X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/8f374b7233bc2815ccc387e448d208c5434eb961..baca9ce86a38dc54c4574890ee2d352fd81f78b2:/wp-admin/includes/class-wp-upgrader.php diff --git a/wp-admin/includes/class-wp-upgrader.php b/wp-admin/includes/class-wp-upgrader.php index c70ef66b..63155927 100644 --- a/wp-admin/includes/class-wp-upgrader.php +++ b/wp-admin/includes/class-wp-upgrader.php @@ -98,7 +98,7 @@ class WP_Upgrader { break; default: if ( ! $wp_filesystem->find_folder($dir) ) - return new WP_Error('fs_no_folder', sprintf($this->strings['fs_no_folder'], $dir)); + return new WP_Error( 'fs_no_folder', sprintf( $this->strings['fs_no_folder'], esc_html( basename( $dir ) ) ) ); break; } } @@ -496,11 +496,11 @@ class Plugin_Upgrader extends WP_Upgrader { $this->skin->plugin_info = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin, false, true); if ( !isset( $current->response[ $plugin ] ) ) { - $this->skin->set_result(false); + $this->skin->set_result(true); $this->skin->before(); - $this->skin->error('up_to_date'); + $this->skin->feedback('up_to_date'); $this->skin->after(); - $results[$plugin] = false; + $results[$plugin] = true; continue; } @@ -763,10 +763,7 @@ class Theme_Upgrader extends WP_Upgrader { return $this->result; // Force refresh of theme update information - delete_site_transient('update_themes'); - search_theme_directories( true ); - foreach ( wp_get_themes() as $theme ) - $theme->cache_delete(); + wp_clean_themes_cache(); return true; } @@ -812,10 +809,7 @@ class Theme_Upgrader extends WP_Upgrader { return $this->result; // Force refresh of theme update information - delete_site_transient('update_themes'); - search_theme_directories( true ); - foreach ( wp_get_themes() as $theme ) - $theme->cache_delete(); + wp_clean_themes_cache(); return true; } @@ -857,17 +851,17 @@ class Theme_Upgrader extends WP_Upgrader { foreach ( $themes as $theme ) { $this->update_current++; + $this->skin->theme_info = $this->theme_info($theme); + if ( !isset( $current->response[ $theme ] ) ) { - $this->skin->set_result(false); + $this->skin->set_result(true); $this->skin->before(); - $this->skin->error('up_to_date'); + $this->skin->feedback('up_to_date'); $this->skin->after(); - $results[$theme] = false; + $results[$theme] = true; continue; } - $this->skin->theme_info = $this->theme_info($theme); - // Get the URL to the zip file $r = $current->response[ $theme ]; @@ -902,10 +896,7 @@ class Theme_Upgrader extends WP_Upgrader { remove_filter('upgrader_clear_destination', array(&$this, 'delete_old_theme'), 10, 4); // Force refresh of theme update information - delete_site_transient('update_themes'); - search_theme_directories( true ); - foreach ( wp_get_themes() as $theme ) - $theme->cache_delete(); + wp_clean_themes_cache(); return $results; } @@ -962,13 +953,11 @@ class Theme_Upgrader extends WP_Upgrader { if ( $theme != get_stylesheet() ) // If not current return $return; - // Ensure stylesheet name hasnt changed