芝麻web文件管理V1.00
编辑当前文件:/home/royashxg/public_html/wp-content/plugins/litespeed-cache/src/cloud.cls.php
_setup_token = $this->conf(self::O_QC_TOKEN); $this->_summary = self::get_summary(); } /** * Get api key from conf * @since 5.3 */ private function _api_key() { return $this->conf(self::O_API_KEY); } /** * Show latest commit version always if is on dev * * @since 3.0 */ public function check_dev_version() { if (!preg_match('/[^\d\.]/', Core::VER)) { return; } $last_check = empty($this->_summary['last_request.' . self::API_VER]) ? 0 : $this->_summary['last_request.' . self::API_VER]; if (time() - $last_check > 86400) { $auto_v = self::version_check('dev'); if (!empty($auto_v['dev'])) { self::save_summary(array('version.dev' => $auto_v['dev'])); } } if (empty($this->_summary['version.dev'])) { return; } self::debug('Latest dev version ' . $this->_summary['version.dev']); if (version_compare($this->_summary['version.dev'], Core::VER, '<=')) { return; } // Show the dev banner require_once LSCWP_DIR . 'tpl/banner/new_version_dev.tpl.php'; } /** * Check latest version * * @since 2.9 * @access public */ public static function version_check($src = false) { $req_data = array( 'v' => defined('LSCWP_CUR_V') ? LSCWP_CUR_V : '', 'src' => $src, 'php' => phpversion(), ); if (defined('LITESPEED_ERR')) { $req_data['err'] = base64_encode(!is_string(LITESPEED_ERR) ? \json_encode(LITESPEED_ERR) : LITESPEED_ERR); } $data = self::post(self::API_VER, $req_data); return $data; } /** * Show latest news * * @since 3.0 */ public function news() { $this->_update_news(); if (empty($this->_summary['news.new'])) { return; } if (!empty($this->_summary['news.plugin']) && Activation::cls()->dash_notifier_is_plugin_active($this->_summary['news.plugin'])) { return; } require_once LSCWP_DIR . 'tpl/banner/cloud_news.tpl.php'; } /** * Update latest news * * @since 2.9.9.1 */ private function _update_news() { if (!empty($this->_summary['news.utime']) && time() - $this->_summary['news.utime'] < 86400 * 7) { return; } self::save_summary(array('news.utime' => time())); $data = self::get(self::API_NEWS); if (empty($data['id'])) { return; } // Save news if (!empty($this->_summary['news.id']) && $this->_summary['news.id'] == $data['id']) { return; } $this->_summary['news.id'] = $data['id']; $this->_summary['news.plugin'] = !empty($data['plugin']) ? $data['plugin'] : ''; $this->_summary['news.title'] = !empty($data['title']) ? $data['title'] : ''; $this->_summary['news.content'] = !empty($data['content']) ? $data['content'] : ''; $this->_summary['news.zip'] = !empty($data['zip']) ? $data['zip'] : ''; $this->_summary['news.new'] = 1; if ($this->_summary['news.plugin']) { $plugin_info = Activation::cls()->dash_notifier_get_plugin_info($this->_summary['news.plugin']); if ($plugin_info && !empty($plugin_info->name)) { $this->_summary['news.plugin_name'] = $plugin_info->name; } } self::save_summary(); } /** * Check if contains a package in a service or not * * @since 4.0 */ public function has_pkg($service, $pkg) { if (!empty($this->_summary['usage.' . $service]['pkgs']) && $this->_summary['usage.' . $service]['pkgs'] & $pkg) { return true; } return false; } /** * Get allowance of current service * * @since 3.0 * @access private */ public function allowance($service, &$err = false) { // Only auto sync usage at most one time per day if (empty($this->_summary['last_request.' . self::SVC_D_USAGE]) || time() - $this->_summary['last_request.' . self::SVC_D_USAGE] > 86400) { $this->sync_usage(); } if (in_array($service, array(self::SVC_CCSS, self::SVC_UCSS, self::SVC_VPI))) { // @since 4.2 $service = self::SVC_PAGE_OPTM; } if (empty($this->_summary['usage.' . $service])) { return 0; } $usage = $this->_summary['usage.' . $service]; // Image optm is always free $allowance_max = 0; if ($service == self::SVC_IMG_OPTM) { $allowance_max = self::IMG_OPTM_DEFAULT_GROUP; if (!empty($usage['pkgs']) && $usage['pkgs'] & self::BM_IMG_OPTM_JUMBO_GROUP) { $allowance_max = self::IMG_OPTM_JUMBO_GROUP; } } $allowance = $usage['quota'] - $usage['used']; $err = 'out_of_quota'; if ($allowance > 0) { if ($allowance_max && $allowance_max < $allowance) { $allowance = $allowance_max; } // Daily limit @since 4.2 if (isset($usage['remaining_daily_quota']) && $usage['remaining_daily_quota'] >= 0 && $usage['remaining_daily_quota'] < $allowance) { $allowance = $usage['remaining_daily_quota']; if (!$allowance) { $err = 'out_of_daily_quota'; } } return $allowance; } // Check Pay As You Go balance if (empty($usage['pag_bal'])) { return $allowance_max; } if ($allowance_max && $allowance_max < $usage['pag_bal']) { return $allowance_max; } return $usage['pag_bal']; } /** * Sync Cloud usage summary data * * @since 3.0 * @access public */ public function sync_usage() { $usage = $this->_post(self::SVC_D_USAGE); if (!