if ( $active_theme->parent() ) {
 466              $allowed_theme_count++;
 467  
 468              if ( $active_theme->get_template() === WP_DEFAULT_THEME ) {
 469                  $using_default_theme = true;
 470              }
 471          }
 472  
 473          // If there's a default theme installed and not in use, we count that as allowed as well.
 474          if ( $has_default_theme && ! $using_default_theme ) {
 475              $allowed_theme_count++;
 476          }
 477  
 478          if ( $themes_total > $allowed_theme_count ) {
 479              $has_unused_themes = true;
 480              $themes_inactive   = ( $themes_total - $allowed_theme_count );
 481          }
 482  
 483          // Check if any themes need to be updated.
 484          if ( $themes_need_updates > 0 ) {
 485              $result['status'] = 'critical';
 486  
 487              $result['label'] = __( 'You have themes waiting to be updated' );
 488  
 489              $result['description'] .= sprintf(
 490                  '<p>%s</p>',
 491                  sprintf(
 492                      /* translators: %d: The number of outdated themes. */
 493                      _n(
 494                          'Your site has %d theme waiting to be updated.',
 495                          'Your site has %d themes waiting to be updated.',
 496                          $themes_need_updates
 497                      ),
 498                      $themes_need_updates
 499                  )
 500              );
 501          } else {
 502              // Give positive feedback about the site being good about keeping things up to date.
 503              if ( 1 === $themes_total ) {
 504                  $result['description'] .= sprintf(
 505                      '<p>%s</p>',
 506                      __( 'Your site has 1 installed theme, and it is up to date.' )
 507                  );
 508              } else {
 509                  $result['description'] .= sprintf(
 510                      '<p>%s</p>',
 511                      sprintf(
 512                          /* translators: %d: The number of themes. */
 513                          _n(
 514                              'Your site has %d installed theme, and it is up to date.',
 515                              'Your site has %d installed themes, and they are all up to date.',
 516                              $themes_total
 517                          ),
 518                          $themes_total
 519                      )
 520                  );
 521              }
 522          }
 523  
 524          if ( $has_unused_themes && $show_unused_themes && ! is_multisite() ) {
 525  
 526              // This is a child theme, so we want to be a bit more explicit in our messages.
 527              if ( $active_theme->parent() ) {
 528                  // Recommend removing inactive themes, except a default theme, your current one, and the parent theme.
 529                  $result['status'] = 'recommended';
 530  
 531                  $result['label'] = __( 'You should remove inactive themes' );
 532  
 533                  if ( $using_default_theme ) {
 534                      $result['description'] .= sprintf(
 535                          '<p>%s %s</p>',
 536                          sprintf(
 537                              /* translators: %d: The number of inactive themes. */
 538                              _n(
 539                                  'Your site has %d inactive theme.',
 540                                  'Your site has %d inactive themes.',
 541                                  $themes_inactive
 542                              ),
 543                              $themes_inactive
 544                          ),
 545                          sprintf(
 546                              /* translators: 1: The currently active theme. 2: The active theme's parent theme. */
 547                              __( 'To enhance your site&#8217;s security, we recommend you remove any themes you&#8217;re not using. You should keep your current theme, %1$s, and %2$s, its parent theme.' ),
 548                              $active_theme->name,
 549                              $active_theme->parent()->name
 550                          )
 551                      );
 552                  } else {
 553                      $result['description'] .= sprintf(
 554                          '<p>%s %s</p>',
 555                          sprintf(
 556                              /* translators: %d: The number of inactive themes. */
 557                              _n(
 558                                  'Your site has %d inactive theme.',
 559                                  'Your site has %d inactive themes.',
 560                                  $themes_inactive
 561                              ),
 562                              $themes_inactive
 563                          ),
 564                          sprintf(
 565                              /* translators: 1: The default theme for WordPress. 2: The currently active theme. 3: The active theme's parent theme. */
 566                              __( 'To enhance your site&#8217;s security, we recommend you remove any themes you&#8217;re not using. You should keep %1$s, the default WordPress theme, %2$s, your current theme, and %3$s, its parent theme.' ),
 567                              WP_DEFAULT_THEME,
 568                              $active_theme->name,
 569                              $active_theme->parent()->name
 570                          )
 571                      );
 572                  }
 573              } else {
 574                  // Recommend removing all inactive themes.
 575                  $result['status'] = 'recommended';
 576  
 577                  $result['label'] = __( 'You should remove inactive themes' );
 578  
 579                  if ( $using_default_theme ) {
 580                      $result['description'] .= sprintf(
 581                          '<p>%s %s</p>',
 582                          sprintf(
 583                              /* translators: 1: The amount of inactive themes. 2: The currently active theme. */
 584                              _n(
 585                                  'Your site has %1$d inactive theme, other than %2$s, your active theme.',
 586                                  'Your site has %1$d inactive themes, other than %2$s, your active theme.',
 587                                  $themes_inactive
 588                              ),
 589                              $themes_inactive,
 590                              $active_theme->name
 591                          ),
 592                          __( 'We recommend removing any unused themes to enhance your site&#8217;s security.' )
 593                      );
 594                  } else {
 595                      $result['description'] .= sprintf(
 596                          '<p>%s %s</p>',
 597                          sprintf(
 598                              /* translators: 1: The amount of inactive themes. 2: The default theme for WordPress. 3: The currently active theme. */
 599                              _n(
 600                                  'Your site has %1$d inactive theme, other than %2$s, the default WordPress theme, and %3$s, your active theme.',
 601                                  'Your site has %1$d inactive themes, other than %2$s, the default WordPress theme, and %3$s, your active theme.',
 602                                  $themes_inactive
 603                              ),
 604                              $themes_inactive,
 605                              WP_DEFAULT_THEME,
 606                              $active_theme->name
 607                          ),
 608                          __( 'We recommend removing any unused themes to enhance your site&#8217;s security.' )
 609                      );
 610                  }
 611              }
 612          }
 613  
 614          // If not default Twenty* theme exists.
 615          if ( ! $has_default_theme ) {
 616              $result['status'] = 'recommended';
 617  
 618              $result['label'] = __( 'Have a default theme available' );
 619  
 620              $result['description'] .= sprintf(
 621                  '<p>%s</p>',
 622                  __( 'Your site does not have any default theme. Default themes are used by WordPress automatically if anything is wrong with your normal theme.' )
 623              );
 624          }
 625  
 626          return $result;
 627      }
 628  
 629      /**
 630       * Test if the supplied PHP version is supported.
 631       *
 632       * @since 5.2.0
 633       *
 634       * @return array The test results.
 635       */
 636  	public function get_test_php_version() {
 637          $response = wp_check_php_version();
 638  
 639          $result = array(
 640              'label'       => sprintf(
 641                  // translators: %s: The current PHP version.
