| [ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Class for looking up a site's health based on a user's WordPress environment. 4 * 5 * @package WordPress 6 * @subpackage Site_Health 7 * @since 5.2.0 8 */ 9 10 class WP_Site_Health { 11 private static $instance = null; 12 13 private $mysql_min_version_check; 14 private $mysql_rec_version_check; 15 16 public $is_mariadb = false; 17 private $mysql_server_version = ''; 18 private $health_check_mysql_required_version = '5.5'; 19 private $health_check_mysql_rec_version = ''; 20 21 public $php_memory_limit; 22 23 public $schedules; 24 public $crons; 25 public $last_missed_cron = null; 26 public $last_late_cron = null; 27 private $timeout_missed_cron = null; 28 private $timeout_late_cron = null; 29 30 /** 31 * WP_Site_Health constructor. 32 * 33 * @since 5.2.0 34 */ 35 public function __construct() { 36 $this->maybe_create_scheduled_event(); 37 38 // Save memory limit before it's affected by wp_raise_memory_limit( 'admin' ). 39 $this->php_memory_limit = ini_get( 'memory_limit' ); 40 41 $this->timeout_late_cron = 0; 42 $this->timeout_missed_cron = - 5 * MINUTE_IN_SECONDS; 43 44 if ( defined( 'DISABLE_WP_CRON' ) && DISABLE_WP_CRON ) { 45 $this->timeout_late_cron = - 15 * MINUTE_IN_SECONDS; 46 $this->timeout_missed_cron = - 1 * HOUR_IN_SECONDS; 47 } 48 49 add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) ); 50 51 add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) ); 52 add_action( 'wp_site_health_scheduled_check', array( $this, 'wp_cron_scheduled_check' ) ); 53 } 54 55 /** 56 * Return an instance of the WP_Site_Health class, or create one if none exist yet. 57 * 58 * @since 5.4.0 59 * 60 * @return WP_Site_Health|null 61 */ 62 public static function get_instance() { 63 if ( null === self::$instance ) { 64 self::$instance = new WP_Site_Health(); 65 } 66 67 return self::$instance; 68 } 69 70 /** 71 * Enqueues the site health scripts. 72 * 73 * @since 5.2.0 74 */ 75 public function enqueue_scripts() { 76 $screen = get_current_screen(); 77 if ( 'site-health' !== $screen->id && 'dashboard' !== $screen->id ) { 78 return; 79 } 80 81 $health_check_js_variables = array( 82 'screen' => $screen->id, 83 'nonce' => array( 84 'site_status' => wp_create_nonce( 'health-check-site-status' ), 85 'site_status_result' => wp_create_nonce( 'health-check-site-status-result' ), 86 ), 87 'site_status' => array( 88 'direct' => array(), 89 'async' => array(), 90 'issues' => array( 91 'good' => 0, 92 'recommended' => 0, 93 'critical' => 0, 94 ), 95 ), 96 ); 97 98 $issue_counts = get_transient( 'health-check-site-status-result' ); 99 100 if ( false !== $issue_counts ) { 101 $issue_counts = json_decode( $issue_counts ); 102 103 $health_check_js_variables['site_status']['issues'] = $issue_counts; 104 } 105 106 if ( 'site-health' === $screen->id && ! isset( $_GET['tab'] ) ) { 107 $tests = WP_Site_Health::get_tests(); 108 109 // Don't run https test on development environments. 110 if ( $this->is_development_environment() ) { 111 unset( $tests['direct']['https_status'] ); 112 } 113 114 foreach ( $tests['direct'] as $test ) { 115 if ( is_string( $test['test'] ) ) { 116 $test_function = sprintf( 117 'get_test_%s', 118 $test['test'] 119 ); 120 121 if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) { 122 $health_check_js_variables['site_status']['direct'][] = $this->perform_test( array( $this, $test_function ) ); 123 continue; 124 } 125 } 126 127 if ( is_callable( $test['test'] ) ) { 128 $health_check_js_variables['site_status']['direct'][] = $this->perform_test( $test['test'] ); 129 } 130 } 131 132 foreach ( $tests['async'] as $test ) { 133 if ( is_string( $test['test'] ) ) { 134 $health_check_js_variables['site_status']['async'][] = array( 135 'test' => $test['test'], 136 'has_rest' => ( isset( $test['has_rest'] ) ? $test['has_rest'] : false ), 137 'completed' => false, 138 ); 139 } 140 } 141 } 142 143 wp_localize_script( 'site-health', 'SiteHealth', $health_check_js_variables ); 144 } 145 146 /** 147 * Run a Site Health test directly. 148 * 149 * @since 5.4.0 150 * 151 * @param callable $callback 152 * @return mixed|void 153 */ 154 private function perform_test( $callback ) { 155 /** 156 * Filters the output of a finished Site Health test. 157 * 158 * @since 5.3.0 159 * 160 * @param array $test_result { 161 * An associative array of test result data. 162 * 163 * @type string $label A label describing the test, and is used as a header in the output. 164 * @type string $status The status of the test, which can be a value of `good`, `recommended` or `critical`. 165 * @type array $badge { 166 * Tests are put into categories which have an associated badge shown, these can be modified and assigned here. 167 * 168 * @type string $label The test label, for example `Performance`. 169 * @type string $color Default `blue`. A string representing a color to use for the label. 170 * } 171 * @type string $description A more descriptive explanation of what the test looks for, and why it is important for the end user. 172 * @type string $actions An action to direct the user to where they can resolve the issue, if one exists. 173 * @type string $test The name of the test being ran, used as a reference point. 174 * } 175 */ 176 return apply_filters( 'site_status_test_result', call_user_func( $callback ) ); 177 } 178 179 /** 180 * Run the SQL version checks. 181 * 182 * These values are used in later tests, but the part of preparing them is more easily managed 183 * early in the class for ease of access and discovery. 184 * 185 * @since 5.2.0 186 * 187 * @global wpdb $wpdb WordPress database abstraction object. 188 */ 189 private function prepare_sql_data() { 190 global $wpdb; 191 192 if ( $wpdb->use_mysqli ) { 193 // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_server_info 194 $mysql_server_type = mysqli_get_server_info( $wpdb->dbh ); 195 } else { 196 // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_server_info,PHPCompatibility.Extensions.RemovedExtensions.mysql_DeprecatedRemoved 197 $mysql_server_type = mysql_get_server_info( $wpdb->dbh ); 198 } 199 200 $this->mysql_server_version = $wpdb->get_var( 'SELECT VERSION()' ); 201 202 $this->health_check_mysql_rec_version = '5.6'; 203 204 if ( stristr( $mysql_server_type, 'mariadb' ) ) { 205 $this->is_mariadb = true; 206 $this->health_check_mysql_rec_version = '10.0'; 207 } 208 209 $this->mysql_min_version_check = version_compare( '5.5', $this->mysql_server_version, '<=' ); 210 $this->mysql_rec_version_check = version_compare( $this->health_check_mysql_rec_version, $this->mysql_server_version, '<=' ); 211 } 212 213 /** 214 * Test if `wp_version_check` is blocked. 215 * 216 * It's possible to block updates with the `wp_version_check` filter, but this can't be checked 217 * during an Ajax call, as the filter is never introduced then. 218 * 219 * This filter overrides a standard page request if it's made by an admin through the Ajax call 220 * with the right query argument to check for this. 221 * 222 * @since 5.2.0 223 */ 224 public function check_wp_version_check_exists() { 225 if ( ! is_admin() || ! is_user_logged_in() || ! current_user_can( 'update_core' ) || ! isset( $_GET['health-check-test-wp_version_check'] ) ) { 226 return; 227 } 228 229 echo ( has_filter( 'wp_version_check', 'wp_version_check' ) ? 'yes' : 'no' ); 230 231 die(); 232 } 233 234 /** 235 * Tests for WordPress version and outputs it. 236 * 237 * Gives various results depending on what kind of updates are available, if any, to encourage 238 * the user to install security updates as a priority. 239 * 240 * @since 5.2.0 241 * 242 * @return array The test result. 243 */ 244 public function get_test_wordpress_version() { 245 $result = array( 246 'label' => '', 247 'status' => '', 248 'badge' => array( 249 'label' => __( 'Performance' ), 250 'color' => 'blue', 251 ), 252 'description' => '', 253 'actions' => '', 254 'test' => 'wordpress_version', 255 ); 256 257 $core_current_version = get_bloginfo( 'version' ); 258 $core_updates = get_core_updates(); 259 260 if ( ! is_array( $core_updates ) ) { 261 $result['status'] = 'recommended'; 262 263 $result['label'] = sprintf( 264 /* translators: %s: Your current version of WordPress. */ 265 __( 'WordPress version %s' ), 266 $core_current_version 267 ); 268 269 $result['description'] = sprintf( 270 '<p>%s</p>', 271 __( 'We were unable to check if any new versions of WordPress are available.' ) 272 ); 273 274 $result['actions'] = sprintf( 275 '<a href="%s">%s</a>', 276 esc_url( admin_url( 'update-core.php?force-check=1' ) ), 277 __( 'Check for updates manually' ) 278 ); 279 } else { 280 foreach ( $core_updates as $core => $update ) { 281 if ( 'upgrade' === $update->response ) { 282 $current_version = explode( '.', $core_current_version ); 283 $new_version = explode( '.', $update->version ); 284 285 $current_major = $current_version[0] . '.' . $current_version[1]; 286 $new_major = $new_version[0] . '.' . $new_version[1]; 287 288 $result['label'] = sprintf( 289 /* translators: %s: The latest version of WordPress available. */ 290 __( 'WordPress update available (%s)' ), 291 $update->version 292 ); 293 294 $result['actions'] = sprintf( 295 '<a href="%s">%s</a>', 296 esc_url( admin_url( 'update-core.php' ) ), 297 __( 'Install the latest version of WordPress' ) 298 ); 299 300 if ( $current_major !== $new_major ) { 301 // This is a major version mismatch. 302 $result['status'] = 'recommended'; 303 $result['description'] = sprintf( 304 '<p>%s</p>', 305 __( 'A new version of WordPress is available.' ) 306 ); 307 } else { 308 // This is a minor version, sometimes considered more critical. 309 $result['status'] = 'critical'; 310 $result['badge']['label'] = __( 'Security' ); 311 $result['description'] = sprintf( 312 '<p>%s</p>', 313 __( 'A new minor update is available for your site. Because minor updates often address security, it’s important to install them.' ) 314 ); 315 } 316 } else { 317 $result['status'] = 'good'; 318 $result['label'] = sprintf( 319 /* translators: %s: The current version of WordPress installed on this site. */ 320 __( 'Your version of WordPress (%s) is up to date' ), 321 $core_current_version 322 ); 323 324 $result['description'] = sprintf( 325 '<p>%s</p>', 326 __( 'You are currently running the latest version of WordPress available, keep it up!' ) 327 ); 328 } 329 } 330 } 331 332 return $result; 333 } 334 335 /** 336 * Test if plugins are outdated, or unnecessary. 