| [ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Class for looking up a site's health based on a user's WordPress environment. 4 * 5 * @package WordPress 6 * @subpackage Site_Health 7 * @since 5.2.0 8 */ 9 10 class WP_Site_Health { 11 private $mysql_min_version_check; 12 private $mysql_rec_version_check; 13 14 public $is_mariadb = false; 15 private $mysql_server_version = ''; 16 private $health_check_mysql_required_version = '5.5'; 17 private $health_check_mysql_rec_version = ''; 18 19 public $schedules; 20 public $crons; 21 public $last_missed_cron = null; 22 23 /** 24 * WP_Site_Health constructor. 25 * 26 * @since 5.2.0 27 */ 28 public function __construct() { 29 $this->prepare_sql_data(); 30 31 add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) ); 32 33 add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) ); 34 } 35 36 /** 37 * Enqueues the site health scripts. 38 * 39 * @since 5.2.0 40 */ 41 public function enqueue_scripts() { 42 $screen = get_current_screen(); 43 if ( 'site-health' !== $screen->id ) { 44 return; 45 } 46 47 $health_check_js_variables = array( 48 'screen' => $screen->id, 49 'nonce' => array( 50 'site_status' => wp_create_nonce( 'health-check-site-status' ), 51 'site_status_result' => wp_create_nonce( 'health-check-site-status-result' ), 52 ), 53 'site_status' => array( 54 'direct' => array(), 55 'async' => array(), 56 'issues' => array( 57 'good' => 0, 58 'recommended' => 0, 59 'critical' => 0, 60 ), 61 ), 62 ); 63 64 $issue_counts = get_transient( 'health-check-site-status-result' ); 65 66 if ( false !== $issue_counts ) { 67 $issue_counts = json_decode( $issue_counts ); 68 69 $health_check_js_variables['site_status']['issues'] = $issue_counts; 70 } 71 72 if ( 'site-health' === $screen->id && ! isset( $_GET['tab'] ) ) { 73 $tests = WP_Site_Health::get_tests(); 74 75 // Don't run https test on localhost 76 if ( 'localhost' === preg_replace( '|https?://|', '', get_site_url() ) ) { 77 unset( $tests['direct']['https_status'] ); 78 } 79 80 foreach ( $tests['direct'] as $test ) { 81 if ( is_string( $test['test'] ) ) { 82 $test_function = sprintf( 83 'get_test_%s', 84 $test['test'] 85 ); 86 87 if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) { 88 $health_check_js_variables['site_status']['direct'][] = call_user_func( array( $this, $test_function ) ); 89 continue; 90 } 91 } 92 93 if ( is_callable( $test['test'] ) ) { 94 $health_check_js_variables['site_status']['direct'][] = call_user_func( $test['test'] ); 95 } 96 } 97 98 foreach ( $tests['async'] as $test ) { 99 if ( is_string( $test['test'] ) ) { 100 $health_check_js_variables['site_status']['async'][] = array( 101 'test' => $test['test'], 102 'completed' => false, 103 ); 104 } 105 } 106 } 107 108 wp_localize_script( 'site-health', 'SiteHealth', $health_check_js_variables ); 109 } 110 111 /** 112 * Run the SQL version checks. 113 * 114 * These values are used in later tests, but the part of preparing them is more easily managed early 115 * in the class for ease of access and discovery. 116 * 117 * @since 5.2.0 118 * 119 * @global wpdb $wpdb WordPress database abstraction object. 120 */ 121 private function prepare_sql_data() { 122 global $wpdb; 123 124 if ( method_exists( $wpdb, 'db_version' ) ) { 125 if ( $wpdb->use_mysqli ) { 126 // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_server_info 127 $mysql_server_type = mysqli_get_server_info( $wpdb->dbh ); 128 } else { 129 // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_server_info 130 $mysql_server_type = mysql_get_server_info( $wpdb->dbh ); 131 } 132 133 $this->mysql_server_version = $wpdb->get_var( 'SELECT VERSION()' ); 134 } 135 136 $this->health_check_mysql_rec_version = '5.6'; 137 138 if ( stristr( $mysql_server_type, 'mariadb' ) ) { 139 $this->is_mariadb = true; 140 $this->health_check_mysql_rec_version = '10.0'; 141 } 142 143 $this->mysql_min_version_check = version_compare( '5.5', $this->mysql_server_version, '<=' ); 144 $this->mysql_rec_version_check = version_compare( $this->health_check_mysql_rec_version, $this->mysql_server_version, '<=' ); 145 } 146 147 /** 148 * Test if `wp_version_check` is blocked. 149 * 150 * It's possible to block updates with the `wp_version_check` filter, but this can't be checked during an 151 * AJAX call, as the filter is never introduced then. 152 * 153 * This filter overrides a normal page request if it's made by an admin through the AJAX call with the 154 * right query argument to check for this. 155 * 156 * @since 5.2.0 157 */ 158 public function check_wp_version_check_exists() { 159 if ( ! is_admin() || ! is_user_logged_in() || ! current_user_can( 'update_core' ) || ! isset( $_GET['health-check-test-wp_version_check'] ) ) { 160 return; 161 } 162 163 echo ( has_filter( 'wp_version_check', 'wp_version_check' ) ? 'yes' : 'no' ); 164 165 die(); 166 } 167 168 /** 169 * Tests for WordPress version and outputs it. 170 * 171 * Gives various results depending on what kind of updates are available, if any, to encourage the 172 * user to install security updates as a priority. 173 * 174 * @since 5.2.0 175 * 176 * @return array The test result. 177 */ 178 public function get_test_wordpress_version() { 179 $result = array( 180 'label' => '', 181 'status' => '', 182 'badge' => array( 183 'label' => __( 'Performance' ), 184 'color' => 'blue', 185 ), 186 'description' => '', 187 'actions' => '', 188 'test' => 'wordpress_version', 189 ); 190 191 $core_current_version = get_bloginfo( 'version' ); 192 $core_updates = get_core_updates(); 193 194 if ( ! is_array( $core_updates ) ) { 195 $result['status'] = 'recommended'; 196 197 $result['label'] = sprintf( 198 // translators: %s: Your current version of WordPress. 199 __( 'WordPress version %s' ), 200 $core_current_version 201 ); 202 203 $result['description'] = sprintf( 204 '<p>%s</p>', 205 __( 'We were unable to check if any new versions of WordPress are available.' ) 206 ); 207 208 $result['actions'] = sprintf( 209 '<a href="%s">%s</a>', 210 esc_url( admin_url( 'update-core.php?force-check=1' ) ), 211 __( 'Check for updates manually' ) 212 ); 213 } else { 214 foreach ( $core_updates as $core => $update ) { 215 if ( 'upgrade' === $update->response ) { 216 $current_version = explode( '.', $core_current_version ); 217 $new_version = explode( '.', $update->version ); 218 219 $current_major = $current_version[0] . '.' . $current_version[1]; 220 $new_major = $new_version[0] . '.' . $new_version[1]; 221 222 $result['label'] = sprintf( 223 // translators: %s: The latest version of WordPress available. 224 __( 'WordPress update available (%s)' ), 225 $update->version 226 ); 227 228 $result['actions'] = sprintf( 229 '<a href="%s">%s</a>', 230 esc_url( admin_url( 'update-core.php' ) ), 231 __( 'Install the latest version of WordPress' ) 232 ); 233 234 if ( $current_major !== $new_major ) { 235 // This is a major version mismatch. 236 $result['status'] = 'recommended'; 237 $result['description'] = sprintf( 238 '<p>%s</p>', 239 __( 'A new version of WordPress is available.' ) 240 ); 241 } else { 242 // This is a minor version, sometimes considered more critical. 243 $result['status'] = 'critical'; 244 $result['badge']['label'] = __( 'Security' ); 245 $result['description'] = sprintf( 246 '<p>%s</p>', 247 __( 'A new minor update is available for your site. Because minor updates often address security, it’s important to install them.' ) 248 ); 249 } 250 } else { 251 $result['status'] = 'good'; 252 $result['label'] = sprintf( 253 // translators: %s: The current version of WordPress installed on this site. 254 __( 'Your WordPress version is up to date (%s)' ), 255 $core_current_version 256 ); 257 258 $result['description'] = sprintf( 259 '<p>%s</p>', 260 __( 'You are currently running the latest version of WordPress available, keep it up!' ) 261 ); 262 } 263 } 264 } 265 266 return $result; 267 } 268 269 /** 270 * Test if plugins are outdated, or unnecessary. 