 642                  __( 'PHP is up to date (%s)' ),
 643                  PHP_VERSION
 644              ),
 645              'status'      => 'good',
 646              'badge'       => array(
 647                  'label' => __( 'Performance' ),
 648                  'color' => 'blue',
 649              ),
 650              'description' => sprintf(
 651                  '<p>%s</p>',
 652                  __( 'PHP is the programming language we use to build and maintain WordPress. Newer versions of PHP are both faster and more secure, so updating will have a positive effect on your site&#8217;s performance.' )
 653              ),
 654              'actions'     => sprintf(
 655                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
 656                  esc_url( wp_get_update_php_url() ),
 657                  __( 'Learn more about updating PHP' ),
 658                  /* translators: accessibility text */
 659                  __( '(opens in a new tab)' )
 660              ),
 661              'test'        => 'php_version',
 662          );
 663  
 664          // PHP is up to date.
 665          if ( ! $response || version_compare( PHP_VERSION, $response['recommended_version'], '>=' ) ) {
 666              return $result;
 667          }
 668  
 669          // The PHP version is older than the recommended version, but still acceptable.
 670          if ( $response['is_supported'] ) {
 671              $result['label']  = __( 'We recommend that you update PHP' );
 672              $result['status'] = 'recommended';
 673  
 674              return $result;
 675          }
 676  
 677          // The PHP version is only receiving security fixes.
 678          if ( $response['is_secure'] ) {
 679              $result['label']  = __( 'Your PHP version should be updated' );
 680              $result['status'] = 'recommended';
 681  
 682              return $result;
 683          }
 684  
 685          // Anything no longer secure must be updated.
 686          $result['label']          = __( 'Your PHP version requires an update' );
 687          $result['status']         = 'critical';
 688          $result['badge']['label'] = __( 'Security' );
 689  
 690          return $result;
 691      }
 692  
 693      /**
 694       * Check if the passed extension or function are available.
 695       *
 696       * Make the check for available PHP modules into a simple boolean operator for a cleaner test runner.
 697       *
 698       * @since 5.2.0
 699       *
 700       * @param string $extension Optional. The extension name to test. Default null.
 701       * @param string $function  Optional. The function name to test. Default null.
 702       *
 703       * @return bool Whether or not the extension and function are available.
 704       */
 705  	private function test_php_extension_availability( $extension = null, $function = null ) {
 706          // If no extension or function is passed, claim to fail testing, as we have nothing to test against.
 707          if ( ! $extension && ! $function ) {
 708              return false;
 709          }
 710  
 711          if ( $extension && ! extension_loaded( $extension ) ) {
 712              return false;
 713          }
 714          if ( $function && ! function_exists( $function ) ) {
 715              return false;
 716          }
 717  
 718          return true;
 719      }
 720  
 721      /**
 722       * Test if required PHP modules are installed on the host.
 723       *
 724       * This test builds on the recommendations made by the WordPress Hosting Team
 725       * as seen at https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions
 726       *
 727       * @since 5.2.0
 728       *
 729       * @return array
 730       */
 731  	public function get_test_php_extensions() {
 732          $result = array(
 733              'label'       => __( 'Required and recommended modules are installed' ),
 734              'status'      => 'good',
 735              'badge'       => array(
 736                  'label' => __( 'Performance' ),
 737                  'color' => 'blue',
 738              ),
 739              'description' => sprintf(
 740                  '<p>%s</p><p>%s</p>',
 741                  __( 'PHP modules perform most of the tasks on the server that make your site run. Any changes to these must be made by your server administrator.' ),
 742                  sprintf(
 743                      /* translators: 1: Link to the hosting group page about recommended PHP modules. 2: Additional link attributes. 3: Accessibility text. */
 744                      __( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ),
 745                      /* translators: Localized team handbook, if one exists. */
 746                      esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ),
 747                      'target="_blank" rel="noopener noreferrer"',
 748                      sprintf(
 749                          ' <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>',
 750                          /* translators: accessibility text */
 751                          __( '(opens in a new tab)' )
 752                      )
 753                  )
 754              ),
 755              'actions'     => '',
 756              'test'        => 'php_extensions',
 757          );
 758  
 759          $modules = array(
 760              'bcmath'    => array(
 761                  'function' => 'bcadd',
 762                  'required' => false,
 763              ),
 764              'curl'      => array(
 765                  'function' => 'curl_version',
 766                  'required' => false,
 767              ),
 768              'exif'      => array(
 769                  'function' => 'exif_read_data',
 770                  'required' => false,
 771              ),
 772              'filter'    => array(
 773                  'function' => 'filter_list',
 774                  'required' => false,
 775              ),
 776              'fileinfo'  => array(
 777                  'function' => 'finfo_file',
 778                  'required' => false,
 779              ),
 780              'mod_xml'   => array(
 781                  'extension' => 'libxml',
 782                  'required'  => false,
 783              ),
 784              'mysqli'    => array(
 785                  'function' => 'mysqli_connect',
 786                  'required' => false,
 787              ),
 788              'libsodium' => array(
 789                  'function'            => 'sodium_compare',
 790                  'required'            => false,
 791                  'php_bundled_version' => '7.2.0',
 792              ),
 793              'openssl'   => array(
 794                  'function' => 'openssl_encrypt',
 795                  'required' => false,
 796              ),
 797              'pcre'      => array(
 798                  'function' => 'preg_match',
 799                  'required' => false,
 800              ),
 801              'imagick'   => array(
 802                  'extension' => 'imagick',
 803                  'required'  => false,
 804              ),
 805              'gd'        => array(
 806                  'extension'    => 'gd',
 807                  'required'     => false,
 808                  'fallback_for' => 'imagick',
 809              ),
 810              'mcrypt'    => array(
 811                  'extension'    => 'mcrypt',
 812                  'required'     => false,
 813                  'fallback_for' => 'libsodium',
 814              ),
 815              'xmlreader' => array(
 816                  'extension'    => 'xmlreader',
 817                  'required'     => false,
 818                  'fallback_for' => 'xml',
 819              ),
 820              'zlib'      => array(
 821                  'extension'    => 'zlib',
 822                  'required'     => false,
 823                  'fallback_for' => 'zip',
 824              ),
 825          );
 826  
 827          /**
 828           * An array representing all the modules we wish to test for.
 829           *
 830           * @since 5.2.0
 831           *
 832           * @param array $modules {
 833           *     An associated array of modules to test for.
 834           *
 835           *     array $module {
 836           *         An associated array of module properties used during testing.
 837           *         One of either `$function` or `$extension` must be provided, or they will fail by default.
 838           *
 839           *         string $function     Optional. A function name to test for the existence of.
 840           *         string $extension    Optional. An extension to check if is loaded in PHP.
 841           *         bool   $required     Is this a required feature or not.
 842           *         string $fallback_for Optional. The module this module replaces as a fallback.
