1<?php
2/**
3 * A simple set of functions to check the WordPress.org Version Update service.
4 *
5 * @package WordPress
6 * @since 2.3.0
7 */
8
9// Don't load directly.
10if ( ! defined( 'ABSPATH' ) ) {
11 die( '-1' );
12}
13
14/**
15 * Checks WordPress version against the newest version.
16 *
17 * The WordPress version, PHP version, and locale is sent to api.wordpress.org.
18 *
19 * Checks against the WordPress server at api.wordpress.org. Will only check
20 * if WordPress isn't installing.
21 *
22 * @since 2.3.0
23 *
24 * @global wpdb $wpdb WordPress database abstraction object.
25 * @global string $wp_local_package Locale code of the package.
26 *
27 * @param array $extra_stats Extra statistics to report to the WordPress.org API.
28 * @param bool $force_check Whether to bypass the transient cache and force a fresh update check.
29 * Defaults to false, true if $extra_stats is set.
30 */
31function wp_version_check( $extra_stats = array(), $force_check = false ) {
32 global $wpdb, $wp_local_package;
33
34 if ( wp_installing() ) {
35 return;
36 }
37
38 $php_version = PHP_VERSION;
39
40 $current = get_site_transient( 'update_core' );
41 $translations = wp_get_installed_translations( 'core' );
42
43 // Invalidate the transient when $wp_version changes.
44 if ( is_object( $current ) && wp_get_wp_version() !== $current->version_checked ) {
45 $current = false;
46 }
47
48 if ( ! is_object( $current ) ) {
49 $current = new stdClass();
50 $current->updates = array();
51 $current->version_checked = wp_get_wp_version();
52 }
53
54 if ( ! empty( $extra_stats ) ) {
55 $force_check = true;
56 }
57
58 // Wait 1 minute between multiple version check requests.
59 $timeout = MINUTE_IN_SECONDS;
60 $time_not_changed = isset( $current->last_checked ) && $timeout > ( time() - $current->last_checked );
61
62 if ( ! $force_check && $time_not_changed ) {
63 return;
64 }
65
66 /**
67 * Filters the locale requested for WordPress core translations.
68 *
69 * @since 2.8.0
70 *
71 * @param string $locale Current locale.
72 */
73 $locale = apply_filters( 'core_version_check_locale', get_locale() );
74
75 // Update last_checked for current to prevent multiple blocking requests if request hangs.
76 $current->last_checked = time();
77 set_site_transient( 'update_core', $current );
78
79 if ( method_exists( $wpdb, 'db_server_info' ) ) {
80 $mysql_version = $wpdb->db_server_info();
81 } elseif ( method_exists( $wpdb, 'db_version' ) ) {
82 $mysql_version = preg_replace( '/[^0-9.].*/', '', $wpdb->db_version() );
83 } else {
84 $mysql_version = 'N/A';
85 }
86
87 if ( is_multisite() ) {
88 $num_blogs = get_blog_count();
89 $wp_install = network_site_url();
90 $multisite_enabled = 1;
91 } else {
92 $multisite_enabled = 0;
93 $num_blogs = 1;
94 $wp_install = home_url( '/' );
95 }
96
97 $extensions = get_loaded_extensions();
98 sort( $extensions, SORT_STRING | SORT_FLAG_CASE );
99 $query = array(
100 'version' => wp_get_wp_version(),
101 'php' => $php_version,
102 'locale' => $locale,
103 'mysql' => $mysql_version,
104 'local_package' => isset( $wp_local_package ) ? $wp_local_package : '',
105 'blogs' => $num_blogs,
106 'users' => get_user_count(),
107 'multisite_enabled' => $multisite_enabled,
108 'initial_db_version' => get_site_option( 'initial_db_version' ),
109 'myisam_tables' => array(),
110 'extensions' => array_combine( $extensions, array_map( 'phpversion', $extensions ) ),
111 'platform_flags' => array(
112 'os' => PHP_OS,
113 'bits' => PHP_INT_SIZE === 4 ? 32 : 64,
114 ),
115 'image_support' => array(),
116 );
117
118 // Check for default tables using the MyISAM engine.
119 $table_names = implode( "','", $wpdb->tables() );
120 $myisam_tables = $wpdb->get_results(
121 $wpdb->prepare(
122 // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- This query cannot use interpolation.
123 "SELECT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_SCHEMA = %s AND TABLE_NAME IN ('$table_names') AND ENGINE = %s;",
124 DB_NAME,
125 'MyISAM'
126 ),
127 OBJECT_K
128 );
129
130 if ( ! empty( $myisam_tables ) ) {
131 $all_unprefixed_tables = $wpdb->tables( 'all', false );
132
133 // Including the table prefix is not necessary.
134 $unprefixed_myisam_tables = array_reduce(
135 array_keys( $myisam_tables ),
136 function ( $carry, $prefixed_myisam_table ) use ( $all_unprefixed_tables ) {
137 foreach ( $all_unprefixed_tables as $unprefixed ) {
138 if ( str_ends_with( $prefixed_myisam_table, $unprefixed ) ) {
139 $carry[] = $unprefixed;
140 break;
141 }
142 }
143 return $carry;
144 },
145 array()
146 );
147
148 $query['myisam_tables'] = $unprefixed_myisam_tables;
149 }
150
151 if ( function_exists( 'gd_info' ) ) {
152 $gd_info = gd_info();
153 // Filter to supported values.