337 * 338 * The tests checks if your plugins are up to date, and encourages you to remove any 339 * that are not in use. 340 * 341 * @since 5.2.0 342 * 343 * @return array The test result. 344 */ 345 public function get_test_plugin_version() { 346 $result = array( 347 'label' => __( 'Your plugins are all up to date' ), 348 'status' => 'good', 349 'badge' => array( 350 'label' => __( 'Security' ), 351 'color' => 'blue', 352 ), 353 'description' => sprintf( 354 '<p>%s</p>', 355 __( 'Plugins extend your site’s functionality with things like contact forms, ecommerce and much more. That means they have deep access to your site, so it’s vital to keep them up to date.' ) 356 ), 357 'actions' => sprintf( 358 '<p><a href="%s">%s</a></p>', 359 esc_url( admin_url( 'plugins.php' ) ), 360 __( 'Manage your plugins' ) 361 ), 362 'test' => 'plugin_version', 363 ); 364 365 $plugins = get_plugins(); 366 $plugin_updates = get_plugin_updates(); 367 368 $plugins_have_updates = false; 369 $plugins_active = 0; 370 $plugins_total = 0; 371 $plugins_need_update = 0; 372 373 // Loop over the available plugins and check their versions and active state. 374 foreach ( $plugins as $plugin_path => $plugin ) { 375 $plugins_total++; 376 377 if ( is_plugin_active( $plugin_path ) ) { 378 $plugins_active++; 379 } 380 381 $plugin_version = $plugin['Version']; 382 383 if ( array_key_exists( $plugin_path, $plugin_updates ) ) { 384 $plugins_need_update++; 385 $plugins_have_updates = true; 386 } 387 } 388 389 // Add a notice if there are outdated plugins. 390 if ( $plugins_need_update > 0 ) { 391 $result['status'] = 'critical'; 392 393 $result['label'] = __( 'You have plugins waiting to be updated' ); 394 395 $result['description'] .= sprintf( 396 '<p>%s</p>', 397 sprintf( 398 /* translators: %d: The number of outdated plugins. */ 399 _n( 400 'Your site has %d plugin waiting to be updated.', 401 'Your site has %d plugins waiting to be updated.', 402 $plugins_need_update 403 ), 404 $plugins_need_update 405 ) 406 ); 407 408 $result['actions'] .= sprintf( 409 '<p><a href="%s">%s</a></p>', 410 esc_url( network_admin_url( 'plugins.php?plugin_status=upgrade' ) ), 411 __( 'Update your plugins' ) 412 ); 413 } else { 414 if ( 1 === $plugins_active ) { 415 $result['description'] .= sprintf( 416 '<p>%s</p>', 417 __( 'Your site has 1 active plugin, and it is up to date.' ) 418 ); 419 } else { 420 $result['description'] .= sprintf( 421 '<p>%s</p>', 422 sprintf( 423 /* translators: %d: The number of active plugins. */ 424 _n( 425 'Your site has %d active plugin, and it is up to date.', 426 'Your site has %d active plugins, and they are all up to date.', 427 $plugins_active 428 ), 429 $plugins_active 430 ) 431 ); 432 } 433 } 434 435 // Check if there are inactive plugins. 436 if ( $plugins_total > $plugins_active && ! is_multisite() ) { 437 $unused_plugins = $plugins_total - $plugins_active; 438 439 $result['status'] = 'recommended'; 440 441 $result['label'] = __( 'You should remove inactive plugins' ); 442 443 $result['description'] .= sprintf( 444 '<p>%s %s</p>', 445 sprintf( 446 /* translators: %d: The number of inactive plugins. */ 447 _n( 448 'Your site has %d inactive plugin.', 449 'Your site has %d inactive plugins.', 450 $unused_plugins 451 ), 452 $unused_plugins 453 ), 454 __( 'Inactive plugins are tempting targets for attackers. If you’re not going to use a plugin, we recommend you remove it.' ) 455 ); 456 457 $result['actions'] .= sprintf( 458 '<p><a href="%s">%s</a></p>', 459 esc_url( admin_url( 'plugins.php?plugin_status=inactive' ) ), 460 __( 'Manage inactive plugins' ) 461 ); 462 } 463 464 return $result; 465 } 466 467 /** 468 * Test if themes are outdated, or unnecessary. 469 * 470 * Сhecks if your site has a default theme (to fall back on if there is a need), 471 * if your themes are up to date and, finally, encourages you to remove any themes 472 * that are not needed. 473 * 474 * @since 5.2.0 475 * 476 * @return array The test results. 477 */ 478 public function get_test_theme_version() { 479 $result = array( 480 'label' => __( 'Your themes are all up to date' ), 481 'status' => 'good', 482 'badge' => array( 483 'label' => __( 'Security' ), 484 'color' => 'blue', 485 ), 486 'description' => sprintf( 487 '<p>%s</p>', 488 __( 'Themes add your site’s look and feel. It’s important to keep them up to date, to stay consistent with your brand and keep your site secure.' ) 489 ), 490 'actions' => sprintf( 491 '<p><a href="%s">%s</a></p>', 492 esc_url( admin_url( 'themes.php' ) ), 493 __( 'Manage your themes' ) 494 ), 495 'test' => 'theme_version', 496 ); 497 498 $theme_updates = get_theme_updates(); 499 500 $themes_total = 0; 501 $themes_need_updates = 0; 502 $themes_inactive = 0; 503 504 // This value is changed during processing to determine how many themes are considered a reasonable amount. 505 $allowed_theme_count = 1; 506 507 $has_default_theme = false; 508 $has_unused_themes = false; 509 $show_unused_themes = true; 510 $using_default_theme = false; 511 512 // Populate a list of all themes available in the install. 513 $all_themes = wp_get_themes(); 514 $active_theme = wp_get_theme(); 515 516 // If WP_DEFAULT_THEME doesn't exist, fall back to the latest core default theme. 517 $default_theme = wp_get_theme( WP_DEFAULT_THEME ); 518 if ( ! $default_theme->exists() ) { 519 $default_theme = WP_Theme::get_core_default_theme(); 520 } 521 522 if ( $default_theme ) { 523 $has_default_theme = true; 524 525 if ( 526 $active_theme->get_stylesheet() === $default_theme->get_stylesheet() 527 || 528 is_child_theme() && $active_theme->get_template() === $default_theme->get_template() 529 ) { 530 $using_default_theme = true; 531 } 532 } 533 534 foreach ( $all_themes as $theme_slug => $theme ) { 535 $themes_total++; 536 537 if ( array_key_exists( $theme_slug, $theme_updates ) ) { 538 $themes_need_updates++; 539 } 540 } 541 542 // If this is a child theme, increase the allowed theme count by one, to account for the parent. 543 if ( is_child_theme() ) { 544 $allowed_theme_count++; 545 } 546 547 // If there's a default theme installed and not in use, we count that as allowed as well. 548 if ( $has_default_theme && ! $using_default_theme ) { 549 $allowed_theme_count++; 550 } 551 552 if ( $themes_total > $allowed_theme_count ) { 553 $has_unused_themes = true; 554 $themes_inactive = ( $themes_total - $allowed_theme_count ); 555 } 556 557 // Check if any themes need to be updated. 558 if ( $themes_need_updates > 0 ) { 559 $result['status'] = 'critical'; 560 561 $result['label'] = __( 'You have themes waiting to be updated' ); 562 563 $result['description'] .= sprintf( 564 '<p>%s</p>', 565 sprintf( 566 /* translators: %d: The number of outdated themes. */ 567 _n( 568 'Your site has %d theme waiting to be updated.', 569 'Your site has %d themes waiting to be updated.', 570 $themes_need_updates 571 ), 572 $themes_need_updates 573 ) 574 ); 575 } else { 576 // Give positive feedback about the site being good about keeping things up to date. 577 if ( 1 === $themes_total ) { 578 $result['description'] .= sprintf( 579 '<p>%s</p>', 580 __( 'Your site has 1 installed theme, and it is up to date.' ) 581 ); 582 } else { 583 $result['description'] .= sprintf( 584 '<p>%s</p>', 585 sprintf( 586 /* translators: %d: The number of themes. */ 587 _n( 588 'Your site has %d installed theme, and it is up to date.', 589 'Your site has %d installed themes, and they are all up to date.', 590 $themes_total 591 ), 592 $themes_total 593 ) 594 ); 595 } 596 } 597 598 if ( $has_unused_themes && $show_unused_themes && ! is_multisite() ) { 599 600 // This is a child theme, so we want to be a bit more explicit in our messages. 601 if ( $active_theme->parent() ) { 602 // Recommend removing inactive themes, except a default theme, your current one, and the parent theme. 603 $result['status'] = 'recommended'; 604 605 $result['label'] = __( 'You should remove inactive themes' ); 606 607 if ( $using_default_theme ) { 608 $result['description'] .= sprintf( 609 '<p>%s %s</p>', 610 sprintf( 611 /* translators: %d: The number of inactive themes. */ 612 _n( 613 'Your site has %d inactive theme.', 614 'Your site has %d inactive themes.', 615 $themes_inactive 616 ), 617 $themes_inactive 618 ), 619 sprintf( 620 /* translators: 1: The currently active theme. 2: The active theme's parent theme. */ 621 __( 'To enhance your site’s security, we recommend you remove any themes you’re not using. You should keep your current theme, %1$s, and %2$s, its parent theme.' ), 622 $active_theme->name, 623 $active_theme->parent()->name 624 ) 625 ); 626 } else { 627 $result['description'] .= sprintf( 628 '<p>%s %s</p>', 629 sprintf( 630 /* translators: %d: The number of inactive themes. */ 631 _n( 632 'Your site has %d inactive theme.', 633 'Your site has %d inactive themes.', 634 $themes_inactive 635 ), 636 $themes_inactive 637 ), 638 sprintf( 639 /* translators: 1: The default theme for WordPress. 2: The currently active theme. 3: The active theme's parent theme. */ 640 __( 'To enhance your site’s security, we recommend you remove any themes you’re not using. You should keep %1$s, the default WordPress theme, %2$s, your current theme, and %3$s, its parent theme.' ), 641 $default_theme ? $default_theme->name : WP_DEFAULT_THEME, 642 $active_theme->name, 643 $active_theme->parent()->name 644 ) 645 ); 646 } 647 } else { 648 // Recommend removing all inactive themes. 649 $result['status'] = 'recommended'; 650 651 $result['label'] = __( 'You should remove inactive themes' ); 652 653 if ( $using_default_theme ) { 654 $result['description'] .= sprintf( 655 '<p>%s %s</p>', 656 sprintf( 657 /* translators: 1: The amount of inactive themes. 2: The currently active theme. */ 658 _n( 659 'Your site has %1$d inactive theme, other than %2$s, your active theme.', 660 'Your site has %1$d inactive themes, other than %2$s, your active theme.', 661 $themes_inactive 662 ), 663 $themes_inactive, 664 $active_theme->name 665 ), 666 __( 'We recommend removing any unused themes to enhance your site’s security.' ) 667 ); 668 } else { 669 $result['description'] .= sprintf( 670 '<p>%s %s</p>', 671 sprintf( 672 /* translators: 1: The amount of inactive themes. 2: The default theme for WordPress. 