 843           *     }
 844           * }
 845           */
 846          $modules = apply_filters( 'site_status_test_php_modules', $modules );
 847  
 848          $failures = array();
 849  
 850          foreach ( $modules as $library => $module ) {
 851              $extension = ( isset( $module['extension'] ) ? $module['extension'] : null );
 852              $function  = ( isset( $module['function'] ) ? $module['function'] : null );
 853  
 854              // If this module is a fallback for another function, check if that other function passed.
 855              if ( isset( $module['fallback_for'] ) ) {
 856                  /*
 857                   * If that other function has a failure, mark this module as required for normal operations.
 858                   * If that other function hasn't failed, skip this test as it's only a fallback.
 859                   */
 860                  if ( isset( $failures[ $module['fallback_for'] ] ) ) {
 861                      $module['required'] = true;
 862                  } else {
 863                      continue;
 864                  }
 865              }
 866  
 867              if ( ! $this->test_php_extension_availability( $extension, $function ) && ( ! isset( $module['php_bundled_version'] ) || version_compare( PHP_VERSION, $module['php_bundled_version'], '<' ) ) ) {
 868                  if ( $module['required'] ) {
 869                      $result['status'] = 'critical';
 870  
 871                      $class         = 'error';
 872                      $screen_reader = __( 'Error' );
 873                      $message       = sprintf(
 874                          /* translators: %s: The module name. */
 875                          __( 'The required module, %s, is not installed, or has been disabled.' ),
 876                          $library
 877                      );
 878                  } else {
 879                      $class         = 'warning';
 880                      $screen_reader = __( 'Warning' );
 881                      $message       = sprintf(
 882                          /* translators: %s: The module name. */
 883                          __( 'The optional module, %s, is not installed, or has been disabled.' ),
 884                          $library
 885                      );
 886                  }
 887  
 888                  if ( ! $module['required'] && 'good' === $result['status'] ) {
 889                      $result['status'] = 'recommended';
 890                  }
 891  
 892                  $failures[ $library ] = "<span class='dashicons $class'><span class='screen-reader-text'>$screen_reader</span></span> $message";
 893              }
 894          }
 895  
 896          if ( ! empty( $failures ) ) {
 897              $output = '<ul>';
 898  
 899              foreach ( $failures as $failure ) {
 900                  $output .= sprintf(
 901                      '<li>%s</li>',
 902                      $failure
 903                  );
 904              }
 905  
 906              $output .= '</ul>';
 907          }
 908  
 909          if ( 'good' !== $result['status'] ) {
 910              if ( 'recommended' === $result['status'] ) {
 911                  $result['label'] = __( 'One or more recommended modules are missing' );
 912              }
 913              if ( 'critical' === $result['status'] ) {
 914                  $result['label'] = __( 'One or more required modules are missing' );
 915              }
 916  
 917              $result['description'] .= sprintf(
 918                  '<p>%s</p>',
 919                  $output
 920              );
 921          }
 922  
 923          return $result;
 924      }
 925  
 926      /**
 927       * Test if the SQL server is up to date.
 928       *
 929       * @since 5.2.0
 930       *
 931       * @return array The test results.
 932       */
 933  	public function get_test_sql_server() {
 934          $result = array(
 935              'label'       => __( 'SQL server is up to date' ),
 936              'status'      => 'good',
 937              'badge'       => array(
 938                  'label' => __( 'Performance' ),
 939                  'color' => 'blue',
 940              ),
 941              'description' => sprintf(
 942                  '<p>%s</p>',
 943                  __( 'The SQL server is a required piece of software for the database WordPress uses to store all your site&#8217;s content and settings.' )
 944              ),
 945              'actions'     => sprintf(
 946                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
 947                  /* translators: Localized version of WordPress requirements if one exists. */
 948                  esc_url( __( 'https://wordpress.org/about/requirements/' ) ),
 949                  __( 'Read more about what WordPress requires to run.' ),
 950                  /* translators: accessibility text */
 951                  __( '(opens in a new tab)' )
 952              ),
 953              'test'        => 'sql_server',
 954          );
 955  
 956          $db_dropin = file_exists( WP_CONTENT_DIR . '/db.php' );
 957  
 958          if ( ! $this->mysql_rec_version_check ) {
 959              $result['status'] = 'recommended';
 960  
 961              $result['label'] = __( 'Outdated SQL server' );
 962  
 963              $result['description'] .= sprintf(
 964                  '<p>%s</p>',
 965                  sprintf(
 966                      /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server recommended version number. */
 967                      __( 'For optimal performance and security reasons, we recommend running %1$s version %2$s or higher. Contact your web hosting company to correct this.' ),
 968                      ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ),
 969                      $this->health_check_mysql_rec_version
 970                  )
 971              );
 972          }
 973  
 974          if ( ! $this->mysql_min_version_check ) {
 975              $result['status'] = 'critical';
 976  
 977              $result['label']          = __( 'Severely outdated SQL server' );
 978              $result['badge']['label'] = __( 'Security' );
 979  
 980              $result['description'] .= sprintf(
 981                  '<p>%s</p>',
 982                  sprintf(
 983                      /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server minimum version number. */
 984                      __( 'WordPress requires %1$s version %2$s or higher. Contact your web hosting company to correct this.' ),
 985                      ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ),
 986                      $this->health_check_mysql_required_version
 987                  )
 988              );
 989          }
 990  
 991          if ( $db_dropin ) {
 992              $result['description'] .= sprintf(
 993                  '<p>%s</p>',
 994                  wp_kses(
 995                      sprintf(
 996                          /* translators: 1: The name of the drop-in. 2: The name of the database engine. */
 997                          __( 'You are using a %1$s drop-in which might mean that a %2$s database is not being used.' ),
 998                          '<code>wp-content/db.php</code>',
 999                          ( $this->is_mariadb ? 'MariaDB' : 'MySQL' )
1000                      ),
1001                      array(
1002                          'code' => true,
1003                      )
1004                  )
1005              );
1006          }
1007  
1008          return $result;
1009      }
1010  
1011      /**
1012       * Test if the database server is capable of using utf8mb4.
1013       *
1014       * @since 5.2.0
1015       *
1016       * @return array The test results.