$usage) { return; } self::debug('sync_usage ' . \json_encode($usage)); foreach (self::$SERVICES as $v) { $this->_summary['usage.' . $v] = !empty($usage[$v]) ? $usage[$v] : false; } self::save_summary(); return $this->_summary; } /** * Clear all existing cloud nodes for future reconnect * * @since 3.0 * @access public */ public function clear_cloud() { foreach (self::$SERVICES as $service) { if (isset($this->_summary['server.' . $service])) { unset($this->_summary['server.' . $service]); } if (isset($this->_summary['server_date.' . $service])) { unset($this->_summary['server_date.' . $service]); } } self::save_summary(); self::debug('Cleared all local service node caches'); } /** * ping clouds to find the fastest node * * @since 3.0 * @access public */ public function detect_cloud($service, $force = false) { if (in_array($service, self::$CENTER_SVC_SET)) { return self::CLOUD_SERVER; } if (in_array($service, self::$WP_SVC_SET)) { return self::CLOUD_SERVER_WP; } // Check if the stored server needs to be refreshed if (!$force) { if ( !empty($this->_summary['server.' . $service]) && !empty($this->_summary['server_date.' . $service]) && $this->_summary['server_date.' . $service] > time() - 86400 * self::TTL_NODE ) { return $this->_summary['server.' . $service]; } } if (!$service || !in_array($service, self::$SERVICES)) { $msg = __('Cloud Error', 'litespeed-cache') . ': ' . $service; Admin_Display::error($msg); return false; } // Send request to Quic Online Service $json = $this->_post(self::SVC_D_NODES, array('svc' => $this->_maybe_queue($service))); // Check if get list correctly if (empty($json['list']) || !is_array($json['list'])) { self::debug('request cloud list failed: ', $json); if ($json) { $msg = __('Cloud Error', 'litespeed-cache') . ": [Service] $service [Info] " . \json_encode($json); Admin_Display::error($msg); } return false; } // Ping closest cloud $speed_list = array(); foreach ($json['list'] as $v) { // Exclude possible failed 503 nodes if (!empty($this->_summary['disabled_node']) && !empty($this->_summary['disabled_node'][$v]) && time() - $this->_summary['disabled_node'][$v] < 86400) { continue; } $speed_list[$v] = Utility::ping($v); } if (!$speed_list) { self::debug('nodes are in 503 failed nodes'); return false; } $min = min($speed_list); if ($min == 99999) { self::debug('failed to ping all clouds'); return false; } // Random pick same time range ip (230ms 250ms) $range_len = strlen($min); $range_num = substr($min, 0, 1); $valid_clouds = array(); foreach ($speed_list as $node => $speed) { if (strlen($speed) == $range_len && substr($speed, 0, 1) == $range_num) { $valid_clouds[] = $node; } // Append the lower speed ones elseif ($speed < $min * 4) { $valid_clouds[] = $node; } } if (!$valid_clouds) { $msg = __('Cloud Error', 'litespeed-cache') . ": [Service] $service [Info] " . __('No available Cloud Node.', 'litespeed-cache'); Admin_Display::error($msg); return false; } self::debug('Closest nodes list', $valid_clouds); // Check server load if (in_array($service, self::$SERVICES_LOAD_CHECK)) { $valid_cloud_loads = array(); foreach ($valid_clouds as $k => $v) { $response = wp_remote_get($v, array('timeout' => 5, 'sslverify' => true)); if (is_wp_error($response)) { $error_message = $response->get_error_message(); self::debug('failed to do load checker: ' . $error_message); continue; } $curr_load = \json_decode($response['body'], true); if (!empty($curr_load['_res']) && $curr_load['_res'] == 'ok' && isset($curr_load['load'])) { $valid_cloud_loads[$v] = $curr_load['load']; } } if (!$valid_cloud_loads) { $msg = __('Cloud Error', 'litespeed-cache') . ": [Service] $service [Info] " . __('No available Cloud Node after checked server load.', 'litespeed-cache'); Admin_Display::error($msg); return false; } self::debug('Closest nodes list after load check', $valid_cloud_loads); $qualified_list = array_keys($valid_cloud_loads, min($valid_cloud_loads)); } else { $qualified_list = $valid_clouds; } $closest = $qualified_list[array_rand($qualified_list)]; self::debug('Chose node: ' . $closest); // store data into option locally $this->_summary['server.' . $service] = $closest; $this->_summary['server_date.' . $service] = time(); self::save_summary(); return $this->_summary['server.' . $service]; } /** * May need to convert to queue service */ private function _maybe_queue($service) { if (in_array($service, self::$_QUEUE_SVC_SET)) { return self::SVC_QUEUE; } return $service; } /** * Get data from QUIC cloud server * * @since 3.0 * @access public */ public static function get($service, $data = array()) { $instance = self::cls(); return $instance->_get($service, $data); } /** * Get data from QUIC cloud server * * @since 3.0 * @access private */ private function _get($service, $data = false) { $service_tag = $service; if (!empty($data['action'])) { $service_tag .