enmi-conf.org: comparison wp/wp-admin/includes/class-wp-automatic-updater.php

equal deleted inserted replaced

-:7b1b88e27a20
+:48c4eec2b7e6
 * Core class used for handling automatic background updates.
 *
 * @since 3.7.0
 * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php.
 */
+#[AllowDynamicProperties]
 class WP_Automatic_Updater {
 	/**
 	 * Tracks update results during processing.
 	 *
 	/**
 	 * Determines whether the entire automatic updater is disabled.
 	 *
 	 * @since 3.7.0
+	 *
+	 * @return bool True if the automatic updater is disabled, false otherwise.
 	 */
 	public function is_disabled() {
 		// Background updates are disabled if you don't want file changes.
 		if ( ! wp_is_file_mod_allowed( 'automatic_updater' ) ) {
 			return true;
 		 * @since 3.7.0
 		 *
 		 * @param bool $disabled Whether the updater should be disabled.
 		 */
 		return apply_filters( 'automatic_updater_disabled', $disabled );
+	}
+	/**
+	 * Checks whether access to a given directory is allowed.
+	 *
+	 * This is used when detecting version control checkouts. Takes into account
+	 * the PHP `open_basedir` restrictions, so that WordPress does not try to access
+	 * directories it is not allowed to.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $dir The directory to check.
+	 * @return bool True if access to the directory is allowed, false otherwise.
+	 */
+	public function is_allowed_dir( $dir ) {
+		if ( is_string( $dir ) ) {
+			$dir = trim( $dir );
+		}
+		if ( ! is_string( $dir ) || '' === $dir ) {
+			_doing_it_wrong(
+				__METHOD__,
+				sprintf(
+					/* translators: %s: The "$dir" argument. */
+					__( 'The "%s" argument must be a non-empty string.' ),
+					'$dir'
+				),
+				'6.2.0'
+			);
+			return false;
+		}
+		$open_basedir = ini_get( 'open_basedir' );
+		if ( empty( $open_basedir ) ) {
+			return true;
+		}
+		$open_basedir_list = explode( PATH_SEPARATOR, $open_basedir );
+		foreach ( $open_basedir_list as $basedir ) {
+			if ( '' !== trim( $basedir ) && str_starts_with( $dir, $basedir ) ) {
+				return true;
+			}
+		}
+		return false;
 	}
 	/**
 	 * Checks for version control checkouts.
 	 *
 				// Continue one level at a time.
 			} while ( $context_dir = dirname( $context_dir ) );
 		}
 		$check_dirs = array_unique( $check_dirs );
+		$checkout   = false;
 		// Search all directories we've found for evidence of version control.
 		foreach ( $vcs_dirs as $vcs_dir ) {
 			foreach ( $check_dirs as $check_dir ) {
-				$checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" );
+				if ( ! $this->is_allowed_dir( $check_dir ) ) {
+					continue;
+				}
+				$checkout = is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" );
 				if ( $checkout ) {
 					break 2;
 				}
 			}
 		}
 	 *                        access and status should be checked.
 	 * @return bool True if the item should be updated, false otherwise.
 	 */
 	public function should_update( $type, $item, $context ) {
 		// Used to see if WP_Filesystem is set up to allow unattended updates.
-		$skin = new Automatic_Upgrader_Skin;
+		$skin = new Automatic_Upgrader_Skin();
 		if ( $this->is_disabled() ) {
 			return false;
 		}
 			$update = ! empty( $item->autoupdate );
 		}
 		// If the `disable_autoupdate` flag is set, override any user-choice, but allow filters.
 		if ( ! empty( $item->disable_autoupdate ) ) {
-			$update = $item->disable_autoupdate;
+			$update = false;
 		}
 		/**
 		 * Filters whether to automatically update core, a plugin, a theme, or a language.
