?AlkantarClanX12

Your IP : 216.73.217.134


Current Path : /home/rankinh/mariage-reunion-refonte/wp-content/plugins/backwpup/inc/
Upload File :
Current File : /home/rankinh/mariage-reunion-refonte/wp-content/plugins/backwpup/inc/class-file.php

<?php
/**
 * Class for methods for file/folder related things.
 *
 * @todo Please split this logic into two separated classes. One for File and another for dir.
 */
class BackWPup_File {

	/**
	 * Get the folder for blog uploads.
	 *
	 * @return string
	 */
	public static function get_upload_dir() {
		if ( is_multisite() ) {
			if ( defined( 'UPLOADBLOGSDIR' ) ) {
				return trailingslashit( BackWPup_Path_Fixer::slashify( ABSPATH . UPLOADBLOGSDIR ) );
			}
			if ( is_dir( trailingslashit( WP_CONTENT_DIR ) . 'uploads/sites' ) ) {
				return BackWPup_Path_Fixer::slashify( trailingslashit( WP_CONTENT_DIR ) . 'uploads/sites/' );
			}
			if ( is_dir( trailingslashit( WP_CONTENT_DIR ) . 'uploads' ) ) {
				return BackWPup_Path_Fixer::slashify( trailingslashit( WP_CONTENT_DIR ) . 'uploads/' );
			}

			return trailingslashit( BackWPup_Path_Fixer::slashify( WP_CONTENT_DIR ) );
		}
		$upload_dir = wp_upload_dir( null, false, true );

		return trailingslashit( BackWPup_Path_Fixer::slashify( $upload_dir['basedir'] ) );
	}

	/**
	 * Check if path is in open basedir.
	 *
	 * @param string $file The file path to check.
	 *
	 * @return bool Whether it is in open basedir.
	 */
	public static function is_in_open_basedir( $file ) {
		$ini_open_basedir = ini_get( 'open_basedir' );

		if ( empty( $ini_open_basedir ) ) {
			return true;
		}

		$open_base_dirs = explode( PATH_SEPARATOR, $ini_open_basedir );
		$file           = trailingslashit( strtolower( BackWPup_Path_Fixer::slashify( $file ) ) );

		foreach ( $open_base_dirs as $open_base_dir ) {
			if ( empty( $open_base_dir ) || ! realpath( $open_base_dir ) ) {
				continue;
			}

			$open_base_dir = realpath( $open_base_dir );
			$open_base_dir = strtolower( BackWPup_Path_Fixer::slashify( $open_base_dir ) );
			$part          = substr( $file, 0, strlen( $open_base_dir ) );
			if ( $part === $open_base_dir ) {
				return true;
			}
		}

		return false;
	}

	/**
	 * Get size of files in folder if enabled.
	 *
	 * @param string $folder The folder to calculate.
	 *
	 * @return string Folder size formatted in human readable format.
	 */
	public static function get_folder_size( $folder ) {

		/**
		 * Filter whether BackWPup will show the folder size.
		 *
		 * @param bool $show_folder_size whether BackWPup will show the folder size or not.
		 */
		$show_folder_size = wpm_apply_filters_typed( 'boolean', 'backwpup_show_folder_size', (bool) get_site_option( 'backwpup_cfg_showfoldersize' ) );

		if ( ! $show_folder_size ) {
			return '';
		}

		$files_size = 0;

		if ( ! is_readable( $folder ) ) {
			return self::format_size( $files_size );
		}

		$iterator = new RecursiveIteratorIterator( new BackWPup_Recursive_Directory( $folder, FilesystemIterator::SKIP_DOTS ) );

		foreach ( $iterator as $file ) {
			if ( ! $file->isLink() ) {
				$files_size += $file->getSize();
			}
		}

		return self::format_size( $files_size );
	}

	/**
	 * Format size in human readable format.
	 *
	 * @param int $size The size in bytes.
	 *
	 * @return string
	 */
	protected static function format_size( $size ): string {
		return ' (' . size_format( $size, 2 ) . ')';
	}

	/**
	 * Get an absolute path if it is relative.
	 *
	 * @param string $path The path to resolve.
	 *
	 * @return string
	 */
	public static function get_absolute_path( $path = '/' ) {
		$path         = BackWPup_Path_Fixer::slashify( $path );
		$content_path = trailingslashit( BackWPup_Path_Fixer::slashify( (string) WP_CONTENT_DIR ) );

