shell bypass 403
<?php
/**
* Cloud service cls
*
* @since 3.0
*/
namespace LiteSpeed;
defined('WPINC') || exit();
class Cloud extends Base
{
const LOG_TAG = '❄️';
const CLOUD_SERVER = 'https://api.quic.cloud';
const CLOUD_IPS = 'https://quic.cloud/ips';
const CLOUD_SERVER_DASH = 'https://my.quic.cloud';
const CLOUD_SERVER_WP = 'https://wpapi.quic.cloud';
const SVC_D_ACTIVATE = 'd/activate';
const SVC_U_ACTIVATE = 'u/wp3/activate';
const SVC_D_ENABLE_CDN = 'd/enable_cdn';
const SVC_D_LINK = 'd/link';
const SVC_D_API = 'd/api';
const SVC_D_DASH = 'd/dash';
const SVC_D_V3UPGRADE = 'd/v3upgrade';
const SVC_U_LINK = 'u/wp3/link';
const SVC_U_ENABLE_CDN = 'u/wp3/enablecdn';
const SVC_D_STATUS_CDN_CLI = 'd/status/cdn_cli';
const SVC_D_NODES = 'd/nodes';
const SVC_D_SYNC_CONF = 'd/sync_conf';
const SVC_D_USAGE = 'd/usage';
const SVC_D_SETUP_TOKEN = 'd/get_token';
const SVC_D_DEL_CDN_DNS = 'd/del_cdn_dns';
const SVC_PAGE_OPTM = 'page_optm';
const SVC_CCSS = 'ccss';
const SVC_UCSS = 'ucss';
const SVC_VPI = 'vpi';
const SVC_LQIP = 'lqip';
const SVC_QUEUE = 'queue';
const SVC_IMG_OPTM = 'img_optm';
const SVC_HEALTH = 'health';
const SVC_CDN = 'cdn';
const IMG_OPTM_DEFAULT_GROUP = 200;
const IMGOPTM_TAKEN = 'img_optm-taken';
const TTL_NODE = 3; // Days before node expired
const EXPIRATION_REQ = 300; // Seconds of min interval between two unfinished requests
const TTL_IPS = 3; // Days for node ip list cache
const API_REPORT = 'wp/report';
const API_NEWS = 'news';
const API_VER = 'ver_check';
const API_BETA_TEST = 'beta_test';
const API_REST_ECHO = 'tool/wp_rest_echo';
const API_SERVER_KEY_SIGN = 'key_sign';
private static $CENTER_SVC_SET = array(
self::SVC_D_ACTIVATE,
self::SVC_U_ACTIVATE,
self::SVC_D_ENABLE_CDN,
self::SVC_D_LINK,
self::SVC_D_NODES,
self::SVC_D_SYNC_CONF,
self::SVC_D_USAGE,
self::SVC_D_API,
self::SVC_D_V3UPGRADE,
self::SVC_D_DASH,
self::SVC_D_STATUS_CDN_CLI,
// self::API_NEWS,
self::API_REPORT,
// self::API_VER,
// self::API_BETA_TEST,
self::SVC_D_SETUP_TOKEN,
self::SVC_D_DEL_CDN_DNS,
);
private static $WP_SVC_SET = array(self::API_NEWS, self::API_VER, self::API_BETA_TEST, self::API_REST_ECHO);
// No api key needed for these services
private static $_PUB_SVC_SET = array(self::API_NEWS, self::API_REPORT, self::API_VER, self::API_BETA_TEST, self::API_REST_ECHO, self::SVC_D_V3UPGRADE, self::SVC_D_DASH);
private static $_QUEUE_SVC_SET = array(self::SVC_CCSS, self::SVC_UCSS, self::SVC_VPI);
public static $SERVICES_LOAD_CHECK = array(
// self::SVC_CCSS,
// self::SVC_UCSS,
// self::SVC_VPI,
self::SVC_LQIP,
self::SVC_HEALTH,
);
public static $SERVICES = array(
self::SVC_IMG_OPTM,
self::SVC_PAGE_OPTM,
self::SVC_CCSS,
self::SVC_UCSS,
self::SVC_VPI,
self::SVC_LQIP,
self::SVC_CDN,
self::SVC_HEALTH,
// self::SVC_QUEUE,
);
const TYPE_CLEAR_PROMO = 'clear_promo';
const TYPE_REDETECT_CLOUD = 'redetect_cloud';
const TYPE_CLEAR_CLOUD = 'clear_cloud';
const TYPE_ACTIVATE = 'activate';
const TYPE_LINK = 'link';
const TYPE_ENABLE_CDN = 'enablecdn';
const TYPE_API = 'api';
const TYPE_SYNC_USAGE = 'sync_usage';
const TYPE_RESET = 'reset';
const TYPE_SYNC_STATUS = 'sync_status';
protected $_summary;
/**
* Init
*
* @since 3.0
*/
public function __construct()
{
$this->_summary = self::get_summary();
}
/**
* Init QC setup preparation
*
* @since 7.0
*/
public function init_qc_prepare()
{
if (empty($this->_summary['sk_b64'])) {
$keypair = sodium_crypto_sign_keypair();
$pk = base64_encode(sodium_crypto_sign_publickey($keypair));
$sk = base64_encode(sodium_crypto_sign_secretkey($keypair));
$this->_summary['pk_b64'] = $pk;
$this->_summary['sk_b64'] = $sk;
$this->save_summary();
// ATM `qc_activated` = null
return true;
}
return false;
}
/**
* Init QC setup
*
* @since 7.0
*/
public function init_qc()
{
$this->init_qc_prepare();
$ref = $this->_get_ref_url();
// WPAPI REST echo dryrun
$req_data = array(
'wp_pk_b64' => $this->_summary['pk_b64'],
);
$echobox = self::post(self::API_REST_ECHO, $req_data);
if ($echobox === false) {
self::debugErr('REST Echo Failed!');
$msg = __('Your WP REST API seems blocked our QUIC.cloud server calls.', 'litespeed-cache');
Admin_Display::error($msg);
wp_redirect($ref);
return;
}
self::debug('echo succeeded');
// Load separate thread echoed data from storage
if (empty($echobox['wpapi_ts']) || empty($echobox['wpapi_signature_b64'])) {
Admin_Display::error(__('Failed to get echo data from WPAPI', 'litespeed-cache'));
wp_redirect($ref);
return;
}
$data = array(
'wp_pk_b64' => $this->_summary['pk_b64'],
'wpapi_ts' => $echobox['wpapi_ts'],
'wpapi_signature_b64' => $echobox['wpapi_signature_b64'],
);
$server_ip = $this->conf(self::O_SERVER_IP);
if ($server_ip) {
$data['server_ip'] = $server_ip;
}
// Activation redirect
$param = array(
'site_url' => home_url(),
'ver' => Core::VER,
'data' => $data,
'ref' => $ref,
);
wp_redirect(self::CLOUD_SERVER_DASH . '/' . self::SVC_U_ACTIVATE . '?data=' . urlencode(Utility::arr2str($param)));
exit();
}
/**
* Decide the ref
*/
private function _get_ref_url($ref = false)
{
$link = 'admin.php?page=litespeed';
if ($ref == 'cdn') {
$link = 'admin.php?page=litespeed-cdn';
}
if ($ref == 'online') {
$link = 'admin.php?page=litespeed-general';
}
if (!empty($_GET['ref']) && $_GET['ref'] == 'cdn') {
$link = 'admin.php?page=litespeed-cdn';
}
if (!empty($_GET['ref']) && $_GET['ref'] == 'online') {
$link = 'admin.php?page=litespeed-general';
}
return get_admin_url(null, $link);
}
/**
* Init QC setup (CLI)
*
* @since 7.0
*/
public function init_qc_cli()
{
$this->init_qc_prepare();
$server_ip = $this->conf(self::O_SERVER_IP);
if (!$server_ip) {
self::debugErr('Server IP needs to be set first!');
$msg = sprintf(
__('You need to set the %1$s first. Please use the command %2$s to set.', 'litespeed-cache'),
'`' . __('Server IP', 'litespeed-cache') . '`',
'`wp litespeed-option set server_ip __your_ip_value__`'
);
Admin_Display::error($msg);
return;
}
// WPAPI REST echo dryrun
$req_data = array(
'wp_pk_b64' => $this->_summary['pk_b64'],
);
$echobox = self::post(self::API_REST_ECHO, $req_data);
if ($echobox === false) {
self::debugErr('REST Echo Failed!');
$msg = __('Your WP REST API seems blocked our QUIC.cloud server calls.', 'litespeed-cache');
