Changeset 3250638

Timestamp:

03/04/2025 07:13:52 PM (12 months ago)

Author:

MrViSiOn

Message:

1.0.48

• Update safely several plugins by uploading only once in Multi WP.

Location:

multi-connect

Files:

• tags/1.0.48 (added)
• tags/1.0.48/.editorconfig (added)
• tags/1.0.48/assets (added)
• tags/1.0.48/assets/css (added)
• tags/1.0.48/assets/css/admin.css (added)
• tags/1.0.48/assets/js (added)
• tags/1.0.48/assets/js/admin.js (added)
• tags/1.0.48/includes (added)
• tags/1.0.48/includes/class-admin.php (added)
• tags/1.0.48/includes/class-multi-connect-api.php (added)
• tags/1.0.48/includes/class-multi-connect-upgrader-skin.php (added)
• tags/1.0.48/includes/public.key (added)
• tags/1.0.48/languages (added)
• tags/1.0.48/languages/multi-connect-es.mo (added)
• tags/1.0.48/languages/multi-connect-es.po (added)
• tags/1.0.48/languages/multi-connect.pot (added)
• tags/1.0.48/logo.png (added)
• tags/1.0.48/multi-connect.php (added)
• tags/1.0.48/phpcs.xml (added)
• tags/1.0.48/readme.txt (added)
• tags/1.0.48/uninstall.php (added)
• trunk/includes/class-multi-connect-api.php (modified) (11 diffs)
• trunk/multi-connect.php (modified) (1 diff)
• trunk/readme.txt (modified) (2 diffs)

multi-connect/trunk/includes/class-multi-connect-api.php

@@ -32 +32 @@
         add_action( 'rest_api_init', array( $this, 'register_rest_routes' ), 0 );
         add_filter( 'wp_is_application_passwords_available', '__return_true', PHP_INT_MAX );
-        add_filter( 'woocommerce_admin_rest_controllers', array($this, 'add_woocommerce_admin_rest_controllers') );
-
+        add_filter( 'woocommerce_admin_rest_controllers', array( $this, 'add_woocommerce_admin_rest_controllers' ) );
     }
 
     public function add_woocommerce_admin_rest_controllers( $controllers ) {
         $rest_route = $GLOBALS['wp']->query_vars['rest_route'] ?? '';
-        if (str_contains($rest_route, $this->namespace)) {
-            if(str_contains($rest_route, 'auto-login')) {
-                add_filter('rest_authentication_errors', array($this, 'allow_auto_login'), PHP_INT_MAX);
-            }
-            return [];
-
-        }
+        if ( str_contains( $rest_route, $this->namespace ) ) {
+            if ( str_contains( $rest_route, 'auto-login' ) ) {
+                add_filter( 'rest_authentication_errors', array( $this, 'allow_auto_login' ), PHP_INT_MAX );
+            }
+
+            return array();
+
+        }
+
         return $controllers;
     }
 
-    public function allow_auto_login($errors) {
+    public function allow_auto_login( $errors ) {
         return null;
     }
+
     /**
      * Register REST routes.
@@ -156 +158 @@
             array(
                 'methods'             => 'POST',
-                'callback'            => [ $this, 'generate_login_token' ],
-                'permission_callback' => [ $this, 'check_authentication' ],
+                'callback'            => array( $this, 'generate_login_token' ),
+                'permission_callback' => array( $this, 'check_authentication' ),
             )
         );
@@ -166 +168 @@
             array(
                 'methods'             => 'GET',
-                'callback'            => [ $this, 'process_auto_login' ],
+                'callback'            => array( $this, 'process_auto_login' ),
                 'permission_callback' => '__return_true',
             )
@@ -176 +178 @@
             array(
                 'methods'             => 'GET',
-                'callback'            => [ $this, 'get_site_info' ],
+                'callback'            => array( $this, 'get_site_info' ),
+                'permission_callback' => array( $this, 'check_update_permission' ),
+            )
+        );
+
+        register_rest_route(
+            $this->namespace,
+            '/plugin-update',
+            array(
+                'methods'             => 'POST',
+                'callback'            => array( $this, 'handle_plugin_update' ),
                 'permission_callback' => array( $this, 'check_update_permission' ),
             )
@@ -241 +253 @@
                             break;
                         case 'core':
-                            $selected_folders = array_merge( $selected_folders,
-                                glob( MULTICONNECT_PLUGIN_ABSPATH . 'wp-*.php' ) );
+                            $selected_folders = array_merge(
+                                $selected_folders,
+                                glob( MULTICONNECT_PLUGIN_ABSPATH . 'wp-*.php' )
+                            );
                             break;
                     }
@@ -613 +627 @@
         wp_update_themes();
 