 		 *
 		// If it's a core update, are we actually compatible with its requirements?
 		if ( 'core' === $type ) {
 			global $wpdb;
-			$php_compat = version_compare( phpversion(), $item->php_version, '>=' );
+			$php_compat = version_compare( PHP_VERSION, $item->php_version, '>=' );
 			if ( file_exists( WP_CONTENT_DIR . '/db.php' ) && empty( $wpdb->is_mysql ) ) {
 				$mysql_compat = true;
 			} else {
 				$mysql_compat = version_compare( $wpdb->db_version(), $item->mysql_version, '>=' );
 			}
 			}
 		}
 		// If updating a plugin or theme, ensure the minimum PHP version requirements are satisfied.
 		if ( in_array( $type, array( 'plugin', 'theme' ), true ) ) {
-			if ( ! empty( $item->requires_php ) && version_compare( phpversion(), $item->requires_php, '<' ) ) {
+			if ( ! empty( $item->requires_php ) && version_compare( PHP_VERSION, $item->requires_php, '<' ) ) {
 				return false;
 			}
 		}
 		return true;
 	 * @param string $type The type of update being checked: 'core', 'theme', 'plugin', 'translation'.
 	 * @param object $item The update offer.
 	 * @return null|WP_Error
 	 */
 	public function update( $type, $item ) {
-		$skin = new Automatic_Upgrader_Skin;
+		$skin = new Automatic_Upgrader_Skin();
 		switch ( $type ) {
 			case 'core':
 				// The Core upgrader doesn't use the Upgrader's skin during the actual main part of the upgrade, instead, firing a filter.
 				add_filter( 'update_feedback', array( $skin, 'feedback' ) );
 		$allow_relaxed_file_ownership = false;
 		if ( 'core' === $type && isset( $item->new_files ) && ! $item->new_files ) {
 			$allow_relaxed_file_ownership = true;
 		}
+		$is_debug = WP_DEBUG && WP_DEBUG_LOG;
+		if ( 'plugin' === $type ) {
+			$was_active = is_plugin_active( $upgrader_item );
+			if ( $is_debug ) {
+				error_log( '    Upgrading plugin ' . var_export( $item->slug, true ) . '...' );
+			}
+		}
+		if ( 'theme' === $type && $is_debug ) {
+			error_log( '    Upgrading theme ' . var_export( $item->theme, true ) . '...' );
+		}
+		/*
+		 * Enable maintenance mode before upgrading the plugin or theme.
+		 *
+		 * This avoids potential non-fatal errors being detected
+		 * while scraping for a fatal error if some files are still
+		 * being moved.
+		 *
+		 * While these checks are intended only for plugins,
+		 * maintenance mode is enabled for all upgrade types as any
+		 * update could contain an error or warning, which could cause
+		 * the scrape to miss a fatal error in the plugin update.
+		 */
+		if ( 'translation' !== $type ) {
+			$upgrader->maintenance_mode( true );
+		}
 		// Boom, this site's about to get a whole new splash of paint!
 		$upgrade_result = $upgrader->upgrade(
 			$upgrader_item,
 			array(
 				'clear_update_cache'           => false,
 				// Allow relaxed file ownership in some scenarios.
 				'allow_relaxed_file_ownership' => $allow_relaxed_file_ownership,
 			)
 		);
+		/*
+		 * After WP_Upgrader::upgrade() completes, maintenance mode is disabled.
+		 *
+		 * Re-enable maintenance mode while attempting to detect fatal errors
+		 * and potentially rolling back.
+		 *
+		 * This avoids errors if the site is visited while fatal errors exist
+		 * or while files are still being moved.
+		 */
+		if ( 'translation' !== $type ) {
+			$upgrader->maintenance_mode( true );
+		}
 		// If the filesystem is unavailable, false is returned.
 		if ( false === $upgrade_result ) {
 			$upgrade_result = new WP_Error( 'fs_unavailable', __( 'Could not access filesystem.' ) );
 		}
 		if ( 'core' === $type ) {
 			if ( is_wp_error( $upgrade_result )
 				&& ( 'up_to_date' === $upgrade_result->get_error_code()
 					|| 'locked' === $upgrade_result->get_error_code() )
 			) {
-				// These aren't actual errors, treat it as a skipped-update instead
+				// Allow visitors to browse the site again.
-				// to avoid triggering the post-core update failure routines.
+				$upgrader->maintenance_mode( false );
+				/*
+				 * These aren't actual errors, treat it as a skipped-update instead
+				 * to avoid triggering the post-core update failure routines.