= '-' . $data['action']; } if (!$this->_maybe_cloud($service_tag)) { return; } $server = $this->detect_cloud($service); if (!$server) { return; } $url = $server . '/' . $service; $param = array( 'site_url' => home_url(), 'domain_key' => $this->_api_key(), 'main_domain' => !empty($this->_summary['main_domain']) ? $this->_summary['main_domain'] : '', 'ver' => Core::VER, ); if ($data) { $param['data'] = $data; } $url .= '?' . http_build_query($param); self::debug('getting from : ' . $url); self::save_summary(array('curr_request.' . $service_tag => time())); $response = wp_remote_get($url, array('timeout' => 15, 'sslverify' => true)); return $this->_parse_response($response, $service, $service_tag, $server); } /** * Check if is able to do cloud request or not * * @since 3.0 * @access private */ private function _maybe_cloud($service_tag) { $home_url = home_url(); if (!wp_http_validate_url($home_url)) { self::debug('wp_http_validate_url failed: ' . $home_url); return false; } // Deny if is IP if (preg_match('#^(([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)\.){3}([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)$#', Utility::parse_url_safe($home_url, PHP_URL_HOST))) { self::debug('IP home url is not allowed for cloud service.'); $msg = __('In order to use QC services, need a real domain name, cannot use an IP.', 'litespeed-cache'); Admin_Display::error($msg); return false; } /** @since 5.0 If in valid err_domains, bypass request */ if ($this->_is_err_domain($home_url)) { self::debug('home url is in err_domains, bypass request: ' . $home_url); return false; } // we don't want the `img_optm-taken` to fail at any given time if ($service_tag == self::IMGOPTM_TAKEN) { return true; } if ($service_tag == self::SVC_D_SYNC_CONF && $this->_setup_token && !$this->_api_key()) { self::debug('Skip sync conf if API key is not available yet.'); return false; } $expiration_req = self::EXPIRATION_REQ; // Limit frequent unfinished request to 5min $timestamp_tag = 'curr_request.'; if ($service_tag == self::SVC_IMG_OPTM . '-' . Img_Optm::TYPE_NEW_REQ) { $timestamp_tag = 'last_request.'; if ($this->has_pkg(self::SVC_IMG_OPTM, self::BM_IMG_OPTM_PRIO)) { $expiration_req /= 10; } } else { // For all other requests, if is under debug mode, will always allow if ($this->conf(self::O_DEBUG) && $this->_api_key()) { return true; } } if (!empty($this->_summary[$timestamp_tag . $service_tag])) { $expired = $this->_summary[$timestamp_tag . $service_tag] + $expiration_req - time(); if ($expired > 0) { self::debug("❌ try [$service_tag] after $expired seconds"); if ($service_tag !== self::API_VER) { $msg = __('Cloud Error', 'litespeed-cache') . ': ' . sprintf(__('Please try after %1$s for service %2$s.', 'litespeed-cache'), Utility::readable_time($expired, 0, true), '
' . $service_tag . '
'); Admin_Display::error(array('cloud_trylater' => $msg)); } return false; } } if (in_array($service_tag, self::$_PUB_SVC_SET)) { return true; } if (!$this->_api_key()) { Admin_Display::error(Error::msg('lack_of_api_key')); return false; } return true; } /** * Post data to QUIC.cloud server * * @since 3.0 * @access public */ public static function post($service, $data = false, $time_out = false) { $instance = self::cls(); return $instance->_post($service, $data, $time_out); } /** * Post data to cloud server * * @since 3.0 * @access private */ private function _post($service, $data = false, $time_out = false) { $service_tag = $service; if (!empty($data['action'])) { $service_tag .= '-' . $data['action']; } if (!$this->_maybe_cloud($service_tag)) { return; } $server = $this->detect_cloud($service); if (!$server) { return; } $url = $server . '/' . $this->_maybe_queue($service); self::debug('posting to : ' . $url); if ($data) { $data['service_type'] = $service; // For queue distribution usage } $param = array( 'site_url' => home_url(), 'domain_key' => $this->_api_key(), 'main_domain' => !empty($this->_summary['main_domain']) ? $this->_summary['main_domain'] : '', 'ver' => Core::VER, 'data' => $data, ); self::save_summary(array('curr_request.' . $service_tag => time())); $response = wp_remote_post($url, array('body' => $param, 'timeout' => $time_out ?: 15, 'sslverify' => true)); return $this->_parse_response($response, $service, $service_tag, $server); } /** * Parse response JSON * Mark the request successful if the response status is ok * * @since 3.0 */ private function _parse_response($response, $service, $service_tag, $server) { if (is_wp_error($response)) { $error_message = $response->get_error_message(); self::debug('failed to request: ' . $error_message); if ($service !