PageRenderTime 46ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/wp-content/plugins/broken-link-checker/modules/checkers/http.php

https://bitbucket.org/lgorence/quickpress
PHP | 407 lines | 258 code | 66 blank | 83 comment | 47 complexity | d25910450cb9b7359f8c10812502ca15 MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.1, AGPL-1.0 
    

  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4. Plugin Name: Basic HTTP
    5. 

  5. Description: Check all links that have the HTTP/HTTPS protocol.
    6. 

  6. Version: 1.0
    7. 

  7. Author: Janis Elsts
    8. 

    9. 

  9. ModuleID: http
    10. 

  10. ModuleCategory: checker
    11. 

  11. ModuleContext: on-demand
    12. 

  12. ModuleLazyInit: true
    13. 

  13. ModuleClassName: blcHttpChecker
    14. 

  14. ModulePriority: -1
    15. 

  15. */
    16. 

  16. 

  17. //TODO: Rewrite sub-classes as transports, not stand-alone checkers
    18. 

  18. class blcHttpChecker extends blcChecker {
    19. 

  19. 	/* @var blcChecker */
    20. 

  20. 	var $implementation = null;
    21. 

  21. 	
    22. 

  22. 	function init(){
    23. 

  23. 		parent::init();
    24. 

  24. 		
    25. 

  25. 		if ( function_exists('curl_init') || is_callable('curl_init') ) {
    26. 

  26. 			$this->implementation = new blcCurlHttp(
    27. 

  27. 				$this->module_id, 
    28. 

  28. 				$this->cached_header,
    29. 

  29. 				$this->plugin_conf,
    30. 

  30. 				$this->module_manager
    31. 

  31. 			);
    32. 

  32. 		} else {
    33. 

  33. 			//Try to load Snoopy.
    34. 

  34. 			if ( !class_exists('Snoopy') ){
    35. 

  35. 				$snoopy_file = ABSPATH. WPINC . '/class-snoopy.php';
    36. 

  36. 				if (file_exists($snoopy_file) ){
    37. 

  37. 					include $snoopy_file;
    38. 

  38. 				}
    39. 

  39. 			}
    40. 

  40. 			
    41. 

  41. 			//If Snoopy is available, it will be used in place of CURL.
    42. 

  42. 			if ( class_exists('Snoopy') ){
    43. 

  43. 				$this->implementation = new blcSnoopyHttp(
    44. 

  44. 					$this->module_id, 
    45. 

  45. 					$this->cached_header,
    46. 

  46. 					$this->plugin_conf,
    47. 

  47. 					$this->module_manager
    48. 

  48. 				);
    49. 

  49. 			}
    50. 

  50. 		}
    51. 

  51. 	}
    52. 

  52. 	
    53. 

  53. 	function can_check($url, $parsed){
    54. 

  54. 		if ( isset($this->implementation) ){
    55. 

  55. 			return $this->implementation->can_check($url, $parsed);
    56. 

  56. 		} else {
    57. 

  57. 			return false;
    58. 

  58. 		}
    59. 

  59. 	}
    60. 

  60. 	
    61. 

  61. 	function check($url, $use_get = false){
    62. 

  62. 		return $this->implementation->check($url, $use_get);
    63. 

  63. 	}
    64. 

  64. }
    65. 

  65. 

  66. 

  67. /**
    68. 

  68.  * Base class for checkers that deal with HTTP(S) URLs.
    69. 

  69.  *
    70. 

  70.  * @package Broken Link Checker
    71. 

  71.  * @access public
    72. 

  72.  */
    73. 

  73. class blcHttpCheckerBase extends blcChecker {
    74. 

  74. 	
    75. 

  75. 	function clean_url($url){
    76. 

  76. 		$url = html_entity_decode($url);
    77. 

  77. 	    $url = preg_replace(
    78. 

  78. 	        array(
    79. 

  79. 				'/([\?&]PHPSESSID=\w+)$/i',	//remove session ID
    80. 

  80. 	            '/(#[^\/]*)$/',				//and anchors/fragments
    81. 

  81. 	            '/&amp;/',					//convert improper HTML entities
    82. 

  82. 	            '/([\?&]sid=\w+)$/i'		//remove another flavour of session ID
    83. 

  83. 	        ),
    84. 

  84. 	        array('','','&',''),
    85. 

  85. 	        $url
    86. 

  86. 		);
    87. 

  87. 	    $url = trim($url);
    88. 

  88. 	    
    89. 

  89. 	    return $url;
    90. 

  90. 	}
    91. 

  91. 	
    92. 