		// Use WP_CONTENT_DIR as root folder.
		if ( empty( $path ) || '/' === $path ) {
			$path = $content_path;
		}

		// Make relative path to absolute.
		if ( '/' !== substr( $path, 0, 1 ) && ! preg_match( '#^[a-zA-Z]+:/#', $path ) ) {
			$path = $content_path . $path;
		}

		return self::resolve_path( $path );
	}

	/**
	 * Check if folder is readable and exists. Create it if not.
	 * Add .htaccess or index.html file in folder to prevent directory listing.
	 *
	 * @param string $folder      The folder to check.
	 * @param bool   $donotbackup Create a file that the folder will not be backed up.
	 *
	 * @return string Error message if any.
	 */
	public static function check_folder( string $folder, bool $donotbackup = false ): string {
		$folder = self::get_absolute_path( $folder );
		$folder = untrailingslashit( $folder );

		// Check that is not home of WP.
		$uploads = self::get_upload_dir();
		if ( untrailingslashit( BackWPup_Path_Fixer::slashify( ABSPATH ) ) === $folder
			|| untrailingslashit( BackWPup_Path_Fixer::slashify( dirname( ABSPATH ) ) ) === $folder
			|| untrailingslashit( BackWPup_Path_Fixer::slashify( WP_PLUGIN_DIR ) ) === $folder
			|| untrailingslashit( BackWPup_Path_Fixer::slashify( WP_CONTENT_DIR ) ) === $folder
			|| untrailingslashit( BackWPup_Path_Fixer::slashify( $uploads ) ) === $folder
		) {
			return sprintf(
				/* translators: %s: folder path. */
				__( 'Folder %1$s not allowed, please use another folder.', 'backwpup' ),
				$folder
			);
		}

		// Open base dir check.
		if ( ! self::is_in_open_basedir( $folder ) ) {
			return sprintf(
				/* translators: %s: folder path. */
				__( 'Folder %1$s is not in open basedir, please use another folder.', 'backwpup' ),
				$folder
			);
		}

		// We always want to at least process `$folder`.
		$folders_to_process = [ $folder ];
		$parent_folder      = dirname( $folder );

		while ( ! file_exists( $parent_folder ) ) {
			array_unshift( $folders_to_process, $parent_folder );
			$parent_folder = dirname( $parent_folder );
		}

		// Process each child folder separately.
		foreach ( $folders_to_process as $child_folder ) {
			if ( ! is_dir( $child_folder ) && ! wp_mkdir_p( $child_folder ) ) {
				return sprintf(
					/* translators: %s: folder path. */
					__( 'Cannot create folder: %1$s', 'backwpup' ),
					$child_folder
				);
			}

            // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_is_writable
			if ( ! is_writable( $child_folder ) ) {
				return sprintf(
					/* translators: %s: folder path. */
					__( 'Folder "%1$s" is not writable', 'backwpup' ),
					$child_folder
				);
			}

			// Create files for securing folder.
			/**
			 * Filter whether BackWPup will protect the folders.
			 *
			 * @param bool $protect_folders Whether the folder will be protect or not.
			 */
			$protect_folders = wpm_apply_filters_typed( 'boolean', 'backwpup_protect_folders', true );
			if ( $protect_folders ) {
				self::protect_folder( $child_folder ); // phpcs:ignore
			}

			// Create do not backup file for this folder.
			if ( $donotbackup ) {
				self::write_do_not_backup_file( $child_folder );
			}
		}

		return '';
	}

	/**
	 * Normalize a relative path.
	 *
	 * @param string $path The path to normalize.
	 *
	 * @return string The normalized path.
	 * @throws InvalidArgumentException If path is absolute or attempts to navigate above root.
	 */
	public static function normalize_path( string $path ): string {
		if ( 0 === strpos( $path, '/' ) ) {
			throw new InvalidArgumentException( 'Absolute paths are not allowed.' );
		}

