2008-02-11 06:45:54 +01:00
|
|
|
<?php
|
2008-08-16 09:27:34 +02:00
|
|
|
/**
|
2009-04-19 21:36:28 +02:00
|
|
|
* Update/Install Plugin/Theme administration panel.
|
2008-08-16 09:27:34 +02:00
|
|
|
*
|
|
|
|
* @package WordPress
|
|
|
|
* @subpackage Administration
|
|
|
|
*/
|
|
|
|
|
2020-04-05 05:02:11 +02:00
|
|
|
if ( ! defined( 'IFRAME_REQUEST' )
|
|
|
|
&& isset( $_GET['action'] ) && in_array( $_GET['action'], array( 'update-selected', 'activate-plugin', 'update-selected-themes' ), true )
|
|
|
|
) {
|
2010-12-10 19:25:18 +01:00
|
|
|
define( 'IFRAME_REQUEST', true );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-10-18 19:58:36 +02:00
|
|
|
|
2008-08-16 09:27:34 +02:00
|
|
|
/** WordPress Administration Bootstrap */
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once __DIR__ . '/admin.php';
|
2008-02-11 06:45:54 +01:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
|
2016-08-31 18:31:29 +02:00
|
|
|
|
2020-07-10 08:08:06 +02:00
|
|
|
wp_enqueue_script( 'wp-a11y' );
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $_GET['action'] ) ) {
|
|
|
|
$plugin = isset( $_REQUEST['plugin'] ) ? trim( $_REQUEST['plugin'] ) : '';
|
|
|
|
$theme = isset( $_REQUEST['theme'] ) ? urldecode( $_REQUEST['theme'] ) : '';
|
|
|
|
$action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : '';
|
2008-12-09 19:03:31 +01:00
|
|
|
|
2020-05-16 20:42:12 +02:00
|
|
|
if ( 'update-selected' === $action ) {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! current_user_can( 'update_plugins' ) ) {
|
2016-06-29 17:16:29 +02:00
|
|
|
wp_die( __( 'Sorry, you are not allowed to update plugins for this site.' ) );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-03-06 09:39:50 +01:00
|
|
|
|
|
|
|
check_admin_referer( 'bulk-update-plugins' );
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $_GET['plugins'] ) ) {
|
|
|
|
$plugins = explode( ',', stripslashes( $_GET['plugins'] ) );
|
|
|
|
} elseif ( isset( $_POST['checked'] ) ) {
|
2010-03-06 09:39:50 +01:00
|
|
|
$plugins = (array) $_POST['checked'];
|
2017-12-01 00:11:00 +01:00
|
|
|
} else {
|
2010-03-06 09:39:50 +01:00
|
|
|
$plugins = array();
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-03-06 09:39:50 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$plugins = array_map( 'urldecode', $plugins );
|
2010-03-06 09:39:50 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$url = 'update.php?action=update-selected&plugins=' . urlencode( implode( ',', $plugins ) );
|
2010-03-06 09:39:50 +01:00
|
|
|
$nonce = 'bulk-update-plugins';
|
|
|
|
|
2014-02-26 07:55:14 +01:00
|
|
|
wp_enqueue_script( 'updates' );
|
2010-03-06 09:39:50 +01:00
|
|
|
iframe_header();
|
|
|
|
|
|
|
|
$upgrader = new Plugin_Upgrader( new Bulk_Plugin_Upgrader_Skin( compact( 'nonce', 'url' ) ) );
|
|
|
|
$upgrader->bulk_upgrade( $plugins );
|
|
|
|
|
|
|
|
iframe_footer();
|
2010-03-17 17:27:25 +01:00
|
|
|
|
2020-05-16 20:42:12 +02:00
|
|
|
} elseif ( 'upgrade-plugin' === $action ) {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! current_user_can( 'update_plugins' ) ) {
|
|
|
|
wp_die( __( 'Sorry, you are not allowed to update plugins for this site.' ) );
|
|
|
|
}
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
check_admin_referer( 'upgrade-plugin_' . $plugin );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2021-07-22 15:53:00 +02:00
|
|
|
// Used in the HTML title tag.
