|
1 <?php |
|
2 /** |
|
3 * Class for testing automatic updates in the WordPress code. |
|
4 * |
|
5 * @package WordPress |
|
6 * @subpackage Site_Health |
|
7 * @since 5.2.0 |
|
8 */ |
|
9 |
|
10 class WP_Site_Health_Auto_Updates { |
|
11 /** |
|
12 * WP_Site_Health_Auto_Updates constructor. |
|
13 * @since 5.2.0 |
|
14 */ |
|
15 public function __construct() { |
|
16 include_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; |
|
17 } |
|
18 |
|
19 |
|
20 /** |
|
21 * Run tests to determine if auto-updates can run. |
|
22 * |
|
23 * @since 5.2.0 |
|
24 * |
|
25 * @return array The test results. |
|
26 */ |
|
27 public function run_tests() { |
|
28 $tests = array( |
|
29 $this->test_constants( 'DISALLOW_FILE_MODS', false ), |
|
30 $this->test_constants( 'AUTOMATIC_UPDATER_DISABLED', false ), |
|
31 $this->test_constants( 'WP_AUTO_UPDATE_CORE', true ), |
|
32 $this->test_wp_version_check_attached(), |
|
33 $this->test_filters_automatic_updater_disabled(), |
|
34 $this->test_if_failed_update(), |
|
35 $this->test_vcs_abspath(), |
|
36 $this->test_check_wp_filesystem_method(), |
|
37 $this->test_all_files_writable(), |
|
38 $this->test_accepts_dev_updates(), |
|
39 $this->test_accepts_minor_updates(), |
|
40 ); |
|
41 |
|
42 $tests = array_filter( $tests ); |
|
43 $tests = array_map( |
|
44 function( $test ) { |
|
45 $test = (object) $test; |
|
46 |
|
47 if ( empty( $test->severity ) ) { |
|
48 $test->severity = 'warning'; |
|
49 } |
|
50 |
|
51 return $test; |
|
52 }, |
|
53 $tests |
|
54 ); |
|
55 |
|
56 return $tests; |
|
57 } |
|
58 |
|
59 /** |
|
60 * Test if auto-updates related constants are set correctly. |
|
61 * |
|
62 * @since 5.2.0 |
|
63 * |
|
64 * @param string $constant The name of the constant to check. |
|
65 * @param bool $value The value that the constant should be, if set. |
|
66 * @return array The test results. |
|
67 */ |
|
68 public function test_constants( $constant, $value ) { |
|
69 if ( defined( $constant ) && constant( $constant ) != $value ) { |
|
70 return array( |
|
71 'description' => sprintf( |
|
72 /* translators: %s: Name of the constant used. */ |
|
73 __( 'The %s constant is defined and enabled.' ), |
|
74 "<code>$constant</code>" |
|
75 ), |
|
76 'severity' => 'fail', |
|
77 ); |
|
78 } |
|
79 } |
|
80 |
|
81 /** |
|
82 * Check if updates are intercepted by a filter. |
|
83 * |
|
84 * @since 5.2.0 |
|
85 * |
|
86 * @return array The test results. |
|
87 */ |
|
88 public function test_wp_version_check_attached() { |
|
89 if ( ! is_main_site() ) { |
|
90 return; |
|
91 } |
|
92 |
|
93 $cookies = wp_unslash( $_COOKIE ); |
|
94 $timeout = 10; |
|
95 $headers = array( |
|
96 'Cache-Control' => 'no-cache', |
|
97 ); |
|
98 |
|
99 // Include Basic auth in loopback requests. |
|
100 if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { |
|
101 $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); |
|
102 } |
|
103 |
|
104 $url = add_query_arg( |
|
105 array( |
|
106 'health-check-test-wp_version_check' => true, |
|
107 ), |
|
108 admin_url( 'site-health.php' ) |
|
109 ); |
|
110 |
|
111 $test = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout' ) ); |
|
112 |
|
113 if ( is_wp_error( $test ) ) { |
|
114 return array( |
|
115 'description' => sprintf( |
|
116 /* translators: %s: Name of the filter used. */ |
|
117 __( 'Could not confirm that the %s filter is available.' ), |
|
118 '<code>wp_version_check()</code>' |
|
119 ), |
|
120 'severity' => 'warning', |
|
121 ); |
|
122 } |
|
123 |
|
124 $response = wp_remote_retrieve_body( $test ); |
|
125 |
|
126 if ( 'yes' !== $response ) { |
|
127 return array( |
|
128 'description' => sprintf( |
|