+				 */
 				return false;
 			}
 			// Core doesn't output this, so let's append it, so we don't get confused.
 			if ( is_wp_error( $upgrade_result ) ) {
 			} else {
 				$skin->feedback( __( 'WordPress updated successfully.' ) );
 			}
 		}
+		$is_debug = WP_DEBUG && WP_DEBUG_LOG;
+		if ( 'theme' === $type && $is_debug ) {
+			error_log( '    Theme ' . var_export( $item->theme, true ) . ' has been upgraded.' );
+		}
+		if ( 'plugin' === $type ) {
+			if ( $is_debug ) {
+				error_log( '    Plugin ' . var_export( $item->slug, true ) . ' has been upgraded.' );
+				if ( is_plugin_inactive( $upgrader_item ) ) {
+					error_log( '    ' . var_export( $upgrader_item, true ) . ' is inactive and will not be checked for fatal errors.' );
+				}
+			}
+			if ( $was_active && ! is_wp_error( $upgrade_result ) ) {
+				/*
+				 * The usual time limit is five minutes. However, as a loopback request
+				 * is about to be performed, increase the time limit to account for this.
+				 */
+				if ( function_exists( 'set_time_limit' ) ) {
+					set_time_limit( 10 * MINUTE_IN_SECONDS );
+				}
+				/*
+				 * Avoids a race condition when there are 2 sequential plugins that have
+				 * fatal errors. It seems a slight delay is required for the loopback to
+				 * use the updated plugin code in the request. This can cause the second
+				 * plugin's fatal error checking to be inaccurate, and may also affect
+				 * subsequent plugin checks.
+				 */
+				sleep( 2 );
+				if ( $this->has_fatal_error() ) {
+					$upgrade_result = new WP_Error();
+					$temp_backup    = array(
+						array(
+							'dir'  => 'plugins',
+							'slug' => $item->slug,
+							'src'  => WP_PLUGIN_DIR,
+						),
+					);
+					$backup_restored = $upgrader->restore_temp_backup( $temp_backup );
+					if ( is_wp_error( $backup_restored ) ) {
+						$upgrade_result->add(
+							'plugin_update_fatal_error_rollback_failed',
+							sprintf(
+								/* translators: %s: The plugin's slug. */
+								__( "The update for '%s' contained a fatal error. The previously installed version could not be restored." ),
+								$item->slug
+							)
+						);
+						$upgrade_result->merge_from( $backup_restored );
+					} else {
+						$upgrade_result->add(
+							'plugin_update_fatal_error_rollback_successful',
+							sprintf(
+								/* translators: %s: The plugin's slug. */
+								__( "The update for '%s' contained a fatal error. The previously installed version has been restored." ),
+								$item->slug
+							)
+						);
+						$backup_deleted = $upgrader->delete_temp_backup( $temp_backup );
+						if ( is_wp_error( $backup_deleted ) ) {
+							$upgrade_result->merge_from( $backup_deleted );
+						}
+					}
+					/*
+					 * Should emails not be working, log the message(s) so that
+					 * the log file contains context for the fatal error,
+					 * and whether a rollback was performed.
+					 *
+					 * `trigger_error()` is not used as it outputs a stack trace
+					 * to this location rather than to the fatal error, which will
+					 * appear above this entry in the log file.
+					 */
+					if ( $is_debug ) {
+						error_log( '    ' . implode( "\n", $upgrade_result->get_error_messages() ) );
+					}
+				} elseif ( $is_debug ) {
+					error_log( '    The update for ' . var_export( $item->slug, true ) . ' has no fatal errors.' );
+				}
+			}
+		}
+		// All processes are complete. Allow visitors to browse the site again.
