Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
bc77d7c0 | 4 | | Copyright CiviCRM LLC. All rights reserved. | |
6a488035 | 5 | | | |
bc77d7c0 TO |
6 | | This work is published under the GNU AGPLv3 license with some | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
6a488035 | 9 | +--------------------------------------------------------------------+ |
d25dd0ee | 10 | */ |
6a488035 TO |
11 | |
12 | /** | |
13 | * | |
14 | * @package CRM | |
ca5cec67 | 15 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
6a488035 TO |
16 | */ |
17 | ||
18 | /** | |
19 | * WordPress specific stuff goes here | |
20 | */ | |
21 | class CRM_Utils_System_WordPress extends CRM_Utils_System_Base { | |
6714d8d2 | 22 | |
11eed110 TO |
23 | /** |
24 | * Get a normalized version of the wpBasePage. | |
25 | */ | |
26 | public static function getBasePage() { | |
27 | return rtrim(Civi::settings()->get('wpBasePage'), '/'); | |
28 | } | |
29 | ||
bb3a214a | 30 | /** |
bb3a214a | 31 | */ |
00be9182 | 32 | public function __construct() { |
4caaa696 EM |
33 | /** |
34 | * deprecated property to check if this is a drupal install. The correct method is to have functions on the UF classes for all UF specific | |
35 | * functions and leave the codebase oblivious to the type of CMS | |
36 | * @deprecated | |
37 | * @var bool | |
38 | */ | |
6a488035 | 39 | $this->is_drupal = FALSE; |
fe17e8d1 | 40 | $this->is_wordpress = TRUE; |
6a488035 TO |
41 | } |
42 | ||
9509977f TO |
43 | public function initialize() { |
44 | parent::initialize(); | |
45 | $this->registerPathVars(); | |
46 | } | |
47 | ||
48 | /** | |
49 | * Specify the default computation for various paths/URLs. | |
50 | */ | |
51 | protected function registerPathVars():void { | |
716bdc94 TO |
52 | $isNormalBoot = function_exists('get_option'); |
53 | if ($isNormalBoot) { | |
54 | // Normal mode - CMS boots first, then calls Civi. "Normal" web pages and newer extern routes. | |
55 | // To simplify the code-paths, some items are re-registered with WP-specific functions. | |
56 | $cmsRoot = function() { | |
9509977f | 57 | return [ |
716bdc94 TO |
58 | 'path' => untrailingslashit(ABSPATH), |
59 | 'url' => home_url(), | |
9509977f | 60 | ]; |
716bdc94 TO |
61 | }; |
62 | Civi::paths()->register('cms', $cmsRoot); | |
63 | Civi::paths()->register('cms.root', $cmsRoot); | |
716bdc94 TO |
64 | Civi::paths()->register('civicrm.root', function () { |
65 | return [ | |
66 | 'path' => CIVICRM_PLUGIN_DIR . 'civicrm' . DIRECTORY_SEPARATOR, | |
67 | 'url' => CIVICRM_PLUGIN_URL . 'civicrm/', | |
68 | ]; | |
69 | }); | |
70 | Civi::paths()->register('wp.frontend.base', function () { | |
71 | return [ | |
72 | 'url' => home_url('/'), | |
73 | ]; | |
74 | }); | |
75 | Civi::paths()->register('wp.frontend', function () { | |
76 | $config = CRM_Core_Config::singleton(); | |
77 | $basepage = get_page_by_path($config->wpBasePage); | |
78 | return [ | |
79 | 'url' => get_permalink($basepage->ID), | |
80 | ]; | |
81 | }); | |
82 | Civi::paths()->register('wp.backend.base', function () { | |
83 | return [ | |
84 | 'url' => admin_url(), | |
85 | ]; | |
86 | }); | |
87 | Civi::paths()->register('wp.backend', function() { | |
88 | return [ | |
89 | 'url' => admin_url('admin.php'), | |
90 | ]; | |
91 | }); | |
ad428bcd SL |
92 | Civi::paths()->register('civicrm.files', function () { |
93 | $upload_dir = wp_get_upload_dir(); | |
94 | ||
95 | $old = CRM_Core_Config::singleton()->userSystem->getDefaultFileStorage(); | |
96 | $new = [ | |
97 | 'path' => $upload_dir['basedir'] . DIRECTORY_SEPARATOR . 'civicrm' . DIRECTORY_SEPARATOR, | |
98 | 'url' => $upload_dir['baseurl'] . '/civicrm/', | |
99 | ]; | |
100 | ||
101 | if ($old['path'] === $new['path']) { | |
102 | return $new; | |
103 | } | |
104 | ||
105 | $oldExists = file_exists($old['path']); | |
106 | $newExists = file_exists($new['path']); | |
107 | ||
108 | if ($oldExists && !$newExists) { | |
109 | return $old; | |
110 | } | |
111 | elseif (!$oldExists && $newExists) { | |
112 | return $new; | |
113 | } | |
114 | elseif (!$oldExists && !$newExists) { | |
115 | // neither exists. but that's ok. we're in one of these two cases: | |
116 | // - we're just starting installation... which will get sorted in a moment | |
117 | // when someone calls mkdir(). | |
118 | // - we're running a bespoke setup... which will get sorted in a moment | |
119 | // by applying $civicrm_paths. | |
120 | return $new; | |
121 | } | |
122 | elseif ($oldExists && $newExists) { | |
123 | // situation ambiguous. encourage admin to set value explicitly. | |
124 | if (!isset($GLOBALS['civicrm_paths']['civicrm.files'])) { | |
125 | \Civi::log()->warning("The system has data from both old+new conventions. Please use civicrm.settings.php to set civicrm.files explicitly."); | |
126 | } | |
127 | return $new; | |
128 | } | |
129 | }); | |
716bdc94 TO |
130 | } |
131 | else { | |
132 | // Legacy support - only relevant for older extern routes. | |
133 | Civi::paths() | |
134 | ->register('wp.frontend.base', function () { | |
135 | return ['url' => rtrim(CIVICRM_UF_BASEURL, '/') . '/']; | |
136 | }) | |
137 | ->register('wp.frontend', function () { | |
138 | $config = \CRM_Core_Config::singleton(); | |
139 | $suffix = defined('CIVICRM_UF_WP_BASEPAGE') ? CIVICRM_UF_WP_BASEPAGE : $config->wpBasePage; | |
140 | return [ | |
141 | 'url' => Civi::paths()->getVariable('wp.frontend.base', 'url') . $suffix, | |
142 | ]; | |
143 | }) | |
144 | ->register('wp.backend.base', function () { | |
145 | return ['url' => rtrim(CIVICRM_UF_BASEURL, '/') . '/wp-admin/']; | |
146 | }) | |
147 | ->register('wp.backend', function () { | |
148 | return [ | |
149 | 'url' => Civi::paths()->getVariable('wp.backend.base', 'url') . 'admin.php', | |
150 | ]; | |
151 | }); | |
152 | } | |
9509977f TO |
153 | } |
154 | ||
6a488035 | 155 | /** |
17f443df | 156 | * @inheritDoc |
6a488035 | 157 | */ |
00be9182 | 158 | public function setTitle($title, $pageTitle = NULL) { |
6a488035 TO |
159 | if (!$pageTitle) { |
