@Lf|#0`,p @M\1 @6/=1H䀡@vx nd9t"@CP(@pAX TR@,wtDuV_k@%>+ y=@ 4m$2 Hv &F@#!'5T@t&@,Z#Z4t@tdu!ɹW@H08 z;h@U p^@p\l!"D(u@vxjY`x5T=_=_(c5T@S`!2s@ \1Q@Ā-a@1<1K+^>@C +@+< z@:֒傅 @[ `@Jsd{ 4dY8@Tрr@9L ap@2ٰ$pva@[XY@I p-x@ܢ[X1i VJ@ ӭ!_ YMa<@3Zxd1W@&llL@$>؃Pb@$pl"݀ @<ˊ'r(rm@prg@quـo@^ I@\TUUҀ hd@+A1"*@\#CLq1p2 @Qʩh8\P@;8bGR@.(l!D _+c@`<1+0L1(RL@lYQg% _&D@t‚R @/̑pJ&LR@b30lI=@t~RP@D|%I# _ @`1Te@`N4@۾&ȹ\@96pP6(yK@(T/(2AIx߬p/@K0X95̂P@a.<04pr@lC ^@[ JqM[0/Oc@o5c@uz@rpj9߁0֬pH@sZX@M/px@tbY@aڃX1W0ނ-m@?3`搏@ |q5X@~3!gt$(y@xf~P@X{Zb@ S+@ƬHB,<Ł *@@|[pDu@xh^iXO@%ظȸV_P@vP`<1|q@٬t24-0@?8r=X@q0+[oY+ @2h%Y@fC@LT*`5R4b@Bئ@ǞnWg @hEuUд@~a` v@,=LΑm@)vhIJ(@J1WH퀪3 @) 1d @N~1 `Z0&a0kWQ@ N2V@|!K2^@Yp2p@Yd1+@ՠI@8r]R@}T 4$@ju_1@uo/@N&hFjX=2FHRD( j@檗P<Qr0{ Hch *I@o|+-+@1x`1[j@&T1$@呉8@G@1DR@5&>r@ O> @kAT1yd߀;@㟜l1lY+ B@_Q1 @!1n D@~pp@{1Z m@bs%(@kւ0D@ i1@] hu+_@]xY@U3da1$ r'@Wl:@nY1$|@`1$(쓶@gPZv E@1$mh A@/pv@sd t@F26-|p@nD1&0ZX(0Ŕ1$\ 8@ Etp1"YP@P(1$l@!pK@&51n,@PhŇ@Np&@K,1TH]@5 <зL@(`@J ! b@ Tq1~q \@`vP|1 v@glH\@ plc@R1t3 @R]= 1ȭq&@[uj@ñh$|dx @ 1LՑi@3TB7Ӏ@99<1(\0&&<k1(!lz@<2#x+D@gpH@1@0h1LH@_]@Fg @ɗ:,;@Se1}Xq,=@v,n@Ť2$r,@-ْ,@O @|ML@+$lJ @dp^@$2d1]̀@^1@H8 ԕs>@1@ ĵ~P+k@s&@p00 +pXPR@='|N{Q`@}Vz1@@1aߒ.(@ \.8@y~j@" \&@8Z(&@ @UPMItS&@/&@- J@jĤt0^` Th=@1~@(<c2B0[ŬVTfD0R؇P'Qh(tg@|D(S'x@:is_active() ) { if ( ! is_protected_endpoint() ) { return new WP_Error( 'non_protected_endpoint', __( 'Error occurred on a non-protected endpoint.' ) ); } if ( ! function_exists( 'wp_generate_password' ) ) { require_once ABSPATH . WPINC . '/pluggable.php'; } return $this->email_service->maybe_send_recovery_mode_email( $this->get_email_rate_limit(), $error, $extension ); } if ( ! $this->store_error( $error ) ) { return new WP_Error( 'storage_error', __( 'Failed to store the error.' ) ); } if ( headers_sent() ) { return true; } $this->redirect_protected(); } /** * Ends the current recovery mode session. * * @since 5.2.0 * * @return bool True on success, false on failure. */ public function exit_recovery_mode() { if ( ! $this->is_active() ) { return false; } $this->email_service->clear_rate_limit(); $this->cookie_service->clear_cookie(); wp_paused_plugins()->delete_all(); wp_paused_themes()->delete_all(); return true; } /** * Handles a request to exit Recovery Mode. * * @since 5.2.0 */ public function handle_exit_recovery_mode() { $redirect_to = wp_get_referer(); // Safety check in case referrer returns false. if ( ! $redirect_to ) { $redirect_to = is_user_logged_in() ? admin_url() : home_url(); } if ( ! $this->is_active() ) { wp_safe_redirect( $redirect_to ); die; } if ( ! isset( $_GET['action'] ) || self::EXIT_ACTION !== $_GET['action'] ) { return; } if ( ! isset( $_GET['_wpnonce'] ) || ! wp_verify_nonce( $_GET['_wpnonce'], self::EXIT_ACTION ) ) { wp_die( __( 'Exit recovery mode link expired.' ), 403 ); } if ( ! $this->exit_recovery_mode() ) { wp_die( __( 'Failed to exit recovery mode. Please try again later.' ) ); } wp_safe_redirect( $redirect_to ); die; } /** * Cleans any recovery mode keys that have expired according to the link TTL. * * Executes on a daily cron schedule. * * @since 5.2.0 */ public function clean_expired_keys() { $this->key_service->clean_expired_keys( $this->get_link_ttl() ); } /** * Handles checking for the recovery mode cookie and validating it. * * @since 5.2.0 */ protected function handle_cookie() { $validated = $this->cookie_service->validate_cookie(); if ( is_wp_error( $validated ) ) { $this->cookie_service->clear_cookie(); $validated->add_data( array( 'status' => 403 ) ); wp_die( $validated ); } $session_id = $this->cookie_service->get_session_id_from_cookie(); if ( is_wp_error( $session_id ) ) { $this->cookie_service->clear_cookie(); $session_id->add_data( array( 'status' => 403 ) ); wp_die( $session_id ); } $this->is_active = true; $this->session_id = $session_id; } /** * Gets the rate limit between sending new recovery mode email links. * * @since 5.2.0 * * @return int Rate limit in seconds. */ protected function get_email_rate_limit() { /** * Filters