Admin_Display::error($msg);
return;
}
self::debug('echo succeeded');
// Load separate thread echoed data from storage
if (empty($echobox['wpapi_ts']) || empty($echobox['wpapi_signature_b64'])) {
self::debug('Resp: ', $echobox);
Admin_Display::error(__('Failed to get echo data from WPAPI', 'litespeed-cache'));
return;
}
$data = array(
'wp_pk_b64' => $this->_summary['pk_b64'],
'wpapi_ts' => $echobox['wpapi_ts'],
'wpapi_signature_b64' => $echobox['wpapi_signature_b64'],
'server_ip' => $server_ip,
);
$res = $this->post(self::SVC_D_ACTIVATE, $data);
return $res;
}
/**
* Init QC CDN setup (CLI)
*
* @since 7.0
*/
public function init_qc_cdn_cli($method, $cert = false, $key = false, $cf_token = false)
{
if (!$this->activated()) {
Admin_Display::error(__('You need to activate QC first.', 'litespeed-cache'));
return;
}
$server_ip = $this->conf(self::O_SERVER_IP);
if (!$server_ip) {
self::debugErr('Server IP needs to be set first!');
$msg = sprintf(
__('You need to set the %1$s first. Please use the command %2$s to set.', 'litespeed-cache'),
'`' . __('Server IP', 'litespeed-cache') . '`',
'`wp litespeed-option set server_ip __your_ip_value__`'
);
Admin_Display::error($msg);
return;
}
if ($cert) {
if (!file_exists($cert) || !file_exists($key)) {
Admin_Display::error(__('Cert or key file does not exist.', 'litespeed-cache'));
return;
}
}
$data = array(
'method' => $method,
'server_ip' => $server_ip,
);
if ($cert) {
$data['cert'] = File::read($cert);
$data['key'] = File::read($key);
}
if ($cf_token) {
$data['cf_token'] = $cf_token;
}
$res = $this->post(self::SVC_D_ENABLE_CDN, $data);
return $res;
}
/**
* Link to QC setup
*
* @since 7.0
*/
public function link_qc()
{
if (!$this->activated()) {
Admin_Display::error(__('You need to activate QC first.', 'litespeed-cache'));
return;
}
$data = array(
'wp_ts' => time(),
);
$data['wp_signature_b64'] = $this->_sign_b64($data['wp_ts']);
// Activation redirect
$param = array(
'site_url' => home_url(),
'ver' => Core::VER,
'data' => $data,
'ref' => $this->_get_ref_url(),
);
wp_redirect(self::CLOUD_SERVER_DASH . '/' . self::SVC_U_LINK . '?data=' . urlencode(Utility::arr2str($param)));
exit();
}
/**
* Show QC Account CDN status
*
* @since 7.0
*/
public function cdn_status_cli()
{
if (!$this->activated()) {
Admin_Display::error(__('You need to activate QC first.', 'litespeed-cache'));
return;
}
$data = array();
$res = $this->post(self::SVC_D_STATUS_CDN_CLI, $data);
return $res;
}
/**
* Link to QC Account for CLI
*
* @since 7.0
*/
public function link_qc_cli($email, $key)
{
if (!$this->activated()) {
Admin_Display::error(__('You need to activate QC first.', 'litespeed-cache'));
return;
}
$data = array(
'qc_acct_email' => $email,
'qc_acct_apikey' => $key,
);
$res = $this->post(self::SVC_D_LINK, $data);
return $res;
}
/**
* API link parsed call to QC
*
* @since 7.0
*/
public function api_link_call($action2)
{
if (!$this->activated()) {
Admin_Display::error(__('You need to activate QC first.', 'litespeed-cache'));
return;
}
$data = array(
'action2' => $action2,
);
$res = $this->post(self::SVC_D_API, $data);
self::debug('API link call result: ', $res);
}
/**
* Enable QC CDN
*
* @since 7.0
*/
public function enable_cdn()
{
if (!$this->activated()) {
Admin_Display::error(__('You need to activate QC first.', 'litespeed-cache'));
return;
}
$data = array(
'wp_ts' => time(),
);
$data['wp_signature_b64'] = $this->_sign_b64($data['wp_ts']);
// Activation redirect
$param = array(
'site_url' => home_url(),
'ver' => Core::VER,
'data' => $data,
'ref' => $this->_get_ref_url(),
);
wp_redirect(self::CLOUD_SERVER_DASH . '/' . self::SVC_U_ENABLE_CDN . '?data=' . urlencode(Utility::arr2str($param)));
exit();
}
/**
* Encrypt data for cloud req
*
* @since 7.0
*/
private function _sign_b64($data)
{
if (empty($this->_summary['sk_b64'])) {
self::debugErr('No sk to sign.');
return false;
}
$sk = base64_decode($this->_summary['sk_b64']);
if (strlen($sk) !== SODIUM_CRYPTO_SIGN_SECRETKEYBYTES) {
self::debugErr('Invalid local sign sk length.');
// Reset local pk/sk
unset($this->_summary['pk_b64']);
unset($this->_summary['sk_b64']);
$this->save_summary();
self::debug('Clear local sign pk/sk pair.');
return false;
}
$signature = sodium_crypto_sign_detached((string) $data, $sk);
return base64_encode($signature);
}
/**
* Load server pk from cloud
*
* @since 7.0
*/
private function _load_server_pk($from_wpapi = false)
{
// Load cloud pk
$server_key_url = self::CLOUD_SERVER . '/' . self::API_SERVER_KEY_SIGN;
if ($from_wpapi) {
$server_key_url = self::CLOUD_SERVER_WP . '/' . self::API_SERVER_KEY_SIGN;
}
$resp = wp_safe_remote_get($server_key_url);
if (is_wp_error($resp)) {
self::debugErr('Failed to load key: ' . $resp->get_error_message());
return false;
}
$pk = trim($resp['body']);
self::debug('Loaded key from ' . $server_key_url . ': ' . $pk);
$cloud_pk = base64_decode($pk);
if (strlen($cloud_pk) !== SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES) {
self::debugErr('Invalid cloud public key length.');
return false;
}
$sk = base64_decode($this->_summary['sk_b64']);
if (strlen($sk) !== SODIUM_CRYPTO_SIGN_SECRETKEYBYTES) {
self::debugErr('Invalid local secret key length.');
// Reset local pk/sk
unset($this->_summary['pk_b64']);
unset($this->_summary['sk_b64']);
$this->save_summary();
self::debug('Unset local pk/sk pair.');
return false;
}
return $cloud_pk;
}
/**
* WPAPI echo back to notify the sealed databox
*
* @since 7.0
*/
public function wp_rest_echo()
{
self::debug('Parsing echo', $_POST);
if (empty($_POST['wpapi_ts']) || empty($_POST['wpapi_signature_b64'])) {
return self::err('No echo data');
}
$is_valid = $this->_validate_signature($_POST['wpapi_signature_b64'], $_POST['wpapi_ts'], true);
if (!$is_valid) {
return self::err('Data validation from WPAPI REST Echo failed');
}
$diff = time() - $_POST['wpapi_ts'];
if (abs($diff) > 86400) {
self::debugErr('WPAPI echo data timeout [diff] ' . $diff);
return self::err('Echo data expired');
}
$signature_b64 = $this->_sign_b64($_POST['wpapi_ts']);
self::debug('Response to echo [signature_b64] ' . $signature_b64);
return self::ok(array('signature_b64' => $signature_b64));
}
/**
* Validate cloud data
*
* @since 7.0
*/
