Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
bc77d7c0 | 4 | | Copyright CiviCRM LLC. All rights reserved. | |
6a488035 | 5 | | | |
bc77d7c0 TO |
6 | | This work is published under the GNU AGPLv3 license with some | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
6a488035 | 9 | +--------------------------------------------------------------------+ |
d25dd0ee | 10 | */ |
6a488035 TO |
11 | |
12 | /** | |
13 | * | |
14 | * @package CRM | |
ca5cec67 | 15 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
6a488035 TO |
16 | */ |
17 | ||
18 | /** | |
19 | * WordPress specific stuff goes here | |
20 | */ | |
21 | class CRM_Utils_System_WordPress extends CRM_Utils_System_Base { | |
6714d8d2 | 22 | |
11eed110 TO |
23 | /** |
24 | * Get a normalized version of the wpBasePage. | |
25 | */ | |
26 | public static function getBasePage() { | |
1e2423ed | 27 | return strtolower(rtrim(Civi::settings()->get('wpBasePage'), '/')); |
11eed110 TO |
28 | } |
29 | ||
bb3a214a | 30 | /** |
bb3a214a | 31 | */ |
00be9182 | 32 | public function __construct() { |
4caaa696 EM |
33 | /** |
34 | * deprecated property to check if this is a drupal install. The correct method is to have functions on the UF classes for all UF specific | |
35 | * functions and leave the codebase oblivious to the type of CMS | |
36 | * @deprecated | |
37 | * @var bool | |
38 | */ | |
6a488035 | 39 | $this->is_drupal = FALSE; |
fe17e8d1 | 40 | $this->is_wordpress = TRUE; |
6a488035 TO |
41 | } |
42 | ||
9509977f TO |
43 | public function initialize() { |
44 | parent::initialize(); | |
45 | $this->registerPathVars(); | |
46 | } | |
47 | ||
48 | /** | |
49 | * Specify the default computation for various paths/URLs. | |
50 | */ | |
51 | protected function registerPathVars():void { | |
716bdc94 TO |
52 | $isNormalBoot = function_exists('get_option'); |
53 | if ($isNormalBoot) { | |
54 | // Normal mode - CMS boots first, then calls Civi. "Normal" web pages and newer extern routes. | |
55 | // To simplify the code-paths, some items are re-registered with WP-specific functions. | |
56 | $cmsRoot = function() { | |
9509977f | 57 | return [ |
716bdc94 TO |
58 | 'path' => untrailingslashit(ABSPATH), |
59 | 'url' => home_url(), | |
9509977f | 60 | ]; |
716bdc94 TO |
61 | }; |
62 | Civi::paths()->register('cms', $cmsRoot); | |
63 | Civi::paths()->register('cms.root', $cmsRoot); | |
716bdc94 TO |
64 | Civi::paths()->register('civicrm.root', function () { |
65 | return [ | |
66 | 'path' => CIVICRM_PLUGIN_DIR . 'civicrm' . DIRECTORY_SEPARATOR, | |
67 | 'url' => CIVICRM_PLUGIN_URL . 'civicrm/', | |
68 | ]; | |
69 | }); | |
70 | Civi::paths()->register('wp.frontend.base', function () { | |
71 | return [ | |
72 | 'url' => home_url('/'), | |
73 | ]; | |
74 | }); | |
75 | Civi::paths()->register('wp.frontend', function () { | |
76 | $config = CRM_Core_Config::singleton(); | |
77 | $basepage = get_page_by_path($config->wpBasePage); | |
78 | return [ | |
79 | 'url' => get_permalink($basepage->ID), | |
80 | ]; | |
81 | }); | |
82 | Civi::paths()->register('wp.backend.base', function () { | |
83 | return [ | |
84 | 'url' => admin_url(), | |
85 | ]; | |
86 | }); | |
87 | Civi::paths()->register('wp.backend', function() { | |
88 | return [ | |
89 | 'url' => admin_url('admin.php'), | |
90 | ]; | |
91 | }); | |
ad428bcd SL |
92 | Civi::paths()->register('civicrm.files', function () { |
93 | $upload_dir = wp_get_upload_dir(); | |
94 | ||
95 | $old = CRM_Core_Config::singleton()->userSystem->getDefaultFileStorage(); | |
96 | $new = [ | |
97 | 'path' => $upload_dir['basedir'] . DIRECTORY_SEPARATOR . 'civicrm' . DIRECTORY_SEPARATOR, | |
98 | 'url' => $upload_dir['baseurl'] . '/civicrm/', | |
99 | ]; | |
100 | ||
101 | if ($old['path'] === $new['path']) { | |
102 | return $new; | |
103 | } | |
104 | ||
105 | $oldExists = file_exists($old['path']); | |
106 | $newExists = file_exists($new['path']); | |
107 | ||
108 | if ($oldExists && !$newExists) { | |
109 | return $old; | |
110 | } | |
111 | elseif (!$oldExists && $newExists) { | |
112 | return $new; | |
113 | } | |
114 | elseif (!$oldExists && !$newExists) { | |
115 | // neither exists. but that's ok. we're in one of these two cases: | |
116 | // - we're just starting installation... which will get sorted in a moment | |
117 | // when someone calls mkdir(). | |
118 | // - we're running a bespoke setup... which will get sorted in a moment | |
119 | // by applying $civicrm_paths. | |
120 | return $new; | |
121 | } | |
122 | elseif ($oldExists && $newExists) { | |
123 | // situation ambiguous. encourage admin to set value explicitly. | |
124 | if (!isset($GLOBALS['civicrm_paths']['civicrm.files'])) { | |
125 | \Civi::log()->warning("The system has data from both old+new conventions. Please use civicrm.settings.php to set civicrm.files explicitly."); | |
126 | } | |
127 | return $new; | |
128 | } | |
129 | }); | |
716bdc94 TO |
130 | } |
131 | else { | |
132 | // Legacy support - only relevant for older extern routes. | |
133 | Civi::paths() | |
134 | ->register('wp.frontend.base', function () { | |
135 | return ['url' => rtrim(CIVICRM_UF_BASEURL, '/') . '/']; | |
136 | }) | |
137 | ->register('wp.frontend', function () { | |
138 | $config = \CRM_Core_Config::singleton(); | |
139 | $suffix = defined('CIVICRM_UF_WP_BASEPAGE') ? CIVICRM_UF_WP_BASEPAGE : $config->wpBasePage; | |
140 | return [ | |
141 | 'url' => Civi::paths()->getVariable('wp.frontend.base', 'url') . $suffix, | |
142 | ]; | |
143 | }) | |
144 | ->register('wp.backend.base', function () { | |
145 | return ['url' => rtrim(CIVICRM_UF_BASEURL, '/') . '/wp-admin/']; | |
146 | }) | |
147 | ->register('wp.backend', function () { | |
148 | return [ | |
149 | 'url' => Civi::paths()->getVariable('wp.backend.base', 'url') . 'admin.php', | |
150 | ]; | |
151 | }); | |
152 | } | |
9509977f TO |
153 | } |
154 | ||
6a488035 | 155 | /** |
17f443df | 156 | * @inheritDoc |
6a488035 | 157 | */ |
00be9182 | 158 | public function setTitle($title, $pageTitle = NULL) { |
6a488035 TO |
159 | if (!$pageTitle) { |
160 | $pageTitle = $title; | |
161 | } | |
1beae3b1 | 162 | |
17f443df CW |
163 | // FIXME: Why is this global? |
164 | global $civicrm_wp_title; | |
165 | $civicrm_wp_title = $title; | |
1beae3b1 | 166 | |
17f443df CW |