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = __( 'Update Plugin' );
|
|
|
|
$parent_file = 'plugins.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
$submenu_file = 'plugins.php';
|
2014-02-26 07:55:14 +01:00
|
|
|
|
|
|
|
wp_enqueue_script( 'updates' );
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-header.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
|
|
|
|
$nonce = 'upgrade-plugin_' . $plugin;
|
2017-12-01 00:11:00 +01:00
|
|
|
$url = 'update.php?action=upgrade-plugin&plugin=' . urlencode( $plugin );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$upgrader = new Plugin_Upgrader( new Plugin_Upgrader_Skin( compact( 'title', 'nonce', 'url', 'plugin' ) ) );
|
|
|
|
$upgrader->upgrade( $plugin );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-footer.php';
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2020-05-16 20:42:12 +02:00
|
|
|
} elseif ( 'activate-plugin' === $action ) {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! current_user_can( 'update_plugins' ) ) {
|
|
|
|
wp_die( __( 'Sorry, you are not allowed to update plugins for this site.' ) );
|
|
|
|
}
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
check_admin_referer( 'activate-plugin_' . $plugin );
|
|
|
|
if ( ! isset( $_GET['failure'] ) && ! isset( $_GET['success'] ) ) {
|
|
|
|
wp_redirect( admin_url( 'update.php?action=activate-plugin&failure=true&plugin=' . urlencode( $plugin ) . '&_wpnonce=' . $_GET['_wpnonce'] ) );
|
2010-10-27 15:40:14 +02:00
|
|
|
activate_plugin( $plugin, '', ! empty( $_GET['networkwide'] ), true );
|
2017-12-01 00:11:00 +01:00
|
|
|
wp_redirect( admin_url( 'update.php?action=activate-plugin&success=true&plugin=' . urlencode( $plugin ) . '&_wpnonce=' . $_GET['_wpnonce'] ) );
|
2008-03-22 00:02:00 +01:00
|
|
|
die();
|
|
|
|
}
|
2017-12-01 00:11:00 +01:00
|
|
|
iframe_header( __( 'Plugin Reactivation' ), true );
|
|
|
|
if ( isset( $_GET['success'] ) ) {
|
|
|
|
echo '<p>' . __( 'Plugin reactivated successfully.' ) . '</p>';
|
|
|
|
}
|
2008-03-22 00:02:00 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $_GET['failure'] ) ) {
|
|
|
|
echo '<p>' . __( 'Plugin failed to reactivate due to a fatal error.' ) . '</p>';
|
2009-12-12 10:20:07 +01:00
|
|
|
|
2011-04-12 11:21:13 +02:00
|
|
|
error_reporting( E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR );
|
2020-01-29 01:45:18 +01:00
|
|
|
ini_set( 'display_errors', true ); // Ensure that fatal errors are displayed.
|
2014-02-11 00:00:15 +01:00
|
|
|
wp_register_plugin_realpath( WP_PLUGIN_DIR . '/' . $plugin );
|
2020-02-06 07:33:11 +01:00
|
|
|
include WP_PLUGIN_DIR . '/' . $plugin;
|
2008-03-22 00:02:00 +01:00
|
|
|
}
|
2008-10-14 01:39:56 +02:00
|
|
|
iframe_footer();
|
2020-05-16 20:42:12 +02:00
|
|
|
} elseif ( 'install-plugin' === $action ) {
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! current_user_can( 'install_plugins' ) ) {
|
2016-06-29 17:16:29 +02:00
|
|
|
wp_die( __( 'Sorry, you are not allowed to install plugins on this site.' ) );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2009-04-19 21:36:28 +02:00
|
|
|
|
Coding Standards: Replace `include_once` with `require_once` for required files.