private function _validate_signature($signature_b64, $data, $from_wpapi = false)
{
// Try validation
try {
$cloud_pk = $this->_load_server_pk($from_wpapi);
if (!$cloud_pk) {
return false;
}
$signature = base64_decode($signature_b64);
$is_valid = sodium_crypto_sign_verify_detached($signature, $data, $cloud_pk);
} catch (\SodiumException $e) {
self::debugErr('Decryption failed: ' . $e->getMessage());
return false;
}
self::debug('Signature validation result: ' . ($is_valid ? 'true' : 'false'));
return $is_valid;
}
/**
* Finish qc activation after redirection back from QC
*
* @since 7.0
*/
public function finish_qc_activation($ref = false)
{
if (empty($_GET['qc_activated']) || empty($_GET['qc_ts']) || empty($_GET['qc_signature_b64'])) {
return;
}
$data_to_validate_signature = array(
'wp_pk_b64' => $this->_summary['pk_b64'],
'qc_ts' => $_GET['qc_ts'],
);
$is_valid = $this->_validate_signature($_GET['qc_signature_b64'], implode('', $data_to_validate_signature));
if (!$is_valid) {
self::debugErr('Failed to validate qc activation data');
Admin_Display::error(sprintf(__('Failed to validate %s activation data.', 'litespeed-cache'), 'QUIC.cloud'));
return;
}
self::debug('QC activation status: ' . $_GET['qc_activated']);
if (!in_array($_GET['qc_activated'], array('anonymous', 'linked', 'cdn'))) {
self::debugErr('Failed to parse qc activation status');
Admin_Display::error(sprintf(__('Failed to parse %s activation status.', 'litespeed-cache'), 'QUIC.cloud'));
return;
}
$diff = time() - $_GET['qc_ts'];
if (abs($diff) > 86400) {
self::debugErr('QC activation data timeout [diff] ' . $diff);
Admin_Display::error(sprintf(__('%s activation data expired.', 'litespeed-cache'), 'QUIC.cloud'));
return;
}
$main_domain = !empty($_GET['main_domain']) ? $_GET['main_domain'] : false;
$this->update_qc_activation($_GET['qc_activated'], $main_domain);
wp_redirect($this->_get_ref_url($ref));
}
/**
* Finish qc activation process
*
* @since 7.0
*/
public function update_qc_activation($qc_activated, $main_domain = false, $quite = false)
{
$this->_summary['qc_activated'] = $qc_activated;
if ($main_domain) {
$this->_summary['main_domain'] = $main_domain;
}
$this->save_summary();
$msg = sprintf(__('Congratulations, %s successfully set this domain up for the anonymous online services.', 'litespeed-cache'), 'QUIC.cloud');
if ($qc_activated == 'linked') {
$msg = sprintf(__('Congratulations, %s successfully set this domain up for the online services.', 'litespeed-cache'), 'QUIC.cloud');
// Sync possible partner info
$this->sync_usage();
}
if ($qc_activated == 'cdn') {
$msg = sprintf(__('Congratulations, %s successfully set this domain up for the online services with CDN service.', 'litespeed-cache'), 'QUIC.cloud');
// Turn on CDN option
$this->cls('Conf')->update_confs(array(self::O_CDN_QUIC => true));
}
if (!$quite) {
Admin_Display::success('🎊 ' . $msg);
}
$this->_clear_reset_qc_reg_msg();
$this->clear_cloud();
}
/**
* Load QC status for dash usage
* Format to translate: `<a href="{#xxx#}" class="button button-primary">xxxx</a><a href="{#xxx#}">xxxx2</a>`
*
* @since 7.0
*/
public function load_qc_status_for_dash($type, $force = false)
{
return Str::translate_qc_apis($this->_load_qc_status_for_dash($type, $force));
}
private function _load_qc_status_for_dash($type, $force = false)
{
if (
!$force &&
!empty($this->_summary['mini_html']) &&
isset($this->_summary['mini_html'][$type]) &&
!empty($this->_summary['mini_html']['ttl.' . $type]) &&
$this->_summary['mini_html']['ttl.' . $type] > time()
) {
return Str::safe_html($this->_summary['mini_html'][$type]);
}
// Try to update dash content
$data = self::post(self::SVC_D_DASH, array('action2' => $type == 'cdn_dash_mini' ? 'cdn_dash' : $type));
if (!empty($data['qc_activated'])) {
// Sync conf as changed
if (empty($this->_summary['qc_activated']) || $this->_summary['qc_activated'] != $data['qc_activated']) {
$msg = sprintf(__('Congratulations, %s successfully set this domain up for the online services with CDN service.', 'litespeed-cache'), 'QUIC.cloud');
Admin_Display::success('🎊 ' . $msg);
$this->_clear_reset_qc_reg_msg();
// Turn on CDN option
$this->cls('Conf')->update_confs(array(self::O_CDN_QUIC => true));
$this->cls('CDN\Quic')->try_sync_conf(true);
}
$this->_summary['qc_activated'] = $data['qc_activated'];
$this->save_summary();
}
// Show the info
if (isset($this->_summary['mini_html'][$type])) {
return Str::safe_html($this->_summary['mini_html'][$type]);
}
return '';
}
/**
* Update QC status
*
* @since 7.0
*/
public function update_cdn_status()
{
if (empty($_POST['qc_activated']) || !in_array($_POST['qc_activated'], array('anonymous', 'linked', 'cdn', 'deleted'))) {
return self::err('lack_of_params');
}
self::debug('update_cdn_status request hash: ' . $_POST['qc_activated']);
if ($_POST['qc_activated'] == 'deleted') {
$this->_reset_qc_reg();
} else {
$this->_summary['qc_activated'] = $_POST['qc_activated'];
$this->save_summary();
}
if ($_POST['qc_activated'] == 'cdn') {
$msg = sprintf(__('Congratulations, %s successfully set this domain up for the online services with CDN service.', 'litespeed-cache'), 'QUIC.cloud');
Admin_Display::success('🎊 ' . $msg);
$this->_clear_reset_qc_reg_msg();
// Turn on CDN option
$this->cls('Conf')->update_confs(array(self::O_CDN_QUIC => true));
$this->cls('CDN\Quic')->try_sync_conf(true);
}
return self::ok(array('qc_activated' => $_POST['qc_activated']));
}
/**
* Reset QC setup
*
* @since 7.0
*/
public function reset_qc()
{
unset($this->_summary['pk_b64']);
unset($this->_summary['sk_b64']);
unset($this->_summary['qc_activated']);
if (!empty($this->_summary['partner'])) {
unset($this->_summary['partner']);
}
$this->save_summary();
self::debug('Clear local QC activation.');
$this->clear_cloud();
Admin_Display::success(sprintf(__('Reset %s activation successfully.', 'litespeed-cache'), 'QUIC.cloud'));
wp_redirect($this->_get_ref_url());
exit();
}
/**
* Show latest commit version always if is on dev
*
* @since 3.0
*/
public function check_dev_version()
{
if (!preg_match('/[^\d\.]/', Core::VER)) {
return;
}
$last_check = empty($this->_summary['last_request.' . self::API_VER]) ? 0 : $this->_summary['last_request.' . self::API_VER];
if (time() - $last_check > 86400) {