129 /* translators: %s: Name of the filter used. */ |
|
130 __( 'A plugin has prevented updates by disabling %s.' ), |
|
131 '<code>wp_version_check()</code>' |
|
132 ), |
|
133 'severity' => 'fail', |
|
134 ); |
|
135 } |
|
136 } |
|
137 |
|
138 /** |
|
139 * Check if automatic updates are disabled by a filter. |
|
140 * |
|
141 * @since 5.2.0 |
|
142 * |
|
143 * @return array The test results. |
|
144 */ |
|
145 public function test_filters_automatic_updater_disabled() { |
|
146 if ( apply_filters( 'automatic_updater_disabled', false ) ) { |
|
147 return array( |
|
148 'description' => sprintf( |
|
149 /* translators: %s: Name of the filter used. */ |
|
150 __( 'The %s filter is enabled.' ), |
|
151 '<code>automatic_updater_disabled</code>' |
|
152 ), |
|
153 'severity' => 'fail', |
|
154 ); |
|
155 } |
|
156 } |
|
157 |
|
158 /** |
|
159 * Check if automatic updates have tried to run, but failed, previously. |
|
160 * |
|
161 * @since 5.2.0 |
|
162 * |
|
163 * @return array|bool The test results. false if the auto updates failed. |
|
164 */ |
|
165 function test_if_failed_update() { |
|
166 $failed = get_site_option( 'auto_core_update_failed' ); |
|
167 |
|
168 if ( ! $failed ) { |
|
169 return false; |
|
170 } |
|
171 |
|
172 if ( ! empty( $failed['critical'] ) ) { |
|
173 $description = __( 'A previous automatic background update ended with a critical failure, so updates are now disabled.' ); |
|
174 $description .= ' ' . __( 'You would have received an email because of this.' ); |
|
175 $description .= ' ' . __( "When you've been able to update using the \"Update Now\" button on Dashboard > Updates, we'll clear this error for future update attempts." ); |
|
176 $description .= ' ' . sprintf( |
|
177 /* translators: %s: Code of error shown. */ |
|
178 __( 'The error code was %s.' ), |
|
179 '<code>' . $failed['error_code'] . '</code>' |
|
180 ); |
|
181 return array( |
|
182 'description' => $description, |
|
183 'severity' => 'warning', |
|
184 ); |
|
185 } |
|
186 |
|
187 $description = __( 'A previous automatic background update could not occur.' ); |
|
188 if ( empty( $failed['retry'] ) ) { |
|
189 $description .= ' ' . __( 'You would have received an email because of this.' ); |
|
190 } |
|
191 |
|
192 $description .= ' ' . __( "We'll try again with the next release." ); |
|
193 $description .= ' ' . sprintf( |
|
194 /* translators: %s: Code of error shown. */ |
|
195 __( 'The error code was %s.' ), |
|
196 '<code>' . $failed['error_code'] . '</code>' |
|
197 ); |
|
198 return array( |
|
199 'description' => $description, |
|
200 'severity' => 'warning', |
|
201 ); |
|
202 } |
|
203 |
|
204 /** |
|
205 * Check if WordPress is controlled by a VCS (Git, Subversion etc). |
|
206 * |
|
207 * @since 5.2.0 |
|
208 * |
|
209 * @return array The test results. |
|
210 */ |
|
211 public function test_vcs_abspath() { |
|
212 $context_dirs = array( ABSPATH ); |
|
213 $vcs_dirs = array( '.svn', '.git', '.hg', '.bzr' ); |
|
214 $check_dirs = array(); |
|
215 |
|
216 foreach ( $context_dirs as $context_dir ) { |
|
217 // Walk up from $context_dir to the root. |
|
218 do { |
|
219 $check_dirs[] = $context_dir; |
|
220 |
|
221 // Once we've hit '/' or 'C:\', we need to stop. dirname will keep returning the input here. |
|
222 if ( dirname( $context_dir ) == $context_dir ) { |
|
223 break; |
|
224 } |
|
225 |
|
226 // Continue one level at a time. |
|
227 } while ( $context_dir = dirname( $context_dir ) ); |
|
228 } |
|
229 |
|
230 $check_dirs = array_unique( $check_dirs ); |
|
231 |
|
232 // Search all directories we've found for evidence of version control. |
|
233 foreach ( $vcs_dirs as $vcs_dir ) { |
|