271 * 272 * The tests checks if your plugins are up to date, and encourages you to remove any that are not in use. 273 * 274 * @since 5.2.0 275 * 276 * @return array The test result. 277 */ 278 public function get_test_plugin_version() { 279 $result = array( 280 'label' => __( 'Your plugins are up to date' ), 281 'status' => 'good', 282 'badge' => array( 283 'label' => __( 'Security' ), 284 'color' => 'blue', 285 ), 286 'description' => sprintf( 287 '<p>%s</p>', 288 __( 'Plugins extend your site’s functionality with things like contact forms, ecommerce and much more. That means they have deep access to your site, so it’s vital to keep them up to date.' ) 289 ), 290 'actions' => sprintf( 291 '<p><a href="%s">%s</a></p>', 292 esc_url( admin_url( 'plugins.php' ) ), 293 __( 'Manage your plugins' ) 294 ), 295 'test' => 'plugin_version', 296 ); 297 298 $plugins = get_plugins(); 299 $plugin_updates = get_plugin_updates(); 300 301 $plugins_have_updates = false; 302 $plugins_active = 0; 303 $plugins_total = 0; 304 $plugins_need_update = 0; 305 306 // Loop over the available plugins and check their versions and active state. 307 foreach ( $plugins as $plugin_path => $plugin ) { 308 $plugins_total++; 309 310 if ( is_plugin_active( $plugin_path ) ) { 311 $plugins_active++; 312 } 313 314 $plugin_version = $plugin['Version']; 315 316 if ( array_key_exists( $plugin_path, $plugin_updates ) ) { 317 $plugins_need_update++; 318 $plugins_have_updates = true; 319 } 320 } 321 322 // Add a notice if there are outdated plugins. 323 if ( $plugins_need_update > 0 ) { 324 $result['status'] = 'critical'; 325 326 $result['label'] = __( 'You have plugins waiting to be updated' ); 327 328 $result['description'] .= sprintf( 329 '<p>%s</p>', 330 sprintf( 331 /* translators: %d: The number of outdated plugins. */ 332 _n( 333 'Your site has %d plugin waiting to be updated.', 334 'Your site has %d plugins waiting to be updated.', 335 $plugins_need_update 336 ), 337 $plugins_need_update 338 ) 339 ); 340 341 $result['actions'] .= sprintf( 342 '<p><a href="%s">%s</a></p>', 343 esc_url( network_admin_url( 'plugins.php?plugin_status=upgrade' ) ), 344 __( 'Update your plugins' ) 345 ); 346 } else { 347 if ( 1 === $plugins_active ) { 348 $result['description'] .= sprintf( 349 '<p>%s</p>', 350 __( 'Your site has 1 active plugin, and it is up to date.' ) 351 ); 352 } else { 353 $result['description'] .= sprintf( 354 '<p>%s</p>', 355 sprintf( 356 /* translators: %d: The number of active plugins. */ 357 _n( 358 'Your site has %d active plugin, and it is up to date.', 359 'Your site has %d active plugins, and they are all up to date.', 360 $plugins_active 361 ), 362 $plugins_active 363 ) 364 ); 365 } 366 } 367 368 // Check if there are inactive plugins. 369 if ( $plugins_total > $plugins_active && ! is_multisite() ) { 370 $unused_plugins = $plugins_total - $plugins_active; 371 372 $result['status'] = 'recommended'; 373 374 $result['label'] = __( 'You should remove inactive plugins' ); 375 376 $result['description'] .= sprintf( 377 '<p>%s %s</p>', 378 sprintf( 379 /* translators: %d: The number of inactive plugins. */ 380 _n( 381 'Your site has %d inactive plugin.', 382 'Your site has %d inactive plugins.', 383 $unused_plugins 384 ), 385 $unused_plugins 386 ), 387 __( 'Inactive plugins are tempting targets for attackers. If you’re not going to use a plugin, we recommend you remove it.' ) 388 ); 389 390 $result['actions'] .= sprintf( 391 '<p><a href="%s">%s</a></p>', 392 esc_url( admin_url( 'plugins.php?plugin_status=inactive' ) ), 393 __( 'Manage inactive plugins' ) 394 ); 395 } 396 397 return $result; 398 } 399 400 /** 401 * Test if themes are outdated, or unnecessary. 402 * 403 * The tests checks if your site has a default theme (to fall back on if there is a need), if your themes 404 * are up to date and, finally, encourages you to remove any themes that are not needed. 405 * 406 * @since 5.2.0 407 * 408 * @return array The test results. 409 */ 410 public function get_test_theme_version() { 411 $result = array( 412 'label' => __( 'Your themes are up to date' ), 413 'status' => 'good', 414 'badge' => array( 415 'label' => __( 'Security' ), 416 'color' => 'blue', 417 ), 418 'description' => sprintf( 419 '<p>%s</p>', 420 __( 'Themes add your site’s look and feel. It’s important to keep them up to date, to stay consistent with your brand and keep your site secure.' ) 421 ), 422 'actions' => sprintf( 423 '<p><a href="%s">%s</a></p>', 424 esc_url( admin_url( 'themes.php' ) ), 425 __( 'Manage your themes' ) 426 ), 427 'test' => 'theme_version', 428 ); 429 430 $theme_updates = get_theme_updates(); 431 432 $themes_total = 0; 433 $themes_need_updates = 0; 434 $themes_inactive = 0; 435 436 // This value is changed during processing to determine how many themes are considered a reasonable amount. 437 $allowed_theme_count = 1; 438 439 $has_default_theme = false; 440 $has_unused_themes = false; 441 $show_unused_themes = true; 442 $using_default_theme = false; 443 444 // Populate a list of all themes available in the install. 445 $all_themes = wp_get_themes(); 446 $active_theme = wp_get_theme(); 447 448 foreach ( $all_themes as $theme_slug => $theme ) { 449 $themes_total++; 450 451 if ( WP_DEFAULT_THEME === $theme_slug ) { 452 $has_default_theme = true; 453 454 if ( get_stylesheet() === $theme_slug ) { 455 $using_default_theme = true; 456 } 457 } 458 459 if ( array_key_exists( $theme_slug, $theme_updates ) ) { 460 $themes_need_updates++; 461 } 462 } 463 464 // If this is a child theme, increase the allowed theme count by one, to account for the parent. 465 if ( $active_theme->parent() ) { 466 $allowed_theme_count++; 467 468 if ( $active_theme->get_template() === WP_DEFAULT_THEME ) { 469 $using_default_theme = true; 470 } 471 } 472 473 // If there's a default theme installed and not in use, we count that as allowed as well. 474 if ( $has_default_theme && ! $using_default_theme ) { 475 $allowed_theme_count++; 476 } 477 478 if ( $themes_total > $allowed_theme_count ) { 479 $has_unused_themes = true; 480 $themes_inactive = ( $themes_total - $allowed_theme_count ); 481 } 482 483 // Check if any themes need to be updated. 484 if ( $themes_need_updates > 0 ) { 485 $result['status'] = 'critical'; 486 487 $result['label'] = __( 'You have themes waiting to be updated' ); 488 489 $result['description'] .= sprintf( 490 '<p>%s</p>', 491 sprintf( 492 /* translators: %d: The number of outdated themes. */ 493 _n( 494 'Your site has %d theme waiting to be updated.', 495 'Your site has %d themes waiting to be updated.', 496 $themes_need_updates 497 ), 498 $themes_need_updates 499 ) 500 ); 501 } else { 502 // Give positive feedback about the site being good about keeping things up to date. 503 if ( 1 === $themes_total ) { 504 $result['description'] .= sprintf( 505 '<p>%s</p>', 506 __( 'Your site has 1 installed theme, and it is up to date.' ) 507 ); 508 } else { 509 $result['description'] .= sprintf( 510 '<p>%s</p>', 511 sprintf( 512 /* translators: %d: The number of themes. */ 513 _n( 514 'Your site has %d installed theme, and it is up to date.', 515 'Your site has %d installed themes, and they are all up to date.', 516 $themes_total 517 ), 518 $themes_total 519 ) 520 ); 521 } 522 } 523 524 if ( $has_unused_themes && $show_unused_themes && ! is_multisite() ) { 525 526 // This is a child theme, so we want to be a bit more explicit in our messages. 