== self::API_VER && $service !== self::API_NEWS) { $msg = __('Failed to request via WordPress', 'litespeed-cache') . ': ' . $error_message . " [server] $server [service] $service"; Admin_Display::error($msg); // Tmp disabled this node from reusing in 1 day if (empty($this->_summary['disabled_node'])) { $this->_summary['disabled_node'] = array(); } $this->_summary['disabled_node'][$server] = time(); self::save_summary(); // Force redetect node self::debug('Node error, redetecting node [svc] ' . $service); $this->detect_cloud($service, true); } return; } $json = \json_decode($response['body'], true); if (!is_array($json)) { self::debug('failed to decode response json: ' . $response['body']); if ($service !== self::API_VER && $service !== self::API_NEWS) { $msg = __('Failed to request via WordPress', 'litespeed-cache') . ': ' . $response['body'] . " [server] $server [service] $service"; Admin_Display::error($msg); // Tmp disabled this node from reusing in 1 day if (empty($this->_summary['disabled_node'])) { $this->_summary['disabled_node'] = array(); } $this->_summary['disabled_node'][$server] = time(); self::save_summary(); // Force redetect node self::debug('Node error, redetecting node [svc] ' . $service); $this->detect_cloud($service, true); } return; } if (!empty($json['_code'])) { self::debug('Hit err _code: ' . $json['_code']); if ($json['_code'] == 'unpulled_images') { $msg = __('Cloud server refused the current request due to unpulled images. Please pull the images first.', 'litespeed-cache'); Admin_Display::error($msg); return; } if ($json['_code'] == 'blocklisted') { $msg = __('Your domain_key has been temporarily blocklisted to prevent abuse. You may contact support at QUIC.cloud to learn more.', 'litespeed-cache'); Admin_Display::error($msg); return; } if ($json['_code'] == 'rate_limit') { self::debug('Cloud server rate limit exceeded.'); $msg = __('Cloud server refused the current request due to rate limiting. Please try again later.', 'litespeed-cache'); Admin_Display::error($msg); return; } if ($json['_code'] == 'heavy_load' || $json['_code'] == 'redetect_node') { // Force redetect node self::debug('Node redetecting node [svc] ' . $service); Admin_Display::info(__('Redetected node', 'litespeed-cache') . ': ' . Error::msg($json['_code'])); $this->detect_cloud($service, true); } } if (!empty($json['_503'])) { self::debug('service 503 unavailable temporarily. ' . $json['_503']); $msg = __( 'We are working hard to improve your online service experience. The service will be unavailable while we work. We apologize for any inconvenience.', 'litespeed-cache' ); $msg .= ' ' . $json['_503'] . " [server] $server [service] $service"; Admin_Display::error($msg); // Force redetect node self::debug('Node error, redetecting node [svc] ' . $service); $this->detect_cloud($service, true); return; } list($json, $return) = $this->extract_msg($json, $service, $server); if ($return) { return; } self::save_summary(array( 'last_request.' . $service_tag => $this->_summary['curr_request.' . $service_tag], 'curr_request.' . $service_tag => 0, )); if ($json) { self::debug2('response ok', $json); } else { self::debug2('response ok'); } // Only successful request return Array return $json; } /** * Extract msg from json * @since 5.0 */ public function extract_msg($json, $service, $server = false, $is_callback = false) { if (!empty($json['_info'])) { self::debug('_info: ' . $json['_info']); $msg = __('Message from QUIC.cloud server', 'litespeed-cache') . ': ' . $json['_info']; $msg .= $this->_parse_link($json); Admin_Display::info($msg); unset($json['_info']); } if (!empty($json['_note'])) { self::debug('_note: ' . $json['_note']); $msg = __('Message from QUIC.cloud server', 'litespeed-cache') . ': ' . $json['_note']; $msg .= $this->_parse_link($json); Admin_Display::note($msg); unset($json['_note']); } if (!empty($json['_success'])) { self::debug('_success: ' . $json['_success']); $msg = __('Good news from QUIC.cloud server', 'litespeed-cache') . ': ' . $json['_success']; $msg .= $this->_parse_link($json); Admin_Display::succeed($msg); unset($json['_success']); } // Upgrade is required if (!empty($json['_err_req_v'])) { self::debug('_err_req_v: ' . $json['_err_req_v']); $msg = sprintf(__('%1$s plugin version %2$s required for this action.', 'litespeed-cache'), Core::NAME, 'v' . $json['_err_req_v'] . '+') . " [server] $server [service] $service"; // Append upgrade link $msg2 = ' ' . GUI::plugin_upgrade_link(Core::NAME, Core::PLUGIN_NAME, $json['_err_req_v']); $msg2 .