+		if ( 'translation' !== $type ) {
+			$upgrader->maintenance_mode( false );
+		}
 		$this->update_results[ $type ][] = (object) array(
 			'item'     => $item,
 			'result'   => $upgrade_result,
 			'name'     => $item_name,
 			'messages' => $skin->get_upgrade_messages(),
 		if ( ! WP_Upgrader::create_lock( 'auto_updater' ) ) {
 			return;
 		}
+		$is_debug = WP_DEBUG && WP_DEBUG_LOG;
+		if ( $is_debug ) {
+			error_log( 'Automatic updates starting...' );
+		}
 		// Don't automatically run these things, as we'll handle it ourselves.
 		remove_action( 'upgrader_process_complete', array( 'Language_Pack_Upgrader', 'async_upgrade' ), 20 );
 		remove_action( 'upgrader_process_complete', 'wp_version_check' );
 		remove_action( 'upgrader_process_complete', 'wp_update_plugins' );
 		remove_action( 'upgrader_process_complete', 'wp_update_themes' );
 		// Next, plugins.
 		wp_update_plugins(); // Check for plugin updates.
 		$plugin_updates = get_site_transient( 'update_plugins' );
 		if ( $plugin_updates && ! empty( $plugin_updates->response ) ) {
+			if ( $is_debug ) {
+				error_log( '  Automatic plugin updates starting...' );
+			}
 			foreach ( $plugin_updates->response as $plugin ) {
 				$this->update( 'plugin', $plugin );
 			}
 			// Force refresh of plugin update information.
 			wp_clean_plugins_cache();
+			if ( $is_debug ) {
+				error_log( '  Automatic plugin updates complete.' );
+			}
 		}
 		// Next, those themes we all love.
 		wp_update_themes();  // Check for theme updates.
 		$theme_updates = get_site_transient( 'update_themes' );
 		if ( $theme_updates && ! empty( $theme_updates->response ) ) {
+			if ( $is_debug ) {
+				error_log( '  Automatic theme updates starting...' );
+			}
 			foreach ( $theme_updates->response as $theme ) {
 				$this->update( 'theme', (object) $theme );
 			}
 			// Force refresh of theme update information.
 			wp_clean_themes_cache();
+			if ( $is_debug ) {
+				error_log( '  Automatic theme updates complete.' );
+			}
+		}
+		if ( $is_debug ) {
+			error_log( 'Automatic updates complete.' );
 		}
 		// Next, process any core update.
 		wp_version_check(); // Check for core updates.
 		$core_update = find_core_auto_update();
 		if ( $core_update ) {
 			$this->update( 'core', $core_update );
 		}
-		// Clean up, and check for any pending translations.
+		/*
-		// (Core_Upgrader checks for core updates.)
+		 * Clean up, and check for any pending translations.
+		 * (Core_Upgrader checks for core updates.)
+		 */
 		$theme_stats = array();
 		if ( isset( $this->update_results['theme'] ) ) {
 			foreach ( $this->update_results['theme'] as $upgrade ) {
 				$theme_stats[ $upgrade->item->theme ] = ( true === $upgrade->result );
 			}
 			wp_update_plugins(); // Check for plugin updates.
 		}
 		// Send debugging email to admin for all development installations.
 		if ( ! empty( $this->update_results ) ) {
-			$development_version = false !== strpos( get_bloginfo( 'version' ), '-' );
+			$development_version = str_contains( get_bloginfo( 'version' ), '-' );
 			/**
 			 * Filters whether to send a debugging email for each automatic background update.
 			 *
 			 * @since 3.7.0
 		WP_Upgrader::release_lock( 'auto_updater' );
 	}
 	/**
-	 * If we tried to perform a core update, check if we should send an email,
+	 * Checks whether to send an email and avoid processing future updates after
-	 * and if we need to avoid processing future updates.
+	 * attempting a core update.
 	 *
 	 * @since 3.7.0
 	 *
 	 * @param object $update_result The result of the core update. Includes the update offer and result.
 	 */
 			return;
 		}
 		$error_code = $result->get_error_code();
-		// Any of these WP_Error codes are critical failures, as in they occurred after we started to copy core files.
+		/*
-		// We should not try to perform a background update again until there is a successful one-click update performed by the user.
+		 * Any of these WP_Error codes are critical failures, as in they occurred after we started to copy core files.
+		 * We should not try to perform a background update again until there is a successful one-click update performed by the user.
+		 */
 		$critical = false;
-		if ( 'disk_full' === $error_code || false !== strpos( $error_code, '__copy_dir' ) ) {
+		if ( 'disk_full' === $error_code || str_contains( $error_code, '__copy_dir' ) ) {
 			$critical = true;
 		} elseif ( 'rollback_was_required' === $error_code && is_wp_error( $result->get_error_data()->rollback ) ) {
 			// A rollback is only critical if it failed too.