167 | // yes, set page title, depending on context |
168 | $context = civi_wp()->civicrm_context_get(); | |
169 | switch ($context) { | |
170 | case 'admin': | |
171 | case 'shortcode': | |
172 | $template = CRM_Core_Smarty::singleton(); | |
173 | $template->assign('pageTitle', $pageTitle); | |
6a488035 TO |
174 | } |
175 | } | |
176 | ||
7ba2c8ad KC |
177 | /** |
178 | * Moved from CRM_Utils_System_Base | |
179 | */ | |
180 | public function getDefaultFileStorage() { | |
4db100ce TO |
181 | // NOTE: On WordPress, this will be circumvented in the future. However, |
182 | // should retain it to allow transitional/upgrade code determine the old value. | |
183 | ||
8ce9d9d6 TO |
184 | $config = CRM_Core_Config::singleton(); |
185 | $cmsUrl = CRM_Utils_System::languageNegotiationURL($config->userFrameworkBaseURL, FALSE, TRUE); | |
186 | $cmsPath = $this->cmsRootPath(); | |
187 | $filesPath = CRM_Utils_File::baseFilePath(); | |
188 | $filesRelPath = CRM_Utils_File::relativize($filesPath, $cmsPath); | |
189 | $filesURL = rtrim($cmsUrl, '/') . '/' . ltrim($filesRelPath, ' /'); | |
be2fb01f | 190 | return [ |
8ce9d9d6 TO |
191 | 'url' => CRM_Utils_File::addTrailingSlash($filesURL, '/'), |
192 | 'path' => CRM_Utils_File::addTrailingSlash($filesPath), | |
be2fb01f | 193 | ]; |
8ce9d9d6 TO |
194 | } |
195 | ||
196 | /** | |
197 | * Determine the location of the CiviCRM source tree. | |
198 | * | |
199 | * @return array | |
200 | * - url: string. ex: "http://example.com/sites/all/modules/civicrm" | |
201 | * - path: string. ex: "/var/www/sites/all/modules/civicrm" | |
202 | */ | |
203 | public function getCiviSourceStorage() { | |
7ba2c8ad | 204 | global $civicrm_root; |
7ba2c8ad | 205 | |
8ce9d9d6 TO |
206 | // Don't use $config->userFrameworkBaseURL; it has garbage on it. |
207 | // More generally, we shouldn't be using $config here. | |
208 | if (!defined('CIVICRM_UF_BASEURL')) { | |
209 | throw new RuntimeException('Undefined constant: CIVICRM_UF_BASEURL'); | |
7ba2c8ad | 210 | } |
8ce9d9d6 TO |
211 | |
212 | $cmsPath = $this->cmsRootPath(); | |
213 | ||
214 | // $config = CRM_Core_Config::singleton(); | |
215 | // overkill? // $cmsUrl = CRM_Utils_System::languageNegotiationURL($config->userFrameworkBaseURL, FALSE, TRUE); | |
216 | $cmsUrl = CIVICRM_UF_BASEURL; | |
217 | if (CRM_Utils_System::isSSL()) { | |
218 | $cmsUrl = str_replace('http://', 'https://', $cmsUrl); | |
7ba2c8ad | 219 | } |
d8182404 | 220 | $civiRelPath = CRM_Utils_File::relativize(realpath($civicrm_root), realpath($cmsPath)); |
8ce9d9d6 | 221 | $civiUrl = rtrim($cmsUrl, '/') . '/' . ltrim($civiRelPath, ' /'); |
be2fb01f | 222 | return [ |
8ce9d9d6 TO |
223 | 'url' => CRM_Utils_File::addTrailingSlash($civiUrl, '/'), |
224 | 'path' => CRM_Utils_File::addTrailingSlash($civicrm_root), | |
be2fb01f | 225 | ]; |
7ba2c8ad KC |
226 | } |
227 | ||
6a488035 | 228 | /** |
17f443df | 229 | * @inheritDoc |
6a488035 | 230 | */ |
00be9182 | 231 | public function appendBreadCrumb($breadCrumbs) { |
6a488035 TO |
232 | $breadCrumb = wp_get_breadcrumb(); |
233 | ||
234 | if (is_array($breadCrumbs)) { | |
235 | foreach ($breadCrumbs as $crumbs) { | |
236 | if (stripos($crumbs['url'], 'id%%')) { | |
be2fb01f | 237 | $args = ['cid', 'mid']; |
6a488035 TO |
238 | foreach ($args as $a) { |
239 | $val = CRM_Utils_Request::retrieve($a, 'Positive', CRM_Core_DAO::$_nullObject, | |
240 | FALSE, NULL, $_GET | |
241 | ); | |
242 | if ($val) { | |
243 | $crumbs['url'] = str_ireplace("%%{$a}%%", $val, $crumbs['url']); | |
244 | } | |
245 | } | |
246 | } | |
247 | $breadCrumb[] = "<a href=\"{$crumbs['url']}\">{$crumbs['title']}</a>"; | |
248 | } | |
249 | } | |
250 | ||
251 | $template = CRM_Core_Smarty::singleton(); | |
252 | $template->assign_by_ref('breadcrumb', $breadCrumb); | |
253 | wp_set_breadcrumb($breadCrumb); | |
254 | } | |
255 | ||
256 | /** | |
17f443df | 257 | * @inheritDoc |
6a488035 | 258 | */ |
00be9182 | 259 | public function resetBreadCrumb() { |
be2fb01f | 260 | $bc = []; |
6a488035 TO |
261 | wp_set_breadcrumb($bc); |
262 | } | |
263 | ||
264 | /** | |
17f443df | 265 | * @inheritDoc |
6a488035 | 266 | */ |
00be9182 | 267 | public function addHTMLHead($head) { |
6a488035 TO |
268 | static $registered = FALSE; |
269 | if (!$registered) { | |
270 | // front-end view | |
be2fb01f | 271 | add_action('wp_head', [__CLASS__, '_showHTMLHead']); |
6a488035 | 272 | // back-end views |
be2fb01f | 273 | add_action('admin_head', [__CLASS__, '_showHTMLHead']); |
227d65b7 | 274 | $registered = TRUE; |
6a488035 | 275 | } |
be2fb01f | 276 | CRM_Core_Region::instance('wp_head')->add([ |
6a488035 | 277 | 'markup' => $head, |
be2fb01f | 278 | ]); |
6a488035 TO |
279 | } |
280 | ||
17f443df | 281 | /** |
fe482240 | 282 | * WP action callback. |
17f443df | 283 | */ |
00be9182 | 284 | public static function _showHTMLHead() { |
6a488035 TO |
285 | $region = CRM_Core_Region::instance('wp_head', FALSE); |
286 | if ($region) { | |
287 | echo $region->render(''); | |
288 | } | |
289 | } | |
290 | ||
291 | /** | |
17f443df | 292 | * @inheritDoc |
6a488035 | 293 | */ |
00be9182 | 294 | public function mapConfigToSSL() { |
6a488035 TO |
295 | global $base_url; |
296 | $base_url = str_replace('http://', 'https://', $base_url); | |
297 | } | |
298 | ||
299 | /** | |
17f443df | 300 | * @inheritDoc |
6a488035 | 301 | */ |
408b79bf | 302 | public function url( |
6a488035 TO |
303 | $path = NULL, |
304 | $query = NULL, | |
305 | $absolute = FALSE, | |
306 | $fragment = NULL, | |
6a488035 | 307 | $frontend = FALSE, |
8de2a34e SL |
308 | $forceBackend = FALSE, |
309 | $htmlize = TRUE | |
6a488035 | 310 | ) { |
353ffa53 TO |
311 | $config = CRM_Core_Config::singleton(); |
312 | $script = ''; | |
c80e2dbf | 313 | $separator = '&'; |
353ffa53 | 314 | $wpPageParam = ''; |
887f5d81 | 315 | $fragment = isset($fragment) ? ('#' . $fragment) : ''; |
6a488035 TO |
316 | |
317 | $path = CRM_Utils_String::stripPathChars($path); | |
df17aa21 | 318 | $basepage = FALSE; |
6a488035 TO |
319 | |
320 | //this means wp function we are trying to use is not available, | |
321 | //so load bootStrap | |
d8182404 | 322 | // FIXME: Why bootstrap in url()? Generally want to define 1-2 strategic places to put bootstrap |
6a488035 | 323 | if (!function_exists('get_option')) { |