160 | $pageTitle = $title; | |
161 | } | |
1beae3b1 | 162 | |
17f443df CW |
163 | // FIXME: Why is this global? |
164 | global $civicrm_wp_title; | |
165 | $civicrm_wp_title = $title; | |
1beae3b1 | 166 | |
17f443df CW |
167 | // yes, set page title, depending on context |
168 | $context = civi_wp()->civicrm_context_get(); | |
169 | switch ($context) { | |
170 | case 'admin': | |
171 | case 'shortcode': | |
172 | $template = CRM_Core_Smarty::singleton(); | |
173 | $template->assign('pageTitle', $pageTitle); | |
6a488035 TO |
174 | } |
175 | } | |
176 | ||
7ba2c8ad KC |
177 | /** |
178 | * Moved from CRM_Utils_System_Base | |
179 | */ | |
180 | public function getDefaultFileStorage() { | |
4db100ce TO |
181 | // NOTE: On WordPress, this will be circumvented in the future. However, |
182 | // should retain it to allow transitional/upgrade code determine the old value. | |
183 | ||
8ce9d9d6 TO |
184 | $config = CRM_Core_Config::singleton(); |
185 | $cmsUrl = CRM_Utils_System::languageNegotiationURL($config->userFrameworkBaseURL, FALSE, TRUE); | |
186 | $cmsPath = $this->cmsRootPath(); | |
187 | $filesPath = CRM_Utils_File::baseFilePath(); | |
188 | $filesRelPath = CRM_Utils_File::relativize($filesPath, $cmsPath); | |
189 | $filesURL = rtrim($cmsUrl, '/') . '/' . ltrim($filesRelPath, ' /'); | |
be2fb01f | 190 | return [ |
8ce9d9d6 TO |
191 | 'url' => CRM_Utils_File::addTrailingSlash($filesURL, '/'), |
192 | 'path' => CRM_Utils_File::addTrailingSlash($filesPath), | |
be2fb01f | 193 | ]; |
8ce9d9d6 TO |
194 | } |
195 | ||
196 | /** | |
197 | * Determine the location of the CiviCRM source tree. | |
198 | * | |
199 | * @return array | |
200 | * - url: string. ex: "http://example.com/sites/all/modules/civicrm" | |
201 | * - path: string. ex: "/var/www/sites/all/modules/civicrm" | |
202 | */ | |
203 | public function getCiviSourceStorage() { | |
7ba2c8ad | 204 | global $civicrm_root; |
7ba2c8ad | 205 | |
8ce9d9d6 TO |
206 | // Don't use $config->userFrameworkBaseURL; it has garbage on it. |
207 | // More generally, we shouldn't be using $config here. | |
208 | if (!defined('CIVICRM_UF_BASEURL')) { | |
209 | throw new RuntimeException('Undefined constant: CIVICRM_UF_BASEURL'); | |
7ba2c8ad | 210 | } |
8ce9d9d6 TO |
211 | |
212 | $cmsPath = $this->cmsRootPath(); | |
213 | ||
214 | // $config = CRM_Core_Config::singleton(); | |
215 | // overkill? // $cmsUrl = CRM_Utils_System::languageNegotiationURL($config->userFrameworkBaseURL, FALSE, TRUE); | |
216 | $cmsUrl = CIVICRM_UF_BASEURL; | |
217 | if (CRM_Utils_System::isSSL()) { | |
218 | $cmsUrl = str_replace('http://', 'https://', $cmsUrl); | |
7ba2c8ad | 219 | } |
d8182404 | 220 | $civiRelPath = CRM_Utils_File::relativize(realpath($civicrm_root), realpath($cmsPath)); |
8ce9d9d6 | 221 | $civiUrl = rtrim($cmsUrl, '/') . '/' . ltrim($civiRelPath, ' /'); |
be2fb01f | 222 | return [ |
8ce9d9d6 TO |
223 | 'url' => CRM_Utils_File::addTrailingSlash($civiUrl, '/'), |
224 | 'path' => CRM_Utils_File::addTrailingSlash($civicrm_root), | |
be2fb01f | 225 | ]; |
7ba2c8ad KC |
226 | } |
227 | ||
6a488035 | 228 | /** |
17f443df | 229 | * @inheritDoc |
6a488035 | 230 | */ |
00be9182 | 231 | public function appendBreadCrumb($breadCrumbs) { |
6a488035 TO |
232 | $breadCrumb = wp_get_breadcrumb(); |
233 | ||
234 | if (is_array($breadCrumbs)) { | |
235 | foreach ($breadCrumbs as $crumbs) { | |
236 | if (stripos($crumbs['url'], 'id%%')) { | |
be2fb01f | 237 | $args = ['cid', 'mid']; |
6a488035 TO |
238 | foreach ($args as $a) { |
239 | $val = CRM_Utils_Request::retrieve($a, 'Positive', CRM_Core_DAO::$_nullObject, | |
240 | FALSE, NULL, $_GET | |
241 | ); | |
242 | if ($val) { | |
243 | $crumbs['url'] = str_ireplace("%%{$a}%%", $val, $crumbs['url']); | |
244 | } | |
245 | } | |
246 | } | |
247 | $breadCrumb[] = "<a href=\"{$crumbs['url']}\">{$crumbs['title']}</a>"; | |
248 | } | |
249 | } | |
250 | ||
251 | $template = CRM_Core_Smarty::singleton(); | |
252 | $template->assign_by_ref('breadcrumb', $breadCrumb); | |
253 | wp_set_breadcrumb($breadCrumb); | |
254 | } | |
255 | ||
256 | /** | |
17f443df | 257 | * @inheritDoc |
6a488035 | 258 | */ |
00be9182 | 259 | public function resetBreadCrumb() { |
be2fb01f | 260 | $bc = []; |
6a488035 TO |
261 | wp_set_breadcrumb($bc); |
262 | } | |
263 | ||
264 | /** | |
17f443df | 265 | * @inheritDoc |
6a488035 | 266 | */ |
00be9182 | 267 | public function addHTMLHead($head) { |
6a488035 TO |
268 | static $registered = FALSE; |
269 | if (!$registered) { | |
270 | // front-end view | |
be2fb01f | 271 | add_action('wp_head', [__CLASS__, '_showHTMLHead']); |
6a488035 | 272 | // back-end views |
be2fb01f | 273 | add_action('admin_head', [__CLASS__, '_showHTMLHead']); |
6a488035 | 274 | } |
be2fb01f | 275 | CRM_Core_Region::instance('wp_head')->add([ |
6a488035 | 276 | 'markup' => $head, |
be2fb01f | 277 | ]); |
6a488035 TO |
278 | } |
279 | ||
17f443df | 280 | /** |
fe482240 | 281 | * WP action callback. |
17f443df | 282 | */ |
00be9182 | 283 | public static function _showHTMLHead() { |
6a488035 TO |
284 | $region = CRM_Core_Region::instance('wp_head', FALSE); |
285 | if ($region) { | |
286 | echo $region->render(''); | |
287 | } | |
288 | } | |
289 | ||
290 | /** | |
17f443df | 291 | * @inheritDoc |
6a488035 | 292 | */ |
00be9182 | 293 | public function mapConfigToSSL() { |
6a488035 TO |
294 | global $base_url; |
295 | $base_url = str_replace('http://', 'https://', $base_url); | |
296 | } | |
297 | ||
298 | /** | |
17f443df | 299 | * @inheritDoc |
6a488035 | 300 | */ |
408b79bf | 301 | public function url( |
6a488035 TO |
302 | $path = NULL, |
303 | $query = NULL, | |
304 | $absolute = FALSE, | |
305 | $fragment = NULL, | |
6a488035 | 306 | $frontend = FALSE, |
8de2a34e SL |
307 | $forceBackend = FALSE, |
308 | $htmlize = TRUE | |
6a488035 | 309 | ) { |
353ffa53 TO |
310 | $config = CRM_Core_Config::singleton(); |
311 | $script = ''; | |
c80e2dbf | 312 | $separator = '&'; |
353ffa53 | 313 | $wpPageParam = ''; |