1017       */
1018  	public function get_test_utf8mb4_support() {
1019          global $wpdb;
1020  
1021          $result = array(
1022              'label'       => __( 'UTF8MB4 is supported' ),
1023              'status'      => 'good',
1024              'badge'       => array(
1025                  'label' => __( 'Performance' ),
1026                  'color' => 'blue',
1027              ),
1028              'description' => sprintf(
1029                  '<p>%s</p>',
1030                  __( 'UTF8MB4 is a database storage attribute that makes sure your site can store non-English text and other strings (for instance emoticons) without unexpected problems.' )
1031              ),
1032              'actions'     => '',
1033              'test'        => 'utf8mb4_support',
1034          );
1035  
1036          if ( ! $this->is_mariadb ) {
1037              if ( version_compare( $this->mysql_server_version, '5.5.3', '<' ) ) {
1038                  $result['status'] = 'recommended';
1039  
1040                  $result['label'] = __( 'utf8mb4 requires a MySQL update' );
1041  
1042                  $result['description'] .= sprintf(
1043                      '<p>%s</p>',
1044                      sprintf(
1045                          /* translators: %s: Version number. */
1046                          __( 'WordPress&#8217; utf8mb4 support requires MySQL version %s or greater. Please contact your server administrator.' ),
1047                          '5.5.3'
1048                      )
1049                  );
1050              } else {
1051                  $result['description'] .= sprintf(
1052                      '<p>%s</p>',
1053                      __( 'Your MySQL version supports utf8mb4.' )
1054                  );
1055              }
1056          } else { // MariaDB introduced utf8mb4 support in 5.5.0
1057              if ( version_compare( $this->mysql_server_version, '5.5.0', '<' ) ) {
1058                  $result['status'] = 'recommended';
1059  
1060                  $result['label'] = __( 'utf8mb4 requires a MariaDB update' );
1061  
1062                  $result['description'] .= sprintf(
1063                      '<p>%s</p>',
1064                      sprintf(
1065                          /* translators: %s: Version number. */
1066                          __( 'WordPress&#8217; utf8mb4 support requires MariaDB version %s or greater. Please contact your server administrator.' ),
1067                          '5.5.0'
1068                      )
1069                  );
1070              } else {
1071                  $result['description'] .= sprintf(
1072                      '<p>%s</p>',
1073                      __( 'Your MariaDB version supports utf8mb4.' )
1074                  );
1075              }
1076          }
1077  
1078          if ( $wpdb->use_mysqli ) {
1079              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_client_info
1080              $mysql_client_version = mysqli_get_client_info();
1081          } else {
1082              // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_client_info
1083              $mysql_client_version = mysql_get_client_info();
1084          }
1085  
1086          /*
1087           * libmysql has supported utf8mb4 since 5.5.3, same as the MySQL server.
1088           * mysqlnd has supported utf8mb4 since 5.0.9.
1089           */
1090          if ( false !== strpos( $mysql_client_version, 'mysqlnd' ) ) {
1091              $mysql_client_version = preg_replace( '/^\D+([\d.]+).*/', '$1', $mysql_client_version );
1092              if ( version_compare( $mysql_client_version, '5.0.9', '<' ) ) {
1093                  $result['status'] = 'recommended';
1094  
1095                  $result['label'] = __( 'utf8mb4 requires a newer client library' );
1096  
1097                  $result['description'] .= sprintf(
1098                      '<p>%s</p>',
1099                      sprintf(
1100                          /* translators: 1: Name of the library, 2: Number of version. */
1101                          __( 'WordPress&#8217; utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ),
1102                          'mysqlnd',
1103                          '5.0.9'
1104                      )
1105                  );
1106              }
1107          } else {
1108              if ( version_compare( $mysql_client_version, '5.5.3', '<' ) ) {
1109                  $result['status'] = 'recommended';
1110  
1111                  $result['label'] = __( 'utf8mb4 requires a newer client library' );
1112  
1113                  $result['description'] .= sprintf(
1114                      '<p>%s</p>',
1115                      sprintf(
1116                          /* translators: 1: Name of the library, 2: Number of version. */
1117                          __( 'WordPress&#8217; utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ),
1118                          'libmysql',
1119                          '5.5.3'
1120                      )
1121                  );
1122              }
1123          }
1124  
1125          return $result;
1126      }
1127  
1128      /**
1129       * Test if the site can communicate with WordPress.org.
1130       *
1131       * @since 5.2.0
1132       *
1133       * @return array The test results.
1134       */
1135  	public function get_test_dotorg_communication() {
1136          $result = array(
1137              'label'       => __( 'Can communicate with WordPress.org' ),
1138              'status'      => '',
1139              'badge'       => array(
1140                  'label' => __( 'Security' ),
1141                  'color' => 'blue',
1142              ),
1143              'description' => sprintf(
1144                  '<p>%s</p>',
1145                  __( 'Communicating with the WordPress servers is used to check for new versions, and to both install and update WordPress core, themes or plugins.' )
1146              ),
1147              'actions'     => '',
1148              'test'        => 'dotorg_communication',
1149          );
1150  
1151          $wp_dotorg = wp_remote_get(
1152              'https://api.wordpress.org',
1153              array(
1154                  'timeout' => 10,
1155              )
1156          );
1157          if ( ! is_wp_error( $wp_dotorg ) ) {
1158              $result['status'] = 'good';
1159          } else {
1160              $result['status'] = 'critical';
1161  
1162              $result['label'] = __( 'Could not reach WordPress.org' );
1163  
1164              $result['description'] .= sprintf(
1165                  '<p>%s</p>',
1166                  sprintf(
1167                      '<span class="error"><span class="screen-reader-text">%s</span></span> %s',
1168                      __( 'Error' ),
1169                      sprintf(
1170                          /* translators: 1: The IP address WordPress.org resolves to. 2: The error returned by the lookup. */
1171                          __( 'Your site is unable to reach WordPress.org at %1$s, and returned the error: %2$s' ),
1172                          gethostbyname( 'api.wordpress.org' ),
1173                          $wp_dotorg->get_error_message()
1174                      )
1175                  )
1176              );
1177  
1178              $result['actions'] = sprintf(
1179                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1180                  /* translators: Localized Support reference. */
1181                  esc_url( __( 'https://wordpress.org/support' ) ),
1182                  __( 'Get help resolving this issue.' ),
1183                  /* translators: accessibility text */
1184                  __( '(opens in a new tab)' )
1185              );
1186          }
1187  
1188          return $result;
1189      }
1190  
1191      /**
1192       * Test if debug information is enabled.
1193       *
1194       * When WP_DEBUG is enabled, errors and information may be disclosed to site visitors, or it may be
1195       * logged to a publicly accessible file.
1196       *
1197       * Debugging is also frequently left enabled after looking for errors on a site, as site owners do
1198       * not understand the implications of this.
1199       *
1200       * @since 5.2.0
1201       *
1202       * @return array The test results.