154 $gd_info = array_filter( $gd_info );
155
156 // Add data for GD WebP, AVIF, HEIC and JPEG XL support.
157 $query['image_support']['gd'] = array_keys(
158 array_filter(
159 array(
160 'webp' => isset( $gd_info['WebP Support'] ),
161 'avif' => isset( $gd_info['AVIF Support'] ),
162 'heic' => isset( $gd_info['HEIC Support'] ),
163 'jxl' => isset( $gd_info['JXL Support'] ),
164 )
165 )
166 );
167 }
168
169 if ( class_exists( 'Imagick' ) ) {
170 // Add data for Imagick WebP, AVIF, HEIC and JPEG XL support.
171 $query['image_support']['imagick'] = array_keys(
172 array_filter(
173 array(
174 'webp' => ! empty( Imagick::queryFormats( 'WEBP' ) ),
175 'avif' => ! empty( Imagick::queryFormats( 'AVIF' ) ),
176 'heic' => ! empty( Imagick::queryFormats( 'HEIC' ) ),
177 'jxl' => ! empty( Imagick::queryFormats( 'JXL' ) ),
178 )
179 )
180 );
181 }
182
183 /**
184 * Filters the query arguments sent as part of the core version check.
185 *
186 * WARNING: Changing this data may result in your site not receiving security updates.
187 * Please exercise extreme caution.
188 *
189 * @since 4.9.0
190 * @since 6.1.0 Added `$extensions`, `$platform_flags`, and `$image_support` to the `$query` parameter.
191 *
192 * @param array $query {
193 * Version check query arguments.
194 *
195 * @type string $version WordPress version number.
196 * @type string $php PHP version number.
197 * @type string $locale The locale to retrieve updates for.
198 * @type string $mysql MySQL version number.
199 * @type string $local_package The value of the $wp_local_package global, when set.
200 * @type int $blogs Number of sites on this WordPress installation.
201 * @type int $users Number of users on this WordPress installation.
202 * @type int $multisite_enabled Whether this WordPress installation uses Multisite.
203 * @type int $initial_db_version Database version of WordPress at time of installation.
204 * @type array $extensions List of PHP extensions and their versions.
205 * @type array $platform_flags List containing the operating system name and bit support.
206 * @type array $image_support List of image formats supported by GD and Imagick.
207 * }
208 */
209 $query = apply_filters( 'core_version_check_query_args', $query );
210
211 $post_body = array(
212 'translations' => wp_json_encode( $translations ),
213 );
214
215 if ( is_array( $extra_stats ) ) {
216 $post_body = array_merge( $post_body, $extra_stats );
217 }
218
219 // Allow for WP_AUTO_UPDATE_CORE to specify beta/RC/development releases.
220 if ( defined( 'WP_AUTO_UPDATE_CORE' )
221 && in_array( WP_AUTO_UPDATE_CORE, array( 'beta', 'rc', 'development', 'branch-development' ), true )
222 ) {
223 $query['channel'] = WP_AUTO_UPDATE_CORE;
224 }
225
226 $url = 'http://api.wordpress.org/core/version-check/1.7/?' . http_build_query( $query, '', '&' );
227 $http_url = $url;
228 $ssl = wp_http_supports( array( 'ssl' ) );
229
230 if ( $ssl ) {
231 $url = set_url_scheme( $url, 'https' );
232 }
233
234 $doing_cron = wp_doing_cron();
235
236 $options = array(
237 'timeout' => $doing_cron ? 30 : 3,
238 'user-agent' => 'WordPress/' . wp_get_wp_version() . '; ' . home_url( '/' ),
239 'headers' => array(
240 'wp_install' => $wp_install,
241 'wp_blog' => home_url( '/' ),
242 ),
243 'body' => $post_body,
244 );
245
246 $response = wp_remote_post( $url, $options );
247
248 if ( $ssl && is_wp_error( $response ) ) {
249 wp_trigger_error(
250 __FUNCTION__,
251 sprintf(
252 /* translators: %s: Support forums URL. */
253 __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ),
254 __( 'https://wordpress.org/support/forums/' )
255 ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ),
256 headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE
257 );
258 $response = wp_remote_post( $http_url, $options );
259 }
260
261 if ( is_wp_error( $response ) || 200 !== wp_remote_retrieve_response_code( $response ) ) {
262 return;
263 }
264
265 $body = trim( wp_remote_retrieve_body( $response ) );
266 $body = json_decode( $body, true );
267
268 if ( ! is_array( $body ) || ! isset( $body['offers'] ) ) {
269 return;
270 }
271
272 $offers = $body['offers'];
273
274 foreach ( $offers as &$offer ) {
275 foreach ( $offer as $offer_key => $value ) {
276 if ( 'packages' === $offer_key ) {
277 $offer['packages'] = (object) array_intersect_key(
278 array_map( 'esc_url', $offer['packages'] ),
279 array_fill_keys( array( 'full', 'no_content', 'new_bundled', 'partial', 'rollback' ), '' )
280 );
281 } elseif ( 'download' === $offer_key ) {
282 $offer['download'] = esc_url( $value );
283 } else {
284 $offer[ $offer_key ] = esc_html( $value );
285 }
286 }
287 $offer = (object) array_intersect_key(
288 $offer,
289 array_fill_keys(
290 array(
291 'response',
292 'download',
293 'locale',
294 'packages',
295 'current',
296 'version',
297 'php_version',
298 'mysql_version',
299 'new_bundled',
300 'partial_version',
301 'notify_email',
302 'support_email',
303 'new_files',
304 ),
305 ''
306 )
307 );
308 }
309
310 $updates = new stdClass();
311 $updates->updates = $offers;
312 $updates->last_checked = time();
313 $updates->version_checked = wp_get_wp_version();
314
315 if ( isset( $body['translations'] ) ) {
316 $updates->translations = $body['translations'];
317 }
318
319 set_site_transient( 'update_core', $updates );
320
321 if ( ! empty( $body['ttl'] ) ) {
322 $ttl = (int) $body['ttl'];
323
324 if ( $ttl && ( time() + $ttl < wp_next_scheduled( 'wp_version_check' ) ) ) {
325 // Queue an event to re-run the update check in $ttl seconds.