887f5d81 | 314 | $fragment = isset($fragment) ? ('#' . $fragment) : ''; |
6a488035 TO |
315 | |
316 | $path = CRM_Utils_String::stripPathChars($path); | |
df17aa21 | 317 | $basepage = FALSE; |
6a488035 TO |
318 | |
319 | //this means wp function we are trying to use is not available, | |
320 | //so load bootStrap | |
d8182404 | 321 | // FIXME: Why bootstrap in url()? Generally want to define 1-2 strategic places to put bootstrap |
6a488035 | 322 | if (!function_exists('get_option')) { |
d8182404 | 323 | $this->loadBootStrap(); |
6a488035 | 324 | } |
df17aa21 | 325 | |
6a488035 | 326 | if ($config->userFrameworkFrontend) { |
df17aa21 | 327 | global $post; |
887f5d81 | 328 | if (get_option('permalink_structure') != '') { |
337df6ce | 329 | $script = $post ? get_permalink($post->ID) : ""; |
6a488035 | 330 | } |
337df6ce | 331 | if ($post && $config->wpBasePage == $post->post_name) { |
df17aa21 CW |
332 | $basepage = TRUE; |
333 | } | |
01aca362 | 334 | // when shortcode is included in page |
6a488035 | 335 | // also make sure we have valid query object |
df17aa21 | 336 | // FIXME: $wpPageParam has no effect and is only set on the *basepage* |
6a488035 | 337 | global $wp_query; |
df17aa21 | 338 | if (get_option('permalink_structure') == '' && method_exists($wp_query, 'get')) { |
6a488035 | 339 | if (get_query_var('page_id')) { |
887f5d81 | 340 | $wpPageParam = "page_id=" . get_query_var('page_id'); |
6a488035 TO |
341 | } |
342 | elseif (get_query_var('p')) { | |
343 | // when shortcode is inserted in post | |
887f5d81 | 344 | $wpPageParam = "p=" . get_query_var('p'); |
6a488035 TO |
345 | } |
346 | } | |
347 | } | |
348 | ||
887f5d81 TO |
349 | $base = $this->getBaseUrl($absolute, $frontend, $forceBackend); |
350 | ||
351 | if (!isset($path) && !isset($query)) { | |
352 | // FIXME: This short-circuited codepath is the same as the general one below, except | |
353 | // in that it ignores "permlink_structure" / $wpPageParam / $script . I don't know | |
354 | // why it's different (and I can only find two obvious use-cases for this codepath, | |
355 | // of which at least one looks gratuitous). A more ambitious person would simply remove | |
356 | // this code. | |
357 | return $base . $fragment; | |
358 | } | |
359 | ||
360 | if (!$forceBackend && get_option('permalink_structure') != '' && ($wpPageParam || $script != '')) { | |
361 | $base = $script; | |
6a488035 TO |
362 | } |
363 | ||
be2fb01f | 364 | $queryParts = []; |
df17aa21 | 365 | |
df17aa21 CW |
366 | if ( |
367 | // not using clean URLs | |
368 | !$config->cleanURL | |
369 | // requesting an admin URL | |
370 | || ((is_admin() && !$frontend) || $forceBackend) | |
371 | // is shortcode | |
372 | || (!$basepage && $script != '') | |
373 | ) { | |
374 | ||
375 | // pre-existing logic | |
376 | if (isset($path)) { | |
25bd5735 CW |
377 | // Admin URLs still need "page=CiviCRM", front-end URLs do not. |
378 | if ((is_admin() && !$frontend) || $forceBackend) { | |
379 | $queryParts[] = 'page=CiviCRM'; | |
380 | } | |
381 | else { | |
382 | $queryParts[] = 'civiwp=CiviCRM'; | |
383 | } | |
cdef34e0 | 384 | $queryParts[] = 'q=' . rawurlencode($path); |
df17aa21 CW |
385 | } |
386 | if ($wpPageParam) { | |
387 | $queryParts[] = $wpPageParam; | |
388 | } | |
ffa62912 | 389 | if (!empty($query)) { |
df17aa21 CW |
390 | $queryParts[] = $query; |
391 | } | |
392 | ||
393 | $final = $base . '?' . implode($separator, $queryParts) . $fragment; | |
394 | ||
887f5d81 | 395 | } |
df17aa21 CW |
396 | else { |
397 | ||
398 | // clean URLs | |
399 | if (isset($path)) { | |
400 | $base = trailingslashit($base) . str_replace('civicrm/', '', $path) . '/'; | |
401 | } | |
402 | if (isset($query)) { | |
403 | $query = ltrim($query, '=?&'); | |
404 | $queryParts[] = $query; | |
405 | } | |
406 | ||
407 | if (!empty($queryParts)) { | |
408 | $final = $base . '?' . implode($separator, $queryParts) . $fragment; | |
409 | } | |
410 | else { | |
411 | $final = $base . $fragment; | |
412 | } | |
413 | ||
6a488035 TO |
414 | } |
415 | ||
df17aa21 | 416 | return $final; |
887f5d81 TO |
417 | } |
418 | ||
bb3a214a | 419 | /** |
f553d1ea KC |
420 | * 27-09-2016 |
421 | * CRM-16421 CRM-17633 WIP Changes to support WP in it's own directory | |
422 | * https://wiki.civicrm.org/confluence/display/CRM/WordPress+installed+in+its+own+directory+issues | |
423 | * For now leave hard coded wp-admin references. | |
424 | * TODO: remove wp-admin references and replace with admin_url() in the future. Look at best way to get path to admin_url | |
425 | * | |
bb3a214a EM |
426 | * @param $absolute |
427 | * @param $frontend | |
428 | * @param $forceBackend | |
429 | * | |
430 | * @return mixed|null|string | |
431 | */ | |
887f5d81 | 432 | private function getBaseUrl($absolute, $frontend, $forceBackend) { |
353ffa53 | 433 | $config = CRM_Core_Config::singleton(); |
6a488035 | 434 | if ((is_admin() && !$frontend) || $forceBackend) { |
f553d1ea | 435 | return Civi::paths()->getUrl('[wp.backend]/.', $absolute ? 'absolute' : 'relative'); |
6a488035 | 436 | } |
f553d1ea KC |
437 | else { |
438 | return Civi::paths()->getUrl('[wp.frontend]/.', $absolute ? 'absolute' : 'relative'); | |
36b820ae | 439 | } |
01aca362 | 440 | } |
6a488035 TO |
441 | |
442 | /** | |
17f443df | 443 | * @inheritDoc |
6a488035 | 444 | */ |
00be9182 | 445 | public function authenticate($name, $password, $loadCMSBootstrap = FALSE, $realPath = NULL) { |
6a488035 TO |
446 | $config = CRM_Core_Config::singleton(); |
447 | ||
448 | if ($loadCMSBootstrap) { | |
9ba02e3e TO |
449 | $config->userSystem->loadBootStrap([ |
450 | 'name' => $name, | |
451 | 'pass' => $password, | |
452 | ]); | |
6a488035 TO |
453 | } |
454 | ||
455 | $user = wp_authenticate($name, $password); | |
456 | if (is_a($user, 'WP_Error')) { | |
457 | return FALSE; | |
458 | } | |
459 | ||
17f443df | 460 | // TODO: need to change this to make sure we matched only one row |
6a488035 TO |
461 | |
462 | CRM_Core_BAO_UFMatch::synchronizeUFMatch($user->data, $user->data->ID, $user->data->user_email, 'WordPress'); | |