  92. 	function is_error_code($http_code){
    93. 

  93. 		/*"Good" response codes are anything in the 2XX range (e.g "200 OK") and redirects  - the 3XX range.
    94. 

  94.           HTTP 401 Unauthorized is a special case that is considered OK as well. Other errors - the 4XX range -
    95. 

  95.           are treated as such. */
    96. 

  96. 		$good_code = ( ($http_code >= 200) && ($http_code < 400) ) || ( $http_code == 401 );
    97. 

  97. 		return !$good_code;
    98. 

  98. 	}
    99. 

  99. 	
    100. 

  100.   /**
    101. 

  101.    * This checker only accepts HTTP(s) links.
    102. 

  102.    *
    103. 

  103.    * @param string $url
    104. 

  104.    * @param array|bool $parsed
    105. 

  105.    * @return bool
    106. 

  106.    */
    107. 

  107. 	function can_check($url, $parsed){
    108. 

  108. 		if ( !isset($parsed['scheme']) ) return false;
    109. 

  109. 		
    110. 

  110. 		return in_array( strtolower($parsed['scheme']), array('http', 'https') );
    111. 

  111. 	}
    112. 

  112. 	
    113. 

  113.   /**
    114. 

  114.    * Takes an URL and replaces spaces and some other non-alphanumeric characters with their urlencoded equivalents.
    115. 

  115.    *
    116. 

  116.    * @param string $url
    117. 

  117.    * @return string
    118. 

  118.    */
    119. 

  119. 	function urlencodefix($url){
    120. 

  120. 		//TODO: Remove/fix this. Probably not a good idea to "fix" invalid URLs like that.  
    121. 

  121. 		return preg_replace_callback(
    122. 

  122. 			'|[^a-z0-9\+\-\/\\#:.,;=?!&%@()$\|*~_]|i', 
    123. 

  123. 			create_function('$str','return rawurlencode($str[0]);'), 
    124. 

  124. 			$url
    125. 

  125. 		 );
    126. 

  126. 	}
    127. 

  127. 	
    128. 

  128. }
    129. 

  129. 

  130. class blcCurlHttp extends blcHttpCheckerBase {
    131. 

  131. 	
    132. 

  132. 	var $last_headers = '';
    133. 

  133. 	
    134. 

  134. 	function check($url, $use_get = false){
    135. 

  135. 		$this->last_headers = '';
    136. 

  136. 		
    137. 

  137. 		$url = $this->clean_url($url);
    138. 

  138. 		
    139. 

  139. 		$result = array(
    140. 

  140. 			'broken' => false,
    141. 

  141. 		);
    142. 

  142. 		$log = '';
    143. 

  143. 		
    144. 

  144. 		//Get the BLC configuration. It's used below to set the right timeout values and such.
    145. 

  145. 		$conf = blc_get_configuration();
    146. 

  146. 		
    147. 

  147. 		//Init curl.
    148. 

  148. 	 	$ch = curl_init();
    149. 

  149.         curl_setopt($ch, CURLOPT_URL, $this->urlencodefix($url));
    150. 

  150.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    151. 

  151.         
    152. 

  152.         //Masquerade as Internet explorer
    153. 

  153.         //$ua = 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)';
    154. 

  154.         $ua = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)';
    155. 

  155.         curl_setopt($ch, CURLOPT_USERAGENT, $ua);
    156. 

  156.         
    157. 

  157.         //Add a semi-plausible referer header to avoid tripping up some bot traps 
    158. 

  158.         curl_setopt($ch, CURLOPT_REFERER, home_url());
    159. 

  159.         
    160. 

  160.         //Redirects don't work when safe mode or open_basedir is enabled.
    161. 

  161.         if ( !blcUtility::is_safe_mode() && !blcUtility::is_open_basedir() ) {
    162. 

  162.             curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    163. 

  163.         }
    164. 

  164.         //Set maximum redirects
    165. 

  165.         curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    166. 

  166.         
    167. 

  167.         //Set the timeout
    168. 

  168.         curl_setopt($ch, CURLOPT_TIMEOUT, $conf->options['timeout']);
    169. 

  169.         curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $conf->options['timeout']);
    170. 

  170.         
    171. 

  171.         //Set the proxy configuration. The user can provide this in wp-config.php 
    172. 

  172.         if (defined('WP_PROXY_HOST')) {
    173. 

  173. 			curl_setopt($ch, CURLOPT_PROXY, WP_PROXY_HOST);
    174. 

  174. 		}
    175. 

  175. 		if (defined('WP_PROXY_PORT')) { 
    176. 