= $this->_parse_link($json); Admin_Display::error($msg . $msg2); return array($json, true); } // Parse _carry_on info if (!empty($json['_carry_on'])) { self::debug('Carry_on usage', $json['_carry_on']); // Store generic info foreach (array('usage', 'promo', 'partner', '_error', '_info', '_note', '_success') as $v) { if (isset($json['_carry_on'][$v])) { switch ($v) { case 'usage': $usage_svc_tag = in_array($service, array(self::SVC_CCSS, self::SVC_UCSS, self::SVC_VPI)) ? self::SVC_PAGE_OPTM : $service; $this->_summary['usage.' . $usage_svc_tag] = $json['_carry_on'][$v]; break; case 'promo': if (empty($this->_summary[$v]) || !is_array($this->_summary[$v])) { $this->_summary[$v] = array(); } $this->_summary[$v][] = $json['_carry_on'][$v]; break; case 'partner': $this->_summary[$v] = $json['_carry_on'][$v]; break; case '_error': case '_info': case '_note': case '_success': $color_mode = substr($v, 1); $msgs = $json['_carry_on'][$v]; Admin_Display::add_unique_notice($color_mode, $msgs, true); break; default: break; } } } self::save_summary(); unset($json['_carry_on']); } // Parse general error msg if (!$is_callback && (empty($json['_res']) || $json['_res'] !== 'ok')) { $json_msg = !empty($json['_msg']) ? $json['_msg'] : 'unknown'; self::debug('❌ _err: ' . $json_msg, $json); $str_translated = Error::msg($json_msg); $msg = __('Failed to communicate with QUIC.cloud server', 'litespeed-cache') . ': ' . $str_translated . " [server] $server [service] $service"; $msg .= $this->_parse_link($json); Admin_Display::error($msg); // QC may try auto alias /** @since 5.0 Store the domain as `err_domains` only for QC auto alias feature */ if ($json_msg == 'err_alias') { if (empty($this->_summary['err_domains'])) { $this->_summary['err_domains'] = array(); } $home_url = home_url(); if (!array_key_exists($home_url, $this->_summary['err_domains'])) { $this->_summary['err_domains'][$home_url] = time(); } self::save_summary(); } // Site not on QC, delete invalid domain key if ($json_msg == 'site_not_registered' || $json_msg == 'err_key') { $this->_clean_api_key(); } return array($json, true); } unset($json['_res']); if (!empty($json['_msg'])) { unset($json['_msg']); } return array($json, false); } /** * Clear API key and QC linked status * @since 5.0 */ private function _clean_api_key() { $this->cls('Conf')->update_confs(array(self::O_API_KEY => '')); $this->_summary['is_linked'] = 0; self::save_summary(); $msg = __('Site not recognized. Domain Key has been automatically removed. Please request a new one.', 'litespeed-cache'); $msg .= Doc::learn_more(admin_url('admin.php?page=litespeed-general'), __('Click here to set.', 'litespeed-cache'), true, false, true); $msg .= Doc::learn_more('https://docs.litespeedtech.com/lscache/lscwp/general/#domain-key', false, false, false, true); Admin_Display::error($msg, false, true); } /** * REST call: check if the error domain is valid call for auto alias purpose * @since 5.0 */ public function rest_err_domains() { // Validate token hash first if (empty($_POST['hash']) || empty($_POST['main_domain']) || empty($_POST['alias'])) { return self::err('lack_of_param'); } if (!$this->_api_key() || $_POST['hash'] !== md5(substr($this->_api_key(), 1, 8))) { return self::err('wrong_hash'); } list($post_data) = $this->extract_msg($_POST, 'Quic.cloud', false, true); if ($this->_is_err_domain($_POST['alias'])) { if ($_POST['alias'] == home_url()) { $this->_remove_domain_from_err_list($_POST['alias']); } $res_hash = substr($this->_api_key(), 2, 4); self::debug('__callback IP request hash: md5(' . $res_hash . ')'); return self::ok(array('hash' => md5($res_hash))); } return self::err('Not an alias req from here'); } /** * Remove a domain from err domain * @since 5.0 */ private function _remove_domain_from_err_list($url) { unset($this->_summary['err_domains'][$url]); self::save_summary(); } /** * Check if is err domain * @since 5.0 */ private function _is_err_domain($home_url) { if (empty($this->_summary['err_domains'])) { return false; } if (!array_key_exists($home_url, $this->_summary['err_domains'])) { return false; } // Auto delete if too long ago if (time() - $this->_summary['err_domains'][$home_url] > 86400 * 10) { $this->_remove_domain_from_err_list($home_url); } if (time() - $this->_summary['err_domains'][$home_url] > 86400) { return false; } return true; } public function req_rest_api($api, $body = array()) { $token = $this->_setup_token; if (empty($token)) { Admin_Display::error(__('Cannot request REST API, no token saved.', 