3: The currently active theme. */ 673 _n( 674 'Your site has %1$d inactive theme, other than %2$s, the default WordPress theme, and %3$s, your active theme.', 675 'Your site has %1$d inactive themes, other than %2$s, the default WordPress theme, and %3$s, your active theme.', 676 $themes_inactive 677 ), 678 $themes_inactive, 679 $default_theme ? $default_theme->name : WP_DEFAULT_THEME, 680 $active_theme->name 681 ), 682 __( 'We recommend removing any unused themes to enhance your site’s security.' ) 683 ); 684 } 685 } 686 } 687 688 // If no default Twenty* theme exists. 689 if ( ! $has_default_theme ) { 690 $result['status'] = 'recommended'; 691 692 $result['label'] = __( 'Have a default theme available' ); 693 694 $result['description'] .= sprintf( 695 '<p>%s</p>', 696 __( 'Your site does not have any default theme. Default themes are used by WordPress automatically if anything is wrong with your chosen theme.' ) 697 ); 698 } 699 700 return $result; 701 } 702 703 /** 704 * Test if the supplied PHP version is supported. 705 * 706 * @since 5.2.0 707 * 708 * @return array The test results. 709 */ 710 public function get_test_php_version() { 711 $response = wp_check_php_version(); 712 713 $result = array( 714 'label' => sprintf( 715 /* translators: %s: The current PHP version. */ 716 __( 'Your site is running the current version of PHP (%s)' ), 717 PHP_VERSION 718 ), 719 'status' => 'good', 720 'badge' => array( 721 'label' => __( 'Performance' ), 722 'color' => 'blue', 723 ), 724 'description' => sprintf( 725 '<p>%s</p>', 726 sprintf( 727 /* translators: %s: The minimum recommended PHP version. */ 728 __( 'PHP is the programming language used to build and maintain WordPress. Newer versions of PHP are faster and more secure, so staying up to date will help your site’s overall performance and security. The minimum recommended version of PHP is %s.' ), 729 $response ? $response['recommended_version'] : '' 730 ) 731 ), 732 'actions' => sprintf( 733 '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 734 esc_url( wp_get_update_php_url() ), 735 __( 'Learn more about updating PHP' ), 736 /* translators: Accessibility text. */ 737 __( '(opens in a new tab)' ) 738 ), 739 'test' => 'php_version', 740 ); 741 742 // PHP is up to date. 743 if ( ! $response || version_compare( PHP_VERSION, $response['recommended_version'], '>=' ) ) { 744 return $result; 745 } 746 747 // The PHP version is older than the recommended version, but still receiving active support. 748 if ( $response['is_supported'] ) { 749 $result['label'] = sprintf( 750 /* translators: %s: The server PHP version. */ 751 __( 'Your site is running an older version of PHP (%s)' ), 752 PHP_VERSION 753 ); 754 $result['status'] = 'recommended'; 755 756 return $result; 757 } 758 759 // The PHP version is only receiving security fixes. 760 if ( $response['is_secure'] ) { 761 $result['label'] = sprintf( 762 /* translators: %s: The server PHP version. */ 763 __( 'Your site is running an older version of PHP (%s), which should be updated' ), 764 PHP_VERSION 765 ); 766 $result['status'] = 'recommended'; 767 768 return $result; 769 } 770 771 // Anything no longer secure must be updated. 772 $result['label'] = sprintf( 773 /* translators: %s: The server PHP version. */ 774 __( 'Your site is running an outdated version of PHP (%s), which requires an update' ), 775 PHP_VERSION 776 ); 777 $result['status'] = 'critical'; 778 $result['badge']['label'] = __( 'Security' ); 779 780 return $result; 781 } 782 783 /** 784 * Check if the passed extension or function are available. 785 * 786 * Make the check for available PHP modules into a simple boolean operator for a cleaner test runner. 787 * 788 * @since 5.2.0 789 * @since 5.3.0 The `$constant` and `$class` parameters were added. 790 * 791 * @param string $extension Optional. The extension name to test. Default null. 792 * @param string $function Optional. The function name to test. Default null. 793 * @param string $constant Optional. The constant name to test for. Default null. 794 * @param string $class Optional. The class name to test for. Default null. 795 * @return bool Whether or not the extension and function are available. 796 */ 797 private function test_php_extension_availability( $extension = null, $function = null, $constant = null, $class = null ) { 798 // If no extension or function is passed, claim to fail testing, as we have nothing to test against. 799 if ( ! $extension && ! $function && ! $constant && ! $class ) { 800 return false; 801 } 802 803 if ( $extension && ! extension_loaded( $extension ) ) { 804 return false; 805 } 806 if ( $function && ! function_exists( $function ) ) { 807 return false; 808 } 809 if ( $constant && ! defined( $constant ) ) { 810 return false; 811 } 812 if ( $class && ! class_exists( $class ) ) { 813 return false; 814 } 815 816 return true; 817 } 818 819 /** 820 * Test if required PHP modules are installed on the host. 821 * 822 * This test builds on the recommendations made by the WordPress Hosting Team 823 * as seen at https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions 824 * 825 * @since 5.2.0 826 * 827 * @return array 828 */ 829 public function get_test_php_extensions() { 830 $result = array( 831 'label' => __( 'Required and recommended modules are installed' ), 832 'status' => 'good', 833 'badge' => array( 834 'label' => __( 'Performance' ), 835 'color' => 'blue', 836 ), 837 'description' => sprintf( 838 '<p>%s</p><p>%s</p>', 839 __( 'PHP modules perform most of the tasks on the server that make your site run. Any changes to these must be made by your server administrator.' ), 840 sprintf( 841 /* translators: 1: Link to the hosting group page about recommended PHP modules. 2: Additional link attributes. 3: Accessibility text. */ 842 __( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ), 843 /* translators: Localized team handbook, if one exists. */ 844 esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ), 845 'target="_blank" rel="noopener"', 846 sprintf( 847 ' <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>', 848 /* translators: Accessibility text. */ 849 __( '(opens in a new tab)' ) 850 ) 851 ) 852 ), 853 'actions' => '', 854 'test' => 'php_extensions', 855 ); 856 857 $modules = array( 858 'curl' => array( 859 'function' => 'curl_version', 860 'required' => false, 861 ), 862 'dom' => array( 863 'class' => 'DOMNode', 864 'required' => false, 865 ), 866 'exif' => array( 867 'function' => 'exif_read_data', 868 'required' => false, 869 ), 870 'fileinfo' => array( 871 'function' => 'finfo_file', 872 'required' => false, 873 ), 874 'hash' => array( 875 'function' => 'hash', 876 'required' => false, 877 ), 878 'json' => array( 879 'function' => 'json_last_error', 880 'required' => true, 881 ), 882 'mbstring' => array( 883 'function' => 'mb_check_encoding', 884 'required' => false, 885 ), 886 'mysqli' => array( 887 'function' => 'mysqli_connect', 888 'required' => false, 889 ), 890 'libsodium' => array( 891 'constant' => 'SODIUM_LIBRARY_VERSION', 892 'required' => false, 893 'php_bundled_version' => '7.2.0', 894 ), 895 'openssl' => array( 896 'function' => 'openssl_encrypt', 897 'required' => false, 898 ), 899 'pcre' => array( 900 'function' => 'preg_match', 901 'required' => false, 902 ), 903 'imagick' => array( 904 'extension' => 'imagick', 905 'required' => false, 906 ), 907 'mod_xml' => array( 908 'extension' => 'libxml', 909 'required' => false, 910 ), 911 'zip' => array( 912 'class' => 'ZipArchive', 913 'required' => false, 914 ), 915 'filter' => array( 916 'function' => 'filter_list', 917 'required' => false, 918 ), 919 'gd' => array( 920 'extension' => 'gd', 921 'required' => false, 922 'fallback_for' => 'imagick', 923 ), 924 'iconv' => array( 925 'function' => 'iconv', 926 'required' => false, 927 ), 928 'mcrypt' => array( 929 'extension' => 'mcrypt', 930 'required' => false, 931 'fallback_for' => 'libsodium', 932 ), 933 'simplexml' => array( 934 'extension' => 'simplexml', 935 'required' => false, 936 'fallback_for' => 'mod_xml', 937 ), 938 'xmlreader' => array( 939 'extension' => 'xmlreader', 940 'required' => false, 941 'fallback_for' => 'mod_xml', 942 ), 943 'zlib' => array( 944 'extension' => 'zlib', 945 'required' => false, 946 'fallback_for' => 'zip', 947 ), 948 ); 949 950 /** 951 * An array representing all the modules we wish to test for. 952 * 953 * @since 5.2.0 954 * @since 5.3.0 The `$constant` and `$class` parameters were added. 955 * 956 * @param array $modules { 957 * An associative array of modules to test for. 958 * 959 * @type array ...$0 { 960 * An associative array of module properties used during testing. 961 * One of either `$function` or `$extension` must be provided, or they will fail by default. 962 * 963 * @type string $function Optional. A function name to test for the existence of. 964 * @type string $extension Optional. An extension to check if is loaded in PHP. 965 * @type string $constant Optional. A constant name to check for to verify an extension exists. 966 * @type string $class Optional. A class name to check for to verify an extension exists. 967 * @type bool $required Is this a required feature or not. 968 * @type string $fallback_for Optional. The module this module replaces as a fallback. 969 * } 970 * } 971 */ 972 $modules = apply_filters( 'site_status_test_php_modules', $modules ); 973 974 $failures = array(); 975 976 foreach ( $modules as $library => $module ) { 977 $extension = ( isset( $module['extension'] ) ? $module['extension'] : null ); 978 $function = ( isset( $module['function'] ) ? $module['function'] : null ); 979 $constant = ( isset( $module['constant'] ) ? $module['constant'] : null ); 980 $class_name = ( isset( $module['class'] ) ? $module['class'] : null ); 981 982 // If this module is a fallback for another function, check if that other function passed. 983 if ( isset( $module['fallback_for'] ) ) { 984 /* 985 * If that other function has a failure, mark this module as required for usual operations. 986 * If that other function hasn't failed, skip this test as it's only a fallback. 