-
         $updates = array(
             'core'         => false,
@@ -634 +647 @@
         get_plugin_updates();
         try {
-            $transient = (object) [
+            $transient = (object) array(
                 'last_checked' => time() - ( 13 * 3600 ),
-                'checked'      => [ 'default' => 'none' ],
-                'response'     => [ 'default' => 'none' ],
-            ];
-            apply_filters( "pre_set_site_transient_update_plugins", $transient, "update_plugins" );
+                'checked'      => array( 'default' => 'none' ),
+                'response'     => array( 'default' => 'none' ),
+            );
+            apply_filters( 'pre_set_site_transient_update_plugins', $transient, 'update_plugins' );
         } catch ( Throwable $e ) {
             $transient;
@@ -660 +673 @@
         get_theme_updates();
         try {
-            $transient       = (object) [
+            $transient       = (object) array(
                 'last_checked' => time() - ( 13 * 3600 ),
-                'checked'      => [ 'default' => 'none' ],
-                'response'     => [ 'default' => 'none' ],
-            ];
-            $updatesFromHook = apply_filters( "pre_set_site_transient_update_themes", $transient, "update_themes" );
+                'checked'      => array( 'default' => 'none' ),
+                'response'     => array( 'default' => 'none' ),
+            );
+            $updatesFromHook = apply_filters( 'pre_set_site_transient_update_themes', $transient, 'update_themes' );
         } catch ( Throwable $e ) {
             $updatesFromHook = $transient;
@@ -1084 +1097 @@
     }
 
-    public function check_authentication($request) {
+    public function check_authentication( $request ) {
         // Verificar la autenticación por Application Password
-        return current_user_can('administrator');
-    }
-
-    public function generate_login_token($request) {
+        return current_user_can( 'administrator' );
+    }
+
+    public function generate_login_token( $request ) {
         // Generar token único
-        $token = wp_generate_password($this->token_length, false);
+        $token = wp_generate_password( $this->token_length, false );
 
         // Guardar el token en las opciones de WordPress con tiempo de expiración
-        $token_data = [
-            'token' => $token,
+        $token_data = array(
+            'token'   => $token,
             'expires' => time() + $this->token_expiry,
-            'user_id' => get_current_user_id()
-        ];
-
-        set_transient('multi_wp_login_token_' . $token, $token_data, $this->token_expiry);
-
-        return rest_ensure_response(['token' => $token]);
-    }
-
-    public function process_auto_login($request) {
-        $token = $request->get_param('token');
-
-        if (!$token) {
-            wp_redirect(wp_login_url());
+            'user_id' => get_current_user_id(),
+        );
+
+        set_transient( 'multi_wp_login_token_' . $token, $token_data, $this->token_expiry );
+
+        return rest_ensure_response( array( 'token' => $token ) );
+    }
+
+    public function process_auto_login( $request ) {
+        $token = $request->get_param( 'token' );
+
+        if ( ! $token ) {
+            wp_redirect( wp_login_url() );
             exit;
         }
 
-        $token_data = get_transient('multi_wp_login_token_' . $token);
-
-        if (!$token_data || time() > $token_data['expires']) {
-            wp_redirect(wp_login_url());
+        $token_data = get_transient( 'multi_wp_login_token_' . $token );
+
+        if ( ! $token_data || time() > $token_data['expires'] ) {
+            wp_redirect( wp_login_url() );
             exit;
         }
 
         // Eliminar el token usado
-        delete_transient('multi_wp_login_token_' . $token);
+        delete_transient( 'multi_wp_login_token_' . $token );
 
         // Realizar el login
-        $user = get_user_by('id', $token_data['user_id']);
-        if ($user) {
-            wp_set_current_user($user->ID);
-            wp_set_auth_cookie($user->ID);
+        $user = get_user_by( 'id', $token_data['user_id'] );
+        if ( $user ) {
+            wp_set_current_user( $user->ID );
+            wp_set_auth_cookie( $user->ID );
 
             // Redirigir al admin
-            wp_redirect(admin_url());
+            wp_redirect( admin_url() );
             exit;
         }
 