Per [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#writing-include-require-statements WordPress PHP coding standards], it is ''strongly recommended'' to use `require[_once]` for unconditional includes. When using `include[_once]`, PHP will throw a warning when the file is not found but will continue execution, which will almost certainly lead to other errors/warnings/notices being thrown if your application depends on the file loaded, potentially leading to security leaks. For that reason, `require[_once]` is generally the better choice as it will throw a `Fatal Error` if the file cannot be found.
Follow-up to [1674], [1812], [1964], [6779], [8540], [10521], [11005], [11911], [16065], [16149], [25421], [25466], [25823], [37714], [42981], [45448], [47198], [54276], [55633].
Props kausaralm, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55641
git-svn-id: http://core.svn.wordpress.org/trunk@55153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-09 13:57:22 +02:00
|
|
|
require_once ABSPATH . 'wp-admin/includes/plugin-install.php'; // For plugins_api().
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2015-09-26 17:50:25 +02:00
|
|
|
check_admin_referer( 'install-plugin_' . $plugin );
|
2017-12-01 00:11:00 +01:00
|
|
|
$api = plugins_api(
|
2018-08-17 03:51:36 +02:00
|
|
|
'plugin_information',
|
|
|
|
array(
|
2017-12-01 00:11:00 +01:00
|
|
|
'slug' => $plugin,
|
|
|
|
'fields' => array(
|
2018-02-01 06:17:33 +01:00
|
|
|
'sections' => false,
|
2017-12-01 00:11:00 +01:00
|
|
|
),
|
|
|
|
)
|
|
|
|
);
|
2015-09-26 17:50:25 +02:00
|
|
|
|
|
|
|
if ( is_wp_error( $api ) ) {
|
2017-12-01 00:11:00 +01:00
|
|
|
wp_die( $api );
|
2015-09-26 17:50:25 +02:00
|
|
|
}
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2021-07-22 15:53:00 +02:00
|
|
|
// Used in the HTML title tag.
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = __( 'Plugin Installation' );
|
|
|
|
$parent_file = 'plugins.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
$submenu_file = 'plugin-install.php';
|
2021-07-22 15:53:00 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-header.php';
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2019-09-03 02:41:05 +02:00
|
|
|
/* translators: %s: Plugin name and version. */
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = sprintf( __( 'Installing Plugin: %s' ), $api->name . ' ' . $api->version );
|
2009-04-19 21:36:28 +02:00
|
|
|
$nonce = 'install-plugin_' . $plugin;
|
2017-12-01 00:11:00 +01:00
|
|
|
$url = 'update.php?action=install-plugin&plugin=' . urlencode( $plugin );
|
|
|
|
if ( isset( $_GET['from'] ) ) {
|
|
|
|
$url .= '&from=' . urlencode( stripslashes( $_GET['from'] ) );
|
|
|
|
}
|
2010-05-27 13:04:08 +02:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
$type = 'web'; // Install plugin type, From Web or an Upload.
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$upgrader = new Plugin_Upgrader( new Plugin_Installer_Skin( compact( 'title', 'url', 'nonce', 'plugin', 'api' ) ) );
|
|
|
|
$upgrader->install( $api->download_link );
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-footer.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2020-05-16 20:42:12 +02:00
|
|
|
} elseif ( 'upload-plugin' === $action ) {
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2014-08-27 03:32:18 +02:00
|
|
|
if ( ! current_user_can( 'upload_plugins' ) ) {
|
2016-06-29 17:16:29 +02:00
|
|
|
wp_die( __( 'Sorry, you are not allowed to install plugins on this site.' ) );
|
2014-08-27 03:32:18 +02:00
|
|
|
}
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
check_admin_referer( 'plugin-upload' );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$file_upload = new File_Upload_Upgrader( 'pluginzip', 'package' );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2021-07-22 15:53:00 +02:00
|
|
|
// Used in the HTML title tag.
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = __( 'Upload Plugin' );
|
|
|
|
$parent_file = 'plugins.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
$submenu_file = 'plugin-install.php';
|
2021-07-22 15:53:00 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-header.php';
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2019-09-03 02:41:05 +02:00
|
|
|
/* translators: %s: File name. */
|
Upgrade/install: Allow plugin and theme updates from a uploaded .zip file.