  176. 			curl_setopt($ch, CURLOPT_PROXYPORT, WP_PROXY_PORT);
    177. 

  177. 		}
    178. 

  178. 		if (defined('WP_PROXY_USERNAME')){
    179. 

  179. 			$auth = WP_PROXY_USERNAME;
    180. 

  180. 			if (defined('WP_PROXY_PASSWORD')){
    181. 

  181. 				$auth .= ':' . WP_PROXY_PASSWORD;
    182. 

  182. 			}
    183. 

  183. 			curl_setopt($ch, CURLOPT_PROXYUSERPWD, $auth);
    184. 

  184. 		}
    185. 

  185. 

  186. 		//Make CURL return a valid result even if it gets a 404 or other error.
    187. 

  187.         curl_setopt($ch, CURLOPT_FAILONERROR, false);
    188. 

  188. 

  189. 		
    190. 

  190.         $nobody = !$use_get; //Whether to send a HEAD request (the default) or a GET request
    191. 

  191.         
    192. 

  192.         $parts = @parse_url($url);
    193. 

  193.         if( $parts['scheme'] == 'https' ){
    194. 

  194.         	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); //Required to make HTTPS URLs work.
    195. 

  195.             curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); 
    196. 

  196.             $nobody = false; //Can't use HEAD with HTTPS.
    197. 

  197.         }
    198. 

  198.         
    199. 

  199.         if ( $nobody ){
    200. 

  200.         	//If possible, use HEAD requests for speed.
    201. 

  201. 			curl_setopt($ch, CURLOPT_NOBODY, true);  
    202. 

  202. 		} else {
    203. 

  203. 			//If we must use GET at least limit the amount of downloaded data.
    204. 

  204. 			curl_setopt($ch, CURLOPT_HTTPHEADER, array('Range: bytes=0-2048')); //2 KB
    205. 

  205. 		}
    206. 

  206.         
    207. 

  207.         //Register a callback function which will process the HTTP header(s).
    208. 

  208. 		//It can be called multiple times if the remote server performs a redirect. 
    209. 

  209. 		curl_setopt($ch, CURLOPT_HEADERFUNCTION, array(&$this,'read_header'));
    210. 

  210. 

  211. 		//Execute the request
    212. 

  212. 		$start_time = microtime_float();
    213. 

  213.         curl_exec($ch);
    214. 

  214.         $measured_request_duration = microtime_float() - $start_time;
    215. 

  215.         
    216. 

  216. 		$info = curl_getinfo($ch);
    217. 

  217. 		
    218. 

  218. 		//Store the results
    219. 

  219.         $result['http_code'] = intval( $info['http_code'] );
    220. 

  220.         $result['final_url'] = $info['url'];
    221. 

  221.         $result['request_duration'] = $info['total_time'];
    222. 

  222.         $result['redirect_count'] = $info['redirect_count'];
    223. 

  223.         
    224. 

  224.         //CURL doesn't return a request duration when a timeout happens, so we measure it ourselves.
    225. 

  225.         //It is useful to see how long the plugin waited for the server to respond before assuming it timed out.        
    226. 

  226.         if( empty($result['request_duration']) ){
    227. 

  227.         	$result['request_duration'] = $measured_request_duration;
    228. 

  228.         }
    229. 

  229.         
    230. 

  230.         //Determine if the link counts as "broken"
    231. 

  231.         if ( $result['http_code'] == 0 ){
    232. 

  232.         	$result['broken'] = true;
    233. 

  233.         	
    234. 

  234.         	$error_code = curl_errno($ch);
    235. 

  235.         	$log .= sprintf( "%s [Error #%d]\n", curl_error($ch), $error_code );
    236. 

  236.         	
    237. 

  237.         	//We only handle a couple of CURL error codes; most are highly esoteric.
    238. 

  238.         	//libcurl "CURLE_" constants can't be used here because some of them have 
    239. 

  239.         	//different names or values in PHP.
    240. 

  240.         	switch( $error_code ) {
    241. 

  241.         		case 6: //CURLE_COULDNT_RESOLVE_HOST
    242. 

  242. 		        	$result['status_code'] = BLC_LINK_STATUS_WARNING;
    243. 

  243. 		        	$result['status_text'] = __('Server Not Found', 'broken-link-checker');
    244. 

  244. 		        	break;
    245. 

  245. 		        	
    246. 

  246. 		        case 28: //CURLE_OPERATION_TIMEDOUT
    247. 

  247. 		        	$result['timeout'] = true;
    248. 