234 foreach ( $check_dirs as $check_dir ) { |
|
235 // phpcs:ignore |
|
236 if ( $checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" ) ) { |
|
237 break 2; |
|
238 } |
|
239 } |
|
240 } |
|
241 |
|
242 if ( $checkout && ! apply_filters( 'automatic_updates_is_vcs_checkout', true, ABSPATH ) ) { |
|
243 return array( |
|
244 'description' => sprintf( |
|
245 // translators: 1: Folder name. 2: Version control directory. 3: Filter name. |
|
246 __( 'The folder %1$s was detected as being under version control (%2$s), but the %3$s filter is allowing updates.' ), |
|
247 '<code>' . $check_dir . '</code>', |
|
248 "<code>$vcs_dir</code>", |
|
249 '<code>automatic_updates_is_vcs_checkout</code>' |
|
250 ), |
|
251 'severity' => 'info', |
|
252 ); |
|
253 } |
|
254 |
|
255 if ( $checkout ) { |
|
256 return array( |
|
257 'description' => sprintf( |
|
258 // translators: 1: Folder name. 2: Version control directory. |
|
259 __( 'The folder %1$s was detected as being under version control (%2$s).' ), |
|
260 '<code>' . $check_dir . '</code>', |
|
261 "<code>$vcs_dir</code>" |
|
262 ), |
|
263 'severity' => 'fail', |
|
264 ); |
|
265 } |
|
266 |
|
267 return array( |
|
268 'description' => __( 'No version control systems were detected.' ), |
|
269 'severity' => 'pass', |
|
270 ); |
|
271 } |
|
272 |
|
273 /** |
|
274 * Check if we can access files without providing credentials. |
|
275 * |
|
276 * @since 5.2.0 |
|
277 * |
|
278 * @return array The test results. |
|
279 */ |
|
280 function test_check_wp_filesystem_method() { |
|
281 $skin = new Automatic_Upgrader_Skin; |
|
282 $success = $skin->request_filesystem_credentials( false, ABSPATH ); |
|
283 |
|
284 if ( ! $success ) { |
|
285 $description = __( 'Your installation of WordPress prompts for FTP credentials to perform updates.' ); |
|
286 $description .= ' ' . __( '(Your site is performing updates over FTP due to file ownership. Talk to your hosting company.)' ); |
|
287 |
|
288 return array( |
|
289 'description' => $description, |
|
290 'severity' => 'fail', |
|
291 ); |
|
292 } |
|
293 |
|
294 return array( |
|
295 'description' => __( "Your installation of WordPress doesn't require FTP credentials to perform updates." ), |
|
296 'severity' => 'pass', |
|
297 ); |
|
298 } |
|
299 |
|
300 /** |
|
301 * Check if core files are writable by the web user/group. |
|
302 * |
|
303 * @since 5.2.0 |
|
304 * |
|
305 * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. |
|
306 * |
|
307 * @return array|bool The test results. false if they're not writeable. |
|
308 */ |
|
309 function test_all_files_writable() { |
|
310 global $wp_filesystem; |
|
311 |
|
312 include ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z |
|
313 |
|
314 $skin = new Automatic_Upgrader_Skin; |
|
315 $success = $skin->request_filesystem_credentials( false, ABSPATH ); |
|
316 |
|
317 if ( ! $success ) { |
|
318 return false; |
|
319 } |
|
320 |
|
321 WP_Filesystem(); |
|
322 |
|
323 if ( 'direct' != $wp_filesystem->method ) { |
|
324 return false; |
|
325 } |
|
326 |
|
327 $checksums = get_core_checksums( $wp_version, 'en_US' ); |
|
328 $dev = ( false !== strpos( $wp_version, '-' ) ); |
|
329 // Get the last stable version's files and test against that |
|
330 if ( ! $checksums && $dev ) { |
|
331 $checksums = get_core_checksums( (float) $wp_version - 0.1, 'en_US' ); |
|
332 } |
|
333 |
|
334 // There aren't always checksums for development releases, so just skip the test if we still can't find any |
|
335 if ( ! $checksums && $dev ) { |
|
336 return false; |
|
337 } |
|
338 |
|
339 if ( ! $checksums ) { |
|
340 $description = sprintf( |
|
341 // translators: %s: WordPress version |