$auto_v = self::version_check('dev');
if (!empty($auto_v['dev'])) {
self::save_summary(array('version.dev' => $auto_v['dev']));
}
}
if (empty($this->_summary['version.dev'])) {
return;
}
self::debug('Latest dev version ' . $this->_summary['version.dev']);
if (version_compare($this->_summary['version.dev'], Core::VER, '<=')) {
return;
}
// Show the dev banner
require_once LSCWP_DIR . 'tpl/banner/new_version_dev.tpl.php';
}
/**
* Check latest version
*
* @since 2.9
* @access public
*/
public static function version_check($src = false)
{
$req_data = array(
'v' => defined('LSCWP_CUR_V') ? LSCWP_CUR_V : '',
'src' => $src,
'php' => phpversion(),
);
if (defined('LITESPEED_ERR')) {
$req_data['err'] = base64_encode(!is_string(LITESPEED_ERR) ? \json_encode(LITESPEED_ERR) : LITESPEED_ERR);
}
$data = self::post(self::API_VER, $req_data);
return $data;
}
/**
* Show latest news
*
* @since 3.0
*/
public function news()
{
$this->_update_news();
if (empty($this->_summary['news.new'])) {
return;
}
if (!empty($this->_summary['news.plugin']) && Activation::cls()->dash_notifier_is_plugin_active($this->_summary['news.plugin'])) {
return;
}
require_once LSCWP_DIR . 'tpl/banner/cloud_news.tpl.php';
}
/**
* Update latest news
*
* @since 2.9.9.1
*/
private function _update_news()
{
if (!empty($this->_summary['news.utime']) && time() - $this->_summary['news.utime'] < 86400 * 7) {
return;
}
self::save_summary(array('news.utime' => time()));
$data = self::get(self::API_NEWS);
if (empty($data['id'])) {
return;
}
// Save news
if (!empty($this->_summary['news.id']) && $this->_summary['news.id'] == $data['id']) {
return;
}
$this->_summary['news.id'] = $data['id'];
$this->_summary['news.plugin'] = !empty($data['plugin']) ? $data['plugin'] : '';
$this->_summary['news.title'] = !empty($data['title']) ? $data['title'] : '';
$this->_summary['news.content'] = !empty($data['content']) ? $data['content'] : '';
$this->_summary['news.zip'] = !empty($data['zip']) ? $data['zip'] : '';
$this->_summary['news.new'] = 1;
if ($this->_summary['news.plugin']) {
$plugin_info = Activation::cls()->dash_notifier_get_plugin_info($this->_summary['news.plugin']);
if ($plugin_info && !empty($plugin_info->name)) {
$this->_summary['news.plugin_name'] = $plugin_info->name;
}
}
self::save_summary();
}
/**
* Check if contains a package in a service or not
*
* @since 4.0
*/
public function has_pkg($service, $pkg)
{
if (!empty($this->_summary['usage.' . $service]['pkgs']) && $this->_summary['usage.' . $service]['pkgs'] & $pkg) {
return true;
}
return false;
}
/**
* Get allowance of current service
*
* @since 3.0
* @access private
*/
public function allowance($service, &$err = false)
{
// Only auto sync usage at most one time per day
if (empty($this->_summary['last_request.' . self::SVC_D_USAGE]) || time() - $this->_summary['last_request.' . self::SVC_D_USAGE] > 86400) {
$this->sync_usage();
}
if (in_array($service, array(self::SVC_CCSS, self::SVC_UCSS, self::SVC_VPI))) {
// @since 4.2
$service = self::SVC_PAGE_OPTM;
}
if (empty($this->_summary['usage.' . $service])) {
return 0;
}
$usage = $this->_summary['usage.' . $service];
// Image optm is always free
$allowance_max = 0;
if ($service == self::SVC_IMG_OPTM) {
$allowance_max = self::IMG_OPTM_DEFAULT_GROUP;
}
$allowance = $usage['quota'] - $usage['used'];
$err = 'out_of_quota';
if ($allowance > 0) {
if ($allowance_max && $allowance_max < $allowance) {
$allowance = $allowance_max;
}
// Daily limit @since 4.2
if (isset($usage['remaining_daily_quota']) && $usage['remaining_daily_quota'] >= 0 && $usage['remaining_daily_quota'] < $allowance) {
$allowance = $usage['remaining_daily_quota'];
if (!$allowance) {
$err = 'out_of_daily_quota';
}
}
return $allowance;
}
// Check Pay As You Go balance
if (empty($usage['pag_bal'])) {
return $allowance_max;
}
if ($allowance_max && $allowance_max < $usage['pag_bal']) {
return $allowance_max;
}
return $usage['pag_bal'];
}
/**
* Sync Cloud usage summary data
*
* @since 3.0
* @access public
*/
public function sync_usage()
{
$usage = $this->_post(self::SVC_D_USAGE);
if (!$usage) {
return;
}
self::debug('sync_usage ' . \json_encode($usage));
foreach (self::$SERVICES as $v) {
$this->_summary['usage.' . $v] = !empty($usage[$v]) ? $usage[$v] : false;
}
self::save_summary();
return $this->_summary;
}
/**
* Clear all existing cloud nodes for future reconnect
*
* @since 3.0
* @access public
*/
public function clear_cloud()
{
foreach (self::$SERVICES as $service) {
if (isset($this->_summary['server.' . $service])) {
unset($this->_summary['server.' . $service]);
}
if (isset($this->_summary['server_date.' . $service])) {
unset($this->_summary['server_date.' . $service]);
}
}
self::save_summary();
self::debug('Cleared all local service node caches');
}
/**
* ping clouds to find the fastest node
*
* @since 3.0
* @access public
*/
public function detect_cloud($service, $force = false)
{
if (in_array($service, self::$CENTER_SVC_SET)) {
return self::CLOUD_SERVER;
}
if (in_array($service, self::$WP_SVC_SET)) {
return self::CLOUD_SERVER_WP;
}
// Check if the stored server needs to be refreshed
if (!$force) {
if (
!empty($this->_summary['server.' . $service]) &&
!empty($this->_summary['server_date.' . $service]) &&
$this->_summary['server_date.' . $service] > time() - 86400 * self::TTL_NODE
) {
$server = $this->_summary['server.' . $service];
if (!strpos(self::CLOUD_SERVER, 'preview.') && !strpos($server, 'preview.')) {
return $server;
}
if (strpos(self::CLOUD_SERVER, 'preview.') && strpos($server, 'preview.')) {
return $server;
}
}
}
if (!$service || !in_array($service, self::$SERVICES)) {
$msg = __('Cloud Error', 'litespeed-cache') . ': ' . $service;
Admin_Display::error($msg);
return false;
}
// Send request to Quic Online Service
$json = $this->_post(self::SVC_D_NODES, array('svc' => $this->_maybe_queue($service)));
// Check if get list correctly
if (empty($json['list']) || !is_array($json['list'])) {
self::debug('request cloud list failed: ', $json);
if ($json) {
$msg = __('Cloud Error', 'litespeed-cache') . ": [Service] $service [Info] " . \json_encode($json);
Admin_Display::error($msg);
}
return false;
}
// Ping closest cloud
$valid_clouds = false;
