diff --git a/class/class-mainwp-child-actions.php b/class/class-mainwp-child-actions.php index 19f559fe..a19a7373 100644 --- a/class/class-mainwp-child-actions.php +++ b/class/class-mainwp-child-actions.php @@ -58,6 +58,14 @@ class MainWP_Child_Actions { * */ private $current_plugins_info = array(); + /** + * Old themes. + * + * @var array Old themes array. + * */ + public $current_themes_info = array(); + + /** * Method get_class_name() * @@ -352,17 +360,28 @@ public function callback_upgrader_process_complete( $upgrader, $extra ) { // php } foreach ( $slugs as $slug ) { - $theme = wp_get_theme( $slug ); - $stylesheet = $theme['Stylesheet Dir'] . '/style.css'; - $theme_data = get_file_data( + $theme = wp_get_theme( $slug ); + $stylesheet = $theme['Stylesheet Dir'] . '/style.css'; + $theme_data = get_file_data( $stylesheet, array( 'Version' => 'Version', ) ); - $name = $theme['Name']; - $old_version = $upgrader->skin->theme_info->get( 'Version' ); // to fix old version //$theme['Version']. - $version = $theme_data['Version']; + $name = $theme['Name']; + + $old_version = ''; + + if ( isset( $this->current_themes_info[ $slug ] ) ) { + $old_theme = $this->current_themes_info[ $slug ]; + + if ( isset( $old_theme['version'] ) ) { + $old_version = $old_theme['version']; + } + } elseif ( ! empty( $upgrader->skin->theme_info ) ) { + $old_version = $upgrader->skin->theme_info->get( 'Version' ); // to fix old version //$theme['Version']; + } + $version = $theme_data['Version']; $logs[] = compact( 'slug', 'name', 'old_version', 'version', 'message', 'action' ); } @@ -611,6 +630,43 @@ public function callback_upgrader_pre_install() { if ( empty( $this->current_plugins_info ) ) { $this->current_plugins_info = $this->get_plugins(); } + + if ( empty( $this->current_themes_info ) ) { + $this->current_themes_info = array(); + + if ( ! function_exists( '\wp_get_themes' ) ) { + require_once ABSPATH . '/wp-admin/includes/theme.php'; + } + + $themes = wp_get_themes(); + + if ( is_array( $themes ) ) { + $theme_name = wp_get_theme()->get( 'Name' ); + $parent_name = ''; + $parent = wp_get_theme()->parent(); + if ( $parent ) { + $parent_name = $parent->get( 'Name' ); + } + foreach ( $themes as $theme ) { + + $_slug = $theme->get_stylesheet(); + if ( isset( $this->current_themes_info[ $_slug ] ) ) { + continue; + } + + $out = array(); + $out['name'] = $theme->get( 'Name' ); + $out['title'] = $theme->display( 'Name', true, false ); + $out['version'] = $theme->display( 'Version', true, false ); + $out['active'] = ( $theme->get( 'Name' ) === $theme_name ) ? 1 : 0; + $out['slug'] = $_slug; + $out['parent_active'] = ( $parent_name == $out['name'] ) ? 1 : 0; + + $this->current_themes_info[ $_slug ] = $out; + } + } + } + } /** diff --git a/class/class-mainwp-child-install.php b/class/class-mainwp-child-install.php index 04be05dc..05e7ddff 100644 --- a/class/class-mainwp-child-install.php +++ b/class/class-mainwp-child-install.php @@ -113,10 +113,11 @@ public function plugin_action() { $this->delete_plugins( $plugins ); } elseif ( 'changelog_info' === $action ) { include_once ABSPATH . '/wp-admin/includes/plugin-install.php'; + $_slug = wp_unslash( $_POST['slug'] ); $api = plugins_api( 'plugin_information', array( - 'slug' => sanitize_key( wp_unslash( $_POST['slug'] ) ), + 'slug' => $_slug, ) ); $information['update'] = $api; diff --git a/class/class-mainwp-child-misc.php b/class/class-mainwp-child-misc.php index 4848e4a4..a5756c7f 100644 --- a/class/class-mainwp-child-misc.php +++ b/class/class-mainwp-child-misc.php @@ -555,14 +555,7 @@ public function uploader_action() { */ public function uploader_upload_file( $file_url, $path, $file_name ) { - add_filter( 'mime_types', array( $this, 'add_mime_types' ), 