Props mariovalney, cyberhobo, imath, shaunandrews, mariovalney, earnjam, desrosj, dd32, folletto, swissspidy, melchoyce, pento, joshuawold, psykro, clorith, ahortin, galbaras, pingram3541, joyously, doobeedoo, karmatosed, poena, whyisjake, earnjam, sergeybiryukov, audrasjb, azaozz.
Fixes #9757.
Built from https://develop.svn.wordpress.org/trunk@48390
git-svn-id: http://core.svn.wordpress.org/trunk@48159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 19:49:05 +02:00
|
|
|
$title = sprintf( __( 'Installing plugin from uploaded file: %s' ), esc_html( basename( $file_upload->filename ) ) );
|
2009-04-19 21:36:28 +02:00
|
|
|
$nonce = 'plugin-upload';
|
2017-12-01 00:11:00 +01:00
|
|
|
$url = add_query_arg( array( 'package' => $file_upload->id ), 'update.php?action=upload-plugin' );
|
2020-01-29 01:45:18 +01:00
|
|
|
$type = 'upload'; // Install plugin type, From Web or an Upload.
|
2009-04-19 21:36:28 +02:00
|
|
|
|
Upgrade/install: Allow plugin and theme updates from a uploaded .zip file.
Props mariovalney, cyberhobo, imath, shaunandrews, mariovalney, earnjam, desrosj, dd32, folletto, swissspidy, melchoyce, pento, joshuawold, psykro, clorith, ahortin, galbaras, pingram3541, joyously, doobeedoo, karmatosed, poena, whyisjake, earnjam, sergeybiryukov, audrasjb, azaozz.
Fixes #9757.
Built from https://develop.svn.wordpress.org/trunk@48390
git-svn-id: http://core.svn.wordpress.org/trunk@48159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 19:49:05 +02:00
|
|
|
$overwrite = isset( $_GET['overwrite'] ) ? sanitize_text_field( $_GET['overwrite'] ) : '';
|
|
|
|
$overwrite = in_array( $overwrite, array( 'update-plugin', 'downgrade-plugin' ), true ) ? $overwrite : '';
|
|
|
|
|
|
|
|
$upgrader = new Plugin_Upgrader( new Plugin_Installer_Skin( compact( 'type', 'title', 'nonce', 'url', 'overwrite' ) ) );
|
|
|
|
$result = $upgrader->install( $file_upload->package, array( 'overwrite_package' => $overwrite ) );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( $result || is_wp_error( $result ) ) {
|
2011-08-28 07:51:38 +02:00
|
|
|
$file_upload->cleanup();
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2011-08-28 05:51:35 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-footer.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2020-07-10 08:08:06 +02:00
|
|
|
} elseif ( 'upload-plugin-cancel-overwrite' === $action ) {
|
|
|
|
if ( ! current_user_can( 'upload_plugins' ) ) {
|
|
|
|
wp_die( __( 'Sorry, you are not allowed to install plugins on this site.' ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
check_admin_referer( 'plugin-upload-cancel-overwrite' );
|
|
|
|
|
|
|
|
// Make sure the attachment still exists, or File_Upload_Upgrader will call wp_die()
|
|
|
|
// that shows a generic "Please select a file" error.
|
|
|
|
if ( ! empty( $_GET['package'] ) ) {
|
|
|
|
$attachment_id = (int) $_GET['package'];
|
|
|
|
|
|
|
|
if ( get_post( $attachment_id ) ) {
|
|
|
|
$file_upload = new File_Upload_Upgrader( 'pluginzip', 'package' );
|
|
|
|
$file_upload->cleanup();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
wp_redirect( self_admin_url( 'plugin-install.php' ) );
|
|
|
|
exit;
|
2020-05-16 20:42:12 +02:00
|
|
|
} elseif ( 'upgrade-theme' === $action ) {
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! current_user_can( 'update_themes' ) ) {
|
|
|
|
wp_die( __( 'Sorry, you are not allowed to update themes for this site.' ) );
|
|
|
|
}
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
check_admin_referer( 'upgrade-theme_' . $theme );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2014-02-26 07:55:14 +01:00
|
|
|
wp_enqueue_script( 'updates' );
|
2012-04-10 04:25:03 +02:00
|
|
|
|
2021-07-22 15:53:00 +02:00
|
|
|
// Used in the HTML title tag.