527 if ( $active_theme->parent() ) { 528 // Recommend removing inactive themes, except a default theme, your current one, and the parent theme. 529 $result['status'] = 'recommended'; 530 531 $result['label'] = __( 'You should remove inactive themes' ); 532 533 if ( $using_default_theme ) { 534 $result['description'] .= sprintf( 535 '<p>%s %s</p>', 536 sprintf( 537 /* translators: %d: The number of inactive themes. */ 538 _n( 539 'Your site has %d inactive theme.', 540 'Your site has %d inactive themes.', 541 $themes_inactive 542 ), 543 $themes_inactive 544 ), 545 sprintf( 546 /* translators: 1: The currently active theme. 2: The active theme's parent theme. */ 547 __( 'To enhance your site’s security, we recommend you remove any themes you’re not using. You should keep your current theme, %1$s, and %2$s, its parent theme.' ), 548 $active_theme->name, 549 $active_theme->parent()->name 550 ) 551 ); 552 } else { 553 $result['description'] .= sprintf( 554 '<p>%s %s</p>', 555 sprintf( 556 /* translators: %d: The number of inactive themes. */ 557 _n( 558 'Your site has %d inactive theme.', 559 'Your site has %d inactive themes.', 560 $themes_inactive 561 ), 562 $themes_inactive 563 ), 564 sprintf( 565 /* translators: 1: The default theme for WordPress. 2: The currently active theme. 3: The active theme's parent theme. */ 566 __( 'To enhance your site’s security, we recommend you remove any themes you’re not using. You should keep %1$s, the default WordPress theme, %2$s, your current theme, and %3$s, its parent theme.' ), 567 WP_DEFAULT_THEME, 568 $active_theme->name, 569 $active_theme->parent()->name 570 ) 571 ); 572 } 573 } else { 574 // Recommend removing all inactive themes. 575 $result['status'] = 'recommended'; 576 577 $result['label'] = __( 'You should remove inactive themes' ); 578 579 if ( $using_default_theme ) { 580 $result['description'] .= sprintf( 581 '<p>%s %s</p>', 582 sprintf( 583 /* translators: 1: The amount of inactive themes. 2: The currently active theme. */ 584 _n( 585 'Your site has %1$d inactive theme, other than %2$s, your active theme.', 586 'Your site has %1$d inactive themes, other than %2$s, your active theme.', 587 $themes_inactive 588 ), 589 $themes_inactive, 590 $active_theme->name 591 ), 592 __( 'We recommend removing any unused themes to enhance your site’s security.' ) 593 ); 594 } else { 595 $result['description'] .= sprintf( 596 '<p>%s %s</p>', 597 sprintf( 598 /* translators: 1: The amount of inactive themes. 2: The default theme for WordPress. 3: The currently active theme. */ 599 _n( 600 'Your site has %1$d inactive theme, other than %2$s, the default WordPress theme, and %3$s, your active theme.', 601 'Your site has %1$d inactive themes, other than %2$s, the default WordPress theme, and %3$s, your active theme.', 602 $themes_inactive 603 ), 604 $themes_inactive, 605 WP_DEFAULT_THEME, 606 $active_theme->name 607 ), 608 __( 'We recommend removing any unused themes to enhance your site’s security.' ) 609 ); 610 } 611 } 612 } 613 614 // If not default Twenty* theme exists. 615 if ( ! $has_default_theme ) { 616 $result['status'] = 'recommended'; 617 618 $result['label'] = __( 'Have a default theme available' ); 619 620 $result['description'] .= sprintf( 621 '<p>%s</p>', 622 __( 'Your site does not have any default theme. Default themes are used by WordPress automatically if anything is wrong with your normal theme.' ) 623 ); 624 } 625 626 return $result; 627 } 628 629 /** 630 * Test if the supplied PHP version is supported. 631 * 632 * @since 5.2.0 633 * 634 * @return array The test results. 635 */ 636 public function get_test_php_version() { 637 $response = wp_check_php_version(); 638 639 $result = array( 640 'label' => sprintf( 641 // translators: %s: The current PHP version. 642 __( 'PHP is up to date (%s)' ), 643 PHP_VERSION 644 ), 645 'status' => 'good', 646 'badge' => array( 647 'label' => __( 'Performance' ), 648 'color' => 'blue', 649 ), 650 'description' => sprintf( 651 '<p>%s</p>', 652 __( 'PHP is the programming language we use to build and maintain WordPress. Newer versions of PHP are both faster and more secure, so updating will have a positive effect on your site’s performance.' ) 653 ), 654 'actions' => sprintf( 655 '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 656 esc_url( wp_get_update_php_url() ), 657 __( 'Learn more about updating PHP' ), 658 /* translators: accessibility text */ 659 __( '(opens in a new tab)' ) 660 ), 661 'test' => 'php_version', 662 ); 663 664 // PHP is up to date. 665 if ( ! $response || version_compare( PHP_VERSION, $response['recommended_version'], '>=' ) ) { 666 return $result; 667 } 668 669 // The PHP version is older than the recommended version, but still acceptable. 670 if ( $response['is_supported'] ) { 671 $result['label'] = __( 'We recommend that you update PHP' ); 672 $result['status'] = 'recommended'; 673 674 return $result; 675 } 676 677 // The PHP version is only receiving security fixes. 678 if ( $response['is_secure'] ) { 679 $result['label'] = __( 'Your PHP version should be updated' ); 680 $result['status'] = 'recommended'; 681 682 return $result; 683 } 684 685 // Anything no longer secure must be updated. 686 $result['label'] = __( 'Your PHP version requires an update' ); 687 $result['status'] = 'critical'; 688 $result['badge']['label'] = __( 'Security' ); 689 690 return $result; 691 } 692 693 /** 694 * Check if the passed extension or function are available. 695 * 696 * Make the check for available PHP modules into a simple boolean operator for a cleaner test runner. 697 * 698 * @since 5.2.0 699 * 700 * @param string $extension Optional. The extension name to test. Default null. 701 * @param string $function Optional. The function name to test. Default null. 702 * 703 * @return bool Whether or not the extension and function are available. 704 */ 705 private function test_php_extension_availability( $extension = null, $function = null ) { 706 // If no extension or function is passed, claim to fail testing, as we have nothing to test against. 707 if ( ! $extension && ! $function ) { 708 return false; 709 } 710 711 if ( $extension && ! extension_loaded( $extension ) ) { 712 return false; 713 } 714 if ( $function && ! function_exists( $function ) ) { 715 return false; 716 } 717 718 return true; 719 } 720 721 /** 722 * Test if required PHP modules are installed on the host. 723 * 724 * This test builds on the recommendations made by the WordPress Hosting Team 725 * as seen at https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions 726 * 727 * @since 5.2.0 728 * 729 * @return array 730 */ 731 public function get_test_php_extensions() { 732 $result = array( 733 'label' => __( 'Required and recommended modules are installed' ), 734 'status' => 'good', 735 'badge' => array( 736 'label' => __( 'Performance' ), 737 'color' => 'blue', 738 ), 739 'description' => sprintf( 740 '<p>%s</p><p>%s</p>', 741 __( 'PHP modules perform most of the tasks on the server that make your site run. Any changes to these must be made by your server administrator.' ), 742 sprintf( 743 /* translators: 1: Link to the hosting group page about recommended PHP modules. 2: Additional link attributes. 