 			$critical        = true;
 			$rollback_result = $result->get_error_data()->rollback;
-		} elseif ( false !== strpos( $error_code, 'do_rollback' ) ) {
+		} elseif ( str_contains( $error_code, 'do_rollback' ) ) {
 			$critical = true;
 		}
 		if ( $critical ) {
 			$critical_data = array(
 					$next_user_core_update->current
 				);
 				$body .= "\n\n";
-				// Don't show this message if there is a newer version available.
+				/*
-				// Potential for confusion, and also not useful for them to know at this point.
+				 * Don't show this message if there is a newer version available.
+				 * Potential for confusion, and also not useful for them to know at this point.
+				 */
 				if ( 'fail' === $type && ! $newer_version_available ) {
 					$body .= __( 'An attempt was made, but your site could not be updated automatically.' ) . ' ';
 				}
 				$body .= __( 'Updating is easy and only takes a few moments:' );
 		if ( 'success' !== $type || $newer_version_available ) {
 			$body .= "\n\n" . __( 'Keeping your site updated is important for security. It also makes the internet a safer place for you and your readers.' );
 		}
 		if ( $critical_support ) {
-			$body .= ' ' . __( "If you reach out to us, we'll also ensure you'll never have this problem again." );
+			$body .= ' ' . __( "Reach out to WordPress Core developers to ensure you'll never have this problem again." );
 		}
 		// If things are successful and we're now on the latest, mention plugins and themes if any are out of date.
 		if ( 'success' === $type && ! $newer_version_available && ( get_plugin_updates() || get_theme_updates() ) ) {
 			$body .= "\n\n" . __( 'You also have some plugins or themes with updates available. Update them now:' );
 			/* translators: %s: WordPress version. */
 			$body .= sprintf( __( 'Your site was running version %s.' ), get_bloginfo( 'version' ) );
 			$body .= ' ' . __( 'Some data that describes the error your site encountered has been put together.' );
 			$body .= ' ' . __( 'Your hosting company, support forum volunteers, or a friendly developer may be able to use this information to help you:' );
-			// If we had a rollback and we're still critical, then the rollback failed too.
+			/*
-			// Loop through all errors (the main WP_Error, the update result, the rollback result) for code, data, etc.
+			 * If we had a rollback and we're still critical, then the rollback failed too.
+			 * Loop through all errors (the main WP_Error, the update result, the rollback result) for code, data, etc.
+			 */
 			if ( 'rollback_was_required' === $result->get_error_code() ) {
 				$errors = array( $result, $result->get_error_data()->update, $result->get_error_data()->rollback );
 			} else {
 				$errors = array( $result );
 			}
 		wp_mail( $email['to'], wp_specialchars_decode( $email['subject'] ), $email['body'], $email['headers'] );
 	}
 	/**
-	 * If we tried to perform plugin or theme updates, check if we should send an email.
+	 * Checks whether an email should be sent after attempting plugin or theme updates.
 	 *
 	 * @since 5.5.0
 	 *
 	 * @param array $update_results The results of update tasks.
 	 */
 			$body[] = __( 'Please check your site now. It’s possible that everything is working. If there are updates available, you should update.' );
 			$body[] = "\n";
 			// List failed plugin updates.
