Deprecated stuff to their file

[Github/YOURLS.git] / includes / functions-http.php

<?php
/**
 * Functions that relate to HTTP requests
 *
 */
 
/**
 * On functions using the 3rd party library Requests: 
 *
 * The goal here is to provide convenient wrapper functions to the Requests library. There are
 * 2 types of functions for each METHOD, where METHOD is 'get' or 'post' (implement more as needed)
 *     - yourls_http_METHOD() :
 *         Return a complete Response object (with ->body, ->headers, ->status_code, etc...) or
 *         a simple string (error message)
 *     - yourls_http_METHOD_body() :
 *         Return a string (response body) or null if there was an error
 *
 * @since 1.7
 */

/**
 * Perform a GET request, return response object or error string message
 *
 * Notable object properties: body, headers, status_code
 *
 * @since 1.7
 * @see yourls_http_request
 * @return mixed Response object, or error string
 */
function yourls_http_get( $url, $headers = array(), $data = array(), $options = array() ) {
        return yourls_http_request( 'GET', $url, $headers, $data, $options );
}

/**
 * Perform a GET request, return body or null if there was an error
 *
 * @since 1.7
 * @see yourls_http_request
 * @return mixed String (page body) or null if error
 */
function yourls_http_get_body( $url, $headers = array(), $data = array(), $options = array() ) {
        $return = yourls_http_get( $url, $headers, $data, $options );
        return isset( $return->body ) ? $return->body : null;
}

/**
 * Perform a POST request, return response object
 *
 * Notable object properties: body, headers, status_code
 *
 * @since 1.7
 * @see yourls_http_request
 * @return mixed Response object, or error string
 */
function yourls_http_post( $url, $headers = array(), $data = array(), $options = array() ) {
        return yourls_http_request( 'POST', $url, $headers, $data, $options );
}

/**
 * Perform a POST request, return body
 *
 * Wrapper for yourls_http_request()
 *
 * @since 1.7
 * @see yourls_http_request
 * @return mixed String (page body) or null if error
 */
function yourls_http_post_body( $url, $headers = array(), $data = array(), $options = array() ) {
        $return = yourls_http_post( $url, $headers, $data, $options );
        return isset( $return->body ) ? $return->body : null;
}

/**
 * Check if a proxy is defined for HTTP requests
 *
 * @uses YOURLS_PROXY
 * @since 1.7
 * @return bool true if a proxy is defined, false otherwise
 */
function yourls_http_proxy_is_defined() {
        return yourls_apply_filter( 'http_proxy_is_defined', defined( 'YOURLS_PROXY' ) );
}

/**
 * Default HTTP requests options for YOURLS
 *
 * For a list of all available options, see function request() in /includes/Requests/Requests.php
 *
 * @uses YOURLS_PROXY
 * @uses YOURLS_PROXY_USERNAME
 * @uses YOURLS_PROXY_PASSWORD
 * @since 1.7
 * @return array Options
 */
function yourls_http_default_options() {
        $options = array(
                'timeout'          => yourls_apply_filter( 'http_default_options_timeout', 3 ),
                'useragent'        => yourls_http_user_agent(),
                'follow_redirects' => true,
                'redirects'        => 3,
        );
        
        if( yourls_http_proxy_is_defined() ) {
                if( defined( 'YOURLS_PROXY_USERNAME' ) && defined( 'YOURLS_PROXY_PASSWORD' ) ) {
                        $options['proxy'] = array( YOURLS_PROXY, YOURLS_PROXY_USERNAME, YOURLS_PROXY_PASSWORD );
                } else {
                        $options['proxy'] = YOURLS_PROXY;
                }
        }

        return yourls_apply_filter( 'http_default_options', $options ); 
}

/**
 * Whether URL should be sent through the proxy server.
 *
 * Concept stolen from WordPress. The idea is to allow some URLs, including localhost and the YOURLS install itself,
 * to be requested directly and bypassing any defined proxy.
 *
 * @uses YOURLS_PROXY
 * @uses YOURLS_PROXY_BYPASS_HOSTS
 * @since 1.7
 * @param string $url URL to check
 * @return bool true to request through proxy, false to request directly
 */
function yourls_send_through_proxy( $url ) {

        // Allow plugins to short-circuit the whole function
        $pre = yourls_apply_filter( 'shunt_send_through_proxy', null, $url );
        if ( null !== $pre )
                return $pre;