3: Accessibility text. */ 744 __( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ), 745 /* translators: Localized team handbook, if one exists. */ 746 esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ), 747 'target="_blank" rel="noopener noreferrer"', 748 sprintf( 749 ' <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>', 750 /* translators: accessibility text */ 751 __( '(opens in a new tab)' ) 752 ) 753 ) 754 ), 755 'actions' => '', 756 'test' => 'php_extensions', 757 ); 758 759 $modules = array( 760 'bcmath' => array( 761 'function' => 'bcadd', 762 'required' => false, 763 ), 764 'curl' => array( 765 'function' => 'curl_version', 766 'required' => false, 767 ), 768 'exif' => array( 769 'function' => 'exif_read_data', 770 'required' => false, 771 ), 772 'filter' => array( 773 'function' => 'filter_list', 774 'required' => false, 775 ), 776 'fileinfo' => array( 777 'function' => 'finfo_file', 778 'required' => false, 779 ), 780 'mod_xml' => array( 781 'extension' => 'libxml', 782 'required' => false, 783 ), 784 'mysqli' => array( 785 'function' => 'mysqli_connect', 786 'required' => false, 787 ), 788 'libsodium' => array( 789 'function' => 'sodium_compare', 790 'required' => false, 791 'php_bundled_version' => '7.2.0', 792 ), 793 'openssl' => array( 794 'function' => 'openssl_encrypt', 795 'required' => false, 796 ), 797 'pcre' => array( 798 'function' => 'preg_match', 799 'required' => false, 800 ), 801 'imagick' => array( 802 'extension' => 'imagick', 803 'required' => false, 804 ), 805 'gd' => array( 806 'extension' => 'gd', 807 'required' => false, 808 'fallback_for' => 'imagick', 809 ), 810 'mcrypt' => array( 811 'extension' => 'mcrypt', 812 'required' => false, 813 'fallback_for' => 'libsodium', 814 ), 815 'xmlreader' => array( 816 'extension' => 'xmlreader', 817 'required' => false, 818 'fallback_for' => 'xml', 819 ), 820 'zlib' => array( 821 'extension' => 'zlib', 822 'required' => false, 823 'fallback_for' => 'zip', 824 ), 825 ); 826 827 /** 828 * An array representing all the modules we wish to test for. 829 * 830 * @since 5.2.0 831 * 832 * @param array $modules { 833 * An associated array of modules to test for. 834 * 835 * array $module { 836 * An associated array of module properties used during testing. 837 * One of either `$function` or `$extension` must be provided, or they will fail by default. 838 * 839 * string $function Optional. A function name to test for the existence of. 840 * string $extension Optional. An extension to check if is loaded in PHP. 841 * bool $required Is this a required feature or not. 842 * string $fallback_for Optional. The module this module replaces as a fallback. 843 * } 844 * } 845 */ 846 $modules = apply_filters( 'site_status_test_php_modules', $modules ); 847 848 $failures = array(); 849 850 foreach ( $modules as $library => $module ) { 851 $extension = ( isset( $module['extension'] ) ? $module['extension'] : null ); 852 $function = ( isset( $module['function'] ) ? $module['function'] : null ); 853 854 // If this module is a fallback for another function, check if that other function passed. 855 if ( isset( $module['fallback_for'] ) ) { 856 /* 857 * If that other function has a failure, mark this module as required for normal operations. 858 * If that other function hasn't failed, skip this test as it's only a fallback. 859 */ 860 if ( isset( $failures[ $module['fallback_for'] ] ) ) { 861 $module['required'] = true; 862 } else { 863 continue; 864 } 865 } 866 867 if ( ! $this->test_php_extension_availability( $extension, $function ) && ( ! isset( $module['php_bundled_version'] ) || version_compare( PHP_VERSION, $module['php_bundled_version'], '<' ) ) ) { 868 if ( $module['required'] ) { 869 $result['status'] = 'critical'; 870 871 $class = 'error'; 872 $screen_reader = __( 'Error' ); 873 $message = sprintf( 874 /* translators: %s: The module name. */ 875 __( 'The required module, %s, is not installed, or has been disabled.' ), 876 $library 877 ); 878 } else { 879 $class = 'warning'; 880 $screen_reader = __( 'Warning' ); 881 $message = sprintf( 882 /* translators: %s: The module name. */ 883 __( 'The optional module, %s, is not installed, or has been disabled.' ), 884 $library 885 ); 886 } 887 888 if ( ! $module['required'] && 'good' === $result['status'] ) { 889 $result['status'] = 'recommended'; 890 } 891 892 $failures[ $library ] = "<span class='dashicons $class'><span class='screen-reader-text'>$screen_reader</span></span> $message"; 893 } 894 } 895 896 if ( ! empty( $failures ) ) { 897 $output = '<ul>'; 898 899 foreach ( $failures as $failure ) { 900 $output .= sprintf( 901 '<li>%s</li>', 902 $failure 903 ); 904 } 905 906 $output .= '</ul>'; 907 } 908 909 if ( 'good' !== $result['status'] ) { 910 if ( 'recommended' === $result['status'] ) { 911 $result['label'] = __( 'One or more recommended modules are missing' ); 912 } 913 if ( 'critical' === $result['status'] ) { 914 $result['label'] = __( 'One or more required modules are missing' ); 915 } 916 917 $result['description'] .= sprintf( 918 '<p>%s</p>', 919 $output 920 ); 921 } 922 923 return $result; 924 } 925 926 /** 927 * Test if the SQL server is up to date. 928 * 929 * @since 5.2.0 930 * 931 * @return array The test results. 932 */ 933 public function get_test_sql_server() { 934 $result = array( 935 'label' => __( 'SQL server is up to date' ), 936 'status' => 'good', 937 'badge' => array( 938 'label' => __( 'Performance' ), 939 'color' => 'blue', 940 ), 941 'description' => sprintf( 942 '<p>%s</p>', 943 __( 'The SQL server is a required piece of software for the database WordPress uses to store all your site’s content and settings.' ) 944 ), 945 'actions' => sprintf( 946 '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 947 /* translators: Localized version of WordPress requirements if one exists. */ 948 esc_url( __( 'https://wordpress.org/about/requirements/' ) ), 949 __( 'Read more about what WordPress requires to run.' ), 950 /* translators: accessibility text */ 951 __( '(opens in a new tab)' ) 952 ), 953 'test' => 'sql_server', 954 ); 955 956 $db_dropin = file_exists( WP_CONTENT_DIR . '/db.php' ); 957 958 if ( ! $this->mysql_rec_version_check ) { 959 $result['status'] = 'recommended'; 960 961 $result['label'] = __( 'Outdated SQL server' ); 962 963 $result['description'] .= sprintf( 964 '<p>%s</p>', 965 sprintf( 966 /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server recommended version number. */ 967 __( 'For optimal performance and security reasons, we recommend running %1$s version %2$s or higher. Contact your web hosting company to correct this.' ), 968 ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ), 969 $this->health_check_mysql_rec_version 970 ) 971 ); 972 } 973 974 if ( ! $this->mysql_min_version_check ) { 975 $result['status'] = 'critical'; 976 977 $result['label'] = __( 'Severely outdated SQL server' ); 978 $result['badge']['label'] = __( 'Security' ); 979 980 $result['description'] .= sprintf( 981 '<p>%s</p>', 982 sprintf( 983 /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server minimum version number. */ 984 __( 'WordPress requires %1$s version %2$s or higher. Contact your web hosting company to correct this.' ), 985 ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ), 986 $this->health_check_mysql_required_version 987 ) 988 ); 989 } 990 991 if ( $db_dropin ) { 992 $result['description'] .= sprintf( 993 '<p>%s</p>', 994 wp_kses( 995 sprintf( 996 /* translators: 1: The name of the drop-in. 2: The name of the database engine. */ 997 __( 'You are using a %1$s drop-in which might mean that a %2$s database is not being used.' ), 998 '<code>wp-content/db.php</code>', 999 ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ) 1000 ), 1001 array( 1002 'code' => true, 1003 ) 1004 ) 1005 ); 1006 } 1007 1008 return $result; 1009 } 1010 1011 /** 1012 * Test if the database server is capable of using utf8mb4. 1013 * 1014 * @since 5.2.0 1015 * 1016 * @return array The test results. 