326 wp_schedule_single_event( time() + $ttl, 'wp_version_check' );
327 }
328 }
329
330 // Trigger background updates if running non-interactively, and we weren't called from the update handler.
331 if ( $doing_cron && ! doing_action( 'wp_maybe_auto_update' ) ) {
332 /**
333 * Fires during wp_cron, starting the auto-update process.
334 *
335 * @since 3.9.0
336 */
337 do_action( 'wp_maybe_auto_update' );
338 }
339}
340
341/**
342 * Checks for available updates to plugins based on the latest versions hosted on WordPress.org.
343 *
344 * Despite its name this function does not actually perform any updates, it only checks for available updates.
345 *
346 * A list of all plugins installed is sent to api.wordpress.org, along with the site locale.
347 *
348 * Checks against the WordPress server at api.wordpress.org. Will only check
349 * if WordPress isn't installing.
350 *
351 * @since 2.3.0
352 *
353 * @param array $extra_stats Extra statistics to report to the WordPress.org API.
354 */
355function wp_update_plugins( $extra_stats = array() ) {
356 if ( wp_installing() ) {
357 return;
358 }
359
360 // If running blog-side, bail unless we've not checked in the last 12 hours.
361 if ( ! function_exists( 'get_plugins' ) ) {
362 require_once ABSPATH . 'wp-admin/includes/plugin.php';
363 }
364
365 $plugins = get_plugins();
366 $translations = wp_get_installed_translations( 'plugins' );
367
368 $active = get_option( 'active_plugins', array() );
369 $current = get_site_transient( 'update_plugins' );
370
371 if ( ! is_object( $current ) ) {
372 $current = new stdClass();
373 }
374
375 $doing_cron = wp_doing_cron();
376
377 // Check for update on a different schedule, depending on the page.
378 switch ( current_filter() ) {
379 case 'upgrader_process_complete':
380 $timeout = 0;
381 break;
382 case 'load-update-core.php':
383 $timeout = MINUTE_IN_SECONDS;
384 break;
385 case 'load-plugins.php':
386 case 'load-update.php':
387 $timeout = HOUR_IN_SECONDS;
388 break;
389 default:
390 if ( $doing_cron ) {
391 $timeout = 2 * HOUR_IN_SECONDS;
392 } else {
393 $timeout = 12 * HOUR_IN_SECONDS;
394 }
395 }
396
397 $time_not_changed = isset( $current->last_checked ) && $timeout > ( time() - $current->last_checked );
398
399 if ( $time_not_changed && ! $extra_stats ) {
400 $plugin_changed = false;
401
402 foreach ( $plugins as $file => $p ) {
403 if ( ! isset( $current->checked[ $file ] ) || (string) $current->checked[ $file ] !== (string) $p['Version'] ) {
404 $plugin_changed = true;
405 }
406 }
407
408 if ( isset( $current->response ) && is_array( $current->response ) ) {
409 foreach ( $current->response as $plugin_file => $update_details ) {
410 if ( ! isset( $plugins[ $plugin_file ] ) ) {
411 $plugin_changed = true;
412 break;
413 }
414 }
415 }
416
417 // Bail if we've checked recently and if nothing has changed.
418 if ( ! $plugin_changed ) {
419 return;
420 }
421 }
422
423 // Update last_checked for current to prevent multiple blocking requests if request hangs.
424 $current->last_checked = time();
425 set_site_transient( 'update_plugins', $current );
426
427 $to_send = compact( 'plugins', 'active' );
428
429 $locales = array_values( get_available_languages() );
430
431 /**
432 * Filters the locales requested for plugin translations.
433 *
434 * @since 3.7.0
435 * @since 4.5.0 The default value of the `$locales` parameter changed to include all locales.
436 *
437 * @param string[] $locales Plugin locales. Default is all available locales of the site.
438 */
439 $locales = apply_filters( 'plugins_update_check_locales', $locales );
440 $locales = array_unique( $locales );
441
442 if ( $doing_cron ) {
443 $timeout = 30; // 30 seconds.
444 } else {
445 // Three seconds, plus one extra second for every 10 plugins.