463 | $contactID = CRM_Core_BAO_UFMatch::getContactId($user->data->ID); | |
464 | if (!$contactID) { | |
465 | return FALSE; | |
466 | } | |
be2fb01f | 467 | return [$contactID, $user->data->ID, mt_rand()]; |
6a488035 TO |
468 | } |
469 | ||
470 | /** | |
17f443df | 471 | * FIXME: Do something |
ea3ddccf | 472 | * |
473 | * @param string $message | |
6a488035 | 474 | */ |
00be9182 | 475 | public function setMessage($message) { |
6a488035 TO |
476 | } |
477 | ||
bb3a214a | 478 | /** |
b596c3e9 | 479 | * @param \string $user |
ea3ddccf | 480 | * |
481 | * @return bool | |
bb3a214a | 482 | */ |
e7292422 | 483 | public function loadUser($user) { |
b596c3e9 | 484 | $userdata = get_user_by('login', $user); |
485 | if (!$userdata->data->ID) { | |
7ca9cd52 | 486 | return FALSE; |
b596c3e9 | 487 | } |
488 | ||
489 | $uid = $userdata->data->ID; | |
490 | wp_set_current_user($uid); | |
491 | $contactID = CRM_Core_BAO_UFMatch::getContactId($uid); | |
492 | ||
493 | // lets store contact id and user id in session | |
494 | $session = CRM_Core_Session::singleton(); | |
495 | $session->set('ufID', $uid); | |
496 | $session->set('userID', $contactID); | |
e7292422 | 497 | return TRUE; |
6a488035 TO |
498 | } |
499 | ||
17f443df CW |
500 | /** |
501 | * FIXME: Use CMS-native approach | |
309310bf | 502 | * @throws \CRM_Core_Exception |
17f443df | 503 | */ |
00be9182 | 504 | public function permissionDenied() { |
309310bf | 505 | throw new CRM_Core_Exception(ts('You do not have permission to access this page.')); |
6a488035 TO |
506 | } |
507 | ||
8ee9bea9 SL |
508 | /** |
509 | * Determine the native ID of the CMS user. | |
510 | * | |
511 | * @param string $username | |
e97c66ff | 512 | * |
513 | * @return int|null | |
8ee9bea9 SL |
514 | */ |
515 | public function getUfId($username) { | |
516 | $userdata = get_user_by('login', $username); | |
517 | if (!$userdata->data->ID) { | |
518 | return NULL; | |
519 | } | |
520 | return $userdata->data->ID; | |
521 | } | |
522 | ||
17f443df CW |
523 | /** |
524 | * @inheritDoc | |
525 | */ | |
00be9182 | 526 | public function logout() { |
6a488035 TO |
527 | // destroy session |
528 | if (session_id()) { | |
529 | session_destroy(); | |
530 | } | |
531 | wp_logout(); | |
532 | wp_redirect(wp_login_url()); | |
533 | } | |
534 | ||
6a488035 | 535 | /** |
17f443df | 536 | * @inheritDoc |
6a488035 | 537 | */ |
00be9182 | 538 | public function getUFLocale() { |
742eb5c6 CW |
539 | // Bail early if method is called when WordPress isn't bootstrapped. |
540 | // Additionally, the function checked here is located in pluggable.php | |
541 | // and is required by wp_get_referer() - so this also bails early if it is | |
542 | // called too early in the request lifecycle. | |
543 | // @see https://core.trac.wordpress.org/ticket/25294 | |
544 | if (!function_exists('wp_validate_redirect')) { | |
545 | return NULL; | |
cba2601a | 546 | } |
742eb5c6 CW |
547 | |
548 | // Default to WordPress User locale. | |
549 | $locale = get_user_locale(); | |
550 | ||
551 | // Is this a "back-end" AJAX call? | |
552 | $is_backend = FALSE; | |
553 | if (wp_doing_ajax() && FALSE !== strpos(wp_get_referer(), admin_url())) { | |
554 | $is_backend = TRUE; | |
19780d2b | 555 | } |
742eb5c6 CW |
556 | |
557 | // Ignore when in WordPress admin or it's a "back-end" AJAX call. | |
558 | if (!(is_admin() || $is_backend)) { | |
559 | ||
560 | // Reaching here means it is very likely to be a front-end context. | |
561 | ||
562 | // Default to WordPress locale. | |
563 | $locale = get_locale(); | |
564 | ||
565 | // Maybe override with the locale that Polylang reports. | |
566 | if (function_exists('pll_current_language')) { | |
567 | $pll_locale = pll_current_language('locale'); | |
568 | if (!empty($pll_locale)) { | |
569 | $locale = $pll_locale; | |
570 | } | |
571 | } | |
572 | ||
573 | // Maybe override with the locale that WPML reports. | |
574 | elseif (defined('ICL_LANGUAGE_CODE')) { | |
575 | $languages = apply_filters('wpml_active_languages', NULL); | |
576 | foreach ($languages as $language) { | |
577 | if ($language['active']) { | |
578 | $locale = $language['default_locale']; | |
579 | break; | |
580 | } | |
581 | } | |
582 | } | |
583 | ||
584 | // TODO: Set locale for other WordPress plugins. | |
585 | // @see https://wordpress.org/plugins/tags/multilingual/ | |
586 | // A hook would be nice here. | |
587 | ||
2c3d151b | 588 | } |
19780d2b | 589 | |
742eb5c6 CW |
590 | if (!empty($locale)) { |
591 | // If for some reason only we get a language code, convert it to a locale. | |
592 | if (2 === strlen($locale)) { | |
593 | $locale = CRM_Core_I18n_PseudoConstant::longForShort($locale); | |
594 | } | |
595 | return $locale; | |
0db6c3e1 TO |
596 | } |
597 | else { | |
19780d2b DL |
598 | return NULL; |
599 | } | |
6a488035 TO |
600 | } |
601 | ||
fd1f3a26 SV |
602 | /** |
603 | * @inheritDoc | |
604 | */ | |
605 | public function setUFLocale($civicrm_language) { | |
606 | // TODO (probably not possible with WPML?) | |
607 | return TRUE; | |
608 | } | |
609 | ||
6a488035 | 610 | /** |
fe482240 | 611 | * Load wordpress bootstrap. |
6a488035 | 612 | * |
9ba02e3e TO |
613 | * @param array $params |
614 | * Optional credentials | |
615 | * - name: string, cms username | |
616 | * - pass: string, cms password | |
6714d8d2 SL |
617 | * @param bool $loadUser |
618 | * @param bool $throwError | |
619 | * @param mixed $realPath | |
f4aaa82a EM |
620 | * |
621 | * @return bool | |
309310bf | 622 | * @throws \CRM_Core_Exception |
6a488035 | 623 | */ |
be2fb01f | 624 | public function loadBootStrap($params = [], $loadUser = TRUE, $throwError = TRUE, $realPath = NULL) { |
05fcde76 | 625 | global $wp, $wp_rewrite, $wp_the_query, $wp_query, $wpdb, $current_site, $current_blog, $current_user; |
6a488035 | 626 | |
9c1bc317 CW |
627 | $name = $params['name'] ?? NULL; |
628 | $pass = $params['pass'] ?? NULL; | |
9ba02e3e | 629 | |
7a44e49f | 630 | if (!defined('WP_USE_THEMES')) { |