|
342 __( "Couldn't retrieve a list of the checksums for WordPress %s." ), |
|
343 $wp_version |
|
344 ); |
|
345 $description .= ' ' . __( 'This could mean that connections are failing to WordPress.org.' ); |
|
346 return array( |
|
347 'description' => $description, |
|
348 'severity' => 'warning', |
|
349 ); |
|
350 } |
|
351 |
|
352 $unwritable_files = array(); |
|
353 foreach ( array_keys( $checksums ) as $file ) { |
|
354 if ( 'wp-content' == substr( $file, 0, 10 ) ) { |
|
355 continue; |
|
356 } |
|
357 if ( ! file_exists( ABSPATH . $file ) ) { |
|
358 continue; |
|
359 } |
|
360 if ( ! is_writable( ABSPATH . $file ) ) { |
|
361 $unwritable_files[] = $file; |
|
362 } |
|
363 } |
|
364 |
|
365 if ( $unwritable_files ) { |
|
366 if ( count( $unwritable_files ) > 20 ) { |
|
367 $unwritable_files = array_slice( $unwritable_files, 0, 20 ); |
|
368 $unwritable_files[] = '...'; |
|
369 } |
|
370 return array( |
|
371 'description' => __( 'Some files are not writable by WordPress:' ) . ' <ul><li>' . implode( '</li><li>', $unwritable_files ) . '</li></ul>', |
|
372 'severity' => 'fail', |
|
373 ); |
|
374 } else { |
|
375 return array( |
|
376 'description' => __( 'All of your WordPress files are writable.' ), |
|
377 'severity' => 'pass', |
|
378 ); |
|
379 } |
|
380 } |
|
381 |
|
382 /** |
|
383 * Check if the install is using a development branch and can use nightly packages. |
|
384 * |
|
385 * @since 5.2.0 |
|
386 * |
|
387 * @return array|bool The test results. false if it isn't a development version. |
|
388 */ |
|
389 function test_accepts_dev_updates() { |
|
390 include ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z |
|
391 // Only for dev versions |
|
392 if ( false === strpos( $wp_version, '-' ) ) { |
|
393 return false; |
|
394 } |
|
395 |
|
396 if ( defined( 'WP_AUTO_UPDATE_CORE' ) && ( 'minor' === WP_AUTO_UPDATE_CORE || false === WP_AUTO_UPDATE_CORE ) ) { |
|
397 return array( |
|
398 'description' => sprintf( |
|
399 /* translators: %s: Name of the constant used. */ |
|
400 __( 'WordPress development updates are blocked by the %s constant.' ), |
|
401 '<code>WP_AUTO_UPDATE_CORE</code>' |
|
402 ), |
|
403 'severity' => 'fail', |
|
404 ); |
|
405 } |
|
406 |
|
407 if ( ! apply_filters( 'allow_dev_auto_core_updates', $wp_version ) ) { |
|
408 return array( |
|
409 'description' => sprintf( |
|
410 /* translators: %s: Name of the filter used. */ |
|
411 __( 'WordPress development updates are blocked by the %s filter.' ), |
|
412 '<code>allow_dev_auto_core_updates</code>' |
|
413 ), |
|
414 'severity' => 'fail', |
|
415 ); |
|
416 } |
|
417 } |
|
418 |
|
419 /** |
|
420 * Check if the site supports automatic minor updates. |
|
421 * |
|
422 * @since 5.2.0 |
|
423 * |
|
424 * @return array The test results. |
|
425 */ |
|
426 function test_accepts_minor_updates() { |
|
427 if ( defined( 'WP_AUTO_UPDATE_CORE' ) && false === WP_AUTO_UPDATE_CORE ) { |
|
428 return array( |
|
429 'description' => sprintf( |
|
430 /* translators: %s: Name of the constant used. */ |
|
431 __( 'WordPress security and maintenance releases are blocked by %s.' ), |
|
432 "<code>define( 'WP_AUTO_UPDATE_CORE', false );</code>" |
|
433 ), |
|
434 'severity' => 'fail', |
|
435 ); |
|
436 } |
|
437 |
|
438 if ( ! apply_filters( 'allow_minor_auto_core_updates', true ) ) { |
|
439 return array( |
|
440 'description' => sprintf( |
|
441 /* translators: %s: Name of the filter used. */ |
|
442 __( 'WordPress security and maintenance releases are blocked by the %s filter.' ), |
|
443 '<code>allow_minor_auto_core_updates</code>' |
|
444 ), |
|
445 'severity' => 'fail', |
|
446 ); |
|
447 } |
|
448 } |
|
449 } |