1017 */ 1018 public function get_test_utf8mb4_support() { 1019 global $wpdb; 1020 1021 $result = array( 1022 'label' => __( 'UTF8MB4 is supported' ), 1023 'status' => 'good', 1024 'badge' => array( 1025 'label' => __( 'Performance' ), 1026 'color' => 'blue', 1027 ), 1028 'description' => sprintf( 1029 '<p>%s</p>', 1030 __( 'UTF8MB4 is a database storage attribute that makes sure your site can store non-English text and other strings (for instance emoticons) without unexpected problems.' ) 1031 ), 1032 'actions' => '', 1033 'test' => 'utf8mb4_support', 1034 ); 1035 1036 if ( ! $this->is_mariadb ) { 1037 if ( version_compare( $this->mysql_server_version, '5.5.3', '<' ) ) { 1038 $result['status'] = 'recommended'; 1039 1040 $result['label'] = __( 'utf8mb4 requires a MySQL update' ); 1041 1042 $result['description'] .= sprintf( 1043 '<p>%s</p>', 1044 sprintf( 1045 /* translators: %s: Version number. */ 1046 __( 'WordPress’ utf8mb4 support requires MySQL version %s or greater. Please contact your server administrator.' ), 1047 '5.5.3' 1048 ) 1049 ); 1050 } else { 1051 $result['description'] .= sprintf( 1052 '<p>%s</p>', 1053 __( 'Your MySQL version supports utf8mb4.' ) 1054 ); 1055 } 1056 } else { // MariaDB introduced utf8mb4 support in 5.5.0 1057 if ( version_compare( $this->mysql_server_version, '5.5.0', '<' ) ) { 1058 $result['status'] = 'recommended'; 1059 1060 $result['label'] = __( 'utf8mb4 requires a MariaDB update' ); 1061 1062 $result['description'] .= sprintf( 1063 '<p>%s</p>', 1064 sprintf( 1065 /* translators: %s: Version number. */ 1066 __( 'WordPress’ utf8mb4 support requires MariaDB version %s or greater. Please contact your server administrator.' ), 1067 '5.5.0' 1068 ) 1069 ); 1070 } else { 1071 $result['description'] .= sprintf( 1072 '<p>%s</p>', 1073 __( 'Your MariaDB version supports utf8mb4.' ) 1074 ); 1075 } 1076 } 1077 1078 if ( $wpdb->use_mysqli ) { 1079 // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_client_info 1080 $mysql_client_version = mysqli_get_client_info(); 1081 } else { 1082 // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_client_info 1083 $mysql_client_version = mysql_get_client_info(); 1084 } 1085 1086 /* 1087 * libmysql has supported utf8mb4 since 5.5.3, same as the MySQL server. 1088 * mysqlnd has supported utf8mb4 since 5.0.9. 1089 */ 1090 if ( false !== strpos( $mysql_client_version, 'mysqlnd' ) ) { 1091 $mysql_client_version = preg_replace( '/^\D+([\d.]+).*/', '$1', $mysql_client_version ); 1092 if ( version_compare( $mysql_client_version, '5.0.9', '<' ) ) { 1093 $result['status'] = 'recommended'; 1094 1095 $result['label'] = __( 'utf8mb4 requires a newer client library' ); 1096 1097 $result['description'] .= sprintf( 1098 '<p>%s</p>', 1099 sprintf( 1100 /* translators: 1: Name of the library, 2: Number of version. */ 1101 __( 'WordPress’ utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ), 1102 'mysqlnd', 1103 '5.0.9' 1104 ) 1105 ); 1106 } 1107 } else { 1108 if ( version_compare( $mysql_client_version, '5.5.3', '<' ) ) { 1109 $result['status'] = 'recommended'; 1110 1111 $result['label'] = __( 'utf8mb4 requires a newer client library' ); 1112 1113 $result['description'] .= sprintf( 1114 '<p>%s</p>', 1115 sprintf( 1116 /* translators: 1: Name of the library, 2: Number of version. */ 1117 __( 'WordPress’ utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ), 1118 'libmysql', 1119 '5.5.3' 1120 ) 1121 ); 1122 } 1123 } 1124 1125 return $result; 1126 } 1127 1128 /** 1129 * Test if the site can communicate with WordPress.org. 1130 * 1131 * @since 5.2.0 1132 * 1133 * @return array The test results. 1134 */ 1135 public function get_test_dotorg_communication() { 1136 $result = array( 1137 'label' => __( 'Can communicate with WordPress.org' ), 1138 'status' => '', 1139 'badge' => array( 1140 'label' => __( 'Security' ), 1141 'color' => 'blue', 1142 ), 1143 'description' => sprintf( 1144 '<p>%s</p>', 1145 __( 'Communicating with the WordPress servers is used to check for new versions, and to both install and update WordPress core, themes or plugins.' ) 1146 ), 1147 'actions' => '', 1148 'test' => 'dotorg_communication', 1149 ); 1150 1151 $wp_dotorg = wp_remote_get( 1152 'https://api.wordpress.org', 1153 array( 1154 'timeout' => 10, 1155 ) 1156 ); 1157 if ( ! is_wp_error( $wp_dotorg ) ) { 1158 $result['status'] = 'good'; 1159 } else { 1160 $result['status'] = 'critical'; 1161 1162 $result['label'] = __( 'Could not reach WordPress.org' ); 1163 1164 $result['description'] .= sprintf( 1165 '<p>%s</p>', 1166 sprintf( 1167 '<span class="error"><span class="screen-reader-text">%s</span></span> %s', 1168 __( 'Error' ), 1169 sprintf( 1170 /* translators: 1: The IP address WordPress.org resolves to. 2: The error returned by the lookup. */ 1171 __( 'Your site is unable to reach WordPress.org at %1$s, and returned the error: %2$s' ), 1172 gethostbyname( 'api.wordpress.org' ), 1173 $wp_dotorg->get_error_message() 1174 ) 1175 ) 1176 ); 1177 1178 $result['actions'] = sprintf( 1179 '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 1180 /* translators: Localized Support reference. */ 1181 esc_url( __( 'https://wordpress.org/support' ) ), 1182 __( 'Get help resolving this issue.' ), 1183 /* translators: accessibility text */ 1184 __( '(opens in a new tab)' ) 1185 ); 1186 } 1187 1188 return $result; 1189 } 1190 1191 /** 1192 * Test if debug information is enabled. 1193 * 1194 * When WP_DEBUG is enabled, errors and information may be disclosed to site visitors, or it may be 1195 * logged to a publicly accessible file. 1196 * 1197 * Debugging is also frequently left enabled after looking for errors on a site, as site owners do 1198 * not understand the implications of this. 1199 * 1200 * @since 5.2.0 1201 * 1202 * @return array The test results. 1203 */ 1204 public function get_test_is_in_debug_mode() { 1205 $result = array( 1206 'label' => __( 'Your site is not set to output debug information' ), 1207 'status' => 'good', 1208 'badge' => array( 1209 'label' => __( 'Security' ), 1210 'color' => 'blue', 1211 ), 1212 'description' => sprintf( 1213 '<p>%s</p>', 1214 __( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' ) 1215 ), 1216 'actions' => sprintf( 1217 '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 1218 /* translators: Documentation explaining debugging in WordPress. */ 1219 esc_url( __( 'https://wordpress.org/support/article/debugging-in-wordpress/' ) ), 1220 __( 'Read about debugging in WordPress.' ), 1221 /* translators: accessibility text */ 1222 __( '(opens in a new tab)' ) 1223 ), 1224 'test' => 'is_in_debug_mode', 1225 ); 1226 1227 if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { 1228 if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) { 1229 $result['label'] = __( 'Your site is set to log errors to a potentially public file.' ); 1230 1231 $result['status'] = 'critical'; 1232 1233 $result['description'] .= sprintf( 1234 '<p>%s</p>', 1235 sprintf( 1236 /* translators: %s: WP_DEBUG_LOG */ 1237 __( 'The value, %s, has been added to this website’s configuration file. This means any errors on the site will be written to a file which is potentially available to normal users.' ), 1238 '<code>WP_DEBUG_LOG</code>' 1239 ) 1240 ); 1241 } 1242 1243 if ( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ) { 1244 $result['label'] = __( 'Your site is set to display errors to site visitors' ); 1245 1246 $result['status'] = 'critical'; 1247 1248 $result['description'] .= sprintf( 1249 '<p>%s</p>', 1250 sprintf( 1251 /* translators: 1: WP_DEBUG_DISPLAY, 2: WP_DEBUG */ 1252 __( 'The value, %1$s, has either been enabled by %2$s or added to your configuration file. This will make errors display on the front end of your site.' ), 1253 '<code>WP_DEBUG_DISPLAY</code>', 1254 '<code>WP_DEBUG</code>' 1255 ) 1256 ); 1257 } 1258 } 1259 1260 return $result; 1261 } 1262 1263 /** 1264 * Test if your site is serving content over HTTPS. 