1203       */
1204  	public function get_test_is_in_debug_mode() {
1205          $result = array(
1206              'label'       => __( 'Your site is not set to output debug information' ),
1207              'status'      => 'good',
1208              'badge'       => array(
1209                  'label' => __( 'Security' ),
1210                  'color' => 'blue',
1211              ),
1212              'description' => sprintf(
1213                  '<p>%s</p>',
1214                  __( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' )
1215              ),
1216              'actions'     => sprintf(
1217                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1218                  /* translators: Documentation explaining debugging in WordPress. */
1219                  esc_url( __( 'https://wordpress.org/support/article/debugging-in-wordpress/' ) ),
1220                  __( 'Read about debugging in WordPress.' ),
1221                  /* translators: accessibility text */
1222                  __( '(opens in a new tab)' )
1223              ),
1224              'test'        => 'is_in_debug_mode',
1225          );
1226  
1227          if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
1228              if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
1229                  $result['label'] = __( 'Your site is set to log errors to a potentially public file.' );
1230  
1231                  $result['status'] = 'critical';
1232  
1233                  $result['description'] .= sprintf(
1234                      '<p>%s</p>',
1235                      sprintf(
1236                          /* translators: %s: WP_DEBUG_LOG */
1237                          __( 'The value, %s, has been added to this website&#8217;s configuration file. This means any errors on the site will be written to a file which is potentially available to normal users.' ),
1238                          '<code>WP_DEBUG_LOG</code>'
1239                      )
1240                  );
1241              }
1242  
1243              if ( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ) {
1244                  $result['label'] = __( 'Your site is set to display errors to site visitors' );
1245  
1246                  $result['status'] = 'critical';
1247  
1248                  $result['description'] .= sprintf(
1249                      '<p>%s</p>',
1250                      sprintf(
1251                          /* translators: 1: WP_DEBUG_DISPLAY, 2: WP_DEBUG */
1252                          __( 'The value, %1$s, has either been enabled by %2$s or added to your configuration file. This will make errors display on the front end of your site.' ),
1253                          '<code>WP_DEBUG_DISPLAY</code>',
1254                          '<code>WP_DEBUG</code>'
1255                      )
1256                  );
1257              }
1258          }
1259  
1260          return $result;
1261      }
1262  
1263      /**
1264       * Test if your site is serving content over HTTPS.
1265       *
1266       * Many sites have varying degrees of HTTPS support, the most common of which is sites that have it
1267       * enabled, but only if you visit the right site address.
1268       *
1269       * @since 5.2.0
1270       *
1271       * @return array The test results.
1272       */
1273  	public function get_test_https_status() {
1274          $result = array(
1275              'label'       => __( 'Your website is using an active HTTPS connection.' ),
1276              'status'      => 'good',
1277              'badge'       => array(
1278                  'label' => __( 'Security' ),
1279                  'color' => 'blue',
1280              ),
1281              'description' => sprintf(
1282                  '<p>%s</p>',
1283                  __( 'An HTTPS connection is needed for many features on the web today, it also gains the trust of your visitors by helping to protecting their online privacy.' )
1284              ),
1285              'actions'     => sprintf(
1286                  '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
1287                  /* translators: Documentation explaining HTTPS and why it should be used. */
1288                  esc_url( __( 'https://wordpress.org/support/article/why-should-i-use-https/' ) ),
1289                  __( 'Read more about why you should use HTTPS' ),
1290                  /* translators: accessibility text */
1291                  __( '(opens in a new tab)' )
1292              ),
1293              'test'        => 'https_status',
1294          );
1295  
1296          if ( is_ssl() ) {
1297              $wp_url   = get_bloginfo( 'wpurl' );
1298              $site_url = get_bloginfo( 'url' );
1299  
1300              if ( 'https' !== substr( $wp_url, 0, 5 ) || 'https' !== substr( $site_url, 0, 5 ) ) {
1301                  $result['status'] = 'recommended';
1302  
1303                  $result['label'] = __( 'Only parts of your site are using HTTPS' );
1304  
1305                  $result['description'] = sprintf(
1306                      '<p>%s</p>',
1307                      sprintf(
1308                          /* translators: %s: URL to Settings > General to change options. */
1309                          __( 'You are accessing this website using HTTPS, but your <a href="%s">WordPress Address</a> is not set up to use HTTPS by default.' ),
1310                          esc_url( admin_url( 'options-general.php' ) )
1311                      )
1312                  );
1313  
1314                  $result['actions'] .= sprintf(
1315                      '<p><a href="%s">%s</a></p>',
1316                      esc_url( admin_url( 'options-general.php' ) ),
1317                      __( 'Update your site addresses' )
1318                  );
1319              }
1320          } else {
1321              $result['status'] = 'recommended';
1322  
1323              $result['label'] = __( 'Your site does not use HTTPS' );
1324          }
1325  
1326          return $result;
1327      }
1328  
1329      /**
1330       * Check if the HTTP API can handle SSL/TLS requests.
1331       *
1332       * @since 5.2.0
1333       *
1334       * @return array The test results.
1335       */
1336  	public function get_test_ssl_support() {
1337          $result = array(
1338              'label'       => '',
1339              'status'      => '',
1340              'badge'       => array(
1341                  'label' => __( 'Security' ),
1342                  'color' => 'blue',
1343              ),
1344              'description' => sprintf(
1345                  '<p>%s</p>',
1346                  __( 'Securely communicating between servers are needed for transactions such as fetching files, conducting sales on store sites, and much more.' )
1347              ),
1348              'actions'     => '',
1349              'test'        => 'ssl_support',
1350          );
1351  
1352          $supports_https = wp_http_supports( array( 'ssl' ) );
1353  
1354          if ( $supports_https ) {
1355              $result['status'] = 'good';
1356  
1357              $result['label'] = __( 'Your site can communicate securely with other services' );
1358          } else {
1359              $result['status'] = 'critical';
1360  
1361              $result['label'] = __( 'Your site is unable to communicate securely with other services' );
1362  
1363              $result['description'] .= sprintf(
1364                  '<p>%s</p>',
1365                  __( 'Talk to your web host about OpenSSL support for PHP.' )
1366              );
1367          }
1368  
1369          return $result;
1370      }
1371  
1372      /**
1373       * Test if scheduled events run as intended.
1374       *
1375       * If scheduled events are not running, this may indicate something with WP_Cron is not working as intended,
1376       * or that there are orphaned events hanging around from older code.
1377       *
1378       * @since 5.2.0
1379       *
1380       * @return array The test results.
1381       */
1382  	public function get_test_scheduled_events() {
1383          $result = array(
1384              'label'       => __( 'Scheduled events are running' ),
1385              'status'      => 'good',
1386              'badge'       => array(
1387                  'label' => __( 'Performance' ),
1388                  'color' => 'blue',
1389              ),
1390              'description' => sprintf(
1391                  '<p>%s</p>',
1392                  __( 'Scheduled events are what periodically looks for updates to plugins, themes and WordPress itself. It is also what makes sure scheduled posts are published on time. It may also be used by various plugins to make sure that planned actions are executed.' )
1393              ),
1394              'actions'     => '',
1395              'test'        => 'scheduled_events',
1396          );
1397  
1398          $this->wp_schedule_test_init();
1399  
1400          if ( is_wp_error( $this->has_missed_cron() ) ) {
1401              $result['status'] = 'critical';
1402  
1403              $result['label'] = __( 'It was not possible to check your scheduled events' );
1404  
1405              $result['description'] = sprintf(
1406                  '<p>%s</p>',
1407                  sprintf(
1408                      /* translators: %s: The error message returned while from the cron scheduler. */
1409                      __( 'While trying to test your site&#8217;s scheduled events, the following error was returned: %s' ),
1410                      $this->has_missed_cron()->get_error_message()
1411                  )
1412              );
1413          } else {
1414              if ( $this->has_missed_cron() ) {
1415                  $result['status'] = 'recommended';
1416  
1417                  $result['label'] = __( 'A scheduled event has failed' );
1418  
1419                  $result['description'] = sprintf(
1420                      '<p>%s</p>',
1421                      sprintf(
1422                          /* translators: %s: The name of the failed cron event. */
1423                          __( 'The scheduled event, %s, failed to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ),
1424                          $this->last_missed_cron
1425                      )
1426                  );
1427              }
1428          }
1429  
1430          return $result;
1431      }
1432  
1433      /**
1434       * Test if WordPress can run automated background updates.