d8182404 | 324 | $this->loadBootStrap(); |
6a488035 | 325 | } |
df17aa21 | 326 | |
6a488035 | 327 | if ($config->userFrameworkFrontend) { |
df17aa21 | 328 | global $post; |
887f5d81 | 329 | if (get_option('permalink_structure') != '') { |
337df6ce | 330 | $script = $post ? get_permalink($post->ID) : ""; |
6a488035 | 331 | } |
337df6ce | 332 | if ($post && $config->wpBasePage == $post->post_name) { |
df17aa21 CW |
333 | $basepage = TRUE; |
334 | } | |
01aca362 | 335 | // when shortcode is included in page |
6a488035 | 336 | // also make sure we have valid query object |
df17aa21 | 337 | // FIXME: $wpPageParam has no effect and is only set on the *basepage* |
6a488035 | 338 | global $wp_query; |
df17aa21 | 339 | if (get_option('permalink_structure') == '' && method_exists($wp_query, 'get')) { |
6a488035 | 340 | if (get_query_var('page_id')) { |
887f5d81 | 341 | $wpPageParam = "page_id=" . get_query_var('page_id'); |
6a488035 TO |
342 | } |
343 | elseif (get_query_var('p')) { | |
344 | // when shortcode is inserted in post | |
887f5d81 | 345 | $wpPageParam = "p=" . get_query_var('p'); |
6a488035 TO |
346 | } |
347 | } | |
348 | } | |
349 | ||
887f5d81 TO |
350 | $base = $this->getBaseUrl($absolute, $frontend, $forceBackend); |
351 | ||
352 | if (!isset($path) && !isset($query)) { | |
353 | // FIXME: This short-circuited codepath is the same as the general one below, except | |
354 | // in that it ignores "permlink_structure" / $wpPageParam / $script . I don't know | |
355 | // why it's different (and I can only find two obvious use-cases for this codepath, | |
356 | // of which at least one looks gratuitous). A more ambitious person would simply remove | |
357 | // this code. | |
358 | return $base . $fragment; | |
359 | } | |
360 | ||
361 | if (!$forceBackend && get_option('permalink_structure') != '' && ($wpPageParam || $script != '')) { | |
362 | $base = $script; | |
6a488035 TO |
363 | } |
364 | ||
be2fb01f | 365 | $queryParts = []; |
df17aa21 | 366 | |
df17aa21 CW |
367 | if ( |
368 | // not using clean URLs | |
369 | !$config->cleanURL | |
370 | // requesting an admin URL | |
371 | || ((is_admin() && !$frontend) || $forceBackend) | |
372 | // is shortcode | |
373 | || (!$basepage && $script != '') | |
374 | ) { | |
375 | ||
376 | // pre-existing logic | |
377 | if (isset($path)) { | |
25bd5735 CW |
378 | // Admin URLs still need "page=CiviCRM", front-end URLs do not. |
379 | if ((is_admin() && !$frontend) || $forceBackend) { | |
380 | $queryParts[] = 'page=CiviCRM'; | |
381 | } | |
382 | else { | |
383 | $queryParts[] = 'civiwp=CiviCRM'; | |
384 | } | |
cdef34e0 | 385 | $queryParts[] = 'q=' . rawurlencode($path); |
df17aa21 CW |
386 | } |
387 | if ($wpPageParam) { | |
388 | $queryParts[] = $wpPageParam; | |
389 | } | |
ffa62912 | 390 | if (!empty($query)) { |
df17aa21 CW |
391 | $queryParts[] = $query; |
392 | } | |
393 | ||
394 | $final = $base . '?' . implode($separator, $queryParts) . $fragment; | |
395 | ||
887f5d81 | 396 | } |
df17aa21 CW |
397 | else { |
398 | ||
399 | // clean URLs | |
400 | if (isset($path)) { | |
401 | $base = trailingslashit($base) . str_replace('civicrm/', '', $path) . '/'; | |
402 | } | |
403 | if (isset($query)) { | |
404 | $query = ltrim($query, '=?&'); | |
405 | $queryParts[] = $query; | |
406 | } | |
407 | ||
408 | if (!empty($queryParts)) { | |
409 | $final = $base . '?' . implode($separator, $queryParts) . $fragment; | |
410 | } | |
411 | else { | |
412 | $final = $base . $fragment; | |
413 | } | |
414 | ||
6a488035 TO |
415 | } |
416 | ||
df17aa21 | 417 | return $final; |
887f5d81 TO |
418 | } |
419 | ||
bb3a214a | 420 | /** |
f553d1ea KC |
421 | * 27-09-2016 |
422 | * CRM-16421 CRM-17633 WIP Changes to support WP in it's own directory | |
423 | * https://wiki.civicrm.org/confluence/display/CRM/WordPress+installed+in+its+own+directory+issues | |
424 | * For now leave hard coded wp-admin references. | |
425 | * TODO: remove wp-admin references and replace with admin_url() in the future. Look at best way to get path to admin_url | |
426 | * | |
bb3a214a EM |
427 | * @param $absolute |
428 | * @param $frontend | |
429 | * @param $forceBackend | |
430 | * | |
431 | * @return mixed|null|string | |
432 | */ | |
887f5d81 | 433 | private function getBaseUrl($absolute, $frontend, $forceBackend) { |
353ffa53 | 434 | $config = CRM_Core_Config::singleton(); |
6a488035 | 435 | if ((is_admin() && !$frontend) || $forceBackend) { |
f553d1ea | 436 | return Civi::paths()->getUrl('[wp.backend]/.', $absolute ? 'absolute' : 'relative'); |
6a488035 | 437 | } |
f553d1ea KC |
438 | else { |
439 | return Civi::paths()->getUrl('[wp.frontend]/.', $absolute ? 'absolute' : 'relative'); | |
36b820ae | 440 | } |
01aca362 | 441 | } |
6a488035 TO |
442 | |
443 | /** | |
17f443df | 444 | * @inheritDoc |
6a488035 | 445 | */ |
00be9182 | 446 | public function authenticate($name, $password, $loadCMSBootstrap = FALSE, $realPath = NULL) { |
6a488035 TO |
447 | $config = CRM_Core_Config::singleton(); |
448 | ||
449 | if ($loadCMSBootstrap) { | |
9ba02e3e TO |
450 | $config->userSystem->loadBootStrap([ |
451 | 'name' => $name, | |
452 | 'pass' => $password, | |
453 | ]); | |
6a488035 TO |
454 | } |
455 | ||
456 | $user = wp_authenticate($name, $password); | |
457 | if (is_a($user, 'WP_Error')) { | |
458 | return FALSE; | |
459 | } | |
460 | ||
17f443df | 461 | // TODO: need to change this to make sure we matched only one row |
6a488035 TO |
462 | |
463 | CRM_Core_BAO_UFMatch::synchronizeUFMatch($user->data, $user->data->ID, $user->data->user_email, 'WordPress'); | |
464 | $contactID = CRM_Core_BAO_UFMatch::getContactId($user->data->ID); | |
465 | if (!$contactID) { | |
466 | return FALSE; | |
467 | } | |
be2fb01f | 468 | return [$contactID, $user->data->ID, mt_rand()]; |
6a488035 TO |
469 | } |
470 | ||
471 | /** | |
17f443df | 472 | * FIXME: Do something |
ea3ddccf | 473 | * |
474 | * @param string $message | |
6a488035 | 475 | */ |
00be9182 | 476 | public function setMessage($message) { |
6a488035 TO |
477 | } |
478 | ||
bb3a214a | 479 | /** |
b596c3e9 | 480 | * @param \string $user |
ea3ddccf | 481 | * |
482 | * @return bool | |
bb3a214a | 483 | */ |
e7292422 | 484 | public function loadUser($user) { |
b596c3e9 | 485 | $userdata = get_user_by('login', $user); |