if (!empty($json['list_preferred'])) {
$valid_clouds = $this->_get_closest_nodes($json['list_preferred'], $service);
}
if (!$valid_clouds) {
$valid_clouds = $this->_get_closest_nodes($json['list'], $service);
}
if (!$valid_clouds) {
return false;
}
// Check server load
if (in_array($service, self::$SERVICES_LOAD_CHECK)) {
// TODO
$valid_cloud_loads = array();
foreach ($valid_clouds as $k => $v) {
$response = wp_safe_remote_get($v, array('timeout' => 5));
if (is_wp_error($response)) {
$error_message = $response->get_error_message();
self::debug('failed to do load checker: ' . $error_message);
continue;
}
$curr_load = \json_decode($response['body'], true);
if (!empty($curr_load['_res']) && $curr_load['_res'] == 'ok' && isset($curr_load['load'])) {
$valid_cloud_loads[$v] = $curr_load['load'];
}
}
if (!$valid_cloud_loads) {
$msg = __('Cloud Error', 'litespeed-cache') . ": [Service] $service [Info] " . __('No available Cloud Node after checked server load.', 'litespeed-cache');
Admin_Display::error($msg);
return false;
}
self::debug('Closest nodes list after load check', $valid_cloud_loads);
$qualified_list = array_keys($valid_cloud_loads, min($valid_cloud_loads));
} else {
$qualified_list = $valid_clouds;
}
$closest = $qualified_list[array_rand($qualified_list)];
self::debug('Chose node: ' . $closest);
// store data into option locally
$this->_summary['server.' . $service] = $closest;
$this->_summary['server_date.' . $service] = time();
self::save_summary();
return $this->_summary['server.' . $service];
}
/**
* Ping to choose the closest nodes
* @since 7.0
*/
private function _get_closest_nodes($list, $service)
{
$speed_list = array();
foreach ($list as $v) {
// Exclude possible failed 503 nodes
if (!empty($this->_summary['disabled_node']) && !empty($this->_summary['disabled_node'][$v]) && time() - $this->_summary['disabled_node'][$v] < 86400) {
continue;
}
$speed_list[$v] = Utility::ping($v);
}
if (!$speed_list) {
self::debug('nodes are in 503 failed nodes');
return false;
}
$min = min($speed_list);
if ($min == 99999) {
self::debug('failed to ping all clouds');
return false;
}
// Random pick same time range ip (230ms 250ms)
$range_len = strlen($min);
$range_num = substr($min, 0, 1);
$valid_clouds = array();
foreach ($speed_list as $node => $speed) {
if (strlen($speed) == $range_len && substr($speed, 0, 1) == $range_num) {
$valid_clouds[] = $node;
}
// Append the lower speed ones
elseif ($speed < $min * 4) {
$valid_clouds[] = $node;
}
}
if (!$valid_clouds) {
$msg = __('Cloud Error', 'litespeed-cache') . ": [Service] $service [Info] " . __('No available Cloud Node.', 'litespeed-cache');
Admin_Display::error($msg);
return false;
}
self::debug('Closest nodes list', $valid_clouds);
return $valid_clouds;
}
/**
* May need to convert to queue service
*/
private function _maybe_queue($service)
{
if (in_array($service, self::$_QUEUE_SVC_SET)) {
return self::SVC_QUEUE;
}
return $service;
}
/**
* Get data from QUIC cloud server
*
* @since 3.0
* @access public
*/
public static function get($service, $data = array())
{
$instance = self::cls();
return $instance->_get($service, $data);
}
/**
* Get data from QUIC cloud server
*
* @since 3.0
* @access private
*/
private function _get($service, $data = false)
{
$service_tag = $service;
if (!empty($data['action'])) {
$service_tag .= '-' . $data['action'];
}
$maybe_cloud = $this->_maybe_cloud($service_tag);
if (!$maybe_cloud || $maybe_cloud === 'svc_hot') {
return $maybe_cloud;
}
$server = $this->detect_cloud($service);
if (!$server) {
return;
}
$url = $server . '/' . $service;
$param = array(
'site_url' => home_url(),
'main_domain' => !empty($this->_summary['main_domain']) ? $this->_summary['main_domain'] : '',
'ver' => Core::VER,
);
if ($data) {
$param['data'] = $data;
}
$url .= '?' . http_build_query($param);
self::debug('getting from : ' . $url);
self::save_summary(array('curr_request.' . $service_tag => time()));
$response = wp_safe_remote_get($url, array(
'timeout' => 15,
'headers' => array('Accept' => 'application/json'),
));
return $this->_parse_response($response, $service, $service_tag, $server);
}
/**
* Check if is able to do cloud request or not
*
* @since 3.0
* @access private
*/
private function _maybe_cloud($service_tag)
{
$home_url = home_url();
if (!wp_http_validate_url($home_url)) {
self::debug('wp_http_validate_url failed: ' . $home_url);
return false;
}
// Deny if is IP
if (preg_match('#^(([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)\.){3}([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)$#', Utility::parse_url_safe($home_url, PHP_URL_HOST))) {
self::debug('IP home url is not allowed for cloud service.');
$msg = __('In order to use QC services, need a real domain name, cannot use an IP.', 'litespeed-cache');
Admin_Display::error($msg);
return false;
}
/** @since 5.0 If in valid err_domains, bypass request */
if ($this->_is_err_domain($home_url)) {
self::debug('home url is in err_domains, bypass request: ' . $home_url);
return false;
}
// we don't want the `img_optm-taken` to fail at any given time
if ($service_tag == self::IMGOPTM_TAKEN) {
return true;
}
if ($service_tag == self::SVC_D_SYNC_CONF && !$this->activated()) {
self::debug('Skip sync conf as QC not activated yet.');
return false;
}
// Check TTL
if (!empty($this->_summary['ttl.' . $service_tag])) {
$ttl = $this->_summary['ttl.' . $service_tag] - time();
if ($ttl > 0) {
self::debug('❌ TTL limit. [srv] ' . $service_tag . ' [TTL cool down] ' . $ttl . ' seconds');
return 'svc_hot';
}
}
$expiration_req = self::EXPIRATION_REQ;
// Limit frequent unfinished request to 5min
$timestamp_tag = 'curr_request.';
if ($service_tag == self::SVC_IMG_OPTM . '-' . Img_Optm::TYPE_NEW_REQ) {
$timestamp_tag = 'last_request.';
} else {
// For all other requests, if is under debug mode, will always allow
if ($this->conf(self::O_DEBUG)) {
return true;
}
}
if (!empty($this->_summary[$timestamp_tag . $service_tag])) {
$expired = $this->_summary[$timestamp_tag . $service_tag] + $expiration_req - time();
if ($expired > 0) {
self::debug("❌ try [$service_tag] after $expired seconds");
if ($service_tag !== self::API_VER) {
$msg =
__('Cloud Error', 'litespeed-cache') .
': ' .