'litespeed-cache')); return; } $req_args = array( 'headers' => array( 'Authorization' => 'bearer ' . $token, 'Content-Type' => 'application/json', ), ); self::debug('Req rest api to QC [api] ' . $api); if (!empty($body)) { $req_args['body'] = \json_encode($body); $response = wp_remote_post(self::CLOUD_SERVER . '/v2' . $api, $req_args); } else { $response = wp_remote_get(self::CLOUD_SERVER . '/v2' . $api, $req_args); } return $this->_parse_rest_response($response); } private function _parse_rest_response($response) { if (is_wp_error($response)) { $error_message = $response->get_error_message(); self::debug('failed to request REST API: ' . $error_message); Admin_Display::error(__('Cloud REST Error', 'litespeed-cache') . ': ' . $error_message); return $error_message; } elseif (wp_remote_retrieve_response_code($response) == '401') { Admin_Display::error(__('Unauthorized access to REST API. Your token has expired.', 'litespeed-cache')); return 'unauthorized access to REST API.'; } $json = \json_decode($response['body'], true); self::debug('QC response', $json); if (!$json['success']) { $contactSupport = false; if (isset($json['info']['errors'])) { $errs = array(); foreach ($json['info']['errors'] as $err) { $errs[] = 'Error ' . $err['code'] . ': ' . $err['message']; if ($err['code'] == 1113) { $contactSupport = true; } } $error_message = implode('
', $errs); } else { $error_message = __('Unknown error.', 'litespeed-cache'); $contactSupport = true; } if ($contactSupport) { $error_message .= '
' . __('Contact QUIC.cloud support', 'litespeed-cache') . '
'; } Admin_Display::error(__('Cloud REST API returned error: ', 'litespeed-cache') . $error_message); return $error_message; } return $json; } /** * Show promo from cloud * * @since 3.0 * @access public */ public function show_promo() { // if ( ! $this->_api_key() && ! defined( 'LITESPEED_DISMISS_DOMAIN_KEY' ) ) { // Admin_Display::error( Error::msg( 'lack_of_api_key' ), true ); // } if (empty($this->_summary['promo'])) { return; } require_once LSCWP_DIR . 'tpl/banner/cloud_promo.tpl.php'; } /** * Clear promo from cloud * * @since 3.0 * @access private */ private function _clear_promo() { if (count($this->_summary['promo']) > 1) { array_shift($this->_summary['promo']); } else { $this->_summary['promo'] = array(); } self::save_summary(); } /** * Parse _links from json * * @since 1.6.5 * @since 1.6.7 Self clean the parameter * @access private */ private function _parse_link(&$json) { $msg = ''; if (!empty($json['_links'])) { foreach ($json['_links'] as $v) { $msg .= ' ' . sprintf('
%s
', $v['link'], !empty($v['cls']) ? $v['cls'] : '', $v['title']); } unset($json['_links']); } return $msg; } /** * Request callback validation from Cloud * * @since 3.0 * @access public */ public function ip_validate() { if (empty($_POST['hash'])) { self::debug('Lack of hash param'); return self::err('lack_of_param'); } // Note: Using empty here throws a fatal error in PHP v5.3 if (!$this->_api_key()) { self::debug('Lack of API key'); return self::err('lack_of_api_key'); } $to_validate = substr($this->_api_key(), 0, 4); if ($_POST['hash'] !== md5($to_validate)) { self::debug('__callback IP request hash wrong: md5(' . $to_validate . ') !== ' . $_POST['hash']); return self::err('err_hash'); } Control::set_nocache('Cloud IP hash validation'); $res_hash = substr($this->_api_key(), 2, 4); self::debug('__callback IP request hash: md5(' . $res_hash . ')'); return self::ok(array('hash' => md5($res_hash))); } /** * Can apply for a new token or not * * @since 3.0 */ public function can_token() { return empty($this->_summary['token_ts']) || time() - $this->_summary['token_ts'] > self::EXPIRATION_TOKEN; } public function set_keygen_token($token) { $this->_summary['token'] = $token; $this->_summary['token_ts'] = time(); if (!empty($this->_summary['apikey_ts'])) { unset($this->_summary['apikey_ts']); } self::save_summary(); } /** * Send request for domain key, get json [ 'token' => 'asdfasdf' ] * * @since 3.0 * @access public */ public function gen_key() { $data = array( 'site_url' => home_url(), 'rest' => function_exists('rest_get_url_prefix') ? rest_get_url_prefix() : apply_filters('rest_url_prefix', 'wp-json'), 'server_ip' => $this->conf(self::O_SERVER_IP), ); if (!empty($this->_summary['token'])) { $data['token'] = $this->_summary['token']; } $response = wp_remote_get(self::CLOUD_SERVER . '/d/req_key?data=' . Utility::arr2str($data)); if (is_wp_error($response)) { $error_message = $response->get_error_message(); self::debug('failed to gen_key: ' . $error_message); Admin_Display::error(__('Cloud Error', 'litespeed-cache') . ': ' . $error_message); return; } $json = \json_decode($response['body'], true); // Save token option if (!empty($json['token'])) { $this->set_keygen_token($json['token']); } // Parse general error msg if (empty($json['_res']) || $json['_res'] !