486 | if (!$userdata->data->ID) { | |
7ca9cd52 | 487 | return FALSE; |
b596c3e9 | 488 | } |
489 | ||
490 | $uid = $userdata->data->ID; | |
491 | wp_set_current_user($uid); | |
492 | $contactID = CRM_Core_BAO_UFMatch::getContactId($uid); | |
493 | ||
494 | // lets store contact id and user id in session | |
495 | $session = CRM_Core_Session::singleton(); | |
496 | $session->set('ufID', $uid); | |
497 | $session->set('userID', $contactID); | |
e7292422 | 498 | return TRUE; |
6a488035 TO |
499 | } |
500 | ||
17f443df CW |
501 | /** |
502 | * FIXME: Use CMS-native approach | |
309310bf | 503 | * @throws \CRM_Core_Exception |
17f443df | 504 | */ |
00be9182 | 505 | public function permissionDenied() { |
34d96c0a | 506 | status_header(403); |
309310bf | 507 | throw new CRM_Core_Exception(ts('You do not have permission to access this page.')); |
6a488035 TO |
508 | } |
509 | ||
8ee9bea9 SL |
510 | /** |
511 | * Determine the native ID of the CMS user. | |
512 | * | |
513 | * @param string $username | |
e97c66ff | 514 | * |
515 | * @return int|null | |
8ee9bea9 SL |
516 | */ |
517 | public function getUfId($username) { | |
518 | $userdata = get_user_by('login', $username); | |
519 | if (!$userdata->data->ID) { | |
520 | return NULL; | |
521 | } | |
522 | return $userdata->data->ID; | |
523 | } | |
524 | ||
17f443df CW |
525 | /** |
526 | * @inheritDoc | |
527 | */ | |
00be9182 | 528 | public function logout() { |
6a488035 TO |
529 | // destroy session |
530 | if (session_id()) { | |
531 | session_destroy(); | |
532 | } | |
533 | wp_logout(); | |
534 | wp_redirect(wp_login_url()); | |
535 | } | |
536 | ||
6a488035 | 537 | /** |
17f443df | 538 | * @inheritDoc |
6a488035 | 539 | */ |
00be9182 | 540 | public function getUFLocale() { |
742eb5c6 CW |
541 | // Bail early if method is called when WordPress isn't bootstrapped. |
542 | // Additionally, the function checked here is located in pluggable.php | |
543 | // and is required by wp_get_referer() - so this also bails early if it is | |
544 | // called too early in the request lifecycle. | |
545 | // @see https://core.trac.wordpress.org/ticket/25294 | |
546 | if (!function_exists('wp_validate_redirect')) { | |
547 | return NULL; | |
cba2601a | 548 | } |
742eb5c6 CW |
549 | |
550 | // Default to WordPress User locale. | |
551 | $locale = get_user_locale(); | |
552 | ||
553 | // Is this a "back-end" AJAX call? | |
554 | $is_backend = FALSE; | |
555 | if (wp_doing_ajax() && FALSE !== strpos(wp_get_referer(), admin_url())) { | |
556 | $is_backend = TRUE; | |
19780d2b | 557 | } |
742eb5c6 CW |
558 | |
559 | // Ignore when in WordPress admin or it's a "back-end" AJAX call. | |
560 | if (!(is_admin() || $is_backend)) { | |
561 | ||
562 | // Reaching here means it is very likely to be a front-end context. | |
563 | ||
564 | // Default to WordPress locale. | |
565 | $locale = get_locale(); | |
566 | ||
567 | // Maybe override with the locale that Polylang reports. | |
568 | if (function_exists('pll_current_language')) { | |
569 | $pll_locale = pll_current_language('locale'); | |
570 | if (!empty($pll_locale)) { | |
571 | $locale = $pll_locale; | |
572 | } | |
573 | } | |
574 | ||
575 | // Maybe override with the locale that WPML reports. | |
576 | elseif (defined('ICL_LANGUAGE_CODE')) { | |
577 | $languages = apply_filters('wpml_active_languages', NULL); | |
578 | foreach ($languages as $language) { | |
579 | if ($language['active']) { | |
580 | $locale = $language['default_locale']; | |
581 | break; | |
582 | } | |
583 | } | |
584 | } | |
585 | ||
586 | // TODO: Set locale for other WordPress plugins. | |
587 | // @see https://wordpress.org/plugins/tags/multilingual/ | |
588 | // A hook would be nice here. | |
589 | ||
2c3d151b | 590 | } |
19780d2b | 591 | |
742eb5c6 CW |
592 | if (!empty($locale)) { |
593 | // If for some reason only we get a language code, convert it to a locale. | |
594 | if (2 === strlen($locale)) { | |
595 | $locale = CRM_Core_I18n_PseudoConstant::longForShort($locale); | |
596 | } | |
597 | return $locale; | |
0db6c3e1 TO |
598 | } |
599 | else { | |
19780d2b DL |
600 | return NULL; |
601 | } | |
6a488035 TO |
602 | } |
603 | ||
fd1f3a26 SV |
604 | /** |
605 | * @inheritDoc | |
606 | */ | |
607 | public function setUFLocale($civicrm_language) { | |
608 | // TODO (probably not possible with WPML?) | |
609 | return TRUE; | |
610 | } | |
611 | ||
6a488035 | 612 | /** |
fe482240 | 613 | * Load wordpress bootstrap. |
6a488035 | 614 | * |
9ba02e3e TO |
615 | * @param array $params |
616 | * Optional credentials | |
617 | * - name: string, cms username | |
618 | * - pass: string, cms password | |
6714d8d2 SL |
619 | * @param bool $loadUser |
620 | * @param bool $throwError | |
621 | * @param mixed $realPath | |
f4aaa82a EM |
622 | * |
623 | * @return bool | |
309310bf | 624 | * @throws \CRM_Core_Exception |
6a488035 | 625 | */ |
be2fb01f | 626 | public function loadBootStrap($params = [], $loadUser = TRUE, $throwError = TRUE, $realPath = NULL) { |
05fcde76 | 627 | global $wp, $wp_rewrite, $wp_the_query, $wp_query, $wpdb, $current_site, $current_blog, $current_user; |
6a488035 | 628 | |
9c1bc317 CW |
629 | $name = $params['name'] ?? NULL; |
630 | $pass = $params['pass'] ?? NULL; | |
9ba02e3e | 631 | |
7a44e49f | 632 | if (!defined('WP_USE_THEMES')) { |
c5f77355 | 633 | define('WP_USE_THEMES', FALSE); |
7a44e49f | 634 | } |
6a488035 TO |
635 | |
636 | $cmsRootPath = $this->cmsRootPath(); | |
637 | if (!$cmsRootPath) { | |
309310bf | 638 | throw new CRM_Core_Exception("Could not find the install directory for WordPress"); |
6a488035 | 639 | } |
aaffa79f | 640 | $path = Civi::settings()->get('wpLoadPhp'); |
b299b1cc | 641 | if (!empty($path)) { |
35da5d8d | 642 | require_once $path; |
b299b1cc KC |
643 | } |
644 | elseif (file_exists($cmsRootPath . DIRECTORY_SEPARATOR . 'wp-load.php')) { | |
35da5d8d | 645 | require_once $cmsRootPath . DIRECTORY_SEPARATOR . 'wp-load.php'; |
b299b1cc KC |
646 | } |
647 | else { | |
309310bf | 648 | throw new CRM_Core_Exception("Could not find the bootstrap file for WordPress"); |
35da5d8d | 649 | } |
6491539b DL |
650 | $wpUserTimezone = get_option('timezone_string'); |
651 | if ($wpUserTimezone) { | |
652 | date_default_timezone_set($wpUserTimezone); | |
653 | CRM_Core_Config::singleton()->userSystem->setMySQLTimeZone(); | |