987 */ 988 if ( isset( $failures[ $module['fallback_for'] ] ) ) { 989 $module['required'] = true; 990 } else { 991 continue; 992 } 993 } 994 995 if ( ! $this->test_php_extension_availability( $extension, $function, $constant, $class_name ) && ( ! isset( $module['php_bundled_version'] ) || version_compare( PHP_VERSION, $module['php_bundled_version'], '<' ) ) ) { 996 if ( $module['required'] ) { 997 $result['status'] = 'critical'; 998 999 $class = 'error'; 1000 $screen_reader = __( 'Error' ); 1001 $message = sprintf( 1002 /* translators: %s: The module name. */ 1003 __( 'The required module, %s, is not installed, or has been disabled.' ), 1004 $library 1005 ); 1006 } else { 1007 $class = 'warning'; 1008 $screen_reader = __( 'Warning' ); 1009 $message = sprintf( 1010 /* translators: %s: The module name. */ 1011 __( 'The optional module, %s, is not installed, or has been disabled.' ), 1012 $library 1013 ); 1014 } 1015 1016 if ( ! $module['required'] && 'good' === $result['status'] ) { 1017 $result['status'] = 'recommended'; 1018 } 1019 1020 $failures[ $library ] = "<span class='dashicons $class'><span class='screen-reader-text'>$screen_reader</span></span> $message"; 1021 } 1022 } 1023 1024 if ( ! empty( $failures ) ) { 1025 $output = '<ul>'; 1026 1027 foreach ( $failures as $failure ) { 1028 $output .= sprintf( 1029 '<li>%s</li>', 1030 $failure 1031 ); 1032 } 1033 1034 $output .= '</ul>'; 1035 } 1036 1037 if ( 'good' !== $result['status'] ) { 1038 if ( 'recommended' === $result['status'] ) { 1039 $result['label'] = __( 'One or more recommended modules are missing' ); 1040 } 1041 if ( 'critical' === $result['status'] ) { 1042 $result['label'] = __( 'One or more required modules are missing' ); 1043 } 1044 1045 $result['description'] .= $output; 1046 } 1047 1048 return $result; 1049 } 1050 1051 /** 1052 * Test if the PHP default timezone is set to UTC. 1053 * 1054 * @since 5.3.1 1055 * 1056 * @return array The test results. 1057 */ 1058 public function get_test_php_default_timezone() { 1059 $result = array( 1060 'label' => __( 'PHP default timezone is valid' ), 1061 'status' => 'good', 1062 'badge' => array( 1063 'label' => __( 'Performance' ), 1064 'color' => 'blue', 1065 ), 1066 'description' => sprintf( 1067 '<p>%s</p>', 1068 __( 'PHP default timezone was configured by WordPress on loading. This is necessary for correct calculations of dates and times.' ) 1069 ), 1070 'actions' => '', 1071 'test' => 'php_default_timezone', 1072 ); 1073 1074 if ( 'UTC' !== date_default_timezone_get() ) { 1075 $result['status'] = 'critical'; 1076 1077 $result['label'] = __( 'PHP default timezone is invalid' ); 1078 1079 $result['description'] = sprintf( 1080 '<p>%s</p>', 1081 sprintf( 1082 /* translators: %s: date_default_timezone_set() */ 1083 __( 'PHP default timezone was changed after WordPress loading by a %s function call. This interferes with correct calculations of dates and times.' ), 1084 '<code>date_default_timezone_set()</code>' 1085 ) 1086 ); 1087 } 1088 1089 return $result; 1090 } 1091 1092 /** 1093 * Test if there's an active PHP session that can affect loopback requests. 1094 * 1095 * @since 5.5.0 1096 * 1097 * @return array The test results. 1098 */ 1099 public function get_test_php_sessions() { 1100 $result = array( 1101 'label' => __( 'No PHP sessions detected' ), 1102 'status' => 'good', 1103 'badge' => array( 1104 'label' => __( 'Performance' ), 1105 'color' => 'blue', 1106 ), 1107 'description' => sprintf( 1108 '<p>%s</p>', 1109 sprintf( 1110 /* translators: 1: session_start(), 2: session_write_close() */ 1111 __( 'PHP sessions created by a %1$s function call may interfere with REST API and loopback requests. An active session should be closed by %2$s before making any HTTP requests.' ), 1112 '<code>session_start()</code>', 1113 '<code>session_write_close()</code>' 1114 ) 1115 ), 1116 'test' => 'php_sessions', 1117 ); 1118 1119 if ( function_exists( 'session_status' ) && PHP_SESSION_ACTIVE === session_status() ) { 1120 $result['status'] = 'critical'; 1121 1122 $result['label'] = __( 'An active PHP session was detected' ); 1123 1124 $result['description'] = sprintf( 1125 '<p>%s</p>', 1126 sprintf( 1127 /* translators: 1: session_start(), 2: session_write_close() */ 1128 __( 'A PHP session was created by a %1$s function call. This interferes with REST API and loopback requests. The session should be closed by %2$s before making any HTTP requests.' ), 1129 '<code>session_start()</code>', 1130 '<code>session_write_close()</code>' 1131 ) 1132 ); 1133 } 1134 1135 return $result; 1136 } 1137 1138 /** 1139 * Test if the SQL server is up to date. 1140 * 1141 * @since 5.2.0 1142 * 1143 * @return array The test results. 1144 */ 1145 public function get_test_sql_server() { 1146 if ( ! $this->mysql_server_version ) { 1147 $this->prepare_sql_data(); 1148 } 1149 1150 $result = array( 1151 'label' => __( 'SQL server is up to date' ), 1152 'status' => 'good', 1153 'badge' => array( 1154 'label' => __( 'Performance' ), 1155 'color' => 'blue', 1156 ), 1157 'description' => sprintf( 1158 '<p>%s</p>', 1159 __( 'The SQL server is a required piece of software for the database WordPress uses to store all your site’s content and settings.' ) 1160 ), 1161 'actions' => sprintf( 1162 '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 1163 /* translators: Localized version of WordPress requirements if one exists. */ 1164 esc_url( __( 'https://wordpress.org/about/requirements/' ) ), 1165 __( 'Learn more about what WordPress requires to run.' ), 1166 /* translators: Accessibility text. */ 1167 __( '(opens in a new tab)' ) 1168 ), 1169 'test' => 'sql_server', 1170 ); 1171 1172 $db_dropin = file_exists( WP_CONTENT_DIR . '/db.php' ); 1173 1174 if ( ! $this->mysql_rec_version_check ) { 1175 $result['status'] = 'recommended'; 1176 1177 $result['label'] = __( 'Outdated SQL server' ); 1178 1179 $result['description'] .= sprintf( 1180 '<p>%s</p>', 1181 sprintf( 1182 /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server recommended version number. */ 1183 __( 'For optimal performance and security reasons, we recommend running %1$s version %2$s or higher. Contact your web hosting company to correct this.' ), 1184 ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ), 1185 $this->health_check_mysql_rec_version 1186 ) 1187 ); 1188 } 1189 1190 if ( ! $this->mysql_min_version_check ) { 1191 $result['status'] = 'critical'; 1192 1193 $result['label'] = __( 'Severely outdated SQL server' ); 1194 $result['badge']['label'] = __( 'Security' ); 1195 1196 $result['description'] .= sprintf( 1197 '<p>%s</p>', 1198 sprintf( 1199 /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server minimum version number. */ 1200 __( 'WordPress requires %1$s version %2$s or higher. Contact your web hosting company to correct this.' ), 1201 ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ), 1202 $this->health_check_mysql_required_version 1203 ) 1204 ); 1205 } 1206 1207 if ( $db_dropin ) { 1208 $result['description'] .= sprintf( 1209 '<p>%s</p>', 1210 wp_kses( 1211 sprintf( 1212 /* translators: 1: The name of the drop-in. 2: The name of the database engine. */ 1213 __( 'You are using a %1$s drop-in which might mean that a %2$s database is not being used.' ), 1214 '<code>wp-content/db.php</code>', 1215 ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ) 1216 ), 1217 array( 1218 'code' => true, 1219 ) 1220 ) 1221 ); 1222 } 1223 1224 return $result; 1225 } 1226 1227 /** 1228 * Test if the database server is capable of using utf8mb4. 1229 * 1230 * @since 5.2.0 1231 * 1232 * @return array The test results. 1233 */ 1234 public function get_test_utf8mb4_support() { 1235 global $wpdb; 1236 1237 if ( ! $this->mysql_server_version ) { 1238 $this->prepare_sql_data(); 1239 } 1240 1241 $result = array( 1242 'label' => __( 'UTF8MB4 is supported' ), 1243 'status' => 'good', 1244 'badge' => array( 1245 'label' => __( 'Performance' ), 1246 'color' => 'blue', 1247 ), 1248 'description' => sprintf( 1249 '<p>%s</p>', 1250 __( 'UTF8MB4 is the character set WordPress prefers for database storage because it safely supports the widest set of characters and encodings, including Emoji, enabling better support for non-English languages.' ) 1251 ), 1252 'actions' => '', 1253 'test' => 'utf8mb4_support', 1254 ); 1255 1256 if ( ! $this->is_mariadb ) { 1257 if ( version_compare( $this->mysql_server_version, '5.5.3', '<' ) ) { 1258 $result['status'] = 'recommended'; 1259 1260 $result['label'] = __( 'utf8mb4 requires a MySQL update' ); 1261 1262 $result['description'] .= sprintf( 1263 '<p>%s</p>', 1264 sprintf( 1265 /* translators: %s: Version number. */ 1266 __( 'WordPress’ utf8mb4 support requires MySQL version %s or greater. Please contact your server administrator.' ), 1267 '5.5.3' 1268 ) 1269 ); 1270 } else { 1271 $result['description'] .= sprintf( 1272 '<p>%s</p>', 1273 __( 'Your MySQL version supports utf8mb4.' ) 1274 ); 1275 } 1276 } else { // MariaDB introduced utf8mb4 support in 5.5.0. 1277 if ( version_compare( $this->mysql_server_version, '5.5.0', '<' ) ) { 1278 $result['status'] = 'recommended'; 1279 1280 $result['label'] = __( 'utf8mb4 requires a MariaDB update' ); 1281 1282 $result['description'] .= sprintf( 1283 '<p>%s</p>', 1284 sprintf( 1285 /* translators: %s: Version number. */ 1286 __( 'WordPress’ utf8mb4 support requires MariaDB version %s or greater. Please contact your server administrator.' ), 1287 '5.5.0' 1288 ) 1289 ); 1290 } else { 1291 $result['description'] .= sprintf( 1292 '<p>%s</p>', 1293 __( 'Your MariaDB version supports utf8mb4.' ) 1294 ); 1295 } 1296 } 1297 1298 if ( $wpdb->use_mysqli ) { 1299 // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_client_info 1300 $mysql_client_version = mysqli_get_client_info(); 1301 } else { 1302 // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysql_get_client_info,PHPCompatibility.Extensions.RemovedExtensions.mysql_DeprecatedRemoved 1303 $mysql_client_version = mysql_get_client_info(); 1304 } 1305 1306 /* 1307 * libmysql has supported utf8mb4 since 5.5.3, same as the MySQL server. 1308 * mysqlnd has supported utf8mb4 since 5.0.9. 1309 */ 1310 if ( false !== strpos( $mysql_client_version, 'mysqlnd' ) ) { 1311 $mysql_client_version = preg_replace( '/^\D+([\d.]+).*/', '$1', $mysql_client_version ); 1312 if ( version_compare( $mysql_client_version, '5.0.9', '<' ) ) { 1313 $result['status'] = 'recommended'; 1314 1315 $result['label'] = __( 'utf8mb4 requires a newer client library' ); 1316 1317 $result['description'] .= sprintf( 1318 '<p>%s</p>', 1319 sprintf( 1320 /* translators: 1: Name of the library, 2: Number of version. */ 1321 __( 'WordPress’ utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ), 1322 'mysqlnd', 1323 '5.0.9' 1324 ) 1325 ); 1326 } 1327 } else { 1328 if ( version_compare( $mysql_client_version, '5.5.3', '<' ) ) { 1329 $result['status'] = 'recommended'; 1330 1331 $result['label'] = __( 'utf8mb4 requires a newer client library' ); 1332 1333 $result['description'] .