446 $timeout = 3 + (int) ( count( $plugins ) / 10 );
447 }
448
449 $options = array(
450 'timeout' => $timeout,
451 'body' => array(
452 'plugins' => wp_json_encode( $to_send ),
453 'translations' => wp_json_encode( $translations ),
454 'locale' => wp_json_encode( $locales ),
455 'all' => wp_json_encode( true ),
456 ),
457 'user-agent' => 'WordPress/' . wp_get_wp_version() . '; ' . home_url( '/' ),
458 );
459
460 if ( $extra_stats ) {
461 $options['body']['update_stats'] = wp_json_encode( $extra_stats );
462 }
463
464 $url = 'http://api.wordpress.org/plugins/update-check/1.1/';
465 $http_url = $url;
466 $ssl = wp_http_supports( array( 'ssl' ) );
467
468 if ( $ssl ) {
469 $url = set_url_scheme( $url, 'https' );
470 }
471
472 $raw_response = wp_remote_post( $url, $options );
473
474 if ( $ssl && is_wp_error( $raw_response ) ) {
475 wp_trigger_error(
476 __FUNCTION__,
477 sprintf(
478 /* translators: %s: Support forums URL. */
479 __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ),
480 __( 'https://wordpress.org/support/forums/' )
481 ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ),
482 headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE
483 );
484 $raw_response = wp_remote_post( $http_url, $options );
485 }
486
487 if ( is_wp_error( $raw_response ) || 200 !== wp_remote_retrieve_response_code( $raw_response ) ) {
488 return;
489 }
490
491 $updates = new stdClass();
492 $updates->last_checked = time();
493 $updates->response = array();
494 $updates->translations = array();
495 $updates->no_update = array();
496 foreach ( $plugins as $file => $p ) {
497 $updates->checked[ $file ] = $p['Version'];
498 }
499
500 $response = json_decode( wp_remote_retrieve_body( $raw_response ), true );
501
502 if ( $response && is_array( $response ) ) {
503 $updates->response = $response['plugins'];
504 $updates->translations = $response['translations'];
505 $updates->no_update = $response['no_update'];
506 }
507
508 // Support updates for any plugins using the `Update URI` header field.
509 foreach ( $plugins as $plugin_file => $plugin_data ) {
510 if ( ! $plugin_data['UpdateURI'] || isset( $updates->response[ $plugin_file ] ) ) {
511 continue;
512 }
513
514 $hostname = wp_parse_url( sanitize_url( $plugin_data['UpdateURI'] ), PHP_URL_HOST );
515
516 /**
517 * Filters the update response for a given plugin hostname.
518 *
519 * The dynamic portion of the hook name, `$hostname`, refers to the hostname
520 * of the URI specified in the `Update URI` header field.
521 *
522 * @since 5.8.0
523 *
524 * @param array|false $update {
525 * The plugin update data with the latest details. Default false.
526 *
527 * @type string $id Optional. ID of the plugin for update purposes, should be a URI
528 * specified in the `Update URI` header field.
529 * @type string $slug Slug of the plugin.
530 * @type string $version The version of the plugin.
531 * @type string $url The URL for details of the plugin.
532 * @type string $package Optional. The update ZIP for the plugin.
533 * @type string $tested Optional. The version of WordPress the plugin is tested against.
534 * @type string $requires_php Optional. The version of PHP which the plugin requires.
535 * @type bool $autoupdate Optional. Whether the plugin should automatically update.
536 * @type string[] $icons Optional. Array of plugin icons.
537 * @type string[] $banners Optional. Array of plugin banners.
538 * @type string[] $banners_rtl Optional. Array of plugin RTL banners.
539 * @type array $translations {
540 * Optional. List of translation updates for the plugin.
541 *
542 * @type string $language The language the translation update is for.
543 * @type string $version The version of the plugin this translation is for.
544 * This is not the version of the language file.
545 * @type string $updated The update timestamp of the translation file.
546 * Should be a date in the `YYYY-MM-DD HH:MM:SS` format.
547 * @type string $package The ZIP location containing the translation update.
548 * @type string $autoupdate Whether the translation should be automatically installed.
549 * }
550 * }
551 * @param array $plugin_data Plugin headers.
552 * @param string $plugin_file Plugin filename.
553 * @param string[] $locales Installed locales to look up translations for.
554 */
555 $update = apply_filters( "update_plugins_{$hostname}", false, $plugin_data, $plugin_file, $locales );
556
557 if ( ! $update ) {
558 continue;
559 }
560
561 $update = (object) $update;
562
563 // Is it valid? We require at least a version.
564 if ( ! isset( $update->version ) ) {
565 continue;
566 }
567
568 // These should remain constant.
569 $update->id = $plugin_data['UpdateURI'];
570 $update->plugin = $plugin_file;
571
572 // WordPress needs the version field specified as 'new_version'.
573 if ( ! isset( $update->new_version ) ) {
574 $update->new_version = $update->version;
575 }
576
577 // Handle any translation updates.
578 if ( ! empty( $update->translations ) ) {
579 foreach ( $update->translations as $translation ) {
580 if ( isset( $translation['language'], $translation['package'] ) ) {
581 $translation['type'] = 'plugin';
582 $translation['slug'] = isset( $update->slug ) ? $update->slug : $update->id;
583
584 $updates->translations[] = $translation;
585 }
586 }
587 }
588
589 unset( $updates->no_update[ $plugin_file ], $updates->response[ $plugin_file ] );
590
591 if ( version_compare( $update->new_version, $plugin_data['Version'], '>' ) ) {
592 $updates->response[ $plugin_file ] = $update;
593 } else {
594 $updates->no_update[ $plugin_file ] = $update;
595 }
596 }
597
598 $sanitize_plugin_update_payload = static function ( &$item ) {
599 $item = (object) $item;
600
601 unset( $item->translations, $item->compatibility );
602
603 return $item;
604 };
605
606 array_walk( $updates->response, $sanitize_plugin_update_payload );
607 array_walk( $updates->no_update, $sanitize_plugin_update_payload );
608
609 set_site_transient( 'update_plugins', $updates );
610}
611
612/**
613 * Checks for available updates to themes based on the latest versions hosted on WordPress.org.