c5f77355 | 631 | define('WP_USE_THEMES', FALSE); |
7a44e49f | 632 | } |
6a488035 TO |
633 | |
634 | $cmsRootPath = $this->cmsRootPath(); | |
635 | if (!$cmsRootPath) { | |
309310bf | 636 | throw new CRM_Core_Exception("Could not find the install directory for WordPress"); |
6a488035 | 637 | } |
aaffa79f | 638 | $path = Civi::settings()->get('wpLoadPhp'); |
b299b1cc | 639 | if (!empty($path)) { |
35da5d8d | 640 | require_once $path; |
b299b1cc KC |
641 | } |
642 | elseif (file_exists($cmsRootPath . DIRECTORY_SEPARATOR . 'wp-load.php')) { | |
35da5d8d | 643 | require_once $cmsRootPath . DIRECTORY_SEPARATOR . 'wp-load.php'; |
b299b1cc KC |
644 | } |
645 | else { | |
309310bf | 646 | throw new CRM_Core_Exception("Could not find the bootstrap file for WordPress"); |
35da5d8d | 647 | } |
6491539b DL |
648 | $wpUserTimezone = get_option('timezone_string'); |
649 | if ($wpUserTimezone) { | |
650 | date_default_timezone_set($wpUserTimezone); | |
651 | CRM_Core_Config::singleton()->userSystem->setMySQLTimeZone(); | |
652 | } | |
e7292422 | 653 | require_once $cmsRootPath . DIRECTORY_SEPARATOR . 'wp-includes/pluggable.php'; |
9c1bc317 | 654 | $uid = $params['uid'] ?? NULL; |
17763922 WA |
655 | if (!$uid) { |
656 | $name = $name ? $name : trim(CRM_Utils_Array::value('name', $_REQUEST)); | |
657 | $pass = $pass ? $pass : trim(CRM_Utils_Array::value('pass', $_REQUEST)); | |
658 | if ($name) { | |
d8182404 | 659 | $uid = wp_authenticate($name, $pass); |
17763922 WA |
660 | if (!$uid) { |
661 | if ($throwError) { | |
662 | echo '<br />Sorry, unrecognized username or password.'; | |
663 | exit(); | |
664 | } | |
665 | return FALSE; | |
666 | } | |
667 | } | |
668 | } | |
fe1e7958 | 669 | if ($uid) { |
a4111333 CW |
670 | if ($uid instanceof WP_User) { |
671 | $account = wp_set_current_user($uid->ID); | |
c5f77355 CW |
672 | } |
673 | else { | |
a4111333 CW |
674 | $account = wp_set_current_user($uid); |
675 | } | |
fe1e7958 | 676 | if ($account && $account->data->ID) { |
677 | global $user; | |
678 | $user = $account; | |
679 | return TRUE; | |
680 | } | |
681 | } | |
e7292422 | 682 | return TRUE; |
6a488035 TO |
683 | } |
684 | ||
bb3a214a EM |
685 | /** |
686 | * @param $dir | |
687 | * | |
688 | * @return bool | |
689 | */ | |
00be9182 | 690 | public function validInstallDir($dir) { |
dfbcf0b7 | 691 | $includePath = "$dir/wp-includes"; |
468176f6 | 692 | if (@file_exists("$includePath/version.php")) { |
dfbcf0b7 DL |
693 | return TRUE; |
694 | } | |
695 | return FALSE; | |
696 | } | |
697 | ||
bb3a214a EM |
698 | /** |
699 | * Determine the location of the CMS root. | |
700 | * | |
72b3a70c CW |
701 | * @return string|NULL |
702 | * local file system path to CMS root, or NULL if it cannot be determined | |
bb3a214a | 703 | */ |
00be9182 | 704 | public function cmsRootPath() { |
02bfbc78 CW |
705 | |
706 | // Return early if the path is already set. | |
a93a0366 TO |
707 | global $civicrm_paths; |
708 | if (!empty($civicrm_paths['cms.root']['path'])) { | |
709 | return $civicrm_paths['cms.root']['path']; | |
710 | } | |
711 | ||
02bfbc78 | 712 | // Return early if constant has been defined. |
dfbcf0b7 DL |
713 | if (defined('CIVICRM_CMSDIR')) { |
714 | if ($this->validInstallDir(CIVICRM_CMSDIR)) { | |
02bfbc78 | 715 | return CIVICRM_CMSDIR; |
dfbcf0b7 | 716 | } |
6a488035 | 717 | } |
02bfbc78 CW |
718 | |
719 | // Return early if path to wp-load.php can be retrieved from settings. | |
720 | $setting = Civi::settings()->get('wpLoadPhp'); | |
721 | if (!empty($setting)) { | |
57811df8 KC |
722 | $path = str_replace('wp-load.php', '', $setting); |
723 | $cmsRoot = rtrim($path, '/\\'); | |
02bfbc78 CW |
724 | if ($this->validInstallDir($cmsRoot)) { |
725 | return $cmsRoot; | |
726 | } | |
727 | } | |
728 | ||
729 | /* | |
730 | * Keep previous logic as fallback of last resort. | |
731 | * | |
732 | * At some point, it would be good to remove this because there are serious | |
733 | * problems in correctly locating WordPress in this manner. In summary, it | |
734 | * is impossible to do so reliably. | |
735 | * | |
736 | * @see https://github.com/civicrm/civicrm-wordpress/pull/63#issuecomment-61792328 | |
737 | * @see https://github.com/civicrm/civicrm-core/pull/11086#issuecomment-335454992 | |
738 | */ | |
739 | $cmsRoot = $valid = NULL; | |
740 | ||
741 | $pathVars = explode('/', str_replace('\\', '/', $_SERVER['SCRIPT_FILENAME'])); | |
742 | ||
743 | // Might be Windows installation. | |
744 | $firstVar = array_shift($pathVars); | |
745 | if ($firstVar) { | |
746 | $cmsRoot = $firstVar; | |
747 | } | |
748 | ||
749 | // Start with CMS dir search. | |
750 | foreach ($pathVars as $var) { | |
751 | $cmsRoot .= "/$var"; | |
752 | if ($this->validInstallDir($cmsRoot)) { | |
753 | // Stop as we found bootstrap. | |
754 | $valid = TRUE; | |
755 | break; | |
756 | } | |
6a488035 TO |
757 | } |
758 | ||
759 | return ($valid) ? $cmsRoot : NULL; | |
760 | } | |
761 | ||
bb3a214a | 762 | /** |
17f443df | 763 | * @inheritDoc |
bb3a214a | 764 | */ |
00be9182 | 765 | public function createUser(&$params, $mail) { |
be2fb01f | 766 | $user_data = [ |
6a488035 TO |
767 | 'ID' => '', |
768 | 'user_pass' => $params['cms_pass'], | |
769 | 'user_login' => $params['cms_name'], | |
770 | 'user_email' => $params[$mail], | |
771 | 'nickname' => $params['cms_name'], | |
772 | 'role' => get_option('default_role'), | |
be2fb01f | 773 | ]; |
6a488035 TO |
774 | if (isset($params['contactID'])) { |
775 | $contactType = CRM_Contact_BAO_Contact::getContactType($params['contactID']); | |
776 | if ($contactType == 'Individual') { | |
777 | $user_data['first_name'] = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', | |
778 | $params['contactID'], 'first_name' | |
779 | ); | |
780 | $user_data['last_name'] = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', | |
781 | $params['contactID'], 'last_name' | |
782 | ); | |
783 | } | |
784 | } | |
785 | ||
786 | $uid = wp_insert_user($user_data); | |
787 | ||
be2fb01f | 788 | $creds = []; |