-        wp_redirect(wp_login_url());
+        wp_redirect( wp_login_url() );
         exit;
     }
 
-    public function get_site_info($request) {
-        $systemInfo = [];
-
-        $siteChecker = WP_Site_Health::get_instance();
+    public function get_site_info( $request ) {
+        $systemInfo = array();
+
+        $siteChecker  = WP_Site_Health::get_instance();
         $systemChecks = WP_Site_Health::get_tests();
         $systemChecks = $systemChecks['direct'];
 
-        $requiredChecks = [
+        $requiredChecks = array(
             'wordpress_version',
             'php_version',
@@ -1155 +1168 @@
             'available_updates_disk_space',
             'autoloaded_options',
-        ];
+        );
 
         foreach ( $requiredChecks as $checkName ) {
-            if (!isset($systemChecks[ $checkName ])) {
+            if ( ! isset( $systemChecks[ $checkName ] ) ) {
                 continue;
             }
-            $checkLabel = $systemChecks[ $checkName ]['test'];
+            $checkLabel    = $systemChecks[ $checkName ]['test'];
             $checkFunction = 'get_test_' . $checkLabel;
 
@@ -1173 +1186 @@
         return $systemInfo;
     }
+
+    /**
+     * Verifica si un archivo ZIP es un plugin válido de WordPress
+     *
+     * @param string $zip_file Ruta al archivo ZIP
+     *
+     * @return bool|WP_Error True si es válido, WP_Error si no lo es
+     */
+    private function verify_wordpress_plugin( $zip_file ): bool|WP_Error {
+        // Verificar que WP_Filesystem está disponible
+        if ( ! function_exists( 'WP_Filesystem' ) ) {
+            require_once ABSPATH . 'wp-admin/includes/file.php';
+        }
+        WP_Filesystem();
+
+        // Crear directorio temporal
+        $temp_dir = wp_tempnam();
+        unlink( $temp_dir ); // Eliminar el archivo temporal
+        mkdir( $temp_dir ); // Crear directorio con el mismo nombre
+
+        // Extraer el ZIP
+        $unzip_result = unzip_file( $zip_file, $temp_dir );
+        if ( is_wp_error( $unzip_result ) ) {
+            // Limpiar
+            $this->rrmdir( $temp_dir );
+
+            return new WP_Error( 'invalid_plugin', 'No se pudo extraer el archivo ZIP' );
+        }
+
+        // Buscar archivo PHP principal con encabezado de plugin
+        $plugin_files = glob( $temp_dir . '/*.php' );
+        $plugin_files = array_merge( $plugin_files,
+            glob( $temp_dir . '/*/*.php' ) ); // Buscar también en subdirectorios
+
+        $is_plugin = false;
+        foreach ( $plugin_files as $plugin_file ) {
+            $plugin_data = get_plugin_data( $plugin_file, false, false );
+            if ( ! empty( $plugin_data['Name'] ) ) {
+                $is_plugin = true;
+                break;
+            }
+        }
+
+        // Limpiar
+        $this->rrmdir( $temp_dir );
+
+        if ( ! $is_plugin ) {
+            return new WP_Error( 'invalid_plugin', 'El archivo ZIP no contiene un plugin válido de WordPress' );
+        }
+
+        return true;
+    }
+
+    /**
+     * Elimina recursivamente un directorio y su contenido
+     *
+     * @param string $dir Ruta al directorio
+     *
+     * @return void
+     */
+    private function rrmdir( $dir ): void {
+        if ( is_dir( $dir ) ) {
+            $objects = scandir( $dir );
+            foreach ( $objects as $object ) {
+                if ( $object != '.' && $object != '..' ) {
+                    if ( is_dir( $dir . '/' . $object ) ) {
+                        $this->rrmdir( $dir . '/' . $object );
+                    } else {
+                        unlink( $dir . '/' . $object );
+                    }
+                }
+            }
+            rmdir( $dir );
+        }
+    }
+
+    public function handle_plugin_update( $request ): WP_Error|array {
+        // Check if the upload is valid
+        if ( ! function_exists( 'wp_handle_upload' ) ) {
+            require_once ABSPATH . 'wp-admin/includes/file.php';
+        }
+
+        // Get the uploaded file
+        $files = $request->get_file_params();
+
+        if ( empty( $files['plugin_zip'] ) ) {
+            return new WP_Error( 'no_file', 'No file was uploaded', array( 'status' => 400 ) );