the rate limit between sending new recovery mode email links. * * @since 5.2.0 * * @param int $rate_limit Time to wait in seconds. Defaults to 1 day. */ return apply_filters( 'recovery_mode_email_rate_limit', DAY_IN_SECONDS ); } /** * Gets the number of seconds the recovery mode link is valid for. * * @since 5.2.0 * * @return int Interval in seconds. */ protected function get_link_ttl() { $rate_limit = $this->get_email_rate_limit(); $valid_for = $rate_limit; /** * Filters the amount of time the recovery mode email link is valid for. * * The ttl must be at least as long as the email rate limit. * * @since 5.2.0 * * @param int $valid_for The number of seconds the link is valid for. */ $valid_for = apply_filters( 'recovery_mode_email_link_ttl', $valid_for ); return max( $valid_for, $rate_limit ); } /** * Gets the extension that the error occurred in. * * @since 5.2.0 * * @global array $wp_theme_directories * * @param array $error Error details from `error_get_last()`. * @return array|false { * Extension details. * * @type string $slug The extension slug. This is the plugin or theme's directory. * @type string $type The extension type. Either 'plugin' or 'theme'. * } */ protected function get_extension_for_error( $error ) { global $wp_theme_directories; if ( ! isset( $error['file'] ) ) { return false; } if ( ! defined( 'WP_PLUGIN_DIR' ) ) { return false; } $error_file = wp_normalize_path( $error['file'] ); $wp_plugin_dir = wp_normalize_path( WP_PLUGIN_DIR ); if ( str_starts_with( $error_file, $wp_plugin_dir ) ) { $path = str_replace( $wp_plugin_dir . '/', '', $error_file ); $parts = explode( '/', $path ); return array( 'type' => 'plugin', 'slug' => $parts[0], ); } if ( empty( $wp_theme_directories ) ) { return false; } foreach ( $wp_theme_directories as $theme_directory ) { $theme_directory = wp_normalize_path( $theme_directory ); if ( str_starts_with( $error_file, $theme_directory ) ) { $path = str_replace( $theme_directory . '/', '', $error_file ); $parts = explode( '/', $path ); return array( 'type' => 'theme', 'slug' => $parts[0], ); } } return false; } /** * Checks whether the given extension a network activated plugin. * * @since 5.2.0 * * @param array $extension Extension data. * @return bool True if network plugin, false otherwise. */ protected function is_network_plugin( $extension ) { if ( 'plugin' !== $extension['type'] ) { return false; } if ( ! is_multisite() ) { return false; } $network_plugins = wp_get_active_network_plugins(); foreach ( $network_plugins as $plugin ) { if ( str_starts_with( $plugin, $extension['slug'] . '/' ) ) { return true; } } return false; } /** * Stores the given error so that the extension causing it is paused. * * @since 5.2.0 * * @param array $error Error details from `error_get_last()`. * @return bool True if the error was stored successfully, false otherwise. */ protected function store_error( $error ) { $extension = $this->get_extension_for_error( $error ); if ( ! $extension ) { return false; } switch ( $extension['type'] ) { case 'plugin': return wp_paused_plugins()->set( $extension['slug'], $error ); case 'theme': return wp_paused_themes()->set( $extension['slug'], $error ); default: return false; } } /** * Redirects the current request to allow recovering multiple errors in one go. * * The redirection will only happen when on a protected endpoint. * * It must be ensured that this method is only called when an error actually occurred and will not occur on the * next request again. Otherwise it will create a redirect loop. * * @since 5.2.0 */ protected function redirect_protected() { // Pluggable is usually loaded after plugins, so we manually include it here for redirection functionality. if ( ! function_exists( 'wp_safe_redirect' ) ) { require_once ABSPATH . WPINC . '/pluggable.php'; } $scheme = is_ssl() ? 'https://' : 'http://'; $url = "{$scheme}{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"; wp_safe_redirect( $url ); exit; } }