= sprintf( 1334 '<p>%s</p>', 1335 sprintf( 1336 /* translators: 1: Name of the library, 2: Number of version. */ 1337 __( 'WordPress’ utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ), 1338 'libmysql', 1339 '5.5.3' 1340 ) 1341 ); 1342 } 1343 } 1344 1345 return $result; 1346 } 1347 1348 /** 1349 * Test if the site can communicate with WordPress.org. 1350 * 1351 * @since 5.2.0 1352 * 1353 * @return array The test results. 1354 */ 1355 public function get_test_dotorg_communication() { 1356 $result = array( 1357 'label' => __( 'Can communicate with WordPress.org' ), 1358 'status' => '', 1359 'badge' => array( 1360 'label' => __( 'Security' ), 1361 'color' => 'blue', 1362 ), 1363 'description' => sprintf( 1364 '<p>%s</p>', 1365 __( 'Communicating with the WordPress servers is used to check for new versions, and to both install and update WordPress core, themes or plugins.' ) 1366 ), 1367 'actions' => '', 1368 'test' => 'dotorg_communication', 1369 ); 1370 1371 $wp_dotorg = wp_remote_get( 1372 'https://api.wordpress.org', 1373 array( 1374 'timeout' => 10, 1375 ) 1376 ); 1377 if ( ! is_wp_error( $wp_dotorg ) ) { 1378 $result['status'] = 'good'; 1379 } else { 1380 $result['status'] = 'critical'; 1381 1382 $result['label'] = __( 'Could not reach WordPress.org' ); 1383 1384 $result['description'] .= sprintf( 1385 '<p>%s</p>', 1386 sprintf( 1387 '<span class="error"><span class="screen-reader-text">%s</span></span> %s', 1388 __( 'Error' ), 1389 sprintf( 1390 /* translators: 1: The IP address WordPress.org resolves to. 2: The error returned by the lookup. */ 1391 __( 'Your site is unable to reach WordPress.org at %1$s, and returned the error: %2$s' ), 1392 gethostbyname( 'api.wordpress.org' ), 1393 $wp_dotorg->get_error_message() 1394 ) 1395 ) 1396 ); 1397 1398 $result['actions'] = sprintf( 1399 '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 1400 /* translators: Localized Support reference. */ 1401 esc_url( __( 'https://wordpress.org/support' ) ), 1402 __( 'Get help resolving this issue.' ), 1403 /* translators: Accessibility text. */ 1404 __( '(opens in a new tab)' ) 1405 ); 1406 } 1407 1408 return $result; 1409 } 1410 1411 /** 1412 * Test if debug information is enabled. 1413 * 1414 * When WP_DEBUG is enabled, errors and information may be disclosed to site visitors, 1415 * or logged to a publicly accessible file. 1416 * 1417 * Debugging is also frequently left enabled after looking for errors on a site, 1418 * as site owners do not understand the implications of this. 1419 * 1420 * @since 5.2.0 1421 * 1422 * @return array The test results. 1423 */ 1424 public function get_test_is_in_debug_mode() { 1425 $result = array( 1426 'label' => __( 'Your site is not set to output debug information' ), 1427 'status' => 'good', 1428 'badge' => array( 1429 'label' => __( 'Security' ), 1430 'color' => 'blue', 1431 ), 1432 'description' => sprintf( 1433 '<p>%s</p>', 1434 __( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' ) 1435 ), 1436 'actions' => sprintf( 1437 '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 1438 /* translators: Documentation explaining debugging in WordPress. */ 1439 esc_url( __( 'https://wordpress.org/support/article/debugging-in-wordpress/' ) ), 1440 __( 'Learn more about debugging in WordPress.' ), 1441 /* translators: Accessibility text. */ 1442 __( '(opens in a new tab)' ) 1443 ), 1444 'test' => 'is_in_debug_mode', 1445 ); 1446 1447 if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { 1448 if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) { 1449 $result['label'] = __( 'Your site is set to log errors to a potentially public file.' ); 1450 1451 $result['status'] = ( 0 === strpos( ini_get( 'error_log' ), ABSPATH ) ) ? 'critical' : 'recommended'; 1452 1453 $result['description'] .= sprintf( 1454 '<p>%s</p>', 1455 sprintf( 1456 /* translators: %s: WP_DEBUG_LOG */ 1457 __( 'The value, %s, has been added to this website’s configuration file. This means any errors on the site will be written to a file which is potentially available to all users.' ), 1458 '<code>WP_DEBUG_LOG</code>' 1459 ) 1460 ); 1461 } 1462 1463 if ( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ) { 1464 $result['label'] = __( 'Your site is set to display errors to site visitors' ); 1465 1466 $result['status'] = 'critical'; 1467 1468 // On development environments, set the status to recommended. 1469 if ( $this->is_development_environment() ) { 1470 $result['status'] = 'recommended'; 1471 } 1472 1473 $result['description'] .= sprintf( 1474 '<p>%s</p>', 1475 sprintf( 1476 /* translators: 1: WP_DEBUG_DISPLAY, 2: WP_DEBUG */ 1477 __( 'The value, %1$s, has either been enabled by %2$s or added to your configuration file. This will make errors display on the front end of your site.' ), 1478 '<code>WP_DEBUG_DISPLAY</code>', 1479 '<code>WP_DEBUG</code>' 1480 ) 1481 ); 1482 } 1483 } 1484 1485 return $result; 1486 } 1487 1488 /** 1489 * Test if your site is serving content over HTTPS. 1490 * 1491 * Many sites have varying degrees of HTTPS support, the most common of which is sites that have it 1492 * enabled, but only if you visit the right site address. 1493 * 1494 * @since 5.2.0 1495 * 1496 * @return array The test results. 1497 */ 1498 public function get_test_https_status() { 1499 $result = array( 1500 'label' => __( 'Your website is using an active HTTPS connection.' ), 1501 'status' => 'good', 1502 'badge' => array( 1503 'label' => __( 'Security' ), 1504 'color' => 'blue', 1505 ), 1506 'description' => sprintf( 1507 '<p>%s</p>', 1508 __( 'An HTTPS connection is a more secure way of browsing the web. Many services now have HTTPS as a requirement. HTTPS allows you to take advantage of new features that can increase site speed, improve search rankings, and gain the trust of your visitors by helping to protect their online privacy.' ) 1509 ), 1510 'actions' => sprintf( 1511 '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', 1512 /* translators: Documentation explaining HTTPS and why it should be used. */ 1513 esc_url( __( 'https://wordpress.org/support/article/why-should-i-use-https/' ) ), 1514 __( 'Learn more about why you should use HTTPS' ), 1515 /* translators: Accessibility text. */ 1516 __( '(opens in a new tab)' ) 1517 ), 1518 'test' => 'https_status', 1519 ); 1520 1521 if ( is_ssl() ) { 1522 $wp_url = get_bloginfo( 'wpurl' ); 1523 $site_url = get_bloginfo( 'url' ); 1524 1525 if ( 'https' !== substr( $wp_url, 0, 5 ) || 'https' !== substr( $site_url, 0, 5 ) ) { 1526 $result['status'] = 'recommended'; 1527 1528 $result['label'] = __( 'Only parts of your site are using HTTPS' ); 1529 1530 $result['description'] = sprintf( 1531 '<p>%s</p>', 1532 sprintf( 1533 /* translators: %s: URL to General Settings screen. */ 1534 __( 'You are accessing this website using HTTPS, but your <a href="%s">WordPress Address</a> is not set up to use HTTPS by default.' ), 1535 esc_url( admin_url( 'options-general.php' ) ) 1536 ) 1537 ); 1538 1539 $result['actions'] .= sprintf( 1540 '<p><a href="%s">%s</a></p>', 1541 esc_url( admin_url( 'options-general.php' ) ), 1542 __( 'Update your site addresses' ) 1543 ); 1544 } 1545 } else { 1546 $result['status'] = 'recommended'; 1547 1548 $result['label'] = __( 'Your site does not use HTTPS' ); 1549 } 1550 1551 return $result; 1552 } 1553 1554 /** 1555 * Check if the HTTP API can handle SSL/TLS requests. 1556 * 1557 * @since 5.2.0 1558 * 1559 * @return array The test results. 1560 */ 1561 public function get_test_ssl_support() { 1562 $result = array( 1563 'label' => '', 1564 'status' => '', 1565 'badge' => array( 1566 'label' => __( 'Security' ), 1567 'color' => 'blue', 1568 ), 1569 'description' => sprintf( 1570 '<p>%s</p>', 1571 __( 'Securely communicating between servers are needed for transactions such as fetching files, conducting sales on store sites, and much more.' ) 1572 ), 1573 'actions' => '', 1574 'test' => 'ssl_support', 1575 ); 1576 1577 $supports_https = wp_http_supports( array( 'ssl' ) ); 1578 1579 if ( $supports_https ) { 1580 $result['status'] = 'good'; 1581 1582 $result['label'] = __( 'Your site can communicate securely with other services' ); 1583 } else { 1584 $result['status'] = 'critical'; 1585 1586 $result['label'] = __( 'Your site is unable to communicate securely with other services' ); 1587 1588 $result['description'] .= sprintf( 1589 '<p>%s</p>', 1590 __( 'Talk to your web host about OpenSSL support for PHP.' ) 1591 ); 1592 } 1593 1594 return $result; 1595 } 1596 1597 /** 1598 * Test if scheduled events run as intended. 1599 * 1600 * If scheduled events are not running, this may indicate something with WP_Cron is not working 1601 * as intended, or that there are orphaned events hanging around from older code. 1602 * 1603 * @since 5.2.0 1604 * 1605 * @return array The test results. 1606 */ 1607 public function get_test_scheduled_events() { 1608 $result = array( 1609 'label' => __( 'Scheduled events are running' ), 1610 'status' => 'good', 1611 'badge' => array( 1612 'label' => __( 'Performance' ), 1613 'color' => 'blue', 1614 ), 1615 'description' => sprintf( 1616 '<p>%s</p>', 1617 __( 'Scheduled events are what periodically looks for updates to plugins, themes and WordPress itself. It is also what makes sure scheduled posts are published on time. It may also be used by various plugins to make sure that planned actions are executed.' ) 1618 ), 1619 'actions' => '', 1620 'test' => 'scheduled_events', 1621 ); 1622 1623 $this->wp_schedule_test_init(); 1624 1625 if ( is_wp_error( $this->has_missed_cron() ) ) { 1626 $result['status'] = 'critical'; 1627 1628 $result['label'] = __( 'It was not possible to check your scheduled events' ); 1629 1630 $result['description'] = sprintf( 1631 '<p>%s</p>', 1632 sprintf( 1633 /* translators: %s: The error message returned while from the cron scheduler. */ 1634 __( 'While trying to test your site’s scheduled events, the following error was returned: %s' ), 1635 $this->has_missed_cron()->get_error_message() 1636 ) 1637 ); 1638 } elseif ( $this->has_missed_cron() ) { 1639 $result['status'] = 'recommended'; 1640 1641 $result['label'] = __( 'A scheduled event has failed' ); 1642 1643 $result['description'] = sprintf( 1644 '<p>%s</p>', 1645 sprintf( 1646 /* translators: %s: The name of the failed cron event. */ 1647 __( 'The scheduled event, %s, failed to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ), 1648 $this->last_missed_cron 1649 ) 1650 ); 1651 } elseif ( $this->has_late_cron() ) { 1652 $result['status'] = 'recommended'; 1653 1654 $result['label'] = __( 'A scheduled event is late' ); 1655 1656 $result['description'] = sprintf( 1657 '<p>%s</p>', 1658 sprintf( 1659 /* translators: %s: The name of the late cron event. */ 1660 __( 'The scheduled event, %s, is late to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ), 1661 $this->last_late_cron 1662 ) 1663 ); 1664 } 1665 1666 return $result; 1667 } 1668 1669 /** 1670 * Test if WordPress can run automated background updates. 