10, 2 ); - - // Fixes: Uploader Extension rename htaccess file issue. - if ( '.htaccess' != $file_name && '.htpasswd' != $file_name ) { - $file_name = sanitize_file_name( $file_name ); - } - - remove_filter( 'mime_types', array( $this, 'add_mime_types' ), 10, 2 ); + $file_name = $this->sanitize_file_name( $file_name ); $full_file_name = $path . DIRECTORY_SEPARATOR . $file_name; @@ -588,7 +581,7 @@ public function uploader_upload_file( $file_url, $path, $file_name ) { if ( '.phpfile.txt' === substr( $file_name, - 12 ) ) { $new_file_name = substr( $file_name, 0, - 12 ) . '.php'; $new_file_name = $path . DIRECTORY_SEPARATOR . $new_file_name; - } elseif ( 0 === strpos( $file_name, 'fix_underscore' ) ) { + } elseif ( 0 === strpos( $file_name, 'fix_underscore' ) ) { // to compatible. $new_file_name = str_replace( 'fix_underscore', '', $file_name ); $new_file_name = $path . DIRECTORY_SEPARATOR . $new_file_name; } else { @@ -608,19 +601,73 @@ public function uploader_upload_file( $file_url, $path, $file_name ) { return array( 'path' => $full_file_name ); } + /** - * Method add_mime_types() + * @credit WordPress. + * Sanitizes a filename, replacing whitespace with dashes. + * + * Removes special characters that are illegal in filenames on certain + * operating systems and special characters requiring special escaping + * to manipulate at the command line. Replaces spaces and consecutive + * dashes with a single dash. Trims period, dash and underscore from beginning + * and end of filename. It is not guaranteed that this function will return a + * filename that is allowed to be uploaded. * - * Add mime types to support uploader. + * @since 2.1.0 * - * @param array $mime_types mime types. + * @param string $filename The filename to be sanitized. + * @return string The sanitized filename. */ - public function add_mime_types( $mime_types ) { - $mime_types['min'] = 'min-js'; - $mime_types = apply_filters( 'mainwp_child_file_uploader_mime_types', $mime_types ); - return $mime_types; + private function sanitize_file_name( $filename ) { + $filename_raw = $filename; + $filename = remove_accents( $filename ); + + $special_chars = array( '?', '[', ']', '/', '\\', '=', '<', '>', ':', ';', ',', "'", '"', '&', '$', '#', '*', '(', ')', '|', '~', '`', '!', '{', '}', '%', '+', '’', '«', '»', '”', '“', chr( 0 ) ); + + // Check for support for utf8 in the installed PCRE library once and store the result in a static. + static $utf8_pcre = null; + if ( ! isset( $utf8_pcre ) ) { + // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged + $utf8_pcre = @preg_match( '/^./u', 'a' ); + } + + if ( ! seems_utf8( $filename ) ) { + $_ext = pathinfo( $filename, PATHINFO_EXTENSION ); + $_name = pathinfo( $filename, PATHINFO_FILENAME ); + $filename = sanitize_title_with_dashes( $_name ) . '.' . $_ext; + } + + if ( $utf8_pcre ) { + $filename = preg_replace( "#\x{00a0}#siu", ' ', $filename ); + } + + /** + * Filters the list of characters to remove from a filename. + * + * @since 2.8.0 + * + * @param string[] $special_chars Array of characters to remove. + * @param string $filename_raw The original filename to be sanitized. + */ + $special_chars = apply_filters( 'sanitize_file_name_chars', $special_chars, $filename_raw ); + + $filename = str_replace( $special_chars, '', $filename ); + $filename = str_replace( array( '%20', '+' ), '-', $filename ); + $filename = preg_replace( '/\.