614 *
615 * Despite its name this function does not actually perform any updates, it only checks for available updates.
616 *
617 * A list of all themes installed is sent to api.wordpress.org, along with the site locale.
618 *
619 * Checks against the WordPress server at api.wordpress.org. Will only check
620 * if WordPress isn't installing.
621 *
622 * @since 2.7.0
623 *
624 * @param array $extra_stats Extra statistics to report to the WordPress.org API.
625 */
626function wp_update_themes( $extra_stats = array() ) {
627 if ( wp_installing() ) {
628 return;
629 }
630
631 $installed_themes = wp_get_themes();
632 $translations = wp_get_installed_translations( 'themes' );
633
634 $last_update = get_site_transient( 'update_themes' );
635
636 if ( ! is_object( $last_update ) ) {
637 $last_update = new stdClass();
638 }
639
640 $themes = array();
641 $checked = array();
642 $request = array();
643
644 // Put slug of active theme into request.
645 $request['active'] = get_option( 'stylesheet' );
646
647 foreach ( $installed_themes as $theme ) {
648 $checked[ $theme->get_stylesheet() ] = $theme->get( 'Version' );
649
650 $themes[ $theme->get_stylesheet() ] = array(
651 'Name' => $theme->get( 'Name' ),
652 'Title' => $theme->get( 'Name' ),
653 'Version' => $theme->get( 'Version' ),
654 'Author' => $theme->get( 'Author' ),
655 'Author URI' => $theme->get( 'AuthorURI' ),
656 'UpdateURI' => $theme->get( 'UpdateURI' ),
657 'Template' => $theme->get_template(),
658 'Stylesheet' => $theme->get_stylesheet(),
659 );
660 }
661
662 $doing_cron = wp_doing_cron();
663
664 // Check for update on a different schedule, depending on the page.
665 switch ( current_filter() ) {
666 case 'upgrader_process_complete':
667 $timeout = 0;
668 break;
669 case 'load-update-core.php':
670 $timeout = MINUTE_IN_SECONDS;
671 break;
672 case 'load-themes.php':
673 case 'load-update.php':
674 $timeout = HOUR_IN_SECONDS;
675 break;
676 default:
677 if ( $doing_cron ) {
678 $timeout = 2 * HOUR_IN_SECONDS;
679 } else {
680 $timeout = 12 * HOUR_IN_SECONDS;
681 }
682 }
683
684 $time_not_changed = isset( $last_update->last_checked ) && $timeout > ( time() - $last_update->last_checked );
685
686 if ( $time_not_changed && ! $extra_stats ) {
687 $theme_changed = false;
688
689 foreach ( $checked as $slug => $v ) {
690 if ( ! isset( $last_update->checked[ $slug ] ) || (string) $last_update->checked[ $slug ] !== (string) $v ) {
691 $theme_changed = true;
692 }
693 }
694
695 if ( isset( $last_update->response ) && is_array( $last_update->response ) ) {
696 foreach ( $last_update->response as $slug => $update_details ) {
697 if ( ! isset( $checked[ $slug ] ) ) {
698 $theme_changed = true;
699 break;
700 }
701 }
702 }
703
704 // Bail if we've checked recently and if nothing has changed.
705 if ( ! $theme_changed ) {
706 return;
707 }
708 }
709
710 // Update last_checked for current to prevent multiple blocking requests if request hangs.
711 $last_update->last_checked = time();
712 set_site_transient( 'update_themes', $last_update );
713
714 $request['themes'] = $themes;
715
716 $locales = array_values( get_available_languages() );
717
718 /**
719 * Filters the locales requested for theme translations.
720 *
721 * @since 3.7.0
722 * @since 4.5.0 The default value of the `$locales` parameter changed to include all locales.
723 *
724 * @param string[] $locales Theme locales. Default is all available locales of the site.
725 */
726 $locales = apply_filters( 'themes_update_check_locales', $locales );
727 $locales = array_unique( $locales );
728
729 if ( $doing_cron ) {
730 $timeout = 30; // 30 seconds.
731 } else {
732 // Three seconds, plus one extra second for every 10 themes.