1671 * 1672 * Background updates in WordPress are primarily used for minor releases and security updates. 1673 * It's important to either have these working, or be aware that they are intentionally disabled 1674 * for whatever reason. 1675 * 1676 * @since 5.2.0 1677 * 1678 * @return array The test results. 1679 */ 1680 public function get_test_background_updates() { 1681 $result = array( 1682 'label' => __( 'Background updates are working' ), 1683 'status' => 'good', 1684 'badge' => array( 1685 'label' => __( 'Security' ), 1686 'color' => 'blue', 1687 ), 1688 'description' => sprintf( 1689 '<p>%s</p>', 1690 __( 'Background updates ensure that WordPress can auto-update if a security update is released for the version you are currently using.' ) 1691 ), 1692 'actions' => '', 1693 'test' => 'background_updates', 1694 ); 1695 1696 if ( ! class_exists( 'WP_Site_Health_Auto_Updates' ) ) { 1697 require_once ABSPATH . 'wp-admin/includes/class-wp-site-health-auto-updates.php'; 1698 } 1699 1700 // Run the auto-update tests in a separate class, 1701 // as there are many considerations to be made. 1702 $automatic_updates = new WP_Site_Health_Auto_Updates(); 1703 $tests = $automatic_updates->run_tests(); 1704 1705 $output = '<ul>'; 1706 1707 foreach ( $tests as $test ) { 1708 $severity_string = __( 'Passed' ); 1709 1710 if ( 'fail' === $test->severity ) { 1711 $result['label'] = __( 'Background updates are not working as expected' ); 1712 1713 $result['status'] = 'critical'; 1714 1715 $severity_string = __( 'Error' ); 1716 } 1717 1718 if ( 'warning' === $test->severity && 'good' === $result['status'] ) { 1719 $result['label'] = __( 'Background updates may not be working properly' ); 1720 1721 $result['status'] = 'recommended'; 1722 1723 $severity_string = __( 'Warning' ); 1724 } 1725 1726 $output .= sprintf( 1727 '<li><span class="dashicons %s"><span class="screen-reader-text">%s</span></span> %s</li>', 1728 esc_attr( $test->severity ), 1729 $severity_string, 1730 $test->description 1731 ); 1732 } 1733 1734 $output .= '</ul>'; 1735 1736 if ( 'good' !== $result['status'] ) { 1737 $result['description'] .= $output; 1738 } 1739 1740 return $result; 1741 } 1742 1743 /** 1744 * Test if plugin and theme auto-updates appear to be configured correctly. 1745 * 1746 * @since 5.5.0 1747 * 1748 * @return array The test results. 1749 */ 1750 public function get_test_plugin_theme_auto_updates() { 1751 $result = array( 1752 'label' => __( 'Plugin and theme auto-updates appear to be configured correctly' ), 1753 'status' => 'good', 1754 'badge' => array( 1755 'label' => __( 'Security' ), 1756 'color' => 'blue', 1757 ), 1758 'description' => sprintf( 1759 '<p>%s</p>', 1760 __( 'Plugin and theme auto-updates ensure that the latest versions are always installed.' ) 1761 ), 1762 'actions' => '', 1763 'test' => 'plugin_theme_auto_updates', 1764 ); 1765 1766 $check_plugin_theme_updates = $this->detect_plugin_theme_auto_update_issues(); 1767 1768 $result['status'] = $check_plugin_theme_updates->status; 1769 1770 if ( 'good' !== $result['status'] ) { 1771 $result['label'] = __( 'Your site may have problems auto-updating plugins and themes' ); 1772 1773 $result['description'] .= sprintf( 1774 '<p>%s</p>', 1775 $check_plugin_theme_updates->message 1776 ); 1777 } 1778 1779 return $result; 1780 } 1781 1782 /** 1783 * Test if loopbacks work as expected. 1784 * 1785 * A loopback is when WordPress queries itself, for example to start a new WP_Cron instance, 1786 * or when editing a plugin or theme. This has shown itself to be a recurring issue, 1787 * as code can very easily break this interaction. 1788 * 1789 * @since 5.2.0 1790 * 1791 * @return array The test results. 1792 */ 1793 public function get_test_loopback_requests() { 1794 $result = array( 1795 'label' => __( 'Your site can perform loopback requests' ), 1796 'status' => 'good', 1797 'badge' => array( 1798 'label' => __( 'Performance' ), 1799 'color' => 'blue', 1800 ), 1801 'description' => sprintf( 1802 '<p>%s</p>', 1803 __( 'Loopback requests are used to run scheduled events, and are also used by the built-in editors for themes and plugins to verify code stability.' ) 1804 ), 1805 'actions' => '', 1806 'test' => 'loopback_requests', 1807 ); 1808 1809 $check_loopback = $this->can_perform_loopback(); 1810 1811 $result['status'] = $check_loopback->status; 1812 1813 if ( 'good' !== $result['status'] ) { 1814 $result['label'] = __( 'Your site could not complete a loopback request' ); 1815 1816 $result['description'] .= sprintf( 1817 '<p>%s</p>', 1818 $check_loopback->message 1819 ); 1820 } 1821 1822 return $result; 1823 } 1824 1825 /** 1826 * Test if HTTP requests are blocked. 1827 * 1828 * It's possible to block all outgoing communication (with the possibility of allowing certain 1829 * hosts) via the HTTP API. This may create problems for users as many features are running as 1830 * services these days. 1831 * 1832 * @since 5.2.0 1833 * 1834 * @return array The test results. 1835 */ 1836 public function get_test_http_requests() { 1837 $result = array( 1838 'label' => __( 'HTTP requests seem to be working as expected' ), 1839 'status' => 'good', 1840 'badge' => array( 1841 'label' => __( 'Performance' ), 1842 'color' => 'blue', 1843 ), 1844 'description' => sprintf( 1845 '<p>%s</p>', 1846 __( 'It is possible for site maintainers to block all, or some, communication to other sites and services. If set up incorrectly, this may prevent plugins and themes from working as intended.' ) 1847 ), 1848 'actions' => '', 1849 'test' => 'http_requests', 1850 ); 1851 1852 $blocked = false; 1853 $hosts = array(); 1854 1855 if ( defined( 'WP_HTTP_BLOCK_EXTERNAL' ) && WP_HTTP_BLOCK_EXTERNAL ) { 1856 $blocked = true; 1857 } 1858 1859 if ( defined( 'WP_ACCESSIBLE_HOSTS' ) ) { 1860 $hosts = explode( ',', WP_ACCESSIBLE_HOSTS ); 1861 } 1862 1863 if ( $blocked && 0 === count( $hosts ) ) { 1864 $result['status'] = 'critical'; 1865 1866 $result['label'] = __( 'HTTP requests are blocked' ); 1867 1868 $result['description'] .= sprintf( 1869 '<p>%s</p>', 1870 sprintf( 1871 /* translators: %s: Name of the constant used. */ 1872 __( 'HTTP requests have been blocked by the %s constant, with no allowed hosts.' ), 1873 '<code>WP_HTTP_BLOCK_EXTERNAL</code>' 1874 ) 1875 ); 1876 } 1877 1878 if ( $blocked && 0 < count( $hosts ) ) { 1879 $result['status'] = 'recommended'; 1880 1881 $result['label'] = __( 'HTTP requests are partially blocked' ); 1882 1883 $result['description'] .= sprintf( 1884 '<p>%s</p>', 1885 sprintf( 1886 /* translators: 1: Name of the constant used. 2: List of allowed hostnames. */ 1887 __( 'HTTP requests have been blocked by the %1$s constant, with some allowed hosts: %2$s.' ), 1888 '<code>WP_HTTP_BLOCK_EXTERNAL</code>', 1889 implode( ',', $hosts ) 1890 ) 1891 ); 1892 } 1893 1894 return $result; 1895 } 1896 1897 /** 1898 * Test if the REST API is accessible. 1899 * 1900 * Various security measures may block the REST API from working, or it may have been disabled in general. 1901 * This is required for the new block editor to work, so we explicitly test for this. 1902 * 1903 * @since 5.2.0 1904 * 1905 * @return array The test results. 1906 */ 1907 public function get_test_rest_availability() { 1908 $result = array( 1909 'label' => __( 'The REST API is available' ), 1910 'status' => 'good', 1911 'badge' => array( 1912 'label' => __( 'Performance' ), 1913 'color' => 'blue', 1914 ), 1915 'description' => sprintf( 1916 '<p>%s</p>', 1917 __( 'The REST API is one way WordPress, and other applications, communicate with the server. One example is the block editor screen, which relies on this to display, and save, your posts and pages.' ) 1918 ), 1919 'actions' => '', 1920 'test' => 'rest_availability', 1921 ); 1922 1923 $cookies = wp_unslash( $_COOKIE ); 1924 $timeout = 10; 1925 $headers = array( 1926 'Cache-Control' => 'no-cache', 1927 'X-WP-Nonce' => wp_create_nonce( 'wp_rest' ), 1928 ); 1929 /** This filter is documented in wp-includes/class-wp-http-streams.php */ 1930 $sslverify = apply_filters( 'https_local_ssl_verify', false ); 1931 1932 // Include Basic auth in loopback requests. 1933 if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { 1934 $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); 1935 } 1936 1937 $url = rest_url( 'wp/v2/types/post' ); 1938 1939 // The context for this is editing with the new block editor. 1940 $url = add_query_arg( 1941 array( 1942 'context' => 'edit', 1943 ), 1944 $url 1945 ); 1946 1947 $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) ); 1948 1949 if ( is_wp_error( $r ) ) { 1950 $result['status'] = 'critical'; 1951 1952 $result['label'] = __( 'The REST API encountered an error' ); 1953 1954 $result['description'] .= sprintf( 1955 '<p>%s</p>', 1956 sprintf( 1957 '%s<br>%s', 1958 __( 'The REST API request failed due to an error.' ), 1959 sprintf( 1960 /* translators: 1: The WordPress error message. 2: The WordPress error code. */ 1961 __( 'Error: %1$s (%2$s)' ), 1962 $r->get_error_message(), 1963 $r->get_error_code() 1964 ) 1965 ) 1966 ); 1967 } elseif ( 200 !== wp_remote_retrieve_response_code( $r ) ) { 1968 $result['status'] = 'recommended'; 1969 1970 $result['label'] = __( 'The REST API encountered an unexpected result' ); 1971 1972 $result['description'] .= sprintf( 1973 '<p>%s</p>', 1974 sprintf( 1975 /* translators: 1: The HTTP error code. 2: The HTTP error message. */ 1976 __( 'The REST API call gave the following unexpected result: (%1$d) %2$s.' ), 1977 wp_remote_retrieve_response_code( $r ), 1978 esc_html( wp_remote_retrieve_body( $r ) ) 1979 ) 1980 ); 1981 } else { 1982 $json = json_decode( wp_remote_retrieve_body( $r ), true ); 1983 1984 if ( false !== $json && ! isset( $json['capabilities'] ) ) { 1985 $result['status'] = 'recommended'; 1986 1987 $result['label'] = __( 'The REST API did not behave correctly' ); 1988 1989 $result['description'] .