== 'ok') { // clear current token unset($this->_summary['token']); self::save_summary(); $json_msg = !empty($json['_msg']) ? $json['_msg'] : 'unknown'; self::debug('❌ _err: ' . $json_msg); $msg = __('Failed to communicate with QUIC.cloud server', 'litespeed-cache') . ': ' . Error::msg($json_msg); $msg .= $this->_parse_link($json); Admin_Display::error($msg); return; } // This is a ok msg if (!empty($json['_msg'])) { self::debug('_msg: ' . $json['_msg']); $msg = __('Message from QUIC.cloud server', 'litespeed-cache') . ': ' . Error::msg($json['_msg']); $msg .= $this->_parse_link($json); Admin_Display::info($msg); return; } self::debug('✅ send request for key successfully.'); Admin_Display::succeed(__('Applied for Domain Key successfully. Please wait for result. Domain Key will be automatically sent to your WordPress.', 'litespeed-cache')); } /** * Token callback validation from Cloud * * @since 3.0 * @access public */ public function token_validate() { try { $this->validate_hash(); } catch (\Exception $e) { return self::err($e->getMessage()); } Control::set_nocache('Cloud token validation'); self::debug('✅ __callback token validation passed'); return self::ok(array('hash' => md5(substr($this->_summary['token'], 3, 8)))); } /** * Callback for approval of api key after validated token and gen key from QUIC.cloud * * @since 3.0 * @access public */ public function save_apikey() { // Validate token hash first if (empty($_POST['domain_key']) || !isset($_POST['is_linked'])) { return self::err('lack_of_param'); } try { $this->validate_hash(1); } catch (\Exception $e) { return self::err($e->getMessage()); } // This doesn't need to sync QUIC conf but need to clear nodes $this->cls('Conf')->update_confs(array(self::O_API_KEY => $_POST['domain_key'])); $this->_summary['is_linked'] = $_POST['is_linked'] ? 1 : 0; $this->_summary['apikey_ts'] = time(); if (!empty($_POST['main_domain'])) { $this->_summary['main_domain'] = $_POST['main_domain']; } // Clear token unset($this->_summary['token']); self::save_summary(); self::debug('✅ saved auth_key'); Admin_Display::succeed('🎊 ' . __('Congratulations, your Domain Key has been approved! The setting has been updated accordingly.', 'litespeed-cache')); return self::ok(); } /** * Validate POST hash match local token or not * * @since 3.0 */ public function validate_hash($offset = 0) { if (empty($_POST['hash'])) { self::debug('Lack of hash param'); throw new \Exception('lack_of_param'); } if (empty($this->_summary['token'])) { self::debug('token validate failed: token not exist'); throw new \Exception('lack_of_local_token'); } if ($_POST['hash'] !== md5(substr($this->_summary['token'], $offset, 8))) { self::debug('token validate failed: token mismatch hash !== ' . $_POST['hash']); throw new \Exception('mismatch'); } } /** * If can link the domain to QC user or not * * @since 3.0 */ public function can_link_qc() { return empty($this->_summary['is_linked']) && $this->_api_key(); } /** * Link the domain to QC user * * @since 3.0 */ private function _link_to_qc() { if (!$this->can_link_qc()) { return; } $data = array( 'site_url' => home_url(), 'domain_hash' => md5(substr($this->_api_key(), 0, 8)), 'ref' => get_admin_url(null, 'admin.php?page=litespeed-general'), ); wp_redirect(self::CLOUD_SERVER_DASH . '/u/wp?data=' . Utility::arr2str($data)); exit(); } public function qc_link() { $data = array( 'site_url' => home_url(), 'domain_hash' => md5(substr($this->_api_key(), 0, 8)), 'ver' => LSCWP_V, ); return self::CLOUD_SERVER_DASH . '/u/wp?data=' . Utility::arr2str($data); // . (!empty($this->_summary['is_linked']) ? '?wplogin=1' : ''); } public function set_linked() { $this->_summary['is_linked'] = 1; self::save_summary(); # Force resync qc conf $this->cls('CDN\Quic')->try_sync_conf(true); } /** * Update is_linked status if is a redirected back from QC * * @since 3.0 * @since 5.0 renamed update_is_linked_status -> parse_qc_redir, add param for additional args. Return args if exist. */ public function parse_qc_redir($check_token = false) { if (!