6a488035 TO |
789 | $creds['user_login'] = $params['cms_name']; |
790 | $creds['user_password'] = $params['cms_pass']; | |
791 | $creds['remember'] = TRUE; | |
792 | $user = wp_signon($creds, FALSE); | |
793 | ||
794 | wp_new_user_notification($uid, $user_data['user_pass']); | |
795 | return $uid; | |
796 | } | |
797 | ||
f4aaa82a | 798 | /** |
17f443df | 799 | * @inheritDoc |
6a488035 | 800 | */ |
00be9182 | 801 | public function updateCMSName($ufID, $ufName) { |
6a488035 TO |
802 | // CRM-10620 |
803 | if (function_exists('wp_update_user')) { | |
353ffa53 | 804 | $ufID = CRM_Utils_Type::escape($ufID, 'Integer'); |
6a488035 TO |
805 | $ufName = CRM_Utils_Type::escape($ufName, 'String'); |
806 | ||
be2fb01f | 807 | $values = ['ID' => $ufID, 'user_email' => $ufName]; |
481a74f4 TO |
808 | if ($ufID) { |
809 | wp_update_user($values); | |
6a488035 TO |
810 | } |
811 | } | |
812 | } | |
813 | ||
bb3a214a | 814 | /** |
c490a46a | 815 | * @param array $params |
bb3a214a EM |
816 | * @param $errors |
817 | * @param string $emailName | |
818 | */ | |
00be9182 | 819 | public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email') { |
6a488035 TO |
820 | $config = CRM_Core_Config::singleton(); |
821 | ||
353ffa53 TO |
822 | $dao = new CRM_Core_DAO(); |
823 | $name = $dao->escape(CRM_Utils_Array::value('name', $params)); | |
6a488035 TO |
824 | $email = $dao->escape(CRM_Utils_Array::value('mail', $params)); |
825 | ||
a7488080 | 826 | if (!empty($params['name'])) { |
6a488035 TO |
827 | if (!validate_username($params['name'])) { |
828 | $errors['cms_name'] = ts("Your username contains invalid characters"); | |
829 | } | |
830 | elseif (username_exists(sanitize_user($params['name']))) { | |
be2fb01f | 831 | $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', [1 => $params['name']]); |
6a488035 TO |
832 | } |
833 | } | |
834 | ||
a7488080 | 835 | if (!empty($params['mail'])) { |
6a488035 TO |
836 | if (!is_email($params['mail'])) { |
837 | $errors[$emailName] = "Your email is invaid"; | |
838 | } | |
839 | elseif (email_exists($params['mail'])) { | |
db18d815 | 840 | $errors[$emailName] = ts('The email address %1 already has an account associated with it. <a href="%2">Have you forgotten your password?</a>', |
be2fb01f | 841 | [1 => $params['mail'], 2 => wp_lostpassword_url()] |
6a488035 TO |
842 | ); |
843 | } | |
844 | } | |
845 | } | |
846 | ||
847 | /** | |
17f443df | 848 | * @inheritDoc |
6a488035 TO |
849 | */ |
850 | public function isUserLoggedIn() { | |
851 | $isloggedIn = FALSE; | |
852 | if (function_exists('is_user_logged_in')) { | |
853 | $isloggedIn = is_user_logged_in(); | |
854 | } | |
855 | ||
856 | return $isloggedIn; | |
857 | } | |
858 | ||
8caad0ce | 859 | /** |
860 | * @inheritDoc | |
861 | */ | |
862 | public function isUserRegistrationPermitted() { | |
863 | if (!get_option('users_can_register')) { | |
864 | return FALSE; | |
865 | } | |
866 | return TRUE; | |
867 | } | |
868 | ||
63df6889 HD |
869 | /** |
870 | * @inheritDoc | |
871 | */ | |
1a6630be | 872 | public function isPasswordUserGenerated() { |
63df6889 HD |
873 | return TRUE; |
874 | } | |
875 | ||
bb3a214a EM |
876 | /** |
877 | * @return mixed | |
878 | */ | |
00be9182 | 879 | public function getLoggedInUserObject() { |
2b617cb0 | 880 | if (function_exists('is_user_logged_in') && |
353ffa53 TO |
881 | is_user_logged_in() |
882 | ) { | |
2b617cb0 EM |
883 | global $current_user; |
884 | } | |
885 | return $current_user; | |
886 | } | |
353ffa53 | 887 | |
6a488035 | 888 | /** |
17f443df | 889 | * @inheritDoc |
6a488035 TO |
890 | */ |
891 | public function getLoggedInUfID() { | |
892 | $ufID = NULL; | |
2b617cb0 | 893 | $current_user = $this->getLoggedInUserObject(); |
2e1f50d6 | 894 | return $current_user->ID ?? NULL; |
2b617cb0 EM |
895 | } |
896 | ||
897 | /** | |
17f443df | 898 | * @inheritDoc |
2b617cb0 | 899 | */ |
00be9182 | 900 | public function getLoggedInUniqueIdentifier() { |
2b617cb0 EM |
901 | $user = $this->getLoggedInUserObject(); |
902 | return $this->getUniqueIdentifierFromUserObject($user); | |
6a488035 TO |
903 | } |
904 | ||
32998c82 EM |
905 | /** |
906 | * Get User ID from UserFramework system (Joomla) | |
77855840 TO |
907 | * @param object $user |
908 | * Object as described by the CMS. | |
72b3a70c CW |
909 | * |
910 | * @return int|null | |
32998c82 | 911 | */ |
00be9182 | 912 | public function getUserIDFromUserObject($user) { |
32998c82 EM |
913 | return !empty($user->ID) ? $user->ID : NULL; |
914 | } | |
915 | ||
2b617cb0 | 916 | /** |
17f443df | 917 | * @inheritDoc |
2b617cb0 | 918 | */ |
00be9182 | 919 | public function getUniqueIdentifierFromUserObject($user) { |
2b617cb0 EM |
920 | return empty($user->user_email) ? NULL : $user->user_email; |
921 | } | |
922 | ||
6a488035 | 923 | /** |
17f443df | 924 | * @inheritDoc |
6a488035 TO |
925 | */ |
926 | public function getLoginURL($destination = '') { | |
927 | $config = CRM_Core_Config::singleton(); | |
153155d3 | 928 | $loginURL = wp_login_url(); |
6a488035 TO |
929 | return $loginURL; |
930 | } | |
931 | ||
bb3a214a | 932 | /** |
ad37ac8e | 933 | * FIXME: Do something. |
934 | * | |
935 | * @param \CRM_Core_Form $form | |
936 | * | |
937 | * @return NULL|string | |
bb3a214a | 938 | */ |
6a488035 | 939 | public function getLoginDestination(&$form) { |
408b79bf | 940 | return NULL; |
6a488035 TO |
941 | } |
942 | ||
943 | /** | |
17f443df | 944 | * @inheritDoc |
6a488035 | 945 | */ |
00be9182 | 946 | public function getVersion() { |
6a488035 TO |
947 | if (function_exists('get_bloginfo')) { |
948 | return get_bloginfo('version', 'display'); | |
949 | } | |
950 | else { | |
951 | return 'Unknown'; | |
952 | } | |
953 | } | |
6491539b DL |
954 | |
955 | /** | |
17f443df | 956 | * @inheritDoc |
6491539b | 957 | */ |
00be9182 | 958 | public function getTimeZoneString() { |
6491539b DL |
959 | return get_option('timezone_string'); |
960 | } | |
59f97da6 EM |
961 | |
962 | /** | |
17f443df | 963 | * @inheritDoc |