+        }
+
+        $file = $files['plugin_zip'];
+
+        // Check if the file is a ZIP
+        if ( $file['type'] !== 'application/zip' ) {
+            return new WP_Error( 'invalid_file', 'The uploaded file is not a ZIP file', array( 'status' => 400 ) );
+        }
+
+        // Handle the upload
+        $upload = wp_handle_upload( $file, array( 'test_form' => false ) );
+
+        if ( isset( $upload['error'] ) ) {
+            return new WP_Error( 'upload_error', $upload['error'], array( 'status' => 500 ) );
+        }
+
+        // Verificar si es un plugin válido de WordPress
+        $verify_result = $this->verify_wordpress_plugin( $upload['file'] );
+        if ( is_wp_error( $verify_result ) ) {
+            @unlink( $upload['file'] ); // Eliminar archivo temporal
+
+            return $verify_result;
+        }
+
+        // Include necessary files for plugin installation
+        require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
+        require_once ABSPATH . 'wp-admin/includes/plugin-install.php';
+        require_once ABSPATH . 'wp-admin/includes/class-plugin-upgrader.php';
+        require_once ABSPATH . 'wp-admin/includes/plugin.php';
+
+        // Use the Plugin_Upgrader class to install the plugin
+        $upgrader = new Plugin_Upgrader( new WP_Ajax_Upgrader_Skin() );
+
+        // Install the plugin
+        $result = $upgrader->install( $upload['file'], array( 'overwrite_package' => true ) );
+
+        // Delete the temporary file
+        @unlink( $upload['file'] );
+
+        if ( is_wp_error( $result ) ) {
+            return new WP_Error( 'installation_error', $result->get_error_message(), array( 'status' => 500 ) );
+        } elseif ( $result === false ) {
+            return new WP_Error( 'installation_error', 'Plugin installation failed', array( 'status' => 500 ) );
+        }
+
+        // Get the plugin data
+        $plugin_slug    = $request->get_param( 'plugin_slug' );
+        $plugin_name    = $request->get_param( 'plugin_name' );
+        $plugin_version = $request->get_param( 'plugin_version' );
+
+        // Activate the plugin if it was previously active
+        $all_plugins = get_plugins();
+        $plugin_file = '';
+
+        foreach ( $all_plugins as $file => $plugin ) {
+            if ( strpos( $file, $plugin_slug . '/' ) === 0 || $file === $plugin_slug . '.php' ) {
+                $plugin_file = $file;
+                break;
+            }
+        }
+
+        if ( ! empty( $plugin_file ) && is_plugin_inactive( $plugin_file ) ) {
+            activate_plugin( $plugin_file );
+        }
+
+        // Log the update
+        $this->multi_connect_log_plugin_update( $plugin_name, $plugin_version );
+
+        return array(
+            'success'     => true,
+            'message'     => sprintf( 'Plugin %s updated successfully to version %s', $plugin_name, $plugin_version ),
+            'plugin_file' => $plugin_file,
+        );
+    }
+
+    // Log plugin update
+    public function multi_connect_log_plugin_update( $plugin_name, $plugin_version ): void {
+        $logs = get_option( 'multi_connect_update_logs', array() );
+
+        $logs[] = array(
+            'type'    => 'plugin',
+            'name'    => $plugin_name,
+            'version' => $plugin_version,
+            'date'    => current_time( 'mysql' ),
+        );
+
+        // Keep only the last 50 logs
+        if ( count( $logs ) > 50 ) {
+            $logs = array_slice( $logs, - 50 );
+        }
+
+        update_option( 'multi_connect_update_logs', $logs );
+    }
 }

multi-connect/trunk/multi-connect.php

@@ -4 +4 @@
  * Plugin URI: https://multi-wp.com
  * Description: Connect your WordPress site with Multi-WP for centralized management and updates.
- * Version: 1.0.47
+ * Version: 1.0.48
  * Requires at least: 5.8
  * Requires PHP: 7.4

multi-connect/trunk/readme.txt

@@ -5 +5 @@
 Tested up to: 6.7
 Requires PHP: 7.4
-Stable tag: 1.0.47
+Stable tag: 1.0.48
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -44 +44 @@
 
 == Changelog ==
+
+= 1.0.48 =
+* Update safely several plugins by uploading only once in Multi WP.
 
 = 1.0.47 =