after the upgrade: - // @TODO: Note, This doesn't handle the Template changing, or the Template name changing. + // Ensure stylesheet name hasn't changed after the upgrade: if ( $theme == get_stylesheet() && $theme != $this->result['destination_name'] ) { - $theme_info = $this->theme_info(); + wp_clean_themes_cache(); $stylesheet = $this->result['destination_name']; - $template = $theme_info->get_template(); - switch_theme($template, $stylesheet, true); + switch_theme( $stylesheet ); } //Time to remove maintenance mode @@ -1144,7 +1133,7 @@ class WP_Upgrader_Skin { } elseif ( is_wp_error($errors) && $errors->get_error_code() ) { foreach ( $errors->get_error_messages() as $message ) { if ( $errors->get_error_data() ) - $this->feedback($message . ' ' . $errors->get_error_data() ); + $this->feedback($message . ' ' . esc_html( $errors->get_error_data() ) ); else $this->feedback($message); } @@ -1158,8 +1147,11 @@ class WP_Upgrader_Skin { if ( strpos($string, '%') !== false ) { $args = func_get_args(); $args = array_splice($args, 1); - if ( !empty($args) ) + if ( $args ) { + $args = array_map( 'strip_tags', $args ); + $args = array_map( 'esc_html', $args ); $string = vsprintf($string, $args); + } } if ( empty($string) ) return; @@ -1199,16 +1191,14 @@ class Plugin_Upgrader_Skin extends WP_Upgrader_Skin { function after() { $this->plugin = $this->upgrader->plugin_info(); if ( !empty($this->plugin) && !is_wp_error($this->result) && $this->plugin_active ){ - echo ''; + echo ''; } $update_actions = array( - 'activate_plugin' => '' . __('Activate Plugin') . '', + 'activate_plugin' => '' . __('Activate Plugin') . '', 'plugins_page' => '' . __('Return to Plugins page') . '' ); - if ( $this->plugin_active ) - unset( $update_actions['activate_plugin'] ); - if ( ! $this->result || is_wp_error($this->result) ) + if ( $this->plugin_active || ! $this->result || is_wp_error( $this->result ) || ! current_user_can( 'activate_plugins' ) ) unset( $update_actions['activate_plugin'] ); $update_actions = apply_filters('update_plugin_complete_actions', $update_actions, $this->plugin); @@ -1257,8 +1247,11 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin { if ( strpos($string, '%') !== false ) { $args = func_get_args(); $args = array_splice($args, 1); - if ( !empty($args) ) + if ( $args ) { + $args = array_map( 'strip_tags', $args ); + $args = array_map( 'esc_html', $args ); $string = vsprintf($string, $args); + } } if ( empty($string) ) return; @@ -1282,7 +1275,7 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin { if ( is_wp_error($error) ) { foreach ( $error->get_error_messages() as $emessage ) { if ( $error->get_error_data() ) - $messages[] = $emessage . ' ' . $error->get_error_data(); + $messages[] = $emessage . ' ' . esc_html( $error->get_error_data() ); else $messages[] = $emessage; } @@ -1301,8 +1294,8 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin { function before($title = '') { $this->in_loop = true; - printf( '