1265 * 1266 * Many sites have varying degrees of HTTPS support, the most common of which is sites that have it 1267 * enabled, but only if you visit the right site address. 1268 * 1269 * @since 5.2.0 1270 * 1271 * @return array The test results. 1272 */ 1273 public function get_test_https_status() { 1274 $result = array( 1275 'label' => __( 'Your website is using an active HTTPS connection.' ), 1276 'status' => 'good', 1277 'badge' => array( 1278 'label' => __( 'Security' ), 1279 'color' => 'blue', 1280 ), 1281 'description' => sprintf( 1282 '<p>%s</p>', 1283 __( 'An HTTPS connection is needed for many features on the web today, it also gains the trust of your visitors by helping to protecting their online privacy.' ) 1284 ), 1285 'actions' => sprintf( 1286 '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 1287 /* translators: Documentation explaining HTTPS and why it should be used. */ 1288 esc_url( __( 'https://wordpress.org/support/article/why-should-i-use-https/' ) ), 1289 __( 'Read more about why you should use HTTPS' ), 1290 /* translators: accessibility text */ 1291 __( '(opens in a new tab)' ) 1292 ), 1293 'test' => 'https_status', 1294 ); 1295 1296 if ( is_ssl() ) { 1297 $wp_url = get_bloginfo( 'wpurl' ); 1298 $site_url = get_bloginfo( 'url' ); 1299 1300 if ( 'https' !== substr( $wp_url, 0, 5 ) || 'https' !== substr( $site_url, 0, 5 ) ) { 1301 $result['status'] = 'recommended'; 1302 1303 $result['label'] = __( 'Only parts of your site are using HTTPS' ); 1304 1305 $result['description'] = sprintf( 1306 '<p>%s</p>', 1307 sprintf( 1308 /* translators: %s: URL to Settings > General to change options. */ 1309 __( 'You are accessing this website using HTTPS, but your <a href="%s">WordPress Address</a> is not set up to use HTTPS by default.' ), 1310 esc_url( admin_url( 'options-general.php' ) ) 1311 ) 1312 ); 1313 1314 $result['actions'] .= sprintf( 1315 '<p><a href="%s">%s</a></p>', 1316 esc_url( admin_url( 'options-general.php' ) ), 1317 __( 'Update your site addresses' ) 1318 ); 1319 } 1320 } else { 1321 $result['status'] = 'recommended'; 1322 1323 $result['label'] = __( 'Your site does not use HTTPS' ); 1324 } 1325 1326 return $result; 1327 } 1328 1329 /** 1330 * Check if the HTTP API can handle SSL/TLS requests. 1331 * 1332 * @since 5.2.0 1333 * 1334 * @return array The test results. 1335 */ 1336 public function get_test_ssl_support() { 1337 $result = array( 1338 'label' => '', 1339 'status' => '', 1340 'badge' => array( 1341 'label' => __( 'Security' ), 1342 'color' => 'blue', 1343 ), 1344 'description' => sprintf( 1345 '<p>%s</p>', 1346 __( 'Securely communicating between servers are needed for transactions such as fetching files, conducting sales on store sites, and much more.' ) 1347 ), 1348 'actions' => '', 1349 'test' => 'ssl_support', 1350 ); 1351 1352 $supports_https = wp_http_supports( array( 'ssl' ) ); 1353 1354 if ( $supports_https ) { 1355 $result['status'] = 'good'; 1356 1357 $result['label'] = __( 'Your site can communicate securely with other services' ); 1358 } else { 1359 $result['status'] = 'critical'; 1360 1361 $result['label'] = __( 'Your site is unable to communicate securely with other services' ); 1362 1363 $result['description'] .= sprintf( 1364 '<p>%s</p>', 1365 __( 'Talk to your web host about OpenSSL support for PHP.' ) 1366 ); 1367 } 1368 1369 return $result; 1370 } 1371 1372 /** 1373 * Test if scheduled events run as intended. 1374 * 1375 * If scheduled events are not running, this may indicate something with WP_Cron is not working as intended, 1376 * or that there are orphaned events hanging around from older code. 1377 * 1378 * @since 5.2.0 1379 * 1380 * @return array The test results. 1381 */ 1382 public function get_test_scheduled_events() { 1383 $result = array( 1384 'label' => __( 'Scheduled events are running' ), 1385 'status' => 'good', 1386 'badge' => array( 1387 'label' => __( 'Performance' ), 1388 'color' => 'blue', 1389 ), 1390 'description' => sprintf( 1391 '<p>%s</p>', 1392 __( 'Scheduled events are what periodically looks for updates to plugins, themes and WordPress itself. It is also what makes sure scheduled posts are published on time. It may also be used by various plugins to make sure that planned actions are executed.' ) 1393 ), 1394 'actions' => '', 1395 'test' => 'scheduled_events', 1396 ); 1397 1398 $this->wp_schedule_test_init(); 1399 1400 if ( is_wp_error( $this->has_missed_cron() ) ) { 1401 $result['status'] = 'critical'; 1402 1403 $result['label'] = __( 'It was not possible to check your scheduled events' ); 1404 1405 $result['description'] = sprintf( 1406 '<p>%s</p>', 1407 sprintf( 1408 /* translators: %s: The error message returned while from the cron scheduler. */ 1409 __( 'While trying to test your site’s scheduled events, the following error was returned: %s' ), 1410 $this->has_missed_cron()->get_error_message() 1411 ) 1412 ); 1413 } else { 1414 if ( $this->has_missed_cron() ) { 1415 $result['status'] = 'recommended'; 1416 1417 $result['label'] = __( 'A scheduled event has failed' ); 1418 1419 $result['description'] = sprintf( 1420 '<p>%s</p>', 1421 sprintf( 1422 /* translators: %s: The name of the failed cron event. */ 1423 __( 'The scheduled event, %s, failed to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ), 1424 $this->last_missed_cron 1425 ) 1426 ); 1427 } 1428 } 1429 1430 return $result; 1431 } 1432 1433 /** 1434 * Test if WordPress can run automated background updates. 1435 * 1436 * Background updates in WordPress are primarily used for minor releases and security updates. It's important 1437 * to either have these working, or be aware that they are intentionally disabled for whatever reason. 1438 * 1439 * @since 5.2.0 1440 * 1441 * @return array The test results. 1442 */ 1443 public function get_test_background_updates() { 1444 $result = array( 1445 'label' => __( 'Background updates are working' ), 1446 'status' => 'good', 1447 'badge' => array( 1448 'label' => __( 'Security' ), 1449 'color' => 'blue', 1450 ), 1451 'description' => sprintf( 1452 '<p>%s</p>', 1453 __( 'Background updates ensure that WordPress can auto-update if a security update is released for the version you are currently using.' ) 1454 ), 1455 'actions' => '', 1456 'test' => 'background_updates', 1457 ); 1458 1459 if ( ! class_exists( 'WP_Site_Health_Auto_Updates' ) ) { 1460 require_once ( ABSPATH . 'wp-admin/includes/class-wp-site-health-auto-updates.php' ); 1461 } 1462 1463 // Run the auto-update tests in a separate class, 1464 // as there are many considerations to be made. 1465 $automatic_updates = new WP_Site_Health_Auto_Updates(); 1466 $tests = $automatic_updates->run_tests(); 1467 1468 $output = '<ul>'; 1469 1470 foreach ( $tests as $test ) { 1471 $severity_string = __( 'Passed' ); 1472 1473 if ( 'fail' === $test->severity ) { 1474 $result['label'] = __( 'Background updates are not working as expected' ); 1475 1476 $result['status'] = 'critical'; 1477 1478 $severity_string = __( 'Error' ); 1479 } 1480 1481 if ( 'warning' === $test->severity && 'good' === $result['status'] ) { 1482 $result['label'] = __( 'Background updates may not be working properly' ); 1483 1484 $result['status'] = 'recommended'; 1485 1486 $severity_string = __( 'Warning' ); 1487 } 1488 1489 $output .= sprintf( 1490 '<li><span class="dashicons %s"><span class="screen-reader-text">%s</span></span> %s</li>', 1491 esc_attr( $test->severity ), 1492 $severity_string, 1493 $test->description 1494 ); 1495 } 1496 1497 $output .