sprintf(__('Please try after %1$s for service %2$s.', 'litespeed-cache'), Utility::readable_time($expired, 0, true), '<code>' . $service_tag . '</code>');
Admin_Display::error(array('cloud_trylater' => $msg));
}
return false;
}
}
if (in_array($service_tag, self::$_PUB_SVC_SET)) {
return true;
}
if (!$this->activated() && $service_tag != self::SVC_D_ACTIVATE) {
Admin_Display::error(Error::msg('qc_setup_required'));
return false;
}
return true;
}
/**
* Check if a service tag ttl is valid or not
* @since 7.1
*/
public function service_hot($service_tag)
{
if (empty($this->_summary['ttl.' . $service_tag])) {
return false;
}
$ttl = $this->_summary['ttl.' . $service_tag] - time();
if ($ttl <= 0) {
return false;
}
return $ttl;
}
/**
* Check if activated QUIC.cloud service or not
*
* @since 7.0
* @access public
*/
public function activated()
{
return !empty($this->_summary['sk_b64']) && !empty($this->_summary['qc_activated']);
}
/**
* Show my.qc quick link to the domain page
*/
public function qc_link()
{
$data = array(
'site_url' => home_url(),
'ver' => LSCWP_V,
'ref' => $this->_get_ref_url(),
);
return self::CLOUD_SERVER_DASH . '/u/wp3/manage?data=' . urlencode(Utility::arr2str($data)); // . (!empty($this->_summary['is_linked']) ? '?wplogin=1' : '');
}
/**
* Post data to QUIC.cloud server
*
* @since 3.0
* @access public
*/
public static function post($service, $data = false, $time_out = false)
{
$instance = self::cls();
return $instance->_post($service, $data, $time_out);
}
/**
* Post data to cloud server
*
* @since 3.0
* @access private
*/
private function _post($service, $data = false, $time_out = false)
{
$service_tag = $service;
if (!empty($data['action'])) {
$service_tag .= '-' . $data['action'];
}
$maybe_cloud = $this->_maybe_cloud($service_tag);
if (!$maybe_cloud || $maybe_cloud === 'svc_hot') {
self::debug('Maybe cloud failed: ' . var_export($maybe_cloud, true));
return $maybe_cloud;
}
$server = $this->detect_cloud($service);
if (!$server) {
return;
}
$url = $server . '/' . $this->_maybe_queue($service);
self::debug('posting to : ' . $url);
if ($data) {
$data['service_type'] = $service; // For queue distribution usage
}
// Encrypt service as signature
// $signature_ts = time();
// $sign_data = array(
// 'service_tag' => $service_tag,
// 'ts' => $signature_ts,
// );
// $data['signature_b64'] = $this->_sign_b64(implode('', $sign_data));
// $data['signature_ts'] = $signature_ts;
self::debug('data', $data);
$param = array(
'site_url' => home_url(), // Need to use home_url() as WPML case may change it for diff langs, therefore we can do auto alias
'main_domain' => !empty($this->_summary['main_domain']) ? $this->_summary['main_domain'] : '',
'wp_pk_b64' => !empty($this->_summary['pk_b64']) ? $this->_summary['pk_b64'] : '',
'ver' => Core::VER,
'data' => $data,
);
self::save_summary(array('curr_request.' . $service_tag => time()));
$response = wp_safe_remote_post($url, array(
'body' => $param,
'timeout' => $time_out ?: 15,
'headers' => array('Accept' => 'application/json', 'Expect' => ''),
));
return $this->_parse_response($response, $service, $service_tag, $server);
}
/**
* Parse response JSON
* Mark the request successful if the response status is ok
*
* @since 3.0
*/
private function _parse_response($response, $service, $service_tag, $server)
{
// If show the error or not if failed
$visible_err = $service !== self::API_VER && $service !== self::API_NEWS && $service !== self::SVC_D_DASH;
if (is_wp_error($response)) {
$error_message = $response->get_error_message();
self::debug('failed to request: ' . $error_message);
if ($visible_err) {
$msg = __('Failed to request via WordPress', 'litespeed-cache') . ': ' . $error_message . " [server] $server [service] $service";
Admin_Display::error($msg);
// Tmp disabled this node from reusing in 1 day
if (empty($this->_summary['disabled_node'])) {
$this->_summary['disabled_node'] = array();
}
$this->_summary['disabled_node'][$server] = time();
self::save_summary();
// Force redetect node
self::debug('Node error, redetecting node [svc] ' . $service);
$this->detect_cloud($service, true);
}
return false;
}
$json = \json_decode($response['body'], true);
if (!is_array($json)) {
self::debugErr('failed to decode response json: ' . $response['body']);
if ($visible_err) {
$msg = __('Failed to request via WordPress', 'litespeed-cache') . ': ' . $response['body'] . " [server] $server [service] $service";
Admin_Display::error($msg);
// Tmp disabled this node from reusing in 1 day
if (empty($this->_summary['disabled_node'])) {
$this->_summary['disabled_node'] = array();
}
$this->_summary['disabled_node'][$server] = time();
self::save_summary();
// Force redetect node
self::debugErr('Node error, redetecting node [svc] ' . $service);
$this->detect_cloud($service, true);
}
return false;
}
// Check and save TTL data
if (!empty($json['_ttl'])) {
$ttl = intval($json['_ttl']);
self::debug('Service TTL to save: ' . $ttl);
if ($ttl > 0 && $ttl < 86400) {
self::save_summary(array(
'ttl.' . $service_tag => $ttl + time(),
));
}
}
if (!empty($json['_code'])) {
self::debugErr('Hit err _code: ' . $json['_code']);
if ($json['_code'] == 'unpulled_images') {
$msg = __('Cloud server refused the current request due to unpulled images. Please pull the images first.', 'litespeed-cache');
Admin_Display::error($msg);
return false;
}
if ($json['_code'] == 'blocklisted') {
$msg = __('Your domain_key has been temporarily blocklisted to prevent abuse. You may contact support at QUIC.cloud to learn more.', 'litespeed-cache');
Admin_Display::error($msg);
return false;
}
if ($json['_code'] == 'rate_limit') {
self::debugErr('Cloud server rate limit exceeded.');
$msg = __('Cloud server refused the current request due to rate limiting. Please try again later.', 'litespeed-cache');
Admin_Display::error($msg);
return false;
}
if ($json['_code'] == 'heavy_load' || $json['_code'] == 'redetect_node') {
// Force redetect node
self::debugErr('Node redetecting node [svc] ' . $service);
Admin_Display::info(__('Redetected node', 'litespeed-cache') . ': ' . Error::msg($json['_code']));
$this->detect_cloud($service, true);
}
}
if (!empty($json['_503'])) {