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = __( 'Update Theme' );
|
|
|
|
$parent_file = 'themes.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
$submenu_file = 'themes.php';
|
2021-07-22 15:53:00 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-header.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
|
|
|
|
$nonce = 'upgrade-theme_' . $theme;
|
2017-12-01 00:11:00 +01:00
|
|
|
$url = 'update.php?action=upgrade-theme&theme=' . urlencode( $theme );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$upgrader = new Theme_Upgrader( new Theme_Upgrader_Skin( compact( 'title', 'nonce', 'url', 'theme' ) ) );
|
|
|
|
$upgrader->upgrade( $theme );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-footer.php';
|
2020-05-16 20:42:12 +02:00
|
|
|
} elseif ( 'update-selected-themes' === $action ) {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! current_user_can( 'update_themes' ) ) {
|
2016-06-29 17:16:29 +02:00
|
|
|
wp_die( __( 'Sorry, you are not allowed to update themes for this site.' ) );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2010-03-13 04:59:40 +01:00
|
|
|
check_admin_referer( 'bulk-update-themes' );
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $_GET['themes'] ) ) {
|
|
|
|
$themes = explode( ',', stripslashes( $_GET['themes'] ) );
|
|
|
|
} elseif ( isset( $_POST['checked'] ) ) {
|
2010-03-13 04:59:40 +01:00
|
|
|
$themes = (array) $_POST['checked'];
|
2017-12-01 00:11:00 +01:00
|
|
|
} else {
|
2010-03-13 04:59:40 +01:00
|
|
|
$themes = array();
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-03-13 04:59:40 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$themes = array_map( 'urldecode', $themes );
|
2010-03-13 04:59:40 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$url = 'update.php?action=update-selected-themes&themes=' . urlencode( implode( ',', $themes ) );
|
2010-03-13 04:59:40 +01:00
|
|
|
$nonce = 'bulk-update-themes';
|
|
|
|
|
2014-02-26 07:55:14 +01:00
|
|
|
wp_enqueue_script( 'updates' );
|
2010-03-13 04:59:40 +01:00
|
|
|
iframe_header();
|
|
|
|
|
|
|
|
$upgrader = new Theme_Upgrader( new Bulk_Theme_Upgrader_Skin( compact( 'nonce', 'url' ) ) );
|
|
|
|
$upgrader->bulk_upgrade( $themes );
|
|
|
|
|
|
|
|
iframe_footer();
|
2020-05-16 20:42:12 +02:00
|
|
|
} elseif ( 'install-theme' === $action ) {
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! current_user_can( 'install_themes' ) ) {
|
2016-06-29 17:16:29 +02:00
|
|
|
wp_die( __( 'Sorry, you are not allowed to install themes on this site.' ) );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2008-02-11 06:45:54 +01:00
|
|
|
|
Coding Standards: Replace `include_once` with `require_once` for required files.
Per [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#writing-include-require-statements WordPress PHP coding standards], it is ''strongly recommended'' to use `require[_once]` for unconditional includes. When using `include[_once]`, PHP will throw a warning when the file is not found but will continue execution, which will almost certainly lead to other errors/warnings/notices being thrown if your application depends on the file loaded, potentially leading to security leaks. For that reason, `require[_once]` is generally the better choice as it will throw a `Fatal Error` if the file cannot be found.
Follow-up to [1674], [1812], [1964], [6779], [8540], [10521], [11005], [11911], [16065], [16149], [25421], [25466], [25823], [37714], [42981], [45448], [47198], [54276], [55633].