        $check = @parse_url( $url );
        
        // Malformed URL, can not process, but this could mean ssl, so let through anyway.
        if ( $check === false )
                return true;
        
        // Self and loopback URLs are considered local (':' is parse_url() host on '::1')
        $home = parse_url( YOURLS_SITE );
        $local = array( 'localhost', '127.0.0.1', '127.1', '[::1]', ':', $home['host'] );
        
        if( in_array( $check['host'], $local ) )
                return false;
                
        if ( !defined( 'YOURLS_PROXY_BYPASS_HOSTS' ) )
                return true;
        
        // Check YOURLS_PROXY_BYPASS_HOSTS
        static $bypass_hosts;
        static $wildcard_regex = false;
        if ( null == $bypass_hosts ) {
                        $bypass_hosts = preg_split( '|,\s*|', YOURLS_PROXY_BYPASS_HOSTS );

                        if ( false !== strpos( YOURLS_PROXY_BYPASS_HOSTS, '*' ) ) {
                                        $wildcard_regex = array();
                                        foreach ( $bypass_hosts as $host )
                                                        $wildcard_regex[] = str_replace( '\*', '.+', preg_quote( $host, '/' ) );
                                        $wildcard_regex = '/^(' . implode( '|', $wildcard_regex ) . ')$/i';
                        }
        }

        if ( !empty( $wildcard_regex ) )
                return !preg_match( $wildcard_regex, $check['host'] );
        else
                return !in_array( $check['host'], $bypass_hosts );
}

/**
 * Perform a HTTP request, return response object
 *
 * @since 1.7
 * @param string $var Stuff
 * @return string Result
 */
function yourls_http_request( $type, $url, $headers, $data, $options ) {
        yourls_http_load_library();
        
        $options = array_merge( yourls_http_default_options(), $options );
        
        if( yourls_http_proxy_is_defined() && !yourls_send_through_proxy( $url ) )
                unset( $options['proxy'] );
        
        try {
                $result = Requests::request( $url, $headers, $data, $type, $options );
        } catch( Requests_Exception $e ) {
                $result = yourls_debug_log( $e->getMessage() . ' (' . $type . ' on ' . $url . ')' );
        };
        
        return $result;
}

/**
 * Check if Requests class is defined, include Requests library if need be
 *
 * All HTTP functions should perform that check prior to any operation. This is to avoid
 * include()-ing all the Requests files on every YOURLS instance disregarding whether needed or not.
 *
 * @since 1.7
 */
function yourls_http_load_library() {
        if ( !class_exists( 'Requests', false ) ) {
                require_once dirname( __FILE__ ) . '/Requests/Requests.php';
                Requests::register_autoloader();
        }
}

/**
 * Return funky user agent string
 *
 * @since 1.5
 * @return string UA string
 */
function yourls_http_user_agent() {
        return yourls_apply_filter( 'http_user_agent', 'YOURLS v'.YOURLS_VERSION.' +http://yourls.org/ (running on '.YOURLS_SITE.')' );
}

/**
 * Check api.yourls.org if there's a newer version of YOURLS
 *
 * This function collects various stats to help us improve YOURLS. See https://gist.github.com/ozh/5518761
 * Results of requests sent to api.yourls.org are stored in option 'core_version_checks' and is an object
 * with the following properties:
 *    - failed_attempts : number of consecutive failed attempts
 *    - last_attempt    : time() of last attempt
 *    - last_result     : content retrieved from api.yourls.org during previous check
 *    - version_checked : installed YOURLS version that was last checked
 *
 * @since 1.7
 * @return mixed JSON data if api.yourls.org successfully requested, false otherwise
 */
function yourls_check_core_version() {

        global $ydb, $yourls_user_passwords;
        
        $checks = yourls_get_option( 'core_version_checks' );
        
        // Invalidate check data when YOURLS version changes
        if ( is_object( $checks ) && YOURLS_VERSION != $checks->version_checked ) {
                $checks = false;
        }
        
        if( !is_object( $checks ) ) {
                $checks = new stdClass;
                $checks->failed_attempts = 0;
                $checks->last_attempt    = 0;
                $checks->last_result     = '';
                $checks->version_checked = YOURLS_VERSION;
        }