733 $timeout = 3 + (int) ( count( $themes ) / 10 );
734 }
735
736 $options = array(
737 'timeout' => $timeout,
738 'body' => array(
739 'themes' => wp_json_encode( $request ),
740 'translations' => wp_json_encode( $translations ),
741 'locale' => wp_json_encode( $locales ),
742 ),
743 'user-agent' => 'WordPress/' . wp_get_wp_version() . '; ' . home_url( '/' ),
744 );
745
746 if ( $extra_stats ) {
747 $options['body']['update_stats'] = wp_json_encode( $extra_stats );
748 }
749
750 $url = 'http://api.wordpress.org/themes/update-check/1.1/';
751 $http_url = $url;
752 $ssl = wp_http_supports( array( 'ssl' ) );
753
754 if ( $ssl ) {
755 $url = set_url_scheme( $url, 'https' );
756 }
757
758 $raw_response = wp_remote_post( $url, $options );
759
760 if ( $ssl && is_wp_error( $raw_response ) ) {
761 wp_trigger_error(
762 __FUNCTION__,
763 sprintf(
764 /* translators: %s: Support forums URL. */
765 __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ),
766 __( 'https://wordpress.org/support/forums/' )
767 ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ),
768 headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE
769 );
770 $raw_response = wp_remote_post( $http_url, $options );
771 }
772
773 if ( is_wp_error( $raw_response ) || 200 !== wp_remote_retrieve_response_code( $raw_response ) ) {
774 return;
775 }
776
777 $new_update = new stdClass();
778 $new_update->last_checked = time();
779 $new_update->checked = $checked;
780
781 $response = json_decode( wp_remote_retrieve_body( $raw_response ), true );
782
783 if ( is_array( $response ) ) {
784 $new_update->response = $response['themes'];
785 $new_update->no_update = $response['no_update'];
786 $new_update->translations = $response['translations'];
787 }
788
789 // Support updates for any themes using the `Update URI` header field.
790 foreach ( $themes as $theme_stylesheet => $theme_data ) {
791 if ( ! $theme_data['UpdateURI'] || isset( $new_update->response[ $theme_stylesheet ] ) ) {
792 continue;
793 }
794
795 $hostname = wp_parse_url( sanitize_url( $theme_data['UpdateURI'] ), PHP_URL_HOST );
796
797 /**
798 * Filters the update response for a given theme hostname.
799 *
800 * The dynamic portion of the hook name, `$hostname`, refers to the hostname
801 * of the URI specified in the `Update URI` header field.
802 *
803 * @since 6.1.0
804 *
805 * @param array|false $update {
806 * The theme update data with the latest details. Default false.
807 *
808 * @type string $id Optional. ID of the theme for update purposes, should be a URI
809 * specified in the `Update URI` header field.
810 * @type string $theme Directory name of the theme.
811 * @type string $version The version of the theme.
812 * @type string $url The URL for details of the theme.
813 * @type string $package Optional. The update ZIP for the theme.
814 * @type string $tested Optional. The version of WordPress the theme is tested against.
815 * @type string $requires_php Optional. The version of PHP which the theme requires.
816 * @type bool $autoupdate Optional. Whether the theme should automatically update.
817 * @type array $translations {
818 * Optional. List of translation updates for the theme.
819 *
820 * @type string $language The language the translation update is for.
821 * @type string $version The version of the theme this translation is for.
822 * This is not the version of the language file.
823 * @type string $updated The update timestamp of the translation file.
824 * Should be a date in the `YYYY-MM-DD HH:MM:SS` format.
825 * @type string $package The ZIP location containing the translation update.
826 * @type string $autoupdate Whether the translation should be automatically installed.
827 * }
828 * }
829 * @param array $theme_data Theme headers.
830 * @param string $theme_stylesheet Theme stylesheet.
831 * @param string[] $locales Installed locales to look up translations for.
832 */
833 $update = apply_filters( "update_themes_{$hostname}", false, $theme_data, $theme_stylesheet, $locales );
834
835 if ( ! $update ) {
836 continue;
837 }
838
839 $update = (object) $update;
840
841 // Is it valid? We require at least a version.
842 if ( ! isset( $update->version ) ) {
843 continue;
844 }
845
846 // This should remain constant.
847 $update->id = $theme_data['UpdateURI'];
848
849 // WordPress needs the version field specified as 'new_version'.
850 if ( ! isset( $update->new_version ) ) {
851 $update->new_version = $update->version;
852 }
853
854 // Handle any translation updates.
855 if ( ! empty( $update->translations ) ) {
856 foreach ( $update->translations as $translation ) {
857 if ( isset( $translation['language'], $translation['package'] ) ) {
858 $translation['type'] = 'theme';
859 $translation['slug'] = isset( $update->theme ) ? $update->theme : $update->id;
860
861 $new_update->translations[] = $translation;
862 }
863 }
864 }
865
866 unset( $new_update->no_update[ $theme_stylesheet ], $new_update->response[ $theme_stylesheet ] );
867
868 if ( version_compare( $update->new_version, $theme_data['Version'], '>' ) ) {
869 $new_update->response[ $theme_stylesheet ] = (array) $update;
870 } else {
871 $new_update->no_update[ $theme_stylesheet ] = (array) $update;
872 }
873 }
874
875 set_site_transient( 'update_themes', $new_update );
876}
877
878/**
879 * Performs WordPress automatic background updates.
880 *
881 * Updates WordPress core plus any plugins and themes that have automatic updates enabled.
882 *
883 * @since 3.7.0
884 */
885function wp_maybe_auto_update() {
886 require_once ABSPATH . 'wp-admin/includes/admin.php';
887 require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
888
889 $upgrader = new WP_Automatic_Updater();
890 $upgrader->run();
891}
892
893/**
894 * Retrieves a list of all language updates available.
895 *
896 * @since 3.7.0
897 *
898 * @return object[] Array of translation objects that have available updates.