self::debugErr('service 503 unavailable temporarily. ' . $json['_503']);
$msg = __(
'We are working hard to improve your online service experience. The service will be unavailable while we work. We apologize for any inconvenience.',
'litespeed-cache'
);
$msg .= ' ' . $json['_503'] . " [server] $server [service] $service";
Admin_Display::error($msg);
// Force redetect node
self::debugErr('Node error, redetecting node [svc] ' . $service);
$this->detect_cloud($service, true);
return false;
}
list($json, $return) = $this->extract_msg($json, $service, $server);
if ($return) {
return false;
}
self::save_summary(array(
'last_request.' . $service_tag => $this->_summary['curr_request.' . $service_tag],
'curr_request.' . $service_tag => 0,
));
if ($json) {
self::debug2('response ok', $json);
} else {
self::debug2('response ok');
}
// Only successful request return Array
return $json;
}
/**
* Extract msg from json
* @since 5.0
*/
public function extract_msg($json, $service, $server = false, $is_callback = false)
{
if (!empty($json['_info'])) {
self::debug('_info: ' . $json['_info']);
$msg = __('Message from QUIC.cloud server', 'litespeed-cache') . ': ' . $json['_info'];
$msg .= $this->_parse_link($json);
Admin_Display::info($msg);
unset($json['_info']);
}
if (!empty($json['_note'])) {
self::debug('_note: ' . $json['_note']);
$msg = __('Message from QUIC.cloud server', 'litespeed-cache') . ': ' . $json['_note'];
$msg .= $this->_parse_link($json);
Admin_Display::note($msg);
unset($json['_note']);
}
if (!empty($json['_success'])) {
self::debug('_success: ' . $json['_success']);
$msg = __('Good news from QUIC.cloud server', 'litespeed-cache') . ': ' . $json['_success'];
$msg .= $this->_parse_link($json);
Admin_Display::success($msg);
unset($json['_success']);
}
// Upgrade is required
if (!empty($json['_err_req_v'])) {
self::debug('_err_req_v: ' . $json['_err_req_v']);
$msg =
sprintf(__('%1$s plugin version %2$s required for this action.', 'litespeed-cache'), Core::NAME, 'v' . $json['_err_req_v'] . '+') .
" [server] $server [service] $service";
// Append upgrade link
$msg2 = ' ' . GUI::plugin_upgrade_link(Core::NAME, Core::PLUGIN_NAME, $json['_err_req_v']);
$msg2 .= $this->_parse_link($json);
Admin_Display::error($msg . $msg2);
return array($json, true);
}
// Parse _carry_on info
if (!empty($json['_carry_on'])) {
self::debug('Carry_on usage', $json['_carry_on']);
// Store generic info
foreach (array('usage', 'promo', 'mini_html', 'partner', '_error', '_info', '_note', '_success') as $v) {
if (isset($json['_carry_on'][$v])) {
switch ($v) {
case 'usage':
$usage_svc_tag = in_array($service, array(self::SVC_CCSS, self::SVC_UCSS, self::SVC_VPI)) ? self::SVC_PAGE_OPTM : $service;
$this->_summary['usage.' . $usage_svc_tag] = $json['_carry_on'][$v];
break;
case 'promo':
if (empty($this->_summary[$v]) || !is_array($this->_summary[$v])) {
$this->_summary[$v] = array();
}
$this->_summary[$v][] = $json['_carry_on'][$v];
break;
case 'mini_html':
foreach ($json['_carry_on'][$v] as $k2 => $v2) {
if (strpos($k2, 'ttl.') === 0) {
$v2 += time();
}
$this->_summary[$v][$k2] = $v2;
}
break;
case 'partner':
$this->_summary[$v] = $json['_carry_on'][$v];
break;
case '_error':
case '_info':
case '_note':
case '_success':
$color_mode = substr($v, 1);
$msgs = $json['_carry_on'][$v];
Admin_Display::add_unique_notice($color_mode, $msgs, true);
break;
default:
break;
}
}
}
self::save_summary();
unset($json['_carry_on']);
}
// Parse general error msg
if (!$is_callback && (empty($json['_res']) || $json['_res'] !== 'ok')) {
$json_msg = !empty($json['_msg']) ? $json['_msg'] : 'unknown';
self::debug('❌ _err: ' . $json_msg, $json);
$str_translated = Error::msg($json_msg);
$msg = __('Failed to communicate with QUIC.cloud server', 'litespeed-cache') . ': ' . $str_translated . " [server] $server [service] $service";
$msg .= $this->_parse_link($json);
$visible_err = $service !== self::API_VER && $service !== self::API_NEWS && $service !== self::SVC_D_DASH;
if ($visible_err) {
Admin_Display::error($msg);
}
// QC may try auto alias
/** @since 5.0 Store the domain as `err_domains` only for QC auto alias feature */
if ($json_msg == 'err_alias') {
if (empty($this->_summary['err_domains'])) {
$this->_summary['err_domains'] = array();
}
$home_url = home_url();
if (!array_key_exists($home_url, $this->_summary['err_domains'])) {
$this->_summary['err_domains'][$home_url] = time();
}
self::save_summary();
}
// Site not on QC, delete invalid domain key
if ($json_msg == 'site_not_registered' || $json_msg == 'err_key') {
$this->_reset_qc_reg();
}
return array($json, true);
}
unset($json['_res']);
if (!empty($json['_msg'])) {
unset($json['_msg']);
}
return array($json, false);
}
/**
* Clear QC linked status
* @since 5.0
*/
private function _reset_qc_reg()
{
unset($this->_summary['qc_activated']);
if (!empty($this->_summary['partner'])) {
unset($this->_summary['partner']);
}
self::save_summary();
$msg = $this->_reset_qc_reg_content();
Admin_Display::error($msg, false, true);
}
private function _reset_qc_reg_content()
{
$msg = __('Site not recognized. QUIC.cloud deactivated automatically. Please reactivate your QUIC.cloud account.', 'litespeed-cache');
$msg .= Doc::learn_more(admin_url('admin.php?page=litespeed'), __('Click here to proceed.', 'litespeed-cache'), true, false, true);
$msg .= Doc::learn_more('https://docs.litespeedtech.com/lscache/lscwp/general/', false, false, false, true);
return $msg;
}
private function _clear_reset_qc_reg_msg()
{
self::debug('Removed pinned reset QC reg content msg');
$msg = $this->_reset_qc_reg_content();
Admin_Display::dismiss_pin_by_content($msg, Admin_Display::NOTICE_RED, true);
}
/**
* REST call: check if the error domain is valid call for auto alias purpose
* @since 5.0
*/
public function rest_err_domains()
{
if (empty($_POST['main_domain']) || empty($_POST['alias'])) {
return self::err('lack_of_param');
}
$this->extract_msg($_POST, 'Quic.cloud', false, true);
if ($this->_is_err_domain($_POST['alias'])) {
if ($_POST['alias'] == home_url()) {
$this->_remove_domain_from_err_list($_POST['alias']);
}
return self::ok();
}
return self::err('Not an alias req from here');