= sprintf( 1990 '<p>%s</p>', 1991 sprintf( 1992 /* translators: %s: The name of the query parameter being tested. */ 1993 __( 'The REST API did not process the %s query parameter correctly.' ), 1994 '<code>context</code>' 1995 ) 1996 ); 1997 } 1998 } 1999 2000 return $result; 2001 } 2002 2003 /** 2004 * Test if 'file_uploads' directive in PHP.ini is turned off. 2005 * 2006 * @since 5.5.0 2007 * 2008 * @return array The test results. 2009 */ 2010 public function get_test_file_uploads() { 2011 $result = array( 2012 'label' => __( 'Files can be uploaded.' ), 2013 'status' => 'good', 2014 'badge' => array( 2015 'label' => __( 'Performance' ), 2016 'color' => 'blue', 2017 ), 2018 'description' => sprintf( 2019 '<p>%s</p>', 2020 sprintf( 2021 /* translators: 1: file_uploads, 2: php.ini */ 2022 __( 'The %1$s directive in %2$s determines if uploading files is allowed on your site.' ), 2023 '<code>file_uploads</code>', 2024 '<code>php.ini</code>' 2025 ) 2026 ), 2027 'actions' => '', 2028 'test' => 'file_uploads', 2029 ); 2030 2031 if ( ! function_exists( 'ini_get' ) ) { 2032 $result['status'] = 'critical'; 2033 $result['description'] .= sprintf( 2034 /* translators: %s: ini_get() */ 2035 __( 'The %s function has been disabled, some media settings are unavailable because of this.' ), 2036 '<code>ini_get()</code>' 2037 ); 2038 return $result; 2039 } 2040 2041 if ( empty( ini_get( 'file_uploads' ) ) ) { 2042 $result['status'] = 'critical'; 2043 $result['description'] .= sprintf( 2044 '<p>%s</p>', 2045 sprintf( 2046 /* translators: 1: file_uploads, 2: 0 */ 2047 __( '%1$s is set to %2$s. You won\'t be able to upload files on your site.' ), 2048 '<code>file_uploads</code>', 2049 '<code>0</code>' 2050 ) 2051 ); 2052 return $result; 2053 } 2054 2055 $post_max_size = ini_get( 'post_max_size' ); 2056 $upload_max_filesize = ini_get( 'upload_max_filesize' ); 2057 2058 if ( wp_convert_hr_to_bytes( $post_max_size ) < wp_convert_hr_to_bytes( $upload_max_filesize ) ) { 2059 $result['label'] = sprintf( 2060 /* translators: 1: post_max_size, 2: upload_max_filesize */ 2061 __( 'The "%1$s" value is smaller than "%2$s".' ), 2062 'post_max_size', 2063 'upload_max_filesize' 2064 ); 2065 $result['status'] = 'recommended'; 2066 $result['description'] = sprintf( 2067 '<p>%s</p>', 2068 sprintf( 2069 /* translators: 1: post_max_size, 2: upload_max_filesize */ 2070 __( 'The setting for %1$s is smaller than %2$s, this could cause some problems when trying to upload files.' ), 2071 '<code>post_max_size</code>', 2072 '<code>upload_max_filesize</code>' 2073 ) 2074 ); 2075 return $result; 2076 } 2077 2078 return $result; 2079 } 2080 2081 /** 2082 * Return a set of tests that belong to the site status page. 2083 * 2084 * Each site status test is defined here, they may be `direct` tests, that run on page load, or `async` tests 2085 * which will run later down the line via JavaScript calls to improve page performance and hopefully also user 2086 * experiences. 2087 * 2088 * @since 5.2.0 2089 * @since 5.6.0 Added support for `has_rest` and `permissions`. 2090 * 2091 * @return array The list of tests to run. 2092 */ 2093 public static function get_tests() { 2094 $tests = array( 2095 'direct' => array( 2096 'wordpress_version' => array( 2097 'label' => __( 'WordPress Version' ), 2098 'test' => 'wordpress_version', 2099 ), 2100 'plugin_version' => array( 2101 'label' => __( 'Plugin Versions' ), 2102 'test' => 'plugin_version', 2103 ), 2104 'theme_version' => array( 2105 'label' => __( 'Theme Versions' ), 2106 'test' => 'theme_version', 2107 ), 2108 'php_version' => array( 2109 'label' => __( 'PHP Version' ), 2110 'test' => 'php_version', 2111 ), 2112 'php_extensions' => array( 2113 'label' => __( 'PHP Extensions' ), 2114 'test' => 'php_extensions', 2115 ), 2116 'php_default_timezone' => array( 2117 'label' => __( 'PHP Default Timezone' ), 2118 'test' => 'php_default_timezone', 2119 ), 2120 'php_sessions' => array( 2121 'label' => __( 'PHP Sessions' ), 2122 'test' => 'php_sessions', 2123 ), 2124 'sql_server' => array( 2125 'label' => __( 'Database Server version' ), 2126 'test' => 'sql_server', 2127 ), 2128 'utf8mb4_support' => array( 2129 'label' => __( 'MySQL utf8mb4 support' ), 2130 'test' => 'utf8mb4_support', 2131 ), 2132 'https_status' => array( 2133 'label' => __( 'HTTPS status' ), 2134 'test' => 'https_status', 2135 ), 2136 'ssl_support' => array( 2137 'label' => __( 'Secure communication' ), 2138 'test' => 'ssl_support', 2139 ), 2140 'scheduled_events' => array( 2141 'label' => __( 'Scheduled events' ), 2142 'test' => 'scheduled_events', 2143 ), 2144 'http_requests' => array( 2145 'label' => __( 'HTTP Requests' ), 2146 'test' => 'http_requests', 2147 ), 2148 'debug_enabled' => array( 2149 'label' => __( 'Debugging enabled' ), 2150 'test' => 'is_in_debug_mode', 2151 ), 2152 'file_uploads' => array( 2153 'label' => __( 'File uploads' ), 2154 'test' => 'file_uploads', 2155 ), 2156 'plugin_theme_auto_updates' => array( 2157 'label' => __( 'Plugin and theme auto-updates' ), 2158 'test' => 'plugin_theme_auto_updates', 2159 ), 2160 ), 2161 'async' => array( 2162 'dotorg_communication' => array( 2163 'label' => __( 'Communication with WordPress.org' ), 2164 'test' => rest_url( 'wp-site-health/v1/tests/dotorg-communication' ), 2165 'has_rest' => true, 2166 'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_dotorg_communication' ), 2167 ), 2168 'background_updates' => array( 2169 'label' => __( 'Background updates' ), 2170 'test' => rest_url( 'wp-site-health/v1/tests/background-updates' ), 2171 'has_rest' => true, 2172 'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_background_updates' ), 2173 ), 2174 'loopback_requests' => array( 2175 'label' => __( 'Loopback request' ), 2176 'test' => rest_url( 'wp-site-health/v1/tests/loopback-requests' ), 2177 'has_rest' => true, 2178 'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_loopback_requests' ), 2179 ), 2180 ), 2181 ); 2182 2183 // Conditionally include REST rules if the function for it exists. 2184 if ( function_exists( 'rest_url' ) ) { 2185 $tests['direct']['rest_availability'] = array( 2186 'label' => __( 'REST API availability' ), 2187 'test' => 'rest_availability', 2188 ); 2189 } 2190 2191 /** 2192 * Add or modify which site status tests are run on a site. 2193 * 2194 * The site health is determined by a set of tests based on best practices from 2195 * both the WordPress Hosting Team, but also web standards in general. 2196 * 2197 * Some sites may not have the same requirements, for example the automatic update 2198 * checks may be handled by a host, and are therefore disabled in core. 2199 * Or maybe you want to introduce a new test, is caching enabled/disabled/stale for example. 2200 * 2201 * Tests may be added either as direct, or asynchronous ones. Any test that may require some time 2202 * to complete should run asynchronously, to avoid extended loading periods within wp-admin. 2203 * 2204 * @since 5.2.0 2205 * @since 5.6.0 Added the `async_direct_test` array key. 2206 * 2207 * @param array $test_type { 2208 * An associative array, where the `$test_type` is either `direct` or 2209 * `async`, to declare if the test should run via Ajax calls after page load. 2210 * 2211 * @type array $identifier { 2212 * `$identifier` should be a unique identifier for the test that should run. 2213 * Plugins and themes are encouraged to prefix test identifiers with their slug 2214 * to avoid any collisions between tests. 2215 * 2216 * @type string $label A friendly label for your test to identify it by. 2217 * @type mixed $test A callable to perform a direct test, or a string AJAX action 2218 * to be called to perform an async test. 2219 * @type boolean $has_rest Optional. Denote if `$test` has a REST API endpoint. 2220 * @type callable $async_direct_test A manner of directly calling the test marked as asynchronous, 2221 * as the scheduled event can not authenticate, and endpoints 2222 * may require authentication. 2223 * } 2224 * } 2225 */ 2226 $tests = apply_filters( 'site_status_tests', $tests ); 2227 2228 // Ensure that the filtered tests contain the required array keys. 2229 $tests = array_merge( 2230 array( 2231 'direct' => array(), 2232 'async' => array(), 2233 ), 2234 $tests 2235 ); 2236 2237 return $tests; 2238 } 2239 2240 /** 2241 * Add a class to the body HTML tag. 2242 * 2243 * Filters the body class string for admin pages and adds our own class for easier styling. 2244 * 2245 * @since 5.2.0 2246 * 2247 * @param string $body_class The body class string. 2248 * @return string The modified body class string. 2249 */ 2250 public function admin_body_class( $body_class ) { 2251 $screen = get_current_screen(); 2252 if ( 'site-health' !== $screen->id ) { 2253 return $body_class; 2254 } 2255 2256 $body_class .= ' site-health'; 2257 2258 return $body_class; 2259 } 2260 2261 /** 2262 * Initiate the WP_Cron schedule test cases. 2263 * 2264 * @since 5.2.0 2265 */ 2266 private function wp_schedule_test_init() { 2267 $this->schedules = wp_get_schedules(); 2268 $this->get_cron_tasks(); 2269 } 2270 2271 /** 2272 * Populate our list of cron events and store them to a class-wide variable. 2273 * 2274 * @since 5.2.0 2275 */ 2276 private function get_cron_tasks() { 2277 $cron_tasks = _get_cron_array(); 2278 2279 if ( empty( $cron_tasks ) ) { 2280 $this->crons = new WP_Error( 'no_tasks', __( 'No scheduled events exist on this site.' ) ); 2281 return; 2282 } 2283 2284 $this->crons = array(); 2285 2286 foreach ( $cron_tasks as $time => $cron ) { 2287 foreach ( $cron as $hook => $dings ) { 2288 foreach ( $dings as $sig => $data ) { 2289 2290 $this->crons[ "$hook-$sig-$time" ] = (object) array( 2291 'hook' => $hook, 2292 'time' => $time, 2293 'sig' => $sig, 2294 'args' => $data['args'], 2295 'schedule' => $data['schedule'], 2296 'interval' => isset( $data['interval'] ) ? $data['interval'] : null, 2297 ); 2298 2299 } 2300 } 2301 } 2302 } 2303 2304 /** 2305 * Check if any scheduled tasks have been missed. 2306 * 2307 * Returns a boolean value of `true` if a scheduled task has been missed and ends processing. 2308 * 2309 * If the list of crons is an instance of WP_Error, returns the instance instead of a boolean value. 