654 | } | |
e7292422 | 655 | require_once $cmsRootPath . DIRECTORY_SEPARATOR . 'wp-includes/pluggable.php'; |
9c1bc317 | 656 | $uid = $params['uid'] ?? NULL; |
17763922 WA |
657 | if (!$uid) { |
658 | $name = $name ? $name : trim(CRM_Utils_Array::value('name', $_REQUEST)); | |
659 | $pass = $pass ? $pass : trim(CRM_Utils_Array::value('pass', $_REQUEST)); | |
660 | if ($name) { | |
d8182404 | 661 | $uid = wp_authenticate($name, $pass); |
17763922 WA |
662 | if (!$uid) { |
663 | if ($throwError) { | |
664 | echo '<br />Sorry, unrecognized username or password.'; | |
665 | exit(); | |
666 | } | |
667 | return FALSE; | |
668 | } | |
669 | } | |
670 | } | |
fe1e7958 | 671 | if ($uid) { |
a4111333 CW |
672 | if ($uid instanceof WP_User) { |
673 | $account = wp_set_current_user($uid->ID); | |
c5f77355 CW |
674 | } |
675 | else { | |
a4111333 CW |
676 | $account = wp_set_current_user($uid); |
677 | } | |
fe1e7958 | 678 | if ($account && $account->data->ID) { |
679 | global $user; | |
680 | $user = $account; | |
681 | return TRUE; | |
682 | } | |
683 | } | |
e7292422 | 684 | return TRUE; |
6a488035 TO |
685 | } |
686 | ||
bb3a214a EM |
687 | /** |
688 | * @param $dir | |
689 | * | |
690 | * @return bool | |
691 | */ | |
00be9182 | 692 | public function validInstallDir($dir) { |
dfbcf0b7 | 693 | $includePath = "$dir/wp-includes"; |
468176f6 | 694 | if (@file_exists("$includePath/version.php")) { |
dfbcf0b7 DL |
695 | return TRUE; |
696 | } | |
697 | return FALSE; | |
698 | } | |
699 | ||
bb3a214a EM |
700 | /** |
701 | * Determine the location of the CMS root. | |
702 | * | |
72b3a70c CW |
703 | * @return string|NULL |
704 | * local file system path to CMS root, or NULL if it cannot be determined | |
bb3a214a | 705 | */ |
00be9182 | 706 | public function cmsRootPath() { |
02bfbc78 CW |
707 | |
708 | // Return early if the path is already set. | |
a93a0366 TO |
709 | global $civicrm_paths; |
710 | if (!empty($civicrm_paths['cms.root']['path'])) { | |
711 | return $civicrm_paths['cms.root']['path']; | |
712 | } | |
713 | ||
02bfbc78 | 714 | // Return early if constant has been defined. |
dfbcf0b7 DL |
715 | if (defined('CIVICRM_CMSDIR')) { |
716 | if ($this->validInstallDir(CIVICRM_CMSDIR)) { | |
02bfbc78 | 717 | return CIVICRM_CMSDIR; |
dfbcf0b7 | 718 | } |
6a488035 | 719 | } |
02bfbc78 CW |
720 | |
721 | // Return early if path to wp-load.php can be retrieved from settings. | |
722 | $setting = Civi::settings()->get('wpLoadPhp'); | |
723 | if (!empty($setting)) { | |
57811df8 KC |
724 | $path = str_replace('wp-load.php', '', $setting); |
725 | $cmsRoot = rtrim($path, '/\\'); | |
02bfbc78 CW |
726 | if ($this->validInstallDir($cmsRoot)) { |
727 | return $cmsRoot; | |
728 | } | |
729 | } | |
730 | ||
731 | /* | |
732 | * Keep previous logic as fallback of last resort. | |
733 | * | |
734 | * At some point, it would be good to remove this because there are serious | |
735 | * problems in correctly locating WordPress in this manner. In summary, it | |
736 | * is impossible to do so reliably. | |
737 | * | |
738 | * @see https://github.com/civicrm/civicrm-wordpress/pull/63#issuecomment-61792328 | |
739 | * @see https://github.com/civicrm/civicrm-core/pull/11086#issuecomment-335454992 | |
740 | */ | |
741 | $cmsRoot = $valid = NULL; | |
742 | ||
743 | $pathVars = explode('/', str_replace('\\', '/', $_SERVER['SCRIPT_FILENAME'])); | |
744 | ||
745 | // Might be Windows installation. | |
746 | $firstVar = array_shift($pathVars); | |
747 | if ($firstVar) { | |
748 | $cmsRoot = $firstVar; | |
749 | } | |
750 | ||
751 | // Start with CMS dir search. | |
752 | foreach ($pathVars as $var) { | |
753 | $cmsRoot .= "/$var"; | |
754 | if ($this->validInstallDir($cmsRoot)) { | |
755 | // Stop as we found bootstrap. | |
756 | $valid = TRUE; | |
757 | break; | |
758 | } | |
6a488035 TO |
759 | } |
760 | ||
761 | return ($valid) ? $cmsRoot : NULL; | |
762 | } | |
763 | ||
bb3a214a | 764 | /** |
17f443df | 765 | * @inheritDoc |
bb3a214a | 766 | */ |
00be9182 | 767 | public function createUser(&$params, $mail) { |
be2fb01f | 768 | $user_data = [ |
6a488035 | 769 | 'ID' => '', |
6a488035 TO |
770 | 'user_login' => $params['cms_name'], |
771 | 'user_email' => $params[$mail], | |
772 | 'nickname' => $params['cms_name'], | |
773 | 'role' => get_option('default_role'), | |
be2fb01f | 774 | ]; |
6a488035 TO |
775 | if (isset($params['contactID'])) { |
776 | $contactType = CRM_Contact_BAO_Contact::getContactType($params['contactID']); | |
777 | if ($contactType == 'Individual') { | |
778 | $user_data['first_name'] = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', | |
779 | $params['contactID'], 'first_name' | |
780 | ); | |
781 | $user_data['last_name'] = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', | |
782 | $params['contactID'], 'last_name' | |
783 | ); | |
784 | } | |
785 | } | |
786 | ||
633d5122 | 787 | $this->hooks_core_remove(); |
6a488035 TO |
788 | $uid = wp_insert_user($user_data); |
789 | ||
be2fb01f | 790 | $creds = []; |
6a488035 | 791 | $creds['user_login'] = $params['cms_name']; |
6a488035 | 792 | $creds['remember'] = TRUE; |
6a488035 | 793 | |
633d5122 ML |
794 | // Call wp_signon if we aren't already logged in |
795 | // For example, we might be creating a new user from the Contact record. | |
796 | if (!current_user_can('create_users')) { | |
797 | wp_signon($creds, FALSE); | |
798 | } | |
799 | ||
800 | do_action('register_new_user', $uid); | |
801 | $this->hooks_core_add(); | |
802 | ||
6a488035 TO |
803 | return $uid; |
804 | } | |
805 | ||
f4aaa82a | 806 | /** |
17f443df | 807 | * @inheritDoc |
6a488035 | 808 | */ |
00be9182 | 809 | public function updateCMSName($ufID, $ufName) { |
6a488035 TO |
810 | // CRM-10620 |
811 | if (function_exists('wp_update_user')) { | |
353ffa53 | 812 | $ufID = CRM_Utils_Type::escape($ufID, 'Integer'); |
6a488035 TO |
813 | $ufName = CRM_Utils_Type::escape($ufName, 'String'); |
814 | ||
be2fb01f | 815 | $values = ['ID' => $ufID, 'user_email' => $ufName]; |
481a74f4 TO |
816 | if ($ufID) { |
817 | wp_update_user($values); | |
6a488035 TO |
818 | } |
819 | } | |
820 | } | |
821 | ||
bb3a214a | 822 | /** |
c490a46a | 823 | * @param array $params |
bb3a214a EM |
824 | * @param $errors |
825 | * @param string $emailName | |