1435       *
1436       * Background updates in WordPress are primarily used for minor releases and security updates. It's important
1437       * to either have these working, or be aware that they are intentionally disabled for whatever reason.
1438       *
1439       * @since 5.2.0
1440       *
1441       * @return array The test results.
1442       */
1443  	public function get_test_background_updates() {
1444          $result = array(
1445              'label'       => __( 'Background updates are working' ),
1446              'status'      => 'good',
1447              'badge'       => array(
1448                  'label' => __( 'Security' ),
1449                  'color' => 'blue',
1450              ),
1451              'description' => sprintf(
1452                  '<p>%s</p>',
1453                  __( 'Background updates ensure that WordPress can auto-update if a security update is released for the version you are currently using.' )
1454              ),
1455              'actions'     => '',
1456              'test'        => 'background_updates',
1457          );
1458  
1459          if ( ! class_exists( 'WP_Site_Health_Auto_Updates' ) ) {
1460              require_once ( ABSPATH . 'wp-admin/includes/class-wp-site-health-auto-updates.php' );
1461          }
1462  
1463          // Run the auto-update tests in a separate class,
1464          // as there are many considerations to be made.
1465          $automatic_updates = new WP_Site_Health_Auto_Updates();
1466          $tests             = $automatic_updates->run_tests();
1467  
1468          $output = '<ul>';
1469  
1470          foreach ( $tests as $test ) {
1471              $severity_string = __( 'Passed' );
1472  
1473              if ( 'fail' === $test->severity ) {
1474                  $result['label'] = __( 'Background updates are not working as expected' );
1475  
1476                  $result['status'] = 'critical';
1477  
1478                  $severity_string = __( 'Error' );
1479              }
1480  
1481              if ( 'warning' === $test->severity && 'good' === $result['status'] ) {
1482                  $result['label'] = __( 'Background updates may not be working properly' );
1483  
1484                  $result['status'] = 'recommended';
1485  
1486                  $severity_string = __( 'Warning' );
1487              }
1488  
1489              $output .= sprintf(
1490                  '<li><span class="dashicons %s"><span class="screen-reader-text">%s</span></span> %s</li>',
1491                  esc_attr( $test->severity ),
1492                  $severity_string,
1493                  $test->description
1494              );
1495          }
1496  
1497          $output .= '</ul>';
1498  
1499          if ( 'good' !== $result['status'] ) {
1500              $result['description'] .= sprintf(
1501                  '<p>%s</p>',
1502                  $output
1503              );
1504          }
1505  
1506          return $result;
1507      }
1508  
1509      /**
1510       * Test if loopbacks work as expected.
1511       *
1512       * A loopback is when WordPress queries itself, for example to start a new WP_Cron instance, or when editing a
1513       * plugin or theme. This has shown itself to be a recurring issue as code can very easily break this interaction.
1514       *
1515       * @since 5.2.0
1516       *
1517       * @return array The test results.
1518       */
1519  	public function get_test_loopback_requests() {
1520          $result = array(
1521              'label'       => __( 'Your site can perform loopback requests' ),
1522              'status'      => 'good',
1523              'badge'       => array(
1524                  'label' => __( 'Performance' ),
1525                  'color' => 'blue',
1526              ),
1527              'description' => sprintf(
1528                  '<p>%s</p>',
1529                  __( 'Loopback requests are used to run scheduled events, and are also used by the built-in editors for themes and plugins to verify code stability.' )
1530              ),
1531              'actions'     => '',
1532              'test'        => 'loopback_requests',
1533          );
1534  
1535          $check_loopback = $this->can_perform_loopback();
1536  
1537          $result['status'] = $check_loopback->status;
1538  
1539          if ( 'good' !== $check_loopback->status ) {
1540              $result['label'] = __( 'Your site could not complete a loopback request' );
1541  
1542              $result['description'] .= sprintf(
1543                  '<p>%s</p>',
1544                  $check_loopback->message
1545              );
1546          }
1547  
1548          return $result;
1549      }
1550  
1551      /**
1552       * Test if HTTP requests are blocked.
1553       *
1554       * It's possible to block all outgoing communication (with the possibility of whitelisting hosts) via the
1555       * HTTP API. This may create problems for users as many features are running as services these days.
1556       *
1557       * @since 5.2.0
1558       *
1559       * @return array The test results.
1560       */
1561  	public function get_test_http_requests() {
1562          $result = array(
1563              'label'       => __( 'HTTP requests seem to be working as expected' ),
1564              'status'      => 'good',
1565              'badge'       => array(
1566                  'label' => __( 'Performance' ),
1567                  'color' => 'blue',
1568              ),
1569              'description' => sprintf(
1570                  '<p>%s</p>',
1571                  __( 'It is possible for site maintainers to block all, or some, communication to other sites and services. If set up incorrectly, this may prevent plugins and themes from working as intended.' )
1572              ),
1573              'actions'     => '',
1574              'test'        => 'http_requests',
1575          );
1576  
1577          $blocked = false;
1578          $hosts   = array();
1579  
1580          if ( defined( 'WP_HTTP_BLOCK_EXTERNAL' ) && WP_HTTP_BLOCK_EXTERNAL ) {
1581              $blocked = true;
1582          }
1583  
1584          if ( defined( 'WP_ACCESSIBLE_HOSTS' ) ) {
1585              $hosts = explode( ',', WP_ACCESSIBLE_HOSTS );
1586          }
1587  
1588          if ( $blocked && 0 === sizeof( $hosts ) ) {
1589              $result['status'] = 'critical';
1590  
1591              $result['label'] = __( 'HTTP requests are blocked' );
1592  
1593              $result['description'] .= sprintf(
1594                  '<p>%s</p>',
1595                  sprintf(
1596                      /* translators: %s: Name of the constant used. */
1597                      __( 'HTTP requests have been blocked by the %s constant, with no allowed hosts.' ),
1598                      '<code>WP_HTTP_BLOCK_EXTERNAL</code>'
1599                  )
1600              );
1601          }
1602  
1603          if ( $blocked && 0 < sizeof( $hosts ) ) {
1604              $result['status'] = 'recommended';
1605  
1606              $result['label'] = __( 'HTTP requests are partially blocked' );
1607  
1608              $result['description'] .= sprintf(
1609                  '<p>%s</p>',
1610                  sprintf(
1611                      /* translators: 1: Name of the constant used. 2: List of hostnames whitelisted. */
1612                      __( 'HTTP requests have been blocked by the %1$s constant, with some hosts whitelisted: %2$s.' ),
1613                      '<code>WP_HTTP_BLOCK_EXTERNAL</code>',
1614                      implode( ',', $hosts )
1615                  )
1616              );
1617          }
1618  
1619          return $result;
1620      }
1621  
1622      /**
1623       * Test if the REST API is accessible.