Props kausaralm, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55641
git-svn-id: http://core.svn.wordpress.org/trunk@55153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-09 13:57:22 +02:00
|
|
|
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; // For themes_api().
|
2016-08-31 18:31:29 +02:00
|
|
|
|
2014-04-15 03:16:14 +02:00
|
|
|
check_admin_referer( 'install-theme_' . $theme );
|
2017-12-01 00:11:00 +01:00
|
|
|
$api = themes_api(
|
2018-08-17 03:51:36 +02:00
|
|
|
'theme_information',
|
|
|
|
array(
|
2017-12-01 00:11:00 +01:00
|
|
|
'slug' => $theme,
|
|
|
|
'fields' => array(
|
|
|
|
'sections' => false,
|
|
|
|
'tags' => false,
|
|
|
|
),
|
|
|
|
)
|
2020-01-29 01:45:18 +01:00
|
|
|
); // Save on a bit of bandwidth.
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-10-09 18:04:48 +02:00
|
|
|
if ( is_wp_error( $api ) ) {
|
|
|
|
wp_die( $api );
|
|
|
|
}
|
2012-04-10 04:25:03 +02:00
|
|
|
|
2021-07-22 15:53:00 +02:00
|
|
|
// Used in the HTML title tag.
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = __( 'Install Themes' );
|
|
|
|
$parent_file = 'themes.php';
|
2010-03-19 09:03:52 +01:00
|
|
|
$submenu_file = 'themes.php';
|
2021-07-22 15:53:00 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-header.php';
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2019-09-03 02:41:05 +02:00
|
|
|
/* translators: %s: Theme name and version. */
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = sprintf( __( 'Installing Theme: %s' ), $api->name . ' ' . $api->version );
|
2009-04-19 21:36:28 +02:00
|
|
|
$nonce = 'install-theme_' . $theme;
|
2017-12-01 00:11:00 +01:00
|
|
|
$url = 'update.php?action=install-theme&theme=' . urlencode( $theme );
|
2020-01-29 01:45:18 +01:00
|
|
|
$type = 'web'; // Install theme type, From Web or an Upload.
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$upgrader = new Theme_Upgrader( new Theme_Installer_Skin( compact( 'title', 'url', 'nonce', 'plugin', 'api' ) ) );
|
|
|
|
$upgrader->install( $api->download_link );
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-footer.php';
|
2009-04-20 20:18:39 +02:00
|
|
|
|
2020-05-16 20:42:12 +02:00
|
|
|
} elseif ( 'upload-theme' === $action ) {
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2014-08-27 03:32:18 +02:00
|
|
|
if ( ! current_user_can( 'upload_themes' ) ) {
|
2016-06-29 17:16:29 +02:00
|
|
|
wp_die( __( 'Sorry, you are not allowed to install themes on this site.' ) );
|
2014-08-27 03:32:18 +02:00
|
|
|
}
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
check_admin_referer( 'theme-upload' );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$file_upload = new File_Upload_Upgrader( 'themezip', 'package' );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2021-07-22 15:53:00 +02:00
|
|
|
// Used in the HTML title tag.
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = __( 'Upload Theme' );
|
|
|
|
$parent_file = 'themes.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
$submenu_file = 'theme-install.php';
|
2012-04-10 04:25:03 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-header.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2019-09-03 02:41:05 +02:00
|
|
|
/* translators: %s: File name. */
|
Upgrade/install: Allow plugin and theme updates from a uploaded .zip file.
Props mariovalney, cyberhobo, imath, shaunandrews, mariovalney, earnjam, desrosj, dd32, folletto, swissspidy, melchoyce, pento, joshuawold, psykro, clorith, ahortin, galbaras, pingram3541, joyously, doobeedoo, karmatosed, poena, whyisjake, earnjam, sergeybiryukov, audrasjb, azaozz.
Fixes #9757.