826 | */ | |
00be9182 | 827 | public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email') { |
6a488035 TO |
828 | $config = CRM_Core_Config::singleton(); |
829 | ||
353ffa53 TO |
830 | $dao = new CRM_Core_DAO(); |
831 | $name = $dao->escape(CRM_Utils_Array::value('name', $params)); | |
6a488035 TO |
832 | $email = $dao->escape(CRM_Utils_Array::value('mail', $params)); |
833 | ||
a7488080 | 834 | if (!empty($params['name'])) { |
6a488035 TO |
835 | if (!validate_username($params['name'])) { |
836 | $errors['cms_name'] = ts("Your username contains invalid characters"); | |
837 | } | |
838 | elseif (username_exists(sanitize_user($params['name']))) { | |
be2fb01f | 839 | $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', [1 => $params['name']]); |
6a488035 TO |
840 | } |
841 | } | |
842 | ||
a7488080 | 843 | if (!empty($params['mail'])) { |
6a488035 TO |
844 | if (!is_email($params['mail'])) { |
845 | $errors[$emailName] = "Your email is invaid"; | |
846 | } | |
847 | elseif (email_exists($params['mail'])) { | |
db18d815 | 848 | $errors[$emailName] = ts('The email address %1 already has an account associated with it. <a href="%2">Have you forgotten your password?</a>', |
be2fb01f | 849 | [1 => $params['mail'], 2 => wp_lostpassword_url()] |
6a488035 TO |
850 | ); |
851 | } | |
852 | } | |
853 | } | |
854 | ||
855 | /** | |
17f443df | 856 | * @inheritDoc |
6a488035 TO |
857 | */ |
858 | public function isUserLoggedIn() { | |
859 | $isloggedIn = FALSE; | |
860 | if (function_exists('is_user_logged_in')) { | |
861 | $isloggedIn = is_user_logged_in(); | |
862 | } | |
863 | ||
864 | return $isloggedIn; | |
865 | } | |
866 | ||
8caad0ce | 867 | /** |
868 | * @inheritDoc | |
869 | */ | |
870 | public function isUserRegistrationPermitted() { | |
871 | if (!get_option('users_can_register')) { | |
872 | return FALSE; | |
873 | } | |
874 | return TRUE; | |
875 | } | |
876 | ||
63df6889 HD |
877 | /** |
878 | * @inheritDoc | |
879 | */ | |
1a6630be | 880 | public function isPasswordUserGenerated() { |
633d5122 | 881 | return FALSE; |
63df6889 HD |
882 | } |
883 | ||
bb3a214a EM |
884 | /** |
885 | * @return mixed | |
886 | */ | |
00be9182 | 887 | public function getLoggedInUserObject() { |
2b617cb0 | 888 | if (function_exists('is_user_logged_in') && |
353ffa53 TO |
889 | is_user_logged_in() |
890 | ) { | |
2b617cb0 EM |
891 | global $current_user; |
892 | } | |
893 | return $current_user; | |
894 | } | |
353ffa53 | 895 | |
6a488035 | 896 | /** |
17f443df | 897 | * @inheritDoc |
6a488035 TO |
898 | */ |
899 | public function getLoggedInUfID() { | |
900 | $ufID = NULL; | |
2b617cb0 | 901 | $current_user = $this->getLoggedInUserObject(); |
2e1f50d6 | 902 | return $current_user->ID ?? NULL; |
2b617cb0 EM |
903 | } |
904 | ||
905 | /** | |
17f443df | 906 | * @inheritDoc |
2b617cb0 | 907 | */ |
00be9182 | 908 | public function getLoggedInUniqueIdentifier() { |
2b617cb0 EM |
909 | $user = $this->getLoggedInUserObject(); |
910 | return $this->getUniqueIdentifierFromUserObject($user); | |
6a488035 TO |
911 | } |
912 | ||
32998c82 EM |
913 | /** |
914 | * Get User ID from UserFramework system (Joomla) | |
77855840 TO |
915 | * @param object $user |
916 | * Object as described by the CMS. | |
72b3a70c CW |
917 | * |
918 | * @return int|null | |
32998c82 | 919 | */ |
00be9182 | 920 | public function getUserIDFromUserObject($user) { |
32998c82 EM |
921 | return !empty($user->ID) ? $user->ID : NULL; |
922 | } | |
923 | ||
2b617cb0 | 924 | /** |
17f443df | 925 | * @inheritDoc |
2b617cb0 | 926 | */ |
00be9182 | 927 | public function getUniqueIdentifierFromUserObject($user) { |
2b617cb0 EM |
928 | return empty($user->user_email) ? NULL : $user->user_email; |
929 | } | |
930 | ||
6a488035 | 931 | /** |
17f443df | 932 | * @inheritDoc |
6a488035 TO |
933 | */ |
934 | public function getLoginURL($destination = '') { | |
935 | $config = CRM_Core_Config::singleton(); | |
153155d3 | 936 | $loginURL = wp_login_url(); |
6a488035 TO |
937 | return $loginURL; |
938 | } | |
939 | ||
bb3a214a | 940 | /** |
ad37ac8e | 941 | * FIXME: Do something. |
942 | * | |
943 | * @param \CRM_Core_Form $form | |
944 | * | |
945 | * @return NULL|string | |
bb3a214a | 946 | */ |
6a488035 | 947 | public function getLoginDestination(&$form) { |
408b79bf | 948 | return NULL; |
6a488035 TO |
949 | } |
950 | ||
951 | /** | |
17f443df | 952 | * @inheritDoc |
6a488035 | 953 | */ |
00be9182 | 954 | public function getVersion() { |
6a488035 TO |
955 | if (function_exists('get_bloginfo')) { |
956 | return get_bloginfo('version', 'display'); | |
957 | } | |
958 | else { | |
959 | return 'Unknown'; | |
960 | } | |
961 | } | |
6491539b DL |
962 | |
963 | /** | |
17f443df | 964 | * @inheritDoc |
6491539b | 965 | */ |
00be9182 | 966 | public function getTimeZoneString() { |
6491539b DL |
967 | return get_option('timezone_string'); |
968 | } | |
59f97da6 EM |
969 | |
970 | /** | |
17f443df | 971 | * @inheritDoc |
59f97da6 | 972 | */ |
00be9182 | 973 | public function getUserRecordUrl($contactID) { |
59f97da6 | 974 | $uid = CRM_Core_BAO_UFMatch::getUFId($contactID); |
353ffa53 | 975 | if (CRM_Core_Session::singleton() |
6714d8d2 | 976 | ->get('userID') == $contactID || CRM_Core_Permission::checkAnyPerm(['cms:administer users']) |
353ffa53 | 977 | ) { |
59f97da6 EM |
978 | return CRM_Core_Config::singleton()->userFrameworkBaseURL . "wp-admin/user-edit.php?user_id=" . $uid; |
979 | } | |
980 | } | |
96025800 | 981 | |
469d8dab CW |
982 | /** |
983 | * Append WP js to coreResourcesList. | |
ad37ac8e | 984 | * |
303017a1 | 985 | * @param \Civi\Core\Event\GenericHookEvent $e |
469d8dab | 986 | */ |
303017a1 CW |
987 | public function appendCoreResources(\Civi\Core\Event\GenericHookEvent $e) { |
988 | $e->list[] = 'js/crm.wordpress.js'; | |
469d8dab CW |
989 | } |
990 | ||
03d5592a CW |
991 | /** |
992 | * @inheritDoc | |
62c20d1e CW |
993 | */ |
994 | public function alterAssetUrl(\Civi\Core\Event\GenericHookEvent $e) { | |
995 | // Set menubar breakpoint to match WP admin theme | |
996 | if ($e->asset == 'crm-menubar.css') { | |
997 | $e->params['breakpoint'] = 783; | |
998 | } | |
999 | } | |
1000 | ||
633d5122 ML |
1001 | /** |
1002 | * @inheritDoc | |
1003 | */ | |
1004 | public function checkPermissionAddUser() { | |