' . $this->upgrader->strings['skin_before_update_header'] . '

', $title, $this->upgrader->update_current, $this->upgrader->update_count); - echo ''; + printf( '

' . $this->upgrader->strings['skin_before_update_header'] . '

', $title, $this->upgrader->update_current, $this->upgrader->update_count); + echo ''; echo '

'; $this->flush_output(); } @@ -1362,6 +1355,8 @@ class Bulk_Plugin_Upgrader_Skin extends Bulk_Upgrader_Skin { 'plugins_page' => '' . __('Return to Plugins page') . '', 'updates_page' => '' . __('Return to WordPress Updates') . '' ); + if ( ! current_user_can( 'activate_plugins' ) ) + unset( $update_actions['plugins_page'] ); $update_actions = apply_filters('update_bulk_plugins_complete_actions', $update_actions, $this->plugin_info); if ( ! empty($update_actions) ) @@ -1395,6 +1390,8 @@ class Bulk_Theme_Upgrader_Skin extends Bulk_Upgrader_Skin { 'themes_page' => '' . __('Return to Themes page') . '', 'updates_page' => '' . __('Return to WordPress Updates') . '' ); + if ( ! current_user_can( 'switch_themes' ) && ! current_user_can( 'edit_theme_options' ) ) + unset( $update_actions['themes_page'] ); $update_actions = apply_filters('update_bulk_theme_complete_actions', $update_actions, $this->theme_info ); if ( ! empty($update_actions) ) @@ -1439,12 +1436,12 @@ class Plugin_Installer_Skin extends WP_Upgrader_Skin { $from = isset($_GET['from']) ? stripslashes($_GET['from']) : 'plugins'; if ( 'import' == $from ) - $install_actions['activate_plugin'] = '' . __('Activate Plugin & Run Importer') . ''; + $install_actions['activate_plugin'] = '' . __('Activate Plugin & Run Importer') . ''; else - $install_actions['activate_plugin'] = '' . __('Activate Plugin') . ''; + $install_actions['activate_plugin'] = '' . __('Activate Plugin') . ''; if ( is_multisite() && current_user_can( 'manage_network_plugins' ) ) { - $install_actions['network_activate'] = '' . __('Network Activate') . ''; + $install_actions['network_activate'] = '' . __('Network Activate') . ''; unset( $install_actions['activate_plugin'] ); } @@ -1456,9 +1453,11 @@ class Plugin_Installer_Skin extends WP_Upgrader_Skin { $install_actions['plugins_page'] = '' . __('Return to Plugins page') . ''; if ( ! $this->result || is_wp_error($this->result) ) { + unset( $install_actions['activate_plugin'], $install_actions['network_activate'] ); + } elseif ( ! current_user_can( 'activate_plugins' ) ) { unset( $install_actions['activate_plugin'] ); - unset( $install_actions['network_activate'] ); } + $install_actions = apply_filters('install_plugin_complete_actions', $install_actions, $this->api, $plugin_file); if ( ! empty($install_actions) ) $this->feedback(implode(' | ', (array)$install_actions)); @@ -1507,14 +1506,14 @@ class Theme_Installer_Skin extends WP_Upgrader_Skin { $preview_link = add_query_arg( array( 'preview' => 1, - 'template' => $template, - 'stylesheet' => $stylesheet, - ), trailingslashit( get_home_url() ) ); + 'template' => urlencode( $template ), + 'stylesheet' => urlencode( $stylesheet ), + ), trailingslashit( home_url() ) ); $activate_link = add_query_arg( array( 'action' => 'activate', - 'template' => $template, - 'stylesheet' => $stylesheet, + 'template' => urlencode( $template ), + 'stylesheet' => urlencode( $stylesheet ), ), admin_url('themes.php') ); $activate_link = wp_nonce_url( $activate_link, 'switch-theme_' . $stylesheet ); @@ -1524,14 +1523,14 @@ class Theme_Installer_Skin extends WP_Upgrader_Skin { $install_actions['activate'] = '' . __('Activate') . ''; if ( is_network_admin() && current_user_can( 'manage_network_themes' ) ) - $install_actions['network_enable'] = '' . __( 'Network Enable' ) . ''; + $install_actions['network_enable'] = '' . __( 'Network Enable' ) . ''; if ( $this->type == 'web' ) $install_actions['themes_page'] = '' . __('Return to Theme Installer') . ''; - else + elseif ( current_user_can( 'switch_themes' ) || current_user_can( 'edit_theme_options' ) ) $install_actions['themes_page'] = '' . __('Return to Themes page') . ''; - if ( ! $this->result || is_wp_error($this->result) || is_network_admin() ) + if ( ! $this->result || is_wp_error($this->result) || is_network_admin() || ! current_user_can( 'switch_themes' ) ) unset( $install_actions['activate'], $install_actions['preview'] ); $install_actions = apply_filters('install_theme_complete_actions', $install_actions, $this->api, $stylesheet, $theme_info); @@ -1571,20 +1570,21 @@ class Theme_Upgrader_Skin extends WP_Upgrader_Skin { $preview_link = add_query_arg( array( 'preview' => 1, - 'template' => $template, - 'stylesheet' => $stylesheet, - ), trailingslashit( get_home_url() ) ); + 'template' => urlencode( $template ), + 'stylesheet' => urlencode( $stylesheet ), + ), trailingslashit( home_url() ) ); $activate_link = add_query_arg( array( 'action' => 'activate', - 'template' => $template, - 'stylesheet' => $stylesheet, + 'template' => urlencode( $template ), + 'stylesheet' => urlencode( $stylesheet ), ), admin_url('themes.php') ); $activate_link = wp_nonce_url( $activate_link, 'switch-theme_' . $stylesheet ); if ( get_stylesheet() == $stylesheet ) { - $update_actions['preview'] = '' . __('Customize') . ''; - } else { + if ( current_user_can( 'edit_theme_options' ) ) + $update_actions['preview'] = '' . __('Customize') . ''; + } elseif ( current_user_can( 'switch_themes' ) ) { $update_actions['preview'] = '' . __('Preview') . ''; $update_actions['preview'] .= '' . __('Live Preview') . ''; $update_actions['activate'] = '' . __('Activate') . ''; @@ -1676,4 +1676,4 @@ class File_Upload_Upgrader { return true; } -} \ No newline at end of file +}