899 */
900function wp_get_translation_updates() {
901 $updates = array();
902 $transients = array(
903 'update_core' => 'core',
904 'update_plugins' => 'plugin',
905 'update_themes' => 'theme',
906 );
907
908 foreach ( $transients as $transient => $type ) {
909 $transient = get_site_transient( $transient );
910
911 if ( empty( $transient->translations ) ) {
912 continue;
913 }
914
915 foreach ( $transient->translations as $translation ) {
916 $updates[] = (object) $translation;
917 }
918 }
919
920 return $updates;
921}
922
923/**
924 * Collects counts and UI strings for available updates.
925 *
926 * @since 3.3.0
927 *
928 * @return array {
929 * Fetched update data.
930 *
931 * @type int[] $counts An array of counts for available plugin, theme, and WordPress updates.
932 * @type string $update_title Titles of available updates.
933 * }
934 */
935function wp_get_update_data() {
936 $counts = array(
937 'plugins' => 0,
938 'themes' => 0,
939 'wordpress' => 0,
940 'translations' => 0,
941 );
942
943 $plugins = current_user_can( 'update_plugins' );
944
945 if ( $plugins ) {
946 $update_plugins = get_site_transient( 'update_plugins' );
947
948 if ( ! empty( $update_plugins->response ) ) {
949 $counts['plugins'] = count( $update_plugins->response );
950 }
951 }
952
953 $themes = current_user_can( 'update_themes' );
954
955 if ( $themes ) {
956 $update_themes = get_site_transient( 'update_themes' );
957
958 if ( ! empty( $update_themes->response ) ) {
959 $counts['themes'] = count( $update_themes->response );
960 }
961 }
962
963 $core = current_user_can( 'update_core' );
964
965 if ( $core && function_exists( 'get_core_updates' ) ) {
966 $update_wordpress = get_core_updates( array( 'dismissed' => false ) );
967
968 if ( ! empty( $update_wordpress )
969 && ! in_array( $update_wordpress[0]->response, array( 'development', 'latest' ), true )
970 && current_user_can( 'update_core' )
971 ) {
972 $counts['wordpress'] = 1;
973 }
974 }
975
976 if ( ( $core || $plugins || $themes ) && wp_get_translation_updates() ) {
977 $counts['translations'] = 1;
978 }
979
980 $counts['total'] = $counts['plugins'] + $counts['themes'] + $counts['wordpress'] + $counts['translations'];
981 $titles = array();
982
983 if ( $counts['wordpress'] ) {
984 /* translators: %d: Number of available WordPress updates. */
985 $titles['wordpress'] = sprintf( __( '%d WordPress Update' ), $counts['wordpress'] );
986 }
987
988 if ( $counts['plugins'] ) {
989 /* translators: %d: Number of available plugin updates. */
990 $titles['plugins'] = sprintf( _n( '%d Plugin Update', '%d Plugin Updates', $counts['plugins'] ), $counts['plugins'] );
991 }
992
993 if ( $counts['themes'] ) {
994 /* translators: %d: Number of available theme updates. */
995 $titles['themes'] = sprintf( _n( '%d Theme Update', '%d Theme Updates', $counts['themes'] ), $counts['themes'] );
996 }
997
998 if ( $counts['translations'] ) {
999 $titles['translations'] = __( 'Translation Updates' );
1000 }
1001
1002 $update_title = $titles ? esc_attr( implode( ', ', $titles ) ) : '';
1003
1004 $update_data = array(
1005 'counts' => $counts,
1006 'title' => $update_title,
1007 );
1008 /**
1009 * Filters the returned array of update data for plugins, themes, and WordPress core.
1010 *
1011 * @since 3.5.0
1012 *
1013 * @param array $update_data {
1014 * Fetched update data.
1015 *
1016 * @type int[] $counts An array of counts for available plugin, theme, and WordPress updates.
1017 * @type string $update_title Titles of available updates.
1018 * }
1019 * @param array $titles An array of update counts and UI strings for available updates.
1020 */
1021 return apply_filters( 'wp_get_update_data', $update_data, $titles );
1022}
1023
1024/**
1025 * Determines whether core should be updated.
1026 *
1027 * @since 2.8.0
1028 */
1029function _maybe_update_core() {
1030 $current = get_site_transient( 'update_core' );
1031
1032 if ( isset( $current->last_checked, $current->version_checked )
1033 && 12 * HOUR_IN_SECONDS > ( time() - $current->last_checked )
1034 && wp_get_wp_version() === $current->version_checked
1035 ) {
1036 return;
1037 }
1038
1039 wp_version_check();
1040}
1041/**
1042 * Checks the last time plugins were run before checking plugin versions.
1043 *
1044 * This might have been backported to WordPress 2.6.1 for performance reasons.
1045 * This is used for the wp-admin to check only so often instead of every page
1046 * load.
1047 *
1048 * @since 2.7.0
1049 * @access private
1050 */
1051function _maybe_update_plugins() {
1052 $current = get_site_transient( 'update_plugins' );
1053
1054 if ( isset( $current->last_checked )
1055 && 12 * HOUR_IN_SECONDS > ( time() - $current->last_checked )
1056 ) {
1057 return;
1058 }
1059
1060 wp_update_plugins();
1061}
1062
1063/**
1064 * Checks themes versions only after a duration of time.
1065 *
1066 * This is for performance reasons to make sure that on the theme version
1067 * checker is not run on every page load.
1068 *
1069 * @since 2.7.0
1070 * @access private
1071 */
1072function _maybe_update_themes() {
1073 $current = get_site_transient( 'update_themes' );
1074
1075 if ( isset( $current->last_checked )
1076 && 12 * HOUR_IN_SECONDS > ( time() - $current->last_checked )
1077 ) {
1078 return;
1079 }
1080
1081 wp_update_themes();
1082}
1083
1084/**
1085 * Schedules core, theme, and plugin update checks.