1624       *
1625       * Various security measures may block the REST API from working, or it may have been disabled in general.
1626       * This is required for the new block editor to work, so we explicitly test for this.
1627       *
1628       * @since 5.2.0
1629       *
1630       * @return array The test results.
1631       */
1632  	public function get_test_rest_availability() {
1633          $result = array(
1634              'label'       => __( 'The REST API is available' ),
1635              'status'      => 'good',
1636              'badge'       => array(
1637                  'label' => __( 'Performance' ),
1638                  'color' => 'blue',
1639              ),
1640              'description' => sprintf(
1641                  '<p>%s</p>',
1642                  __( 'The REST API is one way WordPress, and other applications, communicate with the server. One example is the block editor screen, which relies on this to display, and save, your posts and pages.' )
1643              ),
1644              'actions'     => '',
1645              'test'        => 'rest_availability',
1646          );
1647  
1648          $cookies = wp_unslash( $_COOKIE );
1649          $timeout = 10;
1650          $headers = array(
1651              'Cache-Control' => 'no-cache',
1652              'X-WP-Nonce'    => wp_create_nonce( 'wp_rest' ),
1653          );
1654  
1655          // Include Basic auth in loopback requests.
1656          if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
1657              $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
1658          }
1659  
1660          $url = rest_url( 'wp/v2/types/post' );
1661  
1662          // The context for this is editing with the new block editor.
1663          $url = add_query_arg(
1664              array(
1665                  'context' => 'edit',
1666              ),
1667              $url
1668          );
1669  
1670          $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout' ) );
1671  
1672          if ( is_wp_error( $r ) ) {
1673              $result['status'] = 'critical';
1674  
1675              $result['label'] = __( 'The REST API encountered an error' );
1676  
1677              $result['description'] .= sprintf(
1678                  '<p>%s</p>',
1679                  sprintf(
1680                      '%s<br>%s',
1681                      __( 'The REST API request failed due to an error.' ),
1682                      sprintf(
1683                          /* translators: 1: The HTTP response code. 2: The error message returned. */
1684                          __( 'Error: [%1$s] %2$s' ),
1685                          wp_remote_retrieve_response_code( $r ),
1686                          $r->get_error_message()
1687                      )
1688                  )
1689              );
1690          } elseif ( 200 !== wp_remote_retrieve_response_code( $r ) ) {
1691              $result['status'] = 'recommended';
1692  
1693              $result['label'] = __( 'The REST API encountered an unexpected result' );
1694  
1695              $result['description'] .= sprintf(
1696                  '<p>%s</p>',
1697                  sprintf(
1698                      /* translators: 1: The HTTP response code returned. 2: The error message returned. */
1699                      __( 'The REST API call gave the following unexpected result: (%1$d) %2$s.' ),
1700                      wp_remote_retrieve_response_code( $r ),
1701                      wp_remote_retrieve_body( $r )
1702                  )
1703              );
1704          } else {
1705              $json = json_decode( wp_remote_retrieve_body( $r ), true );
1706  
1707              if ( false !== $json && ! isset( $json['capabilities'] ) ) {
1708                  $result['status'] = 'recommended';
1709  
1710                  $result['label'] = __( 'The REST API did not behave correctly' );
1711  
1712                  $result['description'] .= sprintf(
1713                      '<p>%s</p>',
1714                      sprintf(
1715                          /* translators: %s: the name of the query parameter being tested. */
1716                          __( 'The REST API did not process the %s query parameter correctly.' ),
1717                          '<code>context</code>'
1718                      )
1719                  );
1720              }
1721          }
1722  
1723          return $result;
1724      }
1725  
1726      /**
1727       * Return a set of tests that belong to the site status page.
1728       *
1729       * Each site status test is defined here, they may be `direct` tests, that run on page load, or `async` tests
1730       * which will run later down the line via JavaScript calls to improve page performance and hopefully also user
1731       * experiences.
1732       *
1733       * @since 5.2.0
1734       *
1735       * @return array The list of tests to run.
1736       */
1737  	public static function get_tests() {
1738          $tests = array(
1739              'direct' => array(
1740                  'wordpress_version' => array(
1741                      'label' => __( 'WordPress Version' ),
1742                      'test'  => 'wordpress_version',
1743                  ),
1744                  'plugin_version'    => array(
1745                      'label' => __( 'Plugin Versions' ),
1746                      'test'  => 'plugin_version',
1747                  ),
1748                  'theme_version'     => array(
1749                      'label' => __( 'Theme Versions' ),
1750                      'test'  => 'theme_version',
1751                  ),
1752                  'php_version'       => array(
1753                      'label' => __( 'PHP Version' ),
1754                      'test'  => 'php_version',
1755                  ),
1756                  'sql_server'        => array(
1757                      'label' => __( 'Database Server version' ),
1758                      'test'  => 'sql_server',
1759                  ),
1760                  'php_extensions'    => array(
1761                      'label' => __( 'PHP Extensions' ),
1762                      'test'  => 'php_extensions',
1763                  ),
1764                  'utf8mb4_support'   => array(
1765                      'label' => __( 'MySQL utf8mb4 support' ),
1766                      'test'  => 'utf8mb4_support',
1767                  ),
1768                  'https_status'      => array(
1769                      'label' => __( 'HTTPS status' ),
1770                      'test'  => 'https_status',
1771                  ),
1772                  'ssl_support'       => array(
1773                      'label' => __( 'Secure communication' ),
1774                      'test'  => 'ssl_support',
1775                  ),
1776                  'scheduled_events'  => array(
1777                      'label' => __( 'Scheduled events' ),
1778                      'test'  => 'scheduled_events',
1779                  ),
1780                  'http_requests'     => array(
1781                      'label' => __( 'HTTP Requests' ),
1782                      'test'  => 'http_requests',
1783                  ),
1784                  'debug_enabled'     => array(
1785                      'label' => __( 'Debugging enabled' ),
1786                      'test'  => 'is_in_debug_mode',
1787                  ),
1788              ),
1789              'async'  => array(
1790                  'dotorg_communication' => array(
1791                      'label' => __( 'Communication with WordPress.org' ),
1792                      'test'  => 'dotorg_communication',
1793                  ),
1794                  'background_updates'   => array(
1795                      'label' => __( 'Background updates' ),
1796                      'test'  => 'background_updates',
1797                  ),
1798                  'loopback_requests'    => array(
1799                      'label' => __( 'Loopback request' ),
1800                      'test'  => 'loopback_requests',
1801                  ),
1802              ),
1803          );
1804  
1805          // Conditionally include REST rules if the function for it exists.