59f97da6 | 964 | */ |
00be9182 | 965 | public function getUserRecordUrl($contactID) { |
59f97da6 | 966 | $uid = CRM_Core_BAO_UFMatch::getUFId($contactID); |
353ffa53 | 967 | if (CRM_Core_Session::singleton() |
6714d8d2 | 968 | ->get('userID') == $contactID || CRM_Core_Permission::checkAnyPerm(['cms:administer users']) |
353ffa53 | 969 | ) { |
59f97da6 EM |
970 | return CRM_Core_Config::singleton()->userFrameworkBaseURL . "wp-admin/user-edit.php?user_id=" . $uid; |
971 | } | |
972 | } | |
96025800 | 973 | |
469d8dab CW |
974 | /** |
975 | * Append WP js to coreResourcesList. | |
ad37ac8e | 976 | * |
303017a1 | 977 | * @param \Civi\Core\Event\GenericHookEvent $e |
469d8dab | 978 | */ |
303017a1 CW |
979 | public function appendCoreResources(\Civi\Core\Event\GenericHookEvent $e) { |
980 | $e->list[] = 'js/crm.wordpress.js'; | |
469d8dab CW |
981 | } |
982 | ||
03d5592a CW |
983 | /** |
984 | * @inheritDoc | |
62c20d1e CW |
985 | */ |
986 | public function alterAssetUrl(\Civi\Core\Event\GenericHookEvent $e) { | |
987 | // Set menubar breakpoint to match WP admin theme | |
988 | if ($e->asset == 'crm-menubar.css') { | |
989 | $e->params['breakpoint'] = 783; | |
990 | } | |
991 | } | |
992 | ||
993 | /** | |
994 | * @inheritDoc | |
03d5592a CW |
995 | */ |
996 | public function synchronizeUsers() { | |
997 | $config = CRM_Core_Config::singleton(); | |
998 | if (PHP_SAPI != 'cli') { | |
999 | set_time_limit(300); | |
1000 | } | |
1001 | $id = 'ID'; | |
1002 | $mail = 'user_email'; | |
1003 | ||
1004 | $uf = $config->userFramework; | |
1005 | $contactCount = 0; | |
1006 | $contactCreated = 0; | |
1007 | $contactMatching = 0; | |
1008 | ||
5b4ee130 CW |
1009 | // Previously used the $wpdb global - which means WordPress *must* be bootstrapped. |
1010 | $wpUsers = get_users(array( | |
1011 | 'blog_id' => get_current_blog_id(), | |
1012 | 'number' => -1, | |
1013 | )); | |
03d5592a | 1014 | |
5b4ee130 | 1015 | foreach ($wpUsers as $wpUserData) { |
03d5592a CW |
1016 | $contactCount++; |
1017 | if ($match = CRM_Core_BAO_UFMatch::synchronizeUFMatch($wpUserData, | |
1018 | $wpUserData->$id, | |
1019 | $wpUserData->$mail, | |
1020 | $uf, | |
1021 | 1, | |
1022 | 'Individual', | |
1023 | TRUE | |
1024 | ) | |
1025 | ) { | |
1026 | $contactCreated++; | |
1027 | } | |
1028 | else { | |
1029 | $contactMatching++; | |
1030 | } | |
5b4ee130 CW |
1031 | if (is_object($match)) { |
1032 | $match->free(); | |
1033 | } | |
03d5592a CW |
1034 | } |
1035 | ||
be2fb01f | 1036 | return [ |
03d5592a CW |
1037 | 'contactCount' => $contactCount, |
1038 | 'contactMatching' => $contactMatching, | |
1039 | 'contactCreated' => $contactCreated, | |
be2fb01f | 1040 | ]; |
03d5592a CW |
1041 | } |
1042 | ||
79dd7fe9 | 1043 | /** |
46dddc5c SL |
1044 | * Send an HTTP Response base on PSR HTTP RespnseInterface response. |
1045 | * | |
1046 | * @param \Psr\Http\Message\ResponseInterface $response | |
79dd7fe9 | 1047 | */ |
46dddc5c SL |
1048 | public function sendResponse(\Psr\Http\Message\ResponseInterface $response) { |
1049 | // use WordPress function status_header to ensure 404 response is sent | |
1050 | status_header($response->getStatusCode()); | |
90f6c8df SL |
1051 | foreach ($response->getHeaders() as $name => $values) { |
1052 | CRM_Utils_System::setHttpHeader($name, implode(', ', (array) $values)); | |
79dd7fe9 | 1053 | } |
46dddc5c SL |
1054 | echo $response->getBody(); |
1055 | CRM_Utils_System::civiExit(); | |
79dd7fe9 SL |
1056 | } |
1057 | ||
b07855e9 CW |
1058 | /** |
1059 | * Start a new session if there's no existing session ID. | |
1060 | * | |
1061 | * Checks are needed to prevent sessions being started when not necessary. | |
1062 | */ | |
1063 | public function sessionStart() { | |
1064 | $session_id = session_id(); | |
1065 | ||
1066 | // Check WordPress pseudo-cron. | |
1067 | $wp_cron = FALSE; | |
1068 | if (function_exists('wp_doing_cron') && wp_doing_cron()) { | |
1069 | $wp_cron = TRUE; | |
1070 | } | |
1071 | ||
1072 | // Check WP-CLI. | |
1073 | $wp_cli = FALSE; | |
1074 | if (defined('WP_CLI') && WP_CLI) { | |
1075 | $wp_cli = TRUE; | |
1076 | } | |
1077 | ||
1078 | // Check PHP on the command line - e.g. `cv`. | |
1079 | $php_cli = TRUE; | |
1080 | if (PHP_SAPI !== 'cli') { | |
1081 | $php_cli = FALSE; | |
1082 | } | |
1083 | ||
1084 | // Maybe start session. | |
1085 | if (empty($session_id) && !$wp_cron && !$wp_cli && !$php_cli) { | |
1086 | session_start(); | |
1087 | } | |
1088 | } | |
1089 | ||
bef5923d CW |
1090 | /** |
1091 | * Perform any necessary actions prior to redirecting via POST. | |
1092 | * | |
1093 | * Redirecting via POST means that cookies need to be sent with SameSite=None. | |
1094 | */ | |
1095 | public function prePostRedirect() { | |
1096 | // Get User Agent string. | |
1097 | $rawUserAgent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; | |
1098 | $userAgent = mb_convert_encoding($rawUserAgent, 'UTF-8'); | |
1099 | ||
1100 | // Bail early if User Agent does not support `SameSite=None`. | |
1101 | $shouldUseSameSite = CRM_Utils_SameSite::shouldSendSameSiteNone($userAgent); | |
1102 | if (!$shouldUseSameSite) { | |
1103 | return; | |
1104 | } | |
1105 | ||
1106 | // Make sure session cookie is present in header. | |
1107 | $cookie_params = session_name() . '=' . session_id() . '; SameSite=None; Secure'; | |
1108 | CRM_Utils_System::setHttpHeader('Set-Cookie', $cookie_params); | |
1109 | ||
1110 | // Add WordPress auth cookies when user is logged in. | |
1111 | $user = wp_get_current_user(); | |
1112 | if ($user->exists()) { | |
1113 | self::setAuthCookies($user->ID, TRUE, TRUE); | |
1114 | } | |
1115 | } | |
1116 | ||
1117 | /** | |
1118 | * Explicitly set WordPress authentication cookies. | |
1119 | * | |
1120 | * Chrome 84 introduced a cookie policy change which prevents cookies for the | |
1121 | * session and for WordPress user authentication from being indentified when | |
1122 | * a purchaser returns to the site from PayPal using the "Back to Merchant" | |
1123 | * button. | |