2310 * 2311 * @since 5.2.0 2312 * 2313 * @return bool|WP_Error True if a cron was missed, false if not. WP_Error if the cron is set to that. 2314 */ 2315 public function has_missed_cron() { 2316 if ( is_wp_error( $this->crons ) ) { 2317 return $this->crons; 2318 } 2319 2320 foreach ( $this->crons as $id => $cron ) { 2321 if ( ( $cron->time - time() ) < $this->timeout_missed_cron ) { 2322 $this->last_missed_cron = $cron->hook; 2323 return true; 2324 } 2325 } 2326 2327 return false; 2328 } 2329 2330 /** 2331 * Check if any scheduled tasks are late. 2332 * 2333 * Returns a boolean value of `true` if a scheduled task is late and ends processing. 2334 * 2335 * If the list of crons is an instance of WP_Error, returns the instance instead of a boolean value. 2336 * 2337 * @since 5.3.0 2338 * 2339 * @return bool|WP_Error True if a cron is late, false if not. WP_Error if the cron is set to that. 2340 */ 2341 public function has_late_cron() { 2342 if ( is_wp_error( $this->crons ) ) { 2343 return $this->crons; 2344 } 2345 2346 foreach ( $this->crons as $id => $cron ) { 2347 $cron_offset = $cron->time - time(); 2348 if ( 2349 $cron_offset >= $this->timeout_missed_cron && 2350 $cron_offset < $this->timeout_late_cron 2351 ) { 2352 $this->last_late_cron = $cron->hook; 2353 return true; 2354 } 2355 } 2356 2357 return false; 2358 } 2359 2360 /** 2361 * Check for potential issues with plugin and theme auto-updates. 2362 * 2363 * Though there is no way to 100% determine if plugin and theme auto-updates are configured 2364 * correctly, a few educated guesses could be made to flag any conditions that would 2365 * potentially cause unexpected behaviors. 2366 * 2367 * @since 5.5.0 2368 * 2369 * @return object The test results. 2370 */ 2371 function detect_plugin_theme_auto_update_issues() { 2372 $mock_plugin = (object) array( 2373 'id' => 'w.org/plugins/a-fake-plugin', 2374 'slug' => 'a-fake-plugin', 2375 'plugin' => 'a-fake-plugin/a-fake-plugin.php', 2376 'new_version' => '9.9', 2377 'url' => 'https://wordpress.org/plugins/a-fake-plugin/', 2378 'package' => 'https://downloads.wordpress.org/plugin/a-fake-plugin.9.9.zip', 2379 'icons' => array( 2380 '2x' => 'https://ps.w.org/a-fake-plugin/assets/icon-256x256.png', 2381 '1x' => 'https://ps.w.org/a-fake-plugin/assets/icon-128x128.png', 2382 ), 2383 'banners' => array( 2384 '2x' => 'https://ps.w.org/a-fake-plugin/assets/banner-1544x500.png', 2385 '1x' => 'https://ps.w.org/a-fake-plugin/assets/banner-772x250.png', 2386 ), 2387 'banners_rtl' => array(), 2388 'tested' => '5.5.0', 2389 'requires_php' => '5.6.20', 2390 'compatibility' => new stdClass(), 2391 ); 2392 2393 $mock_theme = (object) array( 2394 'theme' => 'a-fake-theme', 2395 'new_version' => '9.9', 2396 'url' => 'https://wordpress.org/themes/a-fake-theme/', 2397 'package' => 'https://downloads.wordpress.org/theme/a-fake-theme.9.9.zip', 2398 'requires' => '5.0.0', 2399 'requires_php' => '5.6.20', 2400 ); 2401 2402 $test_plugins_enabled = wp_is_auto_update_forced_for_item( 'plugin', true, $mock_plugin ); 2403 $test_themes_enabled = wp_is_auto_update_forced_for_item( 'theme', true, $mock_theme ); 2404 2405 $ui_enabled_for_plugins = wp_is_auto_update_enabled_for_type( 'plugin' ); 2406 $ui_enabled_for_themes = wp_is_auto_update_enabled_for_type( 'theme' ); 2407 $plugin_filter_present = has_filter( 'auto_update_plugin' ); 2408 $theme_filter_present = has_filter( 'auto_update_theme' ); 2409 2410 if ( ( ! $test_plugins_enabled && $ui_enabled_for_plugins ) 2411 || ( ! $test_themes_enabled && $ui_enabled_for_themes ) 2412 ) { 2413 return (object) array( 2414 'status' => 'critical', 2415 'message' => __( 'Auto-updates for plugins and/or themes appear to be disabled, but settings are still set to be displayed. This could cause auto-updates to not work as expected.' ), 2416 ); 2417 } 2418 2419 if ( ( ! $test_plugins_enabled && $plugin_filter_present ) 2420 && ( ! $test_themes_enabled && $theme_filter_present ) 2421 ) { 2422 return (object) array( 2423 'status' => 'recommended', 2424 'message' => __( 'Auto-updates for plugins and themes appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ), 2425 ); 2426 } elseif ( ! $test_plugins_enabled && $plugin_filter_present ) { 2427 return (object) array( 2428 'status' => 'recommended', 2429 'message' => __( 'Auto-updates for plugins appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ), 2430 ); 2431 } elseif ( ! $test_themes_enabled && $theme_filter_present ) { 2432 return (object) array( 2433 'status' => 'recommended', 2434 'message' => __( 'Auto-updates for themes appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ), 2435 ); 2436 } 2437 2438 return (object) array( 2439 'status' => 'good', 2440 'message' => __( 'There appear to be no issues with plugin and theme auto-updates.' ), 2441 ); 2442 } 2443 2444 /** 2445 * Run a loopback test on our site. 2446 * 2447 * Loopbacks are what WordPress uses to communicate with itself to start up WP_Cron, scheduled posts, 2448 * make sure plugin or theme edits don't cause site failures and similar. 2449 * 2450 * @since 5.2.0 2451 * 2452 * @return object The test results. 2453 */ 2454 function can_perform_loopback() { 2455 $cookies = wp_unslash( $_COOKIE ); 2456 $timeout = 10; 2457 $headers = array( 2458 'Cache-Control' => 'no-cache', 2459 ); 2460 /** This filter is documented in wp-includes/class-wp-http-streams.php */ 2461 $sslverify = apply_filters( 'https_local_ssl_verify', false ); 2462 2463 // Include Basic auth in loopback requests. 2464 if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { 2465 $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); 2466 } 2467 2468 $url = admin_url(); 2469 2470 $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) ); 2471 2472 if ( is_wp_error( $r ) ) { 2473 return (object) array( 2474 'status' => 'critical', 2475 'message' => sprintf( 2476 '%s<br>%s', 2477 __( 'The loopback request to your site failed, this means features relying on them are not currently working as expected.' ), 2478 sprintf( 2479 /* translators: 1: The WordPress error message. 2: The WordPress error code. */ 2480 __( 'Error: %1$s (%2$s)' ), 2481 $r->get_error_message(), 2482 $r->get_error_code() 2483 ) 2484 ), 2485 ); 2486 } 2487 2488 if ( 200 !== wp_remote_retrieve_response_code( $r ) ) { 2489 return (object) array( 2490 'status' => 'recommended', 2491 'message' => sprintf( 2492 /* translators: %d: The HTTP response code returned. */ 2493 __( 'The loopback request returned an unexpected http status code, %d, it was not possible to determine if this will prevent features from working as expected.' ), 2494 wp_remote_retrieve_response_code( $r ) 2495 ), 2496 ); 2497 } 2498 2499 return (object) array( 2500 'status' => 'good', 2501 'message' => __( 'The loopback request to your site completed successfully.' ), 2502 ); 2503 } 2504 2505 /** 2506 * Create a weekly cron event, if one does not already exist. 2507 * 2508 * @since 5.4.0 2509 */ 2510 public function maybe_create_scheduled_event() { 2511 if ( ! wp_next_scheduled( 'wp_site_health_scheduled_check' ) && ! wp_installing() ) { 2512 wp_schedule_event( time() + DAY_IN_SECONDS, 'weekly', 'wp_site_health_scheduled_check' ); 2513 } 2514 } 2515 2516 /** 2517 * Run our scheduled event to check and update the latest site health status for the website. 2518 * 2519 * @since 5.4.0 2520 */ 2521 public function wp_cron_scheduled_check() { 2522 // Bootstrap wp-admin, as WP_Cron doesn't do this for us. 2523 require_once trailingslashit( ABSPATH ) . 'wp-admin/includes/admin.php'; 2524 2525 $tests = WP_Site_Health::get_tests(); 2526 2527 $results = array(); 2528 2529 $site_status = array( 2530 'good' => 0, 2531 'recommended' => 0, 2532 'critical' => 0, 2533 ); 2534 2535 // Don't run https test on development environments. 2536 if ( $this->is_development_environment() ) { 2537 unset( $tests['direct']['https_status'] ); 2538 } 2539 2540 foreach ( $tests['direct'] as $test ) { 2541 2542 if ( is_string( $test['test'] ) ) { 2543 $test_function = sprintf( 2544 'get_test_%s', 2545 $test['test'] 2546 ); 2547 2548 if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) { 2549 $results[] = $this->perform_test( array( $this, $test_function ) ); 2550 continue; 2551 } 2552 } 2553 2554 if ( is_callable( $test['test'] ) ) { 2555 $results[] = $this->perform_test( $test['test'] ); 2556 } 2557 } 2558 2559 foreach ( $tests['async'] as $test ) { 2560 // Local endpoints may require authentication, so asynchronous tests can pass a direct test runner as well. 2561 if ( ! empty( $test['async_direct_test'] ) && is_callable( $test['async_direct_test'] ) ) { 2562 // This test is callable, do so and continue to the next asynchronous check. 2563 $results[] = $this->perform_test( $test['async_direct_test'] ); 2564 continue; 2565 } 2566 2567 if ( is_string( $test['test'] ) ) { 2568 // Check if this test has a REST API endpoint. 2569 if ( isset( $test['has_rest'] ) && $test['has_rest'] ) { 2570 $result_fetch = wp_remote_get( 2571 $test['test'], 2572 array( 2573 'body' => array( 2574 '_wpnonce' => wp_create_nonce( 'wp_rest' ), 2575 ), 2576 ) 2577 ); 2578 } else { 2579 $result_fetch = wp_remote_post( 2580 admin_url( 'admin-ajax.php' ), 2581 array( 2582 'body' => array( 2583 'action' => $test['test'], 2584 '_wpnonce' => wp_create_nonce( 'health-check-site-status' ), 2585 ), 2586 ) 2587 ); 2588 } 2589 2590 if ( ! is_wp_error( $result_fetch ) && 200 === wp_remote_retrieve_response_code( $result_fetch ) ) { 2591 $result = json_decode( wp_remote_retrieve_body( $result_fetch ), true ); 2592 } else { 2593 $result = false; 2594 } 2595 2596 if ( is_array( $result ) ) { 2597 $results[] = $result; 2598 } else { 2599 $results[] = array( 2600 'status' => 'recommended', 2601 'label' => __( 'A test is unavailable' ), 2602 ); 2603 } 2604 } 2605 } 2606 2607 foreach ( $results as $result ) { 2608 if ( 'critical' === $result['status'] ) { 2609 $site_status['critical']++; 2610 } elseif ( 'recommended' === $result['status'] ) { 2611 $site_status['recommended']++; 2612 } else { 2613 $site_status['good']++; 2614 } 2615 } 2616 2617 set_transient( 'health-check-site-status-result', wp_json_encode( $site_status ) ); 2618 } 2619 2620 /** 2621 * Checks if the current environment type is set to 'development' or 'local'. 2622 * 2623 * @since 5.6.0 2624 * 2625 * @return bool True if it is a development environment, false if not. 2626 */ 2627 public function is_development_environment() { 2628 return in_array( wp_get_environment_type(), array( 'development', 'local' ), true ); 2629 } 2630 2631 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated : Mon Oct 26 08:20:01 2020 | Cross-referenced by PHPXref |