= '</ul>'; 1498 1499 if ( 'good' !== $result['status'] ) { 1500 $result['description'] .= sprintf( 1501 '<p>%s</p>', 1502 $output 1503 ); 1504 } 1505 1506 return $result; 1507 } 1508 1509 /** 1510 * Test if loopbacks work as expected. 1511 * 1512 * A loopback is when WordPress queries itself, for example to start a new WP_Cron instance, or when editing a 1513 * plugin or theme. This has shown itself to be a recurring issue as code can very easily break this interaction. 1514 * 1515 * @since 5.2.0 1516 * 1517 * @return array The test results. 1518 */ 1519 public function get_test_loopback_requests() { 1520 $result = array( 1521 'label' => __( 'Your site can perform loopback requests' ), 1522 'status' => 'good', 1523 'badge' => array( 1524 'label' => __( 'Performance' ), 1525 'color' => 'blue', 1526 ), 1527 'description' => sprintf( 1528 '<p>%s</p>', 1529 __( 'Loopback requests are used to run scheduled events, and are also used by the built-in editors for themes and plugins to verify code stability.' ) 1530 ), 1531 'actions' => '', 1532 'test' => 'loopback_requests', 1533 ); 1534 1535 $check_loopback = $this->can_perform_loopback(); 1536 1537 $result['status'] = $check_loopback->status; 1538 1539 if ( 'good' !== $check_loopback->status ) { 1540 $result['label'] = __( 'Your site could not complete a loopback request' ); 1541 1542 $result['description'] .= sprintf( 1543 '<p>%s</p>', 1544 $check_loopback->message 1545 ); 1546 } 1547 1548 return $result; 1549 } 1550 1551 /** 1552 * Test if HTTP requests are blocked. 1553 * 1554 * It's possible to block all outgoing communication (with the possibility of whitelisting hosts) via the 1555 * HTTP API. This may create problems for users as many features are running as services these days. 1556 * 1557 * @since 5.2.0 1558 * 1559 * @return array The test results. 1560 */ 1561 public function get_test_http_requests() { 1562 $result = array( 1563 'label' => __( 'HTTP requests seem to be working as expected' ), 1564 'status' => 'good', 1565 'badge' => array( 1566 'label' => __( 'Performance' ), 1567 'color' => 'blue', 1568 ), 1569 'description' => sprintf( 1570 '<p>%s</p>', 1571 __( 'It is possible for site maintainers to block all, or some, communication to other sites and services. If set up incorrectly, this may prevent plugins and themes from working as intended.' ) 1572 ), 1573 'actions' => '', 1574 'test' => 'http_requests', 1575 ); 1576 1577 $blocked = false; 1578 $hosts = array(); 1579 1580 if ( defined( 'WP_HTTP_BLOCK_EXTERNAL' ) && WP_HTTP_BLOCK_EXTERNAL ) { 1581 $blocked = true; 1582 } 1583 1584 if ( defined( 'WP_ACCESSIBLE_HOSTS' ) ) { 1585 $hosts = explode( ',', WP_ACCESSIBLE_HOSTS ); 1586 } 1587 1588 if ( $blocked && 0 === sizeof( $hosts ) ) { 1589 $result['status'] = 'critical'; 1590 1591 $result['label'] = __( 'HTTP requests are blocked' ); 1592 1593 $result['description'] .= sprintf( 1594 '<p>%s</p>', 1595 sprintf( 1596 /* translators: %s: Name of the constant used. */ 1597 __( 'HTTP requests have been blocked by the %s constant, with no allowed hosts.' ), 1598 '<code>WP_HTTP_BLOCK_EXTERNAL</code>' 1599 ) 1600 ); 1601 } 1602 1603 if ( $blocked && 0 < sizeof( $hosts ) ) { 1604 $result['status'] = 'recommended'; 1605 1606 $result['label'] = __( 'HTTP requests are partially blocked' ); 1607 1608 $result['description'] .= sprintf( 1609 '<p>%s</p>', 1610 sprintf( 1611 /* translators: 1: Name of the constant used. 2: List of hostnames whitelisted. */ 1612 __( 'HTTP requests have been blocked by the %1$s constant, with some hosts whitelisted: %2$s.' ), 1613 '<code>WP_HTTP_BLOCK_EXTERNAL</code>', 1614 implode( ',', $hosts ) 1615 ) 1616 ); 1617 } 1618 1619 return $result; 1620 } 1621 1622 /** 1623 * Test if the REST API is accessible. 1624 * 1625 * Various security measures may block the REST API from working, or it may have been disabled in general. 1626 * This is required for the new block editor to work, so we explicitly test for this. 1627 * 1628 * @since 5.2.0 1629 * 1630 * @return array The test results. 1631 */ 1632 public function get_test_rest_availability() { 1633 $result = array( 1634 'label' => __( 'The REST API is available' ), 1635 'status' => 'good', 1636 'badge' => array( 1637 'label' => __( 'Performance' ), 1638 'color' => 'blue', 1639 ), 1640 'description' => sprintf( 1641 '<p>%s</p>', 1642 __( 'The REST API is one way WordPress, and other applications, communicate with the server. One example is the block editor screen, which relies on this to display, and save, your posts and pages.' ) 1643 ), 1644 'actions' => '', 1645 'test' => 'rest_availability', 1646 ); 1647 1648 $cookies = wp_unslash( $_COOKIE ); 1649 $timeout = 10; 1650 $headers = array( 1651 'Cache-Control' => 'no-cache', 1652 'X-WP-Nonce' => wp_create_nonce( 'wp_rest' ), 1653 ); 1654 1655 // Include Basic auth in loopback requests. 1656 if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { 1657 $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); 1658 } 1659 1660 $url = rest_url( 'wp/v2/types/post' ); 1661 1662 // The context for this is editing with the new block editor. 1663 $url = add_query_arg( 1664 array( 1665 'context' => 'edit', 1666 ), 1667 $url 1668 ); 1669 1670 $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout' ) ); 1671 1672 if ( is_wp_error( $r ) ) { 1673 $result['status'] = 'critical'; 1674 1675 $result['label'] = __( 'The REST API encountered an error' ); 1676 1677 $result['description'] .= sprintf( 1678 '<p>%s</p>', 1679 sprintf( 1680 '%s<br>%s', 1681 __( 'The REST API request failed due to an error.' ), 1682 sprintf( 1683 /* translators: 1: The HTTP response code. 2: The error message returned. */ 1684 __( 'Error: [%1$s] %2$s' ), 1685 wp_remote_retrieve_response_code( $r ), 1686 $r->get_error_message() 1687 ) 1688 ) 1689 ); 1690 } elseif ( 200 !== wp_remote_retrieve_response_code( $r ) ) { 1691 $result['status'] = 'recommended'; 1692 1693 $result['label'] = __( 'The REST API encountered an unexpected result' ); 1694 1695 $result['description'] .= sprintf( 1696 '<p>%s</p>', 1697 sprintf( 1698 /* translators: 1: The HTTP response code returned. 2: The error message returned. */ 1699 __( 'The REST API call gave the following unexpected result: (%1$d) %2$s.' ), 1700 wp_remote_retrieve_response_code( $r ), 1701 wp_remote_retrieve_body( $r ) 1702 ) 1703 ); 1704 } else { 1705 $json = json_decode( wp_remote_retrieve_body( $r ), true ); 1706 1707 if ( false !== $json && ! isset( $json['capabilities'] ) ) { 1708 $result['status'] = 'recommended'; 1709 1710 $result['label'] = __( 'The REST API did not behave correctly' ); 1711 1712 $result['description'] .= sprintf( 1713 '<p>%s</p>', 1714 sprintf( 1715 /* translators: %s: the name of the query parameter being tested. */ 1716 __( 'The REST API did not process the %s query parameter correctly.' ), 1717 '<code>context</code>' 1718 ) 1719 ); 1720 } 1721 } 1722 1723 return $result; 1724 } 1725 1726 /** 1727 * Return a set of tests that belong to the site status page. 1728 * 1729 * Each site status test is defined here, they may be `direct` tests, that run on page load, or `async` tests 1730 * which will run later down the line via JavaScript calls to improve page performance and hopefully also user 1731 * experiences. 