		$parts      = explode( '/', $path );
		$normalized = [];

		foreach ( $parts as $part ) {
			if ( '..' === $part ) {
				if ( empty( $normalized ) ) {
					throw new InvalidArgumentException(
						'Invalid path: Attempting to navigate above the root directory.'
					);
				}
				array_pop( $normalized );
			} elseif ( '.' !== $part && '' !== $part ) {
				$normalized[] = $part;
			}
		}

		if ( empty( $normalized ) ) {
			throw new InvalidArgumentException( 'The path resolves to an empty path.' );
		}

		return implode( '/', $normalized );
	}

	/**
	 * Resolve internal .. within a path.
	 *
	 * @param string $path The path to resolve.
	 *
	 * @return string The resolved path
	 */
	protected static function resolve_path( $path ): string {
		$parts          = explode( '/', $path );
		$resolved_parts = [];

		foreach ( $parts as $part ) {
			if ( '..' === $part ) {
				if ( ! empty( $resolved_parts ) ) {
					array_pop( $resolved_parts );
				}
			} elseif ( '.' === $part ) {
				continue;
			} else {
				$resolved_parts[] = $part;
			}
		}

		return implode( '/', $resolved_parts );
	}

	/**
	 * Protect a folder from being listed.
	 *
	 * @param string $folder The folder to protect.
	 *
	 * @return void
	 */
	private static function protect_folder( string $folder ): void {
		$server_software = '';
		if ( isset( $_SERVER['SERVER_SOFTWARE'] ) ) {
			$server_software = sanitize_text_field( wp_unslash( $_SERVER['SERVER_SOFTWARE'] ) );
		}
		$server_software = strtolower( $server_software );

		if ( strstr( $server_software, 'microsoft-iis' ) ) {
			if ( ! file_exists( $folder . '/Web.config' ) ) {
				// phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_file_put_contents -- Writing small protection files in-place.
				file_put_contents(
					$folder . '/Web.config',
					'<configuration>' . PHP_EOL .
				"\t<system.webServer>" . PHP_EOL .
				"\t\t<authorization>" . PHP_EOL .
				"\t\t\t<deny users=\"*\" />" . PHP_EOL .
				"\t\t</authorization>" . PHP_EOL .
				"\t</system.webServer>" . PHP_EOL .
				'</configuration>'
				);
			}
		} elseif ( strstr( $server_software, 'nginx' ) ) {
			if ( ! file_exists( $folder . '/index.php' ) ) {
				// phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_file_put_contents -- Writing small protection files in-place.
				file_put_contents(
					$folder . '/index.php',
					'<?php' . PHP_EOL . "header( \$_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found' );" . PHP_EOL . "header( 'Status: 404 Not Found' );" . PHP_EOL
				);
			}
		} else {
			if ( ! file_exists( $folder . '/.htaccess' ) ) {
				// phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_file_put_contents -- Writing small protection files in-place.
				file_put_contents(
					$folder . '/.htaccess',
					'<Files "*">' . PHP_EOL . '<IfModule mod_access.c>' . PHP_EOL . 'Deny from all' . PHP_EOL . '</IfModule>' . PHP_EOL . '<IfModule !mod_access_compat>' . PHP_EOL . '<IfModule mod_authz_host.c>' . PHP_EOL . 'Deny from all' . PHP_EOL . '</IfModule>' . PHP_EOL . '</IfModule>' . PHP_EOL . '<IfModule mod_access_compat>' . PHP_EOL . 'Deny from all' . PHP_EOL . '</IfModule>' . PHP_EOL . '</Files>'
				);
			}
			if ( ! file_exists( $folder . '/index.php' ) ) {
				// phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_file_put_contents -- Writing small protection files in-place.
				file_put_contents(
					$folder . '/index.php',
					'<?php' . PHP_EOL . "header( \$_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found' );" . PHP_EOL . "header( 'Status: 404 Not Found' );" . PHP_EOL
				);
			}
		}
	}

	/**
	 * Write a marker file to exclude a folder from backups.
	 *
	 * @param string $folder The folder to exclude.
	 *
	 * @return void
	 */
	private static function write_do_not_backup_file( string $folder ): void {
		$do_not_backup_file = "{$folder}/.donotbackup";

		if ( ! file_exists( $do_not_backup_file ) ) {
			// phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_file_put_contents -- Writing small marker file in-place.
			file_put_contents(
				$do_not_backup_file,
				__(
					'BackWPup will not backup folders and its sub folders when this file is inside.',
					'backwpup'
				)
			);
		}
	}
}