$this->_api_key() && !empty($this->_summary['is_linked'])) { $this->_summary['is_linked'] = 0; self::save_summary(); } if (empty($_GET['qc_res'])) { return false; } if ($_GET['qc_res'] == 'registered') { if (!empty($_GET['qc_new'])) { Admin_Display::succeed(__('QUIC.cloud account has been created and successfully linked.', 'litespeed-cache'), true); } else { Admin_Display::succeed(__('QUIC.cloud account has been successfully linked.', 'litespeed-cache'), true); } } $qsDrop = array(); $qsDrop[] = ".replace( '&qc_res=" . sanitize_key($_GET['qc_res']) . ', \'\' )'; if (!empty($_GET['domain_hash'])) { if (empty($_GET['domain_hash_nonce'])) { Admin_Display::error(__('Domain Key hash nonce missing.', 'litespeed-cache'), true); return false; } $salt = substr($this->_api_key(), 3, 8); $tick = ceil(time() / 43200); $nonce = md5($salt . $tick); $nonce2 = md5($salt . ($tick - 1)); if ($_GET['domain_hash_nonce'] != $nonce && $_GET['domain_hash_nonce'] != $nonce2) { Admin_Display::error(__('Domain Key hash nonce mismatch. Please correct your server clock.', 'litespeed-cache'), true); return false; } if (md5(substr($this->_api_key(), 2, 8)) !== $_GET['domain_hash']) { Admin_Display::error(__('Domain Key hash mismatch', 'litespeed-cache'), true); return false; } $this->set_linked(); $qsDrop[] = ".replace( '&domain_hash=" . sanitize_key($_GET['domain_hash']) . ', \'\' )'; } $token = ''; if ($check_token && !empty($_GET['token'])) { // Validate nonce `litespeed_qc_link` if (empty($_GET['nonce']) || !wp_verify_nonce($_GET['nonce'], 'litespeed_qc_link')) { Admin_Display::error(__('Failed to verify domain nonce.', 'litespeed-cache'), true); return false; } $token = preg_replace('/[^0-9a-zA-Z]/', '', $_GET['token']); $qsDrop[] = ".replace( '&token=" . urlencode($_GET['token']) . ', \'\' )'; } $replaceStr = implode('', $qsDrop); // Drop QS echo "'; return $token; } /** * Check if this visit is from cloud or not * * @since 3.0 */ public function is_from_cloud() { $check_point = time() - 86400 * self::TTL_IPS; if (empty($this->_summary['ips']) || empty($this->_summary['ips_ts']) || $this->_summary['ips_ts'] < $check_point) { self::debug('Force updating ip as ips_ts is older than ' . self::TTL_IPS . ' days'); $this->_update_ips(); } $res = $this->cls('Router')->ip_access($this->_summary['ips']); if (!$res) { self::debug('❌ Not our cloud IP'); // Auto check ip list again but need an interval limit safety. if (empty($this->_summary['ips_ts_runner']) || time() - $this->_summary['ips_ts_runner'] > 600) { self::debug('Force updating ip as ips_ts_runner is older than 10mins'); // Refresh IP list for future detection $this->_update_ips(); $res = $this->cls('Router')->ip_access($this->_summary['ips']); if (!$res) { self::debug('❌ 2nd time: Not our cloud IP'); } else { self::debug('✅ Passed Cloud IP verification'); } return $res; } } else { self::debug('✅ Passed Cloud IP verification'); } return $res; } /** * Update Cloud IP list * * @since 4.2 */ private function _update_ips() { self::debug('Load remote Cloud IP list from ' . self::CLOUD_IPS); // Prevent multiple call in a short period self::save_summary(array('ips_ts' => time(), 'ips_ts_runner' => time())); $response = wp_remote_get(self::CLOUD_IPS . '?json'); if (is_wp_error($response)) { $error_message = $response->get_error_message(); self::debug('failed to get ip whitelist: ' . $error_message); throw new \Exception('Failed to fetch QUIC.cloud whitelist ' . $error_message); } $json = \json_decode($response['body'], true); self::debug('Load ips', $json); self::save_summary(array('ips' => $json)); } /** * Return succeeded response * * @since 3.0 */ public static function ok($data = array()) { $data['_res'] = 'ok'; return $data; } /** * Return error * * @since 3.0 */ public static function err($code) { return array('_res' => 'err', '_msg' => $code); } /** * Return pong for ping to check PHP function availability * @since 6.5 */ public function ping() { $resp = array( 'v_lscwp' => Core::VER, 'v_php' => PHP_VERSION, 'v_wp' => $GLOBALS['wp_version'], ); if (!empty($_POST['funcs'])) { foreach ($_POST['funcs'] as $v) { $resp[$v] = function_exists($v) ? 'y' : 'n'; } } if (!empty($_POST['classes'])) { foreach ($_POST['classes'] as $v) { $resp[$v] = class_exists($v) ? 'y' : 'n'; } } if (!empty($_POST['consts'])) { foreach ($_POST['consts'] as $v) { $resp[$v] = defined($v) ? 'y' : 'n'; } } return self::ok($resp); } /** * Handle all request actions from main cls * * @since 3.0 * @access public */ public function handler() { $type = Router::verify_type(); switch ($type) { case self::TYPE_CLEAR_CLOUD: $this->clear_cloud(); break; case self::TYPE_REDETECT_CLOUD: if (!empty($_GET['svc'])) { $this->detect_cloud($_GET['svc'], true); } break; case self::TYPE_CLEAR_PROMO: $this->_clear_promo(); break; case self::TYPE_GEN_KEY: $this->gen_key(); break; case self::TYPE_LINK: $this->_link_to_qc(); break; case self::TYPE_SYNC_USAGE: $this->sync_usage(); $msg = __('Sync credit allowance with Cloud Server successfully.', 'litespeed-cache'); Admin_Display::succeed($msg); break; default: break; } Admin::redirect(); } }