1732 * 1733 * @since 5.2.0 1734 * 1735 * @return array The list of tests to run. 1736 */ 1737 public static function get_tests() { 1738 $tests = array( 1739 'direct' => array( 1740 'wordpress_version' => array( 1741 'label' => __( 'WordPress Version' ), 1742 'test' => 'wordpress_version', 1743 ), 1744 'plugin_version' => array( 1745 'label' => __( 'Plugin Versions' ), 1746 'test' => 'plugin_version', 1747 ), 1748 'theme_version' => array( 1749 'label' => __( 'Theme Versions' ), 1750 'test' => 'theme_version', 1751 ), 1752 'php_version' => array( 1753 'label' => __( 'PHP Version' ), 1754 'test' => 'php_version', 1755 ), 1756 'sql_server' => array( 1757 'label' => __( 'Database Server version' ), 1758 'test' => 'sql_server', 1759 ), 1760 'php_extensions' => array( 1761 'label' => __( 'PHP Extensions' ), 1762 'test' => 'php_extensions', 1763 ), 1764 'utf8mb4_support' => array( 1765 'label' => __( 'MySQL utf8mb4 support' ), 1766 'test' => 'utf8mb4_support', 1767 ), 1768 'https_status' => array( 1769 'label' => __( 'HTTPS status' ), 1770 'test' => 'https_status', 1771 ), 1772 'ssl_support' => array( 1773 'label' => __( 'Secure communication' ), 1774 'test' => 'ssl_support', 1775 ), 1776 'scheduled_events' => array( 1777 'label' => __( 'Scheduled events' ), 1778 'test' => 'scheduled_events', 1779 ), 1780 'http_requests' => array( 1781 'label' => __( 'HTTP Requests' ), 1782 'test' => 'http_requests', 1783 ), 1784 'debug_enabled' => array( 1785 'label' => __( 'Debugging enabled' ), 1786 'test' => 'is_in_debug_mode', 1787 ), 1788 ), 1789 'async' => array( 1790 'dotorg_communication' => array( 1791 'label' => __( 'Communication with WordPress.org' ), 1792 'test' => 'dotorg_communication', 1793 ), 1794 'background_updates' => array( 1795 'label' => __( 'Background updates' ), 1796 'test' => 'background_updates', 1797 ), 1798 'loopback_requests' => array( 1799 'label' => __( 'Loopback request' ), 1800 'test' => 'loopback_requests', 1801 ), 1802 ), 1803 ); 1804 1805 // Conditionally include REST rules if the function for it exists. 1806 if ( function_exists( 'rest_url' ) ) { 1807 $tests['direct']['rest_availability'] = array( 1808 'label' => __( 'REST API availability' ), 1809 'test' => 'rest_availability', 1810 ); 1811 } 1812 1813 /** 1814 * Add or modify which site status tests are run on a site. 1815 * 1816 * The site health is determined by a set of tests based on best practices from 1817 * both the WordPress Hosting Team, but also web standards in general. 1818 * 1819 * Some sites may not have the same requirements, for example the automatic update 1820 * checks may be handled by a host, and are therefore disabled in core. 1821 * Or maybe you want to introduce a new test, is caching enabled/disabled/stale for example. 1822 * 1823 * Tests may be added either as direct, or asynchronous ones. Any test that may require some time 1824 * to complete should run asynchronously, to avoid extended loading periods within wp-admin. 1825 * 1826 * @since 5.2.0 1827 * 1828 * @param array $test_type { 1829 * An associative array, where the `$test_type` is either `direct` or 1830 * `async`, to declare if the test should run via AJAX calls after page load. 1831 * 1832 * @type array $identifier { 1833 * `$identifier` should be a unique identifier for the test that should run. 1834 * Plugins and themes are encouraged to prefix test identifiers with their slug 1835 * to avoid any collisions between tests. 1836 * 1837 * @type string $label A friendly label for your test to identify it by. 1838 * @type mixed $test A callable to perform a direct test, or a string AJAX action to be called 1839 * to perform an async test. 1840 * } 1841 * } 1842 */ 1843 $tests = apply_filters( 'site_status_tests', $tests ); 1844 1845 return $tests; 1846 } 1847 1848 /** 1849 * Add a class to the body HTML tag. 1850 * 1851 * Filters the body class string for admin pages and adds our own class for easier styling. 1852 * 1853 * @since 5.2.0 1854 * 1855 * @param string $body_class The body class string. 1856 * @return string The modified body class string. 1857 */ 1858 public function admin_body_class( $body_class ) { 1859 $body_class .= ' site-health'; 1860 1861 return $body_class; 1862 } 1863 1864 /** 1865 * Initiate the WP_Cron schedule test cases. 1866 * 1867 * @since 5.2.0 1868 */ 1869 private function wp_schedule_test_init() { 1870 $this->schedules = wp_get_schedules(); 1871 $this->get_cron_tasks(); 1872 } 1873 1874 /** 1875 * Populate our list of cron events and store them to a class-wide variable. 1876 * 1877 * @since 5.2.0 1878 */ 1879 private function get_cron_tasks() { 1880 $cron_tasks = _get_cron_array(); 1881 1882 if ( empty( $cron_tasks ) ) { 1883 $this->crons = new WP_Error( 'no_tasks', __( 'No scheduled events exist on this site.' ) ); 1884 return; 1885 } 1886 1887 $this->crons = array(); 1888 1889 foreach ( $cron_tasks as $time => $cron ) { 1890 foreach ( $cron as $hook => $dings ) { 1891 foreach ( $dings as $sig => $data ) { 1892 1893 $this->crons[ "$hook-$sig-$time" ] = (object) array( 1894 'hook' => $hook, 1895 'time' => $time, 1896 'sig' => $sig, 1897 'args' => $data['args'], 1898 'schedule' => $data['schedule'], 1899 'interval' => isset( $data['interval'] ) ? $data['interval'] : null, 1900 ); 1901 1902 } 1903 } 1904 } 1905 } 1906 1907 /** 1908 * Check if any scheduled tasks have been missed. 1909 * 1910 * Returns a boolean value of `true` if a scheduled task has been missed and ends processing. If the list of 1911 * crons is an instance of WP_Error, return the instance instead of a boolean value. 1912 * 1913 * @since 5.2.0 1914 * 1915 * @return bool|WP_Error true if a cron was missed, false if it wasn't. WP_Error if the cron is set to that. 1916 */ 1917 public function has_missed_cron() { 1918 if ( is_wp_error( $this->crons ) ) { 1919 return $this->crons; 1920 } 1921 1922 foreach ( $this->crons as $id => $cron ) { 1923 if ( ( $cron->time - time() ) < 0 ) { 1924 $this->last_missed_cron = $cron->hook; 1925 return true; 1926 } 1927 } 1928 1929 return false; 1930 } 1931 1932 /** 1933 * Run a loopback test on our site. 1934 * 1935 * Loopbacks are what WordPress uses to communicate with itself to start up WP_Cron, scheduled posts, 1936 * make sure plugin or theme edits don't cause site failures and similar. 1937 * 1938 * @since 5.2.0 1939 * 1940 * @return object The test results. 1941 */ 1942 function can_perform_loopback() { 1943 $cookies = wp_unslash( $_COOKIE ); 1944 $timeout = 10; 1945 $headers = array( 1946 'Cache-Control' => 'no-cache', 1947 ); 1948 1949 // Include Basic auth in loopback requests. 1950 if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { 1951 $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); 1952 } 1953 1954 $url = admin_url(); 1955 1956 $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout' ) ); 1957 1958 if ( is_wp_error( $r ) ) { 1959 return (object) array( 1960 'status' => 'critical', 1961 'message' => sprintf( 1962 '%s<br>%s', 1963 __( 'The loopback request to your site failed, this means features relying on them are not currently working as expected.' ), 1964 sprintf( 1965 // translators: 1: The HTTP response code. 2: The error message returned. 1966 __( 'Error: [%1$s] %2$s' ), 1967 wp_remote_retrieve_response_code( $r ), 1968 $r->get_error_message() 1969 ) 1970 ), 1971 ); 1972 } 1973 1974 if ( 200 !== wp_remote_retrieve_response_code( $r ) ) { 1975 return (object) array( 1976 'status' => 'recommended', 1977 'message' => sprintf( 1978 // translators: %d: The HTTP response code returned. 1979 __( 'The loopback request returned an unexpected http status code, %d, it was not possible to determine if this will prevent features from working as expected.' ), 1980 wp_remote_retrieve_response_code( $r ) 1981 ), 1982 ); 1983 } 1984 1985 return (object) array( 1986 'status' => 'good', 1987 'message' => __( 'The loopback request to your site completed successfully.' ), 1988 ); 1989 } 1990 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Jun 17 08:20:02 2019 | Cross-referenced by PHPXref 0.7 |