Built from https://develop.svn.wordpress.org/trunk@48390
git-svn-id: http://core.svn.wordpress.org/trunk@48159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 19:49:05 +02:00
|
|
|
$title = sprintf( __( 'Installing theme from uploaded file: %s' ), esc_html( basename( $file_upload->filename ) ) );
|
2009-04-19 21:36:28 +02:00
|
|
|
$nonce = 'theme-upload';
|
2017-12-01 00:11:00 +01:00
|
|
|
$url = add_query_arg( array( 'package' => $file_upload->id ), 'update.php?action=upload-theme' );
|
2020-01-29 01:45:18 +01:00
|
|
|
$type = 'upload'; // Install theme type, From Web or an Upload.
|
2009-04-19 21:36:28 +02:00
|
|
|
|
Upgrade/install: Allow plugin and theme updates from a uploaded .zip file.
Props mariovalney, cyberhobo, imath, shaunandrews, mariovalney, earnjam, desrosj, dd32, folletto, swissspidy, melchoyce, pento, joshuawold, psykro, clorith, ahortin, galbaras, pingram3541, joyously, doobeedoo, karmatosed, poena, whyisjake, earnjam, sergeybiryukov, audrasjb, azaozz.
Fixes #9757.
Built from https://develop.svn.wordpress.org/trunk@48390
git-svn-id: http://core.svn.wordpress.org/trunk@48159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 19:49:05 +02:00
|
|
|
$overwrite = isset( $_GET['overwrite'] ) ? sanitize_text_field( $_GET['overwrite'] ) : '';
|
|
|
|
$overwrite = in_array( $overwrite, array( 'update-theme', 'downgrade-theme' ), true ) ? $overwrite : '';
|
|
|
|
|
|
|
|
$upgrader = new Theme_Upgrader( new Theme_Installer_Skin( compact( 'type', 'title', 'nonce', 'url', 'overwrite' ) ) );
|
|
|
|
$result = $upgrader->install( $file_upload->package, array( 'overwrite_package' => $overwrite ) );
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( $result || is_wp_error( $result ) ) {
|
2011-08-28 07:51:38 +02:00
|
|
|
$file_upload->cleanup();
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2011-08-28 05:51:35 +02:00
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . 'wp-admin/admin-footer.php';
|
2009-04-19 21:36:28 +02:00
|
|
|
|
2020-07-10 08:08:06 +02:00
|
|
|
} elseif ( 'upload-theme-cancel-overwrite' === $action ) {
|
|
|
|
if ( ! current_user_can( 'upload_themes' ) ) {
|
|
|
|
wp_die( __( 'Sorry, you are not allowed to install themes on this site.' ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
check_admin_referer( 'theme-upload-cancel-overwrite' );
|
|
|
|
|
|
|
|
// Make sure the attachment still exists, or File_Upload_Upgrader will call wp_die()
|
|
|
|
// that shows a generic "Please select a file" error.
|
|
|
|
if ( ! empty( $_GET['package'] ) ) {
|
|
|
|
$attachment_id = (int) $_GET['package'];
|
|
|
|
|
|
|
|
if ( get_post( $attachment_id ) ) {
|
|
|
|
$file_upload = new File_Upload_Upgrader( 'themezip', 'package' );
|
|
|
|
$file_upload->cleanup();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
wp_redirect( self_admin_url( 'theme-install.php' ) );
|
|
|
|
exit;
|
2009-04-19 21:36:28 +02:00
|
|
|
} else {
|
2013-10-27 19:37:09 +01:00
|
|
|
/**
|
|
|
|
* Fires when a custom plugin or theme update request is received.
|
|
|
|
*
|
2014-11-30 12:42:24 +01:00
|
|
|
* The dynamic portion of the hook name, `$action`, refers to the action
|
2013-10-27 19:37:09 +01:00
|
|
|
* provided in the request for wp-admin/update.php. Can be used to
|
|
|
|
* provide custom update functionality for themes and plugins.
|
|
|
|
*
|
|
|
|
* @since 2.8.0
|
|
|
|
*/
|
2019-07-05 03:45:56 +02:00
|
|
|
do_action( "update-custom_{$action}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
|
2009-04-19 21:36:28 +02:00
|
|
|
}
|
2010-04-30 03:54:32 +02:00
|
|
|
}
|