        // Config file location ('u' for '/user' or 'i' for '/includes')
        $conf_loc = str_replace( YOURLS_ABSPATH, '', YOURLS_CONFIGFILE );
        $conf_loc = str_replace( '/config.php', '', $conf_loc );
        $conf_loc = ( $conf_loc == '/user' ? 'u' : 'i' );
                
        // The collection of stuff to report
        $stuff = array(
                'md5'                => md5( YOURLS_SITE . YOURLS_ABSPATH ),  // globally unique site identifier, don't remove

                'failed_attempts'    => $checks->failed_attempts,
                'yourls_site'        => YOURLS_SITE,
                'yourls_version'     => YOURLS_VERSION,
                'php_version'        => phpversion(),
                'mysql_version'      => $ydb->mysql_version(),
                'locale'             => yourls_get_locale(),

                'db_driver'          => YOURLS_DB_DRIVER,
                'db_ext_pdo'         => extension_loaded( 'pdo_mysql' ) ? 1 : 0,
                'db_ext_mysql'       => extension_loaded( 'mysql' )     ? 1 : 0,
                'db_ext_mysqli'      => extension_loaded( 'mysqli' )    ? 1 : 0,
                'ext_curl'           => extension_loaded( 'curl' )      ? 1 : 0,

                'num_users'          => count( $yourls_user_passwords ),
                'config_location'    => $conf_loc,
                'yourls_private'     => YOURLS_PRIVATE     ? 1 : 0,
                'yourls_unique'      => YOURLS_UNIQUE_URLS ? 1 : 0,
                'yourls_url_convert' => YOURLS_URL_CONVERT,
                'num_active_plugins' => yourls_has_active_plugins(),
        );
        
        $stuff = yourls_apply_filter( 'version_check_stuff', $stuff );
        
        // Send it in
        $url = 'https://api.yourls.org/core/version/1.0/';
        $req = yourls_http_post( $url, array(), $stuff );
        
        $checks->last_attempt = time();
        $checks->version_checked = YOURLS_VERSION;

        // Unexpected results ?
        if( is_string( $req ) or !$req->success ) {
                $checks->failed_attempts = $checks->failed_attempts + 1;
                yourls_update_option( 'core_version_checks', $checks );
                return false;
        }
        
        // Parse response
        $json = json_decode( trim( $req->body ) );
        
        if( isset( $json->latest ) && isset( $json->zipurl ) ) {
                // All went OK - mark this down
                $checks->failed_attempts = 0;
                $checks->last_result     = $json;
                yourls_update_option( 'core_version_checks', $checks );
                
                return $json;
        }
        
        // Request returned actual result, but not what we expected
        return false;   
}

/**
 * Determine if we want to check for a newer YOURLS version (and check if applicable)
 *
 * Currently checks are performed every 24h and only when someone is visiting an admin page.
 * In the future (1.8?) maybe check with cronjob emulation instead.
 *
 * @since 1.7
 * @return bool true if a check was needed and successfully performed, false otherwise
 */
function yourls_maybe_check_core_version() {

        // Allow plugins to short-circuit the whole function
        $pre = yourls_apply_filter( 'shunt_maybe_check_core_version', null );
        if ( null !== $pre )
                return $pre;

        if( defined( 'YOURLS_NO_VERSION_CHECK' ) && YOURLS_NO_VERSION_CHECK )
                return false;

        if( !yourls_is_admin() )
                return false;

        $checks = yourls_get_option( 'core_version_checks' );
        
        /* We don't want to check if :
         - last_result is set (a previous check was performed)
         - and it was less than 24h ago (or less than 2h ago if it wasn't successful)
         - and version checked matched version running
         Otherwise, we want to check.
        */
        if( !empty( $checks->last_result )
                AND
                ( 
                        ( $checks->failed_attempts == 0 && ( ( time() - $checks->last_attempt ) < 24 * 3600 ) )
                        OR
                        ( $checks->failed_attempts > 0  && ( ( time() - $checks->last_attempt ) <  2 * 3600 ) )
                )
                AND ( $checks->version_checked == YOURLS_VERSION )
        )
                return false;

        // We want to check if there's a new version
        $new_check = yourls_check_core_version();
        
        // Could not check for a new version, and we don't have ancient data
        if( false == $new_check && !isset( $checks->last_result->latest ) )
                return false;
        
        return true;
}