1124 | * | |
1125 | * In order to comply with this policy, cookies need to be sent with their | |
1126 | * "SameSite" attribute set to "None" and with the "Secure" flag set, but this | |
1127 | * isn't possible to do via `wp_set_auth_cookie()` as it stands. | |
1128 | * | |
1129 | * This method is a modified clone of `wp_set_auth_cookie()` which satisfies | |
1130 | * the Chrome policy. | |
1131 | * | |
1132 | * @see wp_set_auth_cookie() | |
1133 | * | |
1134 | * The $remember parameter increases the time that the cookie will be kept. The | |
1135 | * default the cookie is kept without remembering is two days. When $remember is | |
1136 | * set, the cookies will be kept for 14 days or two weeks. | |
1137 | * | |
1138 | * @param int $user_id The WordPress User ID. | |
1139 | * @param bool $remember Whether to remember the user. | |
1140 | * @param bool|string $secure Whether the auth cookie should only be sent over | |
1141 | * HTTPS. Default is an empty string which means the | |
1142 | * value of `is_ssl()` will be used. | |
1143 | * @param string $token Optional. User's session token to use for this cookie. | |
1144 | */ | |
1145 | private function setAuthCookies($user_id, $remember = FALSE, $secure = '', $token = '') { | |
1146 | if ($remember) { | |
1147 | /** This filter is documented in wp-includes/pluggable.php */ | |
1148 | $expiration = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember); | |
1149 | ||
1150 | /* | |
1151 | * Ensure the browser will continue to send the cookie after the expiration time is reached. | |
1152 | * Needed for the login grace period in wp_validate_auth_cookie(). | |
1153 | */ | |
1154 | $expire = $expiration + (12 * HOUR_IN_SECONDS); | |
1155 | } | |
1156 | else { | |
1157 | /** This filter is documented in wp-includes/pluggable.php */ | |
1158 | $expiration = time() + apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember); | |
1159 | $expire = 0; | |
1160 | } | |
1161 | ||
1162 | if ('' === $secure) { | |
1163 | $secure = is_ssl(); | |
1164 | } | |
1165 | ||
1166 | // Front-end cookie is secure when the auth cookie is secure and the site's home URL is forced HTTPS. | |
1167 | $secure_logged_in_cookie = $secure && 'https' === parse_url(get_option('home'), PHP_URL_SCHEME); | |
1168 | ||
1169 | /** This filter is documented in wp-includes/pluggable.php */ | |
1170 | $secure = apply_filters('secure_auth_cookie', $secure, $user_id); | |
1171 | ||
1172 | /** This filter is documented in wp-includes/pluggable.php */ | |
1173 | $secure_logged_in_cookie = apply_filters('secure_logged_in_cookie', $secure_logged_in_cookie, $user_id, $secure); | |
1174 | ||
1175 | if ($secure) { | |
1176 | $auth_cookie_name = SECURE_AUTH_COOKIE; | |
1177 | $scheme = 'secure_auth'; | |
1178 | } | |
1179 | else { | |
1180 | $auth_cookie_name = AUTH_COOKIE; | |
1181 | $scheme = 'auth'; | |
1182 | } | |
1183 | ||
1184 | if ('' === $token) { | |
1185 | $manager = WP_Session_Tokens::get_instance($user_id); | |
1186 | $token = $manager->create($expiration); | |
1187 | } | |
1188 | ||
1189 | $auth_cookie = wp_generate_auth_cookie($user_id, $expiration, $scheme, $token); | |
1190 | $logged_in_cookie = wp_generate_auth_cookie($user_id, $expiration, 'logged_in', $token); | |
1191 | ||
1192 | /** This filter is documented in wp-includes/pluggable.php */ | |
1193 | do_action('set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme, $token); | |
1194 | ||
1195 | /** This filter is documented in wp-includes/pluggable.php */ | |
1196 | do_action('set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in', $token); | |
1197 | ||
1198 | /** This filter is documented in wp-includes/pluggable.php */ | |
1199 | if (!apply_filters('send_auth_cookies', TRUE)) { | |
1200 | return; | |
1201 | } | |
1202 | ||
1203 | $base_options = [ | |
1204 | 'expires' => $expire, | |
1205 | 'domain' => COOKIE_DOMAIN, | |
1206 | 'httponly' => TRUE, | |
1207 | 'samesite' => 'None', | |
1208 | ]; | |
1209 | ||
1210 | self::setAuthCookie($auth_cookie_name, $auth_cookie, $base_options + ['secure' => $secure, 'path' => PLUGINS_COOKIE_PATH]); | |
1211 | self::setAuthCookie($auth_cookie_name, $auth_cookie, $base_options + ['secure' => $secure, 'path' => ADMIN_COOKIE_PATH]); | |
1212 | self::setAuthCookie(LOGGED_IN_COOKIE, $logged_in_cookie, $base_options + ['secure' => $secure_logged_in_cookie, 'path' => COOKIEPATH]); | |
1213 | if (COOKIEPATH != SITECOOKIEPATH) { | |
1214 | self::setAuthCookie(LOGGED_IN_COOKIE, $logged_in_cookie, $base_options + ['secure' => $secure_logged_in_cookie, 'path' => SITECOOKIEPATH]); | |
1215 | } | |
1216 | } | |
1217 | ||
1218 | /** | |
1219 | * Set cookie with "SameSite" flag. | |
1220 | * | |
1221 | * The method here is compatible with all versions of PHP. Needed because it | |
1222 | * is only as of PHP 7.3.0 that the setcookie() method supports the "SameSite" | |
1223 | * attribute in its options and will accept "None" as a valid value. | |
1224 | * | |
1225 | * @param $name The name of the cookie. | |
1226 | * @param $value The value of the cookie. | |
1227 | * @param array $options The header options for the cookie. | |
1228 | */ | |
1229 | private function setAuthCookie($name, $value, $options) { | |
1230 | $header = 'Set-Cookie: '; | |
1231 | $header .= rawurlencode($name) . '=' . rawurlencode($value) . '; '; | |
1232 | $header .= 'expires=' . gmdate('D, d-M-Y H:i:s T', $options['expires']) . '; '; | |
1233 | $header .= 'Max-Age=' . max(0, (int) ($options['expires'] - time())) . '; '; | |
1234 | $header .= 'path=' . rawurlencode($options['path']) . '; '; | |
1235 | $header .= 'domain=' . rawurlencode($options['domain']) . '; '; | |
1236 | ||
1237 | if (!empty($options['secure'])) { | |
1238 | $header .= 'secure; '; | |
1239 | } | |
1240 | $header .= 'httponly; '; | |
1241 | $header .= 'SameSite=' . rawurlencode($options['samesite']); | |
1242 | ||
1243 | header($header, FALSE); | |
1244 | $_COOKIE[$name] = $value; | |
1245 | } | |
1246 | ||
6a488035 | 1247 | } |