 			if ( ! empty( $failed_updates['plugin'] ) ) {
-				$body[] = __( 'These plugins failed to update:' );
+				$body[] = __( 'The following plugins failed to update. If there was a fatal error in the update, the previously installed version has been restored.' );
 				foreach ( $failed_updates['plugin'] as $item ) {
+					$body_message = '';
+					$item_url     = '';
+					if ( ! empty( $item->item->url ) ) {
+						$item_url = ' : ' . esc_url( $item->item->url );
+					}
 					if ( $item->item->current_version ) {
-						$body[] = sprintf(
+						$body_message .= sprintf(
-							/* translators: 1: Plugin name, 2: Current version number, 3: New version number. */
+							/* translators: 1: Plugin name, 2: Current version number, 3: New version number, 4: Plugin URL. */
-							__( '- %1$s (from version %2$s to %3$s)' ),
+							__( '- %1$s (from version %2$s to %3$s)%4$s' ),
-							$item->name,
+							html_entity_decode( $item->name ),
 							$item->item->current_version,
-							$item->item->new_version
+							$item->item->new_version,
+							$item_url
 						);
 					} else {
-						$body[] = sprintf(
+						$body_message .= sprintf(
-							/* translators: 1: Plugin name, 2: Version number. */
+							/* translators: 1: Plugin name, 2: Version number, 3: Plugin URL. */
-							__( '- %1$s version %2$s' ),
+							__( '- %1$s version %2$s%3$s' ),
-							$item->name,
+							html_entity_decode( $item->name ),
-							$item->item->new_version
+							$item->item->new_version,
+							$item_url
 						);
 					}
+					$body[] = $body_message;
 					$past_failure_emails[ $item->item->plugin ] = $item->item->new_version;
 				}
 				$body[] = "\n";
 				foreach ( $failed_updates['theme'] as $item ) {
 					if ( $item->item->current_version ) {
 						$body[] = sprintf(
 							/* translators: 1: Theme name, 2: Current version number, 3: New version number. */
 							__( '- %1$s (from version %2$s to %3$s)' ),
-							$item->name,
+							html_entity_decode( $item->name ),
 							$item->item->current_version,
 							$item->item->new_version
 						);
 					} else {
 						$body[] = sprintf(
 							/* translators: 1: Theme name, 2: Version number. */
 							__( '- %1$s version %2$s' ),
-							$item->name,
+							html_entity_decode( $item->name ),
 							$item->item->new_version
 						);
 					}
 					$past_failure_emails[ $item->item->theme ] = $item->item->new_version;
 			// List successful plugin updates.
 			if ( ! empty( $successful_updates['plugin'] ) ) {
 				$body[] = __( 'These plugins are now up to date:' );
 				foreach ( $successful_updates['plugin'] as $item ) {
+					$body_message = '';
+					$item_url     = '';
+					if ( ! empty( $item->item->url ) ) {
+						$item_url = ' : ' . esc_url( $item->item->url );
+					}
 					if ( $item->item->current_version ) {
-						$body[] = sprintf(
+						$body_message .= sprintf(
-							/* translators: 1: Plugin name, 2: Current version number, 3: New version number. */
+							/* translators: 1: Plugin name, 2: Current version number, 3: New version number, 4: Plugin URL. */
-							__( '- %1$s (from version %2$s to %3$s)' ),
+							__( '- %1$s (from version %2$s to %3$s)%4$s' ),
-							$item->name,
+							html_entity_decode( $item->name ),
 							$item->item->current_version,
-							$item->item->new_version
+							$item->item->new_version,
+							$item_url
 						);
 					} else {
-						$body[] = sprintf(
+						$body_message .= sprintf(
-							/* translators: 1: Plugin name, 2: Version number. */
+							/* translators: 1: Plugin name, 2: Version number, 3: Plugin URL. */
-							__( '- %1$s version %2$s' ),
+							__( '- %1$s version %2$s%3$s' ),
-							$item->name,
+							html_entity_decode( $item->name ),
-							$item->item->new_version
+							$item->item->new_version,
+							$item_url
 						);
 					}
+					$body[] = $body_message;
 					unset( $past_failure_emails[ $item->item->plugin ] );
 				}
 				$body[] = "\n";
 				foreach ( $successful_updates['theme'] as $item ) {
 					if ( $item->item->current_version ) {
 						$body[] = sprintf(
 							/* translators: 1: Theme name, 2: Current version number, 3: New version number. */
 							__( '- %1$s (from version %2$s to %3$s)' ),
-							$item->name,
+							html_entity_decode( $item->name ),
 							$item->item->current_version,
 							$item->item->new_version
 						);
 					} else {
 						$body[] = sprintf(
 							/* translators: 1: Theme name, 2: Version number. */
 							__( '- %1$s version %2$s' ),
-							$item->name,
+							html_entity_decode( $item->name ),
 							$item->item->new_version
 						);
 					}
 					unset( $past_failure_emails[ $item->item->theme ] );
 				/* translators: %s: WordPress version. */
 				$body[] = sprintf( __( 'SUCCESS: WordPress was successfully updated to %s' ), $result->name );
 			} else {
 				/* translators: %s: WordPress version. */
 				$body[] = sprintf( __( 'FAILED: WordPress failed to update to %s' ), $result->name );
-				$failures++;
+				++$failures;
 			}
 			$body[] = '';
 		}
 				foreach ( $this->update_results[ $type ] as $item ) {
 					if ( ! $item->result || is_wp_error( $item->result ) ) {
 						/* translators: %s: Name of plugin / theme / translation. */
 						$body[] = ' * ' . sprintf( __( 'FAILED: %s' ), $item->name );
-						$failures++;
+						++$failures;
 					}
 				}
 			}
 			$body[] = '';
 		 */
 		$email = apply_filters( 'automatic_updates_debug_email', $email, $failures, $this->update_results );
 		wp_mail( $email['to'], wp_specialchars_decode( $email['subject'] ), $email['body'], $email['headers'] );
 	}
+	/**
+	 * Performs a loopback request to check for potential fatal errors.