  248. 		        	break;
    249. 

  249. 		        	
    250. 

  250. 	        	case 7: //CURLE_COULDNT_CONNECT
    251. 

  251. 	        		//More often than not, this error code indicates that the connection attempt 
    252. 

  252. 					//timed out. This heuristic tries to distinguish between connections that fail 
    253. 

  253. 					//due to timeouts and those that fail due to other causes.
    254. 

  254. 	        		if ( $result['request_duration'] >= 0.9*$conf->options['timeout'] ){
    255. 

  255. 	        			$result['timeout'] = true;
    256. 

  256. 	        		} else {
    257. 

  257. 	        			$result['status_code'] = BLC_LINK_STATUS_WARNING;
    258. 

  258. 	        			$result['status_text'] = __('Connection Failed', 'broken-link-checker');
    259. 

  259. 	        		}
    260. 

  260. 	        		break;
    261. 

  261. 	        		
    262. 

  262.         		default:
    263. 

  263. 	        		$result['status_code'] = BLC_LINK_STATUS_WARNING;
    264. 

  264. 	        		$result['status_text'] = __('Unknown Error', 'broken-link-checker');
    265. 

  265.         	}
    266. 

  266. 	        
    267. 

  267.         } else {
    268. 

  268.         	$result['broken'] = $this->is_error_code($result['http_code']);
    269. 

  269.         }
    270. 

  270.         curl_close($ch);
    271. 

  271.         
    272. 

  272.         if ( $nobody && $result['broken'] ){
    273. 

  273. 			//The site in question might be expecting GET instead of HEAD, so lets retry the request 
    274. 

  274. 			//using the GET verb.
    275. 

  275. 			return $this->check($url, true);
    276. 

  276. 			 
    277. 

  277. 			//Note : normally a server that doesn't allow HEAD requests on a specific resource *should*
    278. 

  278. 			//return "405 Method Not Allowed". Unfortunately, there are sites that return 404 or
    279. 

  279. 			//another, even more general, error code instead. So just checking for 405 wouldn't be enough. 
    280. 

  280. 		}
    281. 

  281.         
    282. 

  282.         //When safe_mode or open_basedir is enabled CURL will be forbidden from following redirects,
    283. 

  283.         //so redirect_count will be 0 for all URLs. As a workaround, set it to 1 when the HTTP
    284. 

  284. 		//response codes indicates a redirect but redirect_count is zero.
    285. 

  285. 		//Note to self : Extracting the Location header might also be helpful.
    286. 

  286. 		if ( ($result['redirect_count'] == 0) && ( in_array( $result['http_code'], array(301, 302, 303, 307) ) ) ){
    287. 

  287. 			$result['redirect_count'] = 1;
    288. 

  288. 		} 
    289. 

  289. 		
    290. 

  290.         //Build the log from HTTP code and headers.
    291. 

  291.         $log .= '=== ';
    292. 

  292.         if ( $result['http_code'] ){
    293. 

  293. 			$log .= sprintf( __('HTTP code : %d', 'broken-link-checker'), $result['http_code']);
    294. 

  294. 		} else {
    295. 

  295. 			$log .= __('(No response)', 'broken-link-checker');
    296. 

  296. 		}
    297. 

  297. 		$log .= " ===\n\n";
    298. 

  298.         $log .= $this->last_headers;
    299. 

  299.         
    300. 

  300.         if ( !empty($result['broken']) && !empty($result['timeout']) ) {
    301. 

  301. 			$log .= "\n(" . __("Most likely the connection timed out or the domain doesn't exist.", 'broken-link-checker') . ')';
    302. 

  302. 		}
    303. 

  303.         
    304. 

  304.         $result['log'] = $log;
    305. 

  305.         
    306. 

  306.         //The hash should contain info about all pieces of data that pertain to determining if the 
    307. 

  307. 		//link is working.  
    308. 

  308.         $result['result_hash'] = implode('|', array(
    309. 

  309. 			$result['http_code'],
    310. 

  310. 			!empty($result['broken'])?'broken':'0',
    311. 

  311. 			!empty($result['timeout'])?'timeout':'0',
    312. 

  312. 			md5($result['final_url']),
    313. 

  313. 		));
    314. 

  314.         
    315. 

  315.         return $result;
    316. 

  316. 	}
    317. 

  317. 	
    318. 

  318. 	function read_header($ch, $header){
    319. 

  319. 		$this->last_headers .= $header;
    320. 

  320. 		return strlen($header);
    321. 

  321. 	}
    322. 

  322. 	
    323. 

  323. }
    324. 