1806          if ( function_exists( 'rest_url' ) ) {
1807              $tests['direct']['rest_availability'] = array(
1808                  'label' => __( 'REST API availability' ),
1809                  'test'  => 'rest_availability',
1810              );
1811          }
1812  
1813          /**
1814           * Add or modify which site status tests are run on a site.
1815           *
1816           * The site health is determined by a set of tests based on best practices from
1817           * both the WordPress Hosting Team, but also web standards in general.
1818           *
1819           * Some sites may not have the same requirements, for example the automatic update
1820           * checks may be handled by a host, and are therefore disabled in core.
1821           * Or maybe you want to introduce a new test, is caching enabled/disabled/stale for example.
1822           *
1823           * Tests may be added either as direct, or asynchronous ones. Any test that may require some time
1824           * to complete should run asynchronously, to avoid extended loading periods within wp-admin.
1825           *
1826           * @since 5.2.0
1827           *
1828           * @param array $test_type {
1829           *     An associative array, where the `$test_type` is either `direct` or
1830           *     `async`, to declare if the test should run via AJAX calls after page load.
1831           *
1832           *     @type array $identifier {
1833           *         `$identifier` should be a unique identifier for the test that should run.
1834           *         Plugins and themes are encouraged to prefix test identifiers with their slug
1835           *         to avoid any collisions between tests.
1836           *
1837           *         @type string $label A friendly label for your test to identify it by.
1838           *         @type mixed  $test  A callable to perform a direct test, or a string AJAX action to be called
1839           *                             to perform an async test.
1840           *     }
1841           * }
1842           */
1843          $tests = apply_filters( 'site_status_tests', $tests );
1844  
1845          return $tests;
1846      }
1847  
1848      /**
1849       * Add a class to the body HTML tag.
1850       *
1851       * Filters the body class string for admin pages and adds our own class for easier styling.
1852       *
1853       * @since 5.2.0
1854       *
1855       * @param string $body_class The body class string.
1856       * @return string The modified body class string.
1857       */
1858  	public function admin_body_class( $body_class ) {
1859          $body_class .= ' site-health';
1860  
1861          return $body_class;
1862      }
1863  
1864      /**
1865       * Initiate the WP_Cron schedule test cases.
1866       *
1867       * @since 5.2.0
1868       */
1869  	private function wp_schedule_test_init() {
1870          $this->schedules = wp_get_schedules();
1871          $this->get_cron_tasks();
1872      }
1873  
1874      /**
1875       * Populate our list of cron events and store them to a class-wide variable.
1876       *
1877       * @since 5.2.0
1878       */
1879  	private function get_cron_tasks() {
1880          $cron_tasks = _get_cron_array();
1881  
1882          if ( empty( $cron_tasks ) ) {
1883              $this->crons = new WP_Error( 'no_tasks', __( 'No scheduled events exist on this site.' ) );
1884              return;
1885          }
1886  
1887          $this->crons = array();
1888  
1889          foreach ( $cron_tasks as $time => $cron ) {
1890              foreach ( $cron as $hook => $dings ) {
1891                  foreach ( $dings as $sig => $data ) {
1892  
1893                      $this->crons[ "$hook-$sig-$time" ] = (object) array(
1894                          'hook'     => $hook,
1895                          'time'     => $time,
1896                          'sig'      => $sig,
1897                          'args'     => $data['args'],
1898                          'schedule' => $data['schedule'],
1899                          'interval' => isset( $data['interval'] ) ? $data['interval'] : null,
1900                      );
1901  
1902                  }
1903              }
1904          }
1905      }
1906  
1907      /**
1908       * Check if any scheduled tasks have been missed.
1909       *
1910       * Returns a boolean value of `true` if a scheduled task has been missed and ends processing. If the list of
1911       * crons is an instance of WP_Error, return the instance instead of a boolean value.
1912       *
1913       * @since 5.2.0
1914       *
1915       * @return bool|WP_Error true if a cron was missed, false if it wasn't. WP_Error if the cron is set to that.
1916       */
1917  	public function has_missed_cron() {
1918          if ( is_wp_error( $this->crons ) ) {
1919              return $this->crons;
1920          }
1921  
1922          foreach ( $this->crons as $id => $cron ) {
1923              if ( ( $cron->time - time() ) < 0 ) {
1924                  $this->last_missed_cron = $cron->hook;
1925                  return true;
1926              }
1927          }
1928  
1929          return false;
1930      }
1931  
1932      /**
1933       * Run a loopback test on our site.
1934       *
1935       * Loopbacks are what WordPress uses to communicate with itself to start up WP_Cron, scheduled posts,
1936       * make sure plugin or theme edits don't cause site failures and similar.
1937       *
1938       * @since 5.2.0
1939       *
1940       * @return object The test results.
1941       */
1942  	function can_perform_loopback() {
1943          $cookies = wp_unslash( $_COOKIE );
1944          $timeout = 10;
1945          $headers = array(
1946              'Cache-Control' => 'no-cache',
1947          );
1948  
1949          // Include Basic auth in loopback requests.
1950          if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
1951              $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
1952          }
1953  
1954          $url = admin_url();
1955  
1956          $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout' ) );
1957  
1958          if ( is_wp_error( $r ) ) {
1959              return (object) array(
1960                  'status'  => 'critical',
1961                  'message' => sprintf(
1962                      '%s<br>%s',
1963                      __( 'The loopback request to your site failed, this means features relying on them are not currently working as expected.' ),
1964                      sprintf(
1965                          // translators: 1: The HTTP response code. 2: The error message returned.
1966                          __( 'Error: [%1$s] %2$s' ),
1967                          wp_remote_retrieve_response_code( $r ),
1968                          $r->get_error_message()
1969                      )
1970                  ),
1971              );
1972          }
1973  
1974          if ( 200 !== wp_remote_retrieve_response_code( $r ) ) {
1975              return (object) array(
1976                  'status'  => 'recommended',
1977                  'message' => sprintf(
1978                      // translators: %d: The HTTP response code returned.
1979                      __( 'The loopback request returned an unexpected http status code, %d, it was not possible to determine if this will prevent features from working as expected.' ),
1980                      wp_remote_retrieve_response_code( $r )
1981                  ),
1982              );
1983          }
1984  
1985          return (object) array(
1986              'status'  => 'good',
1987              'message' => __( 'The loopback request to your site completed successfully.' ),
1988          );
1989      }
1990  }


Generated: Mon Jun 17 08:20:02 2019 Cross-referenced by PHPXref 0.7