+	 *
+	 * Fatal errors cannot be detected unless maintenance mode is enabled.
+	 *
+	 * @since 6.6.0
+	 *
+	 * @global int $upgrading The Unix timestamp marking when upgrading WordPress began.
+	 *
+	 * @return bool Whether a fatal error was detected.
+	 */
+	protected function has_fatal_error() {
+		global $upgrading;
+		$maintenance_file = ABSPATH . '.maintenance';
+		if ( ! file_exists( $maintenance_file ) ) {
+			return false;
+		}
+		require $maintenance_file;
+		if ( ! is_int( $upgrading ) ) {
+			return false;
+		}
+		$scrape_key   = md5( $upgrading );
+		$scrape_nonce = (string) $upgrading;
+		$transient    = 'scrape_key_' . $scrape_key;
+		set_transient( $transient, $scrape_nonce, 30 );
+		$cookies       = wp_unslash( $_COOKIE );
+		$scrape_params = array(
+			'wp_scrape_key'   => $scrape_key,
+			'wp_scrape_nonce' => $scrape_nonce,
+		);
+		$headers       = array(
+			'Cache-Control' => 'no-cache',
+		);
+		/** This filter is documented in wp-includes/class-wp-http-streams.php */
+		$sslverify = apply_filters( 'https_local_ssl_verify', false );
+		// Include Basic auth in the loopback request.
+		if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
+			$headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
+		}
+		// Time to wait for loopback request to finish.
+		$timeout = 50; // 50 seconds.
+		$is_debug = WP_DEBUG && WP_DEBUG_LOG;
+		if ( $is_debug ) {
+			error_log( '    Scraping home page...' );
+		}
+		$needle_start = "###### wp_scraping_result_start:$scrape_key ######";
+		$needle_end   = "###### wp_scraping_result_end:$scrape_key ######";
+		$url          = add_query_arg( $scrape_params, home_url( '/' ) );
+		$response     = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
+		if ( is_wp_error( $response ) ) {
+			if ( $is_debug ) {
+				error_log( 'Loopback request failed: ' . $response->get_error_message() );
+			}
+			return true;
+		}
+		// If this outputs `true` in the log, it means there were no fatal errors detected.
+		if ( $is_debug ) {
+			error_log( var_export( substr( $response['body'], strpos( $response['body'], '###### wp_scraping_result_start:' ) ), true ) );
+		}
+		$body                   = wp_remote_retrieve_body( $response );
+		$scrape_result_position = strpos( $body, $needle_start );
+		$result                 = null;
+		if ( false !== $scrape_result_position ) {
+			$error_output = substr( $body, $scrape_result_position + strlen( $needle_start ) );
+			$error_output = substr( $error_output, 0, strpos( $error_output, $needle_end ) );
+			$result       = json_decode( trim( $error_output ), true );
+		}
+		delete_transient( $transient );
+		// Only fatal errors will result in a 'type' key.
+		return isset( $result['type'] );
+	}
 }

changeset 21	48c4eec2b7e6
parent 19	3d72ae0968f4
child 22	8c2e4d02f4ef