  324. 

  325. class blcSnoopyHttp extends blcHttpCheckerBase {
    326. 

  326. 	
    327. 

  327. 	function check($url){
    328. 

  328. 		$url = $this->clean_url($url); 
    329. 

  329. 		//Note : Snoopy doesn't work too well with HTTPS URLs.
    330. 

  330. 		
    331. 

  331. 		$result = array(
    332. 

  332. 			'broken' => false,
    333. 

  333. 			'timeout' => false,
    334. 

  334. 		);
    335. 

  335. 		$log = '';
    336. 

  336. 		
    337. 

  337. 		//Get the timeout setting from the BLC configuration. 
    338. 

  338. 		$conf = blc_get_configuration();
    339. 

  339. 		$timeout = $conf->options['timeout'];
    340. 

  340. 		
    341. 

  341. 		$start_time = microtime_float();
    342. 

  342. 		
    343. 

  343. 		//Fetch the URL with Snoopy
    344. 

  344.         $snoopy = new Snoopy;
    345. 

  345.         $snoopy->read_timeout = $timeout; //read timeout in seconds
    346. 

  346.         $snoopy->agent = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"; //masquerade as IE 7
    347. 

  347.         $snoopy->referer = home_url(); //valid referer helps circumvent some hotlink protection schemes
    348. 

  348.         $snoopy->maxlength = 1024*5; //load up to 5 kilobytes
    349. 

  349.         $snoopy->fetch( $this->urlencodefix($url) );
    350. 

  350.         
    351. 

  351.         $result['request_duration'] = microtime_float() - $start_time;
    352. 

  352. 

  353.         $result['http_code'] = $snoopy->status; //HTTP status code
    354. 

  354. 		//Snoopy returns -100 on timeout 
    355. 

  355.         if ( $result['http_code'] == -100 ){
    356. 

  356. 			$result['http_code'] = 0;
    357. 

  357. 			$result['timeout'] = true;
    358. 

  358. 		}
    359. 

  359. 		
    360. 

  360. 		//Build the log
    361. 

  361. 		$log .= '=== ';
    362. 

  362.         if ( $result['http_code'] ){
    363. 

  363. 			$log .= sprintf( __('HTTP code : %d', 'broken-link-checker'), $result['http_code']);
    364. 

  364. 		} else {
    365. 

  365. 			$log .= __('(No response)', 'broken-link-checker');
    366. 

  366. 		}
    367. 

  367. 		$log .= " ===\n\n";
    368. 

  368. 

  369.         if ($snoopy->error)
    370. 

  370.             $log .= $snoopy->error."\n";
    371. 

  371.         if ($snoopy->timed_out) {
    372. 

  372.             $log .= __("Request timed out.", 'broken-link-checker') . "\n";
    373. 

  373.             $result['timeout'] = true;
    374. 

  374.         }
    375. 

  375. 

  376. 		if ( is_array($snoopy->headers) )
    377. 

  377.         	$log .= implode("", $snoopy->headers)."\n"; //those headers already contain newlines
    378. 

  378. 

  379. 		//Redirected? 
    380. 

  380.         if ( $snoopy->lastredirectaddr ) {
    381. 

  381.             $result['final_url'] = $snoopy->lastredirectaddr;
    382. 

  382.             $result['redirect_count'] = $snoopy->_redirectdepth;
    383. 

  383.         } else {
    384. 

  384. 			$result['final_url'] = $url;
    385. 

  385. 		}
    386. 

  386. 		
    387. 

  387. 		//Determine if the link counts as "broken"
    388. 

  388. 		$result['broken'] = $this->is_error_code($result['http_code']) || $result['timeout'];
    389. 

  389. 		
    390. 

  390. 		$log .= "<em>(" . __('Using Snoopy', 'broken-link-checker') . ")</em>";
    391. 

  391. 		$result['log'] = $log;
    392. 

  392. 		
    393. 

  393. 		//The hash should contain info about all pieces of data that pertain to determining if the 
    394. 

  394. 		//link is working.  
    395. 

  395.         $result['result_hash'] = implode('|', array(
    396. 

  396. 			$result['http_code'],
    397. 

  397. 			$result['broken']?'broken':'0', 
    398. 

  398. 			$result['timeout']?'timeout':'0',
    399. 

  399. 			md5($result['final_url']),
    400. 

  400. 		));
    401. 

  401. 		
    402. 

  402. 		return $result;
    403. 

  403. 	}
    404. 

  404. 	
    405. 

  405. }
    406. 

  406. 

  407. ?>
    408.