1005 | return current_user_can('create_users'); | |
1006 | } | |
1007 | ||
62c20d1e CW |
1008 | /** |
1009 | * @inheritDoc | |
03d5592a CW |
1010 | */ |
1011 | public function synchronizeUsers() { | |
1012 | $config = CRM_Core_Config::singleton(); | |
1013 | if (PHP_SAPI != 'cli') { | |
1014 | set_time_limit(300); | |
1015 | } | |
1016 | $id = 'ID'; | |
1017 | $mail = 'user_email'; | |
1018 | ||
1019 | $uf = $config->userFramework; | |
1020 | $contactCount = 0; | |
1021 | $contactCreated = 0; | |
1022 | $contactMatching = 0; | |
1023 | ||
5b4ee130 CW |
1024 | // Previously used the $wpdb global - which means WordPress *must* be bootstrapped. |
1025 | $wpUsers = get_users(array( | |
1026 | 'blog_id' => get_current_blog_id(), | |
1027 | 'number' => -1, | |
1028 | )); | |
03d5592a | 1029 | |
5b4ee130 | 1030 | foreach ($wpUsers as $wpUserData) { |
03d5592a CW |
1031 | $contactCount++; |
1032 | if ($match = CRM_Core_BAO_UFMatch::synchronizeUFMatch($wpUserData, | |
1033 | $wpUserData->$id, | |
1034 | $wpUserData->$mail, | |
1035 | $uf, | |
1036 | 1, | |
1037 | 'Individual', | |
1038 | TRUE | |
1039 | ) | |
1040 | ) { | |
1041 | $contactCreated++; | |
1042 | } | |
1043 | else { | |
1044 | $contactMatching++; | |
1045 | } | |
5b4ee130 CW |
1046 | if (is_object($match)) { |
1047 | $match->free(); | |
1048 | } | |
03d5592a CW |
1049 | } |
1050 | ||
be2fb01f | 1051 | return [ |
03d5592a CW |
1052 | 'contactCount' => $contactCount, |
1053 | 'contactMatching' => $contactMatching, | |
1054 | 'contactCreated' => $contactCreated, | |
be2fb01f | 1055 | ]; |
03d5592a CW |
1056 | } |
1057 | ||
79dd7fe9 | 1058 | /** |
46dddc5c SL |
1059 | * Send an HTTP Response base on PSR HTTP RespnseInterface response. |
1060 | * | |
1061 | * @param \Psr\Http\Message\ResponseInterface $response | |
79dd7fe9 | 1062 | */ |
46dddc5c SL |
1063 | public function sendResponse(\Psr\Http\Message\ResponseInterface $response) { |
1064 | // use WordPress function status_header to ensure 404 response is sent | |
1065 | status_header($response->getStatusCode()); | |
90f6c8df SL |
1066 | foreach ($response->getHeaders() as $name => $values) { |
1067 | CRM_Utils_System::setHttpHeader($name, implode(', ', (array) $values)); | |
79dd7fe9 | 1068 | } |
46dddc5c SL |
1069 | echo $response->getBody(); |
1070 | CRM_Utils_System::civiExit(); | |
79dd7fe9 SL |
1071 | } |
1072 | ||
b07855e9 CW |
1073 | /** |
1074 | * Start a new session if there's no existing session ID. | |
1075 | * | |
1076 | * Checks are needed to prevent sessions being started when not necessary. | |
1077 | */ | |
1078 | public function sessionStart() { | |
1079 | $session_id = session_id(); | |
1080 | ||
1081 | // Check WordPress pseudo-cron. | |
1082 | $wp_cron = FALSE; | |
1083 | if (function_exists('wp_doing_cron') && wp_doing_cron()) { | |
1084 | $wp_cron = TRUE; | |
1085 | } | |
1086 | ||
1087 | // Check WP-CLI. | |
1088 | $wp_cli = FALSE; | |
1089 | if (defined('WP_CLI') && WP_CLI) { | |
1090 | $wp_cli = TRUE; | |
1091 | } | |
1092 | ||
1093 | // Check PHP on the command line - e.g. `cv`. | |
1094 | $php_cli = TRUE; | |
1095 | if (PHP_SAPI !== 'cli') { | |
1096 | $php_cli = FALSE; | |
1097 | } | |
1098 | ||
1099 | // Maybe start session. | |
1100 | if (empty($session_id) && !$wp_cron && !$wp_cli && !$php_cli) { | |
1101 | session_start(); | |
1102 | } | |
1103 | } | |
1104 | ||
bef5923d CW |
1105 | /** |
1106 | * Perform any necessary actions prior to redirecting via POST. | |
1107 | * | |
1108 | * Redirecting via POST means that cookies need to be sent with SameSite=None. | |
1109 | */ | |
1110 | public function prePostRedirect() { | |
1111 | // Get User Agent string. | |
1112 | $rawUserAgent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; | |
1113 | $userAgent = mb_convert_encoding($rawUserAgent, 'UTF-8'); | |
1114 | ||
1115 | // Bail early if User Agent does not support `SameSite=None`. | |
1116 | $shouldUseSameSite = CRM_Utils_SameSite::shouldSendSameSiteNone($userAgent); | |
1117 | if (!$shouldUseSameSite) { | |
1118 | return; | |
1119 | } | |
1120 | ||
1121 | // Make sure session cookie is present in header. | |
1122 | $cookie_params = session_name() . '=' . session_id() . '; SameSite=None; Secure'; | |
1123 | CRM_Utils_System::setHttpHeader('Set-Cookie', $cookie_params); | |
1124 | ||
1125 | // Add WordPress auth cookies when user is logged in. | |
1126 | $user = wp_get_current_user(); | |
1127 | if ($user->exists()) { | |
1128 | self::setAuthCookies($user->ID, TRUE, TRUE); | |
1129 | } | |
1130 | } | |
1131 | ||
1132 | /** | |
1133 | * Explicitly set WordPress authentication cookies. | |
1134 | * | |
1135 | * Chrome 84 introduced a cookie policy change which prevents cookies for the | |
1136 | * session and for WordPress user authentication from being indentified when | |
1137 | * a purchaser returns to the site from PayPal using the "Back to Merchant" | |
1138 | * button. | |
1139 | * | |
1140 | * In order to comply with this policy, cookies need to be sent with their | |
1141 | * "SameSite" attribute set to "None" and with the "Secure" flag set, but this | |
1142 | * isn't possible to do via `wp_set_auth_cookie()` as it stands. | |
1143 | * | |
1144 | * This method is a modified clone of `wp_set_auth_cookie()` which satisfies | |
1145 | * the Chrome policy. | |
1146 | * | |
1147 | * @see wp_set_auth_cookie() | |
1148 | * | |
1149 | * The $remember parameter increases the time that the cookie will be kept. The | |
1150 | * default the cookie is kept without remembering is two days. When $remember is | |
1151 | * set, the cookies will be kept for 14 days or two weeks. | |
1152 | * | |
1153 | * @param int $user_id The WordPress User ID. | |
1154 | * @param bool $remember Whether to remember the user. | |
1155 | * @param bool|string $secure Whether the auth cookie should only be sent over | |
1156 | * HTTPS. Default is an empty string which means the | |
1157 | * value of `is_ssl()` will be used. | |
1158 | * @param string $token Optional. User's session token to use for this cookie. | |
1159 | */ | |
1160 | private function setAuthCookies($user_id, $remember = FALSE, $secure = '', $token = '') { | |
1161 | if ($remember) { | |
1162 | /** This filter is documented in wp-includes/pluggable.php */ | |