}
/**
* Remove a domain from err domain
* @since 5.0
*/
private function _remove_domain_from_err_list($url)
{
unset($this->_summary['err_domains'][$url]);
self::save_summary();
}
/**
* Check if is err domain
* @since 5.0
*/
private function _is_err_domain($home_url)
{
if (empty($this->_summary['err_domains'])) {
return false;
}
if (!array_key_exists($home_url, $this->_summary['err_domains'])) {
return false;
}
// Auto delete if too long ago
if (time() - $this->_summary['err_domains'][$home_url] > 86400 * 10) {
$this->_remove_domain_from_err_list($home_url);
return false;
}
if (time() - $this->_summary['err_domains'][$home_url] > 86400) {
return false;
}
return true;
}
/**
* Show promo from cloud
*
* @since 3.0
* @access public
*/
public function show_promo()
{
if (empty($this->_summary['promo'])) {
return;
}
require_once LSCWP_DIR . 'tpl/banner/cloud_promo.tpl.php';
}
/**
* Clear promo from cloud
*
* @since 3.0
* @access private
*/
private function _clear_promo()
{
if (count($this->_summary['promo']) > 1) {
array_shift($this->_summary['promo']);
} else {
$this->_summary['promo'] = array();
}
self::save_summary();
}
/**
* Parse _links from json
*
* @since 1.6.5
* @since 1.6.7 Self clean the parameter
* @access private
*/
private function _parse_link(&$json)
{
$msg = '';
if (!empty($json['_links'])) {
foreach ($json['_links'] as $v) {
$msg .= ' ' . sprintf('<a href="%s" class="%s" target="_blank">%s</a>', $v['link'], !empty($v['cls']) ? $v['cls'] : '', $v['title']);
}
unset($json['_links']);
}
return $msg;
}
/**
* Request callback validation from Cloud
*
* @since 3.0
* @access public
*/
public function ip_validate()
{
if (empty($_POST['hash'])) {
return self::err('lack_of_params');
}
if ($_POST['hash'] != md5(substr($this->_summary['pk_b64'], 0, 4))) {
self::debug('__callback IP request decryption failed');
return self::err('err_hash');
}
Control::set_nocache('Cloud IP hash validation');
$resp_hash = md5(substr($this->_summary['pk_b64'], 2, 4));
self::debug('__callback IP request hash: ' . $resp_hash);
return self::ok(array('hash' => $resp_hash));
}
/**
* Check if this visit is from cloud or not
*
* @since 3.0
*/
public function is_from_cloud()
{
// return true;
$check_point = time() - 86400 * self::TTL_IPS;
if (empty($this->_summary['ips']) || empty($this->_summary['ips_ts']) || $this->_summary['ips_ts'] < $check_point) {
self::debug('Force updating ip as ips_ts is older than ' . self::TTL_IPS . ' days');
$this->_update_ips();
}
$res = $this->cls('Router')->ip_access($this->_summary['ips']);
if (!$res) {
self::debug('❌ Not our cloud IP');
// Auto check ip list again but need an interval limit safety.
if (empty($this->_summary['ips_ts_runner']) || time() - $this->_summary['ips_ts_runner'] > 600) {
self::debug('Force updating ip as ips_ts_runner is older than 10mins');
// Refresh IP list for future detection
$this->_update_ips();
$res = $this->cls('Router')->ip_access($this->_summary['ips']);
if (!$res) {
self::debug('❌ 2nd time: Not our cloud IP');
} else {
self::debug('✅ Passed Cloud IP verification');
}
return $res;
}
} else {
self::debug('✅ Passed Cloud IP verification');
}
return $res;
}
/**
* Update Cloud IP list
*
* @since 4.2
*/
private function _update_ips()
{
self::debug('Load remote Cloud IP list from ' . self::CLOUD_IPS);
// Prevent multiple call in a short period
self::save_summary(array('ips_ts' => time(), 'ips_ts_runner' => time()));
$response = wp_safe_remote_get(self::CLOUD_IPS . '?json');
if (is_wp_error($response)) {
$error_message = $response->get_error_message();
self::debug('failed to get ip whitelist: ' . $error_message);
throw new \Exception('Failed to fetch QUIC.cloud whitelist ' . $error_message);
}
$json = \json_decode($response['body'], true);
self::debug('Load ips', $json);
self::save_summary(array('ips' => $json));
}
/**
* Return succeeded response
*
* @since 3.0
*/
public static function ok($data = array())
{
$data['_res'] = 'ok';
return $data;
}
/**
* Return error
*
* @since 3.0
*/
public static function err($code)
{
self::debug("❌ Error response code: $code");
return array('_res' => 'err', '_msg' => $code);
}
/**
* Return pong for ping to check PHP function availability
* @since 6.5
*/
public function ping()
{
$resp = array(
'v_lscwp' => Core::VER,
'v_php' => PHP_VERSION,
'v_wp' => $GLOBALS['wp_version'],
'home_url' => home_url(),
);
if (!empty($_POST['funcs'])) {
foreach ($_POST['funcs'] as $v) {
$resp[$v] = function_exists($v) ? 'y' : 'n';
}
}
if (!empty($_POST['classes'])) {
foreach ($_POST['classes'] as $v) {
$resp[$v] = class_exists($v) ? 'y' : 'n';
}
}
if (!empty($_POST['consts'])) {
foreach ($_POST['consts'] as $v) {
$resp[$v] = defined($v) ? 'y' : 'n';
}
}
return self::ok($resp);
}
/**
* Display a banner for dev env if using preview QC node.
* @since 7.0
*/
public function maybe_preview_banner()
{
if (strpos(self::CLOUD_SERVER, 'preview.')) {
Admin_Display::note(__('Linked to QUIC.cloud preview environment, for testing purpose only.', 'litespeed-cache'), true, true, 'litespeed-warning-bg');
}
}
/**
* Handle all request actions from main cls
*
* @since 3.0
* @access public
*/
public function handler()
{
$type = Router::verify_type();
switch ($type) {
case self::TYPE_CLEAR_CLOUD:
$this->clear_cloud();
break;
case self::TYPE_REDETECT_CLOUD:
if (!empty($_GET['svc'])) {
$this->detect_cloud($_GET['svc'], true);
}
break;
case self::TYPE_CLEAR_PROMO:
$this->_clear_promo();
break;
case self::TYPE_RESET:
$this->reset_qc();
break;
case self::TYPE_ACTIVATE:
$this->init_qc();
break;
case self::TYPE_LINK:
$this->link_qc();
break;
case self::TYPE_ENABLE_CDN:
$this->enable_cdn();
break;
case self::TYPE_API:
if (!empty($_GET['action2'])) {
$this->api_link_call($_GET['action2']);
}
break;
case self::TYPE_SYNC_STATUS:
$this->load_qc_status_for_dash('cdn_dash', true);
$msg = __('Sync QUIC.cloud status successfully.', 'litespeed-cache');
Admin_Display::success($msg);
break;
case self::TYPE_SYNC_USAGE:
$this->sync_usage();
$msg = __('Sync credit allowance with Cloud Server successfully.', 'litespeed-cache');
Admin_Display::success($msg);
break;
default:
break;
}
Admin::redirect();
}
}