1086 *
1087 * @since 3.1.0
1088 */
1089function wp_schedule_update_checks() {
1090 if ( ! wp_next_scheduled( 'wp_version_check' ) && ! wp_installing() ) {
1091 wp_schedule_event( time(), 'twicedaily', 'wp_version_check' );
1092 }
1093
1094 if ( ! wp_next_scheduled( 'wp_update_plugins' ) && ! wp_installing() ) {
1095 wp_schedule_event( time(), 'twicedaily', 'wp_update_plugins' );
1096 }
1097
1098 if ( ! wp_next_scheduled( 'wp_update_themes' ) && ! wp_installing() ) {
1099 wp_schedule_event( time(), 'twicedaily', 'wp_update_themes' );
1100 }
1101}
1102
1103/**
1104 * Clears existing update caches for plugins, themes, and core.
1105 *
1106 * @since 4.1.0
1107 */
1108function wp_clean_update_cache() {
1109 if ( function_exists( 'wp_clean_plugins_cache' ) ) {
1110 wp_clean_plugins_cache();
1111 } else {
1112 delete_site_transient( 'update_plugins' );
1113 }
1114
1115 wp_clean_themes_cache();
1116
1117 delete_site_transient( 'update_core' );
1118}
1119
1120/**
1121 * Schedules the removal of all contents in the temporary backup directory.
1122 *
1123 * @since 6.3.0
1124 */
1125function wp_delete_all_temp_backups() {
1126 /*
1127 * Check if there is a lock, or if currently performing an Ajax request,
1128 * in which case there is a chance an update is running.
1129 * Reschedule for an hour from now and exit early.
1130 */
1131 if ( get_option( 'core_updater.lock' ) || get_option( 'auto_updater.lock' ) || wp_doing_ajax() ) {
1132 wp_schedule_single_event( time() + HOUR_IN_SECONDS, 'wp_delete_temp_updater_backups' );
1133 return;
1134 }
1135
1136 // This action runs on shutdown to make sure there are no plugin updates currently running.
1137 add_action( 'shutdown', '_wp_delete_all_temp_backups' );
1138}
1139
1140/**
1141 * Deletes all contents in the temporary backup directory.
1142 *
1143 * @since 6.3.0
1144 *
1145 * @access private
1146 *
1147 * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
1148 */
1149function _wp_delete_all_temp_backups() {
1150 global $wp_filesystem;
1151
1152 if ( ! function_exists( 'WP_Filesystem' ) ) {
1153 require_once ABSPATH . 'wp-admin/includes/file.php';
1154 }
1155
1156 ob_start();
1157 $credentials = request_filesystem_credentials( '' );
1158 ob_end_clean();
1159
1160 if ( false === $credentials || ! WP_Filesystem( $credentials ) ) {
1161 wp_trigger_error( __FUNCTION__, __( 'Could not access filesystem.' ) );
1162 return;
1163 }
1164
1165 if ( ! $wp_filesystem->wp_content_dir() ) {
1166 wp_trigger_error(
1167 __FUNCTION__,
1168 /* translators: %s: Directory name. */
1169 sprintf( __( 'Unable to locate WordPress content directory (%s).' ), 'wp-content' )
1170 );
1171 return;
1172 }
1173
1174 $temp_backup_dir = $wp_filesystem->wp_content_dir() . 'upgrade-temp-backup/';
1175 $dirlist = $wp_filesystem->dirlist( $temp_backup_dir );
1176 $dirlist = $dirlist ? $dirlist : array();
1177
1178 foreach ( array_keys( $dirlist ) as $dir ) {
1179 if ( '.' === $dir || '..' === $dir ) {
1180 continue;
1181 }
1182
1183 $wp_filesystem->delete( $temp_backup_dir . $dir, true );
1184 }
1185}
1186
1187if ( ( ! is_main_site() && ! is_network_admin() ) || wp_doing_ajax() ) {
1188 return;
1189}
1190
1191add_action( 'admin_init', '_maybe_update_core' );
1192add_action( 'wp_version_check', 'wp_version_check' );
1193
1194add_action( 'load-plugins.php', 'wp_update_plugins' );
1195add_action( 'load-update.php', 'wp_update_plugins' );
1196add_action( 'load-update-core.php', 'wp_update_plugins' );
1197add_action( 'admin_init', '_maybe_update_plugins' );
1198add_action( 'wp_update_plugins', 'wp_update_plugins' );
1199
1200add_action( 'load-themes.php', 'wp_update_themes' );
1201add_action( 'load-update.php', 'wp_update_themes' );
1202add_action( 'load-update-core.php', 'wp_update_themes' );
1203add_action( 'admin_init', '_maybe_update_themes' );
1204add_action( 'wp_update_themes', 'wp_update_themes' );
1205
1206add_action( 'update_option_WPLANG', 'wp_clean_update_cache', 10, 0 );
1207
1208add_action( 'wp_maybe_auto_update', 'wp_maybe_auto_update' );
1209
1210add_action( 'init', 'wp_schedule_update_checks' );
1211
1212add_action( 'wp_delete_temp_updater_backups', 'wp_delete_all_temp_backups' );
1213