{2,}/', '.', $filename ); + $filename = preg_replace( '/[\r\n\t -]+/', '-', $filename ); + + /** + * Filters a sanitized filename string. + * + * @since 2.8.0 + * + * @param string $filename Sanitized filename. + * @param string $filename_raw The filename prior to sanitization. + */ + return apply_filters( 'sanitize_file_name', $filename, $filename_raw ); } + /** * Method code_snippet() * @@ -734,6 +781,7 @@ private function snippet_delete_snippet( $slug, $type, $snippets ) { } } else { $return['status'] = 'SUCCESS'; + $return['notfound'] = 1; } } return $return; diff --git a/class/class-mainwp-child.php b/class/class-mainwp-child.php index 56e12f7e..4adfa7b4 100644 --- a/class/class-mainwp-child.php +++ b/class/class-mainwp-child.php @@ -33,7 +33,7 @@ class MainWP_Child { * * @var string MainWP Child plugin version. */ - public static $version = '4.5'; + public static $version = '4.5.1'; /** * Private variable containing the latest MainWP Child update version. diff --git a/class/class-mainwp-clone-page.php b/class/class-mainwp-clone-page.php index 96596632..7cbae70f 100644 --- a/class/class-mainwp-clone-page.php +++ b/class/class-mainwp-clone-page.php @@ -528,7 +528,7 @@ public static function render_java_script() { get_security_nonces(); foreach ( $security_nonces as $k => $v ) { - echo esc_html( 'child_security_nonces[' . "'" . $k . "'" . '] = ' . "'" . $v ) . "';\n"; + echo ( 'child_security_nonces[' . "'" . esc_html( $k ) . "'" . '] = ' . "'" . esc_html( $v ) ) . "';\n"; // phpcs:ignore WordPress.Security.EscapeOutput } ?> diff --git a/class/class-mainwp-pages.php b/class/class-mainwp-pages.php index 5c6acb3e..bff8c728 100644 --- a/class/class-mainwp-pages.php +++ b/class/class-mainwp-pages.php @@ -286,8 +286,6 @@ public function render_pages( $shownPage ) { // phpcs:ignore -- Current complexi $hide_server_info = isset( $branding_opts['remove_server_info'] ) && $branding_opts['remove_server_info'] ? true : false; $hide_connection_detail = isset( $branding_opts['remove_connection_detail'] ) && $branding_opts['remove_connection_detail'] ? true : false; - $hide_style = 'style="display:none"'; - if ( '' == $shownPage ) { if ( ! $hide_settings ) { $shownPage = 'settings'; @@ -300,20 +298,25 @@ public function render_pages( $shownPage ) { // phpcs:ignore -- Current complexi } } - self::render_header( $shownPage, false ); + self::render_header( $shownPage, false, $show_clones ); + + if ( is_null( $show_clones ) ) { + $show_clones = true; + } + ?> -
> +
> render_settings(); ?>
-
> +
> -
> +
>
-
> +
>
@@ -350,10 +353,11 @@ public function render_pages( $shownPage ) { // phpcs:ignore -- Current complexi * * @param string $shownPage Page shown. * @param bool $subpage Whether or not a subpage. Default: true. + * @param bool $show_clone_funcs Whether or not to show clone tabs. * * @uses \MainWP\Child\MainWP_Child_Branding::get_branding_options() */ - public static function render_header( $shownPage, $subpage = true ) { // phpcs:ignore -- Current complexity is the only way to achieve desired results, pull request solutions appreciated. + public static function render_header( $shownPage, $subpage = true, &$show_clone_funcs = true ) { // phpcs:ignore -- Current complexity is the only way to achieve desired results, pull request solutions appreciated. $tab = isset( $_GET['tab'] ) ? sanitize_text_field( wp_unslash( $_GET['tab'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification if ( ! empty( $tab ) ) { @@ -373,6 +377,17 @@ public static function render_header( $shownPage, $subpage = true ) { // phpcs:i $sitesToClone = get_option( 'mainwp_child_clone_sites' ); + // put here to support hooks to show header. + $is_connected_admin = false; + $connected = '' != get_option( 'mainwp_child_pubkey' ) ? true : false; + if ( $connected ) { + $current_user = wp_get_current_user(); + if ( $current_user ) { + $is_connected_admin = $current_user->user_login === get_option( 'mainwp_child_connected_admin' ) ? true : false; + } + } + $show_clone_funcs = $connected && $is_connected_admin ? true : false; + ?>