1163 | $expiration = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember); | |
1164 | ||
1165 | /* | |
1166 | * Ensure the browser will continue to send the cookie after the expiration time is reached. | |
1167 | * Needed for the login grace period in wp_validate_auth_cookie(). | |
1168 | */ | |
1169 | $expire = $expiration + (12 * HOUR_IN_SECONDS); | |
1170 | } | |
1171 | else { | |
1172 | /** This filter is documented in wp-includes/pluggable.php */ | |
1173 | $expiration = time() + apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember); | |
1174 | $expire = 0; | |
1175 | } | |
1176 | ||
1177 | if ('' === $secure) { | |
1178 | $secure = is_ssl(); | |
1179 | } | |
1180 | ||
1181 | // Front-end cookie is secure when the auth cookie is secure and the site's home URL is forced HTTPS. | |
1182 | $secure_logged_in_cookie = $secure && 'https' === parse_url(get_option('home'), PHP_URL_SCHEME); | |
1183 | ||
1184 | /** This filter is documented in wp-includes/pluggable.php */ | |
1185 | $secure = apply_filters('secure_auth_cookie', $secure, $user_id); | |
1186 | ||
1187 | /** This filter is documented in wp-includes/pluggable.php */ | |
1188 | $secure_logged_in_cookie = apply_filters('secure_logged_in_cookie', $secure_logged_in_cookie, $user_id, $secure); | |
1189 | ||
1190 | if ($secure) { | |
1191 | $auth_cookie_name = SECURE_AUTH_COOKIE; | |
1192 | $scheme = 'secure_auth'; | |
1193 | } | |
1194 | else { | |
1195 | $auth_cookie_name = AUTH_COOKIE; | |
1196 | $scheme = 'auth'; | |
1197 | } | |
1198 | ||
1199 | if ('' === $token) { | |
1200 | $manager = WP_Session_Tokens::get_instance($user_id); | |
1201 | $token = $manager->create($expiration); | |
1202 | } | |
1203 | ||
1204 | $auth_cookie = wp_generate_auth_cookie($user_id, $expiration, $scheme, $token); | |
1205 | $logged_in_cookie = wp_generate_auth_cookie($user_id, $expiration, 'logged_in', $token); | |
1206 | ||
1207 | /** This filter is documented in wp-includes/pluggable.php */ | |
1208 | do_action('set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme, $token); | |
1209 | ||
1210 | /** This filter is documented in wp-includes/pluggable.php */ | |
1211 | do_action('set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in', $token); | |
1212 | ||
1213 | /** This filter is documented in wp-includes/pluggable.php */ | |
1214 | if (!apply_filters('send_auth_cookies', TRUE)) { | |
1215 | return; | |
1216 | } | |
1217 | ||
1218 | $base_options = [ | |
1219 | 'expires' => $expire, | |
1220 | 'domain' => COOKIE_DOMAIN, | |
1221 | 'httponly' => TRUE, | |
1222 | 'samesite' => 'None', | |
1223 | ]; | |
1224 | ||
1225 | self::setAuthCookie($auth_cookie_name, $auth_cookie, $base_options + ['secure' => $secure, 'path' => PLUGINS_COOKIE_PATH]); | |
1226 | self::setAuthCookie($auth_cookie_name, $auth_cookie, $base_options + ['secure' => $secure, 'path' => ADMIN_COOKIE_PATH]); | |
1227 | self::setAuthCookie(LOGGED_IN_COOKIE, $logged_in_cookie, $base_options + ['secure' => $secure_logged_in_cookie, 'path' => COOKIEPATH]); | |
1228 | if (COOKIEPATH != SITECOOKIEPATH) { | |
1229 | self::setAuthCookie(LOGGED_IN_COOKIE, $logged_in_cookie, $base_options + ['secure' => $secure_logged_in_cookie, 'path' => SITECOOKIEPATH]); | |
1230 | } | |
1231 | } | |
1232 | ||
1233 | /** | |
1234 | * Set cookie with "SameSite" flag. | |
1235 | * | |
1236 | * The method here is compatible with all versions of PHP. Needed because it | |
1237 | * is only as of PHP 7.3.0 that the setcookie() method supports the "SameSite" | |
1238 | * attribute in its options and will accept "None" as a valid value. | |
1239 | * | |
1240 | * @param $name The name of the cookie. | |
1241 | * @param $value The value of the cookie. | |
1242 | * @param array $options The header options for the cookie. | |
1243 | */ | |
1244 | private function setAuthCookie($name, $value, $options) { | |
1245 | $header = 'Set-Cookie: '; | |
1246 | $header .= rawurlencode($name) . '=' . rawurlencode($value) . '; '; | |
1247 | $header .= 'expires=' . gmdate('D, d-M-Y H:i:s T', $options['expires']) . '; '; | |
1248 | $header .= 'Max-Age=' . max(0, (int) ($options['expires'] - time())) . '; '; | |
1249 | $header .= 'path=' . rawurlencode($options['path']) . '; '; | |
1250 | $header .= 'domain=' . rawurlencode($options['domain']) . '; '; | |
1251 | ||
1252 | if (!empty($options['secure'])) { | |
1253 | $header .= 'secure; '; | |
1254 | } | |
1255 | $header .= 'httponly; '; | |
1256 | $header .= 'SameSite=' . rawurlencode($options['samesite']); | |
1257 | ||
1258 | header($header, FALSE); | |
1259 | $_COOKIE[$name] = $value; | |
1260 | } | |
1261 | ||
839834b4 | 1262 | /** |
1263 | * Return the CMS-specific url for its permissions page | |
1264 | * @return array | |
1265 | */ | |
1266 | public function getCMSPermissionsUrlParams() { | |
1267 | return ['ufAccessURL' => CRM_Utils_System::url('civicrm/admin/access/wp-permissions', 'reset=1')]; | |
1268 | } | |
1269 | ||
633d5122 ML |
1270 | /** |
1271 | * Remove CiviCRM's callbacks. | |
1272 | * | |
1273 | * These may cause recursive updates when creating or editing a WordPress | |
1274 | * user. This doesn't seem to have been necessary in the past, but seems | |
1275 | * to be causing trouble when newer versions of BuddyPress and CiviCRM are | |
1276 | * active. | |
1277 | * | |
1278 | * Based on the civicrm-wp-profile-sync plugin by Christian Wach. | |
1279 | * | |
1280 | * @see self::hooks_core_add() | |
1281 | */ | |
1282 | public function hooks_core_remove() { | |
1283 | $civicrm = civi_wp(); | |
1284 | ||
1285 | // Remove current CiviCRM plugin filters. | |
1286 | remove_action('user_register', [$civicrm->users, 'update_user']); | |
1287 | remove_action('profile_update', [$civicrm->users, 'update_user']); | |
1288 | } | |
1289 | ||
1290 | /** | |
1291 | * Add back CiviCRM's callbacks. | |
1292 | * This method undoes the removal of the callbacks above. | |
1293 | * | |
1294 | * @see self::hooks_core_remove() | |
1295 | */ | |
1296 | public function hooks_core_add() { | |
1297 | $civicrm = civi_wp(); | |
1298 | ||
1299 | // Re-add current CiviCRM plugin filters. | |
1300 | add_action('user_register', [$civicrm->users, 'update_user']); | |
1301 | add_action('profile_update', [$civicrm->users, 'update_user']); | |
1302 | } | |
1303 | ||
6a488035 | 1304 | } |