Server IP : 52.91.253.208 / Your IP : 3.137.172.115 [ Web Server : Apache System : Linux ip-172-26-9-9 4.19.0-25-cloud-amd64 #1 SMP Debian 4.19.289-1 (2023-07-24) x86_64 User : daemon ( 1) PHP Version : 7.3.18 Disable Function : NONE Domains : 3 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins/wp-letsencrypt-ssl/admin/ |
Upload File : |
<?php /** * @package WP Encryption * * @author Go Web Smarty * @copyright Copyright (C) 2019-2020, Go Web Smarty * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public License, version 3 * @link https://gowebsmarty.com * @since Class available since Release 1.0.0 * * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <https://www.gnu.org/licenses/>. * */ /** * Autoloader * * @since 5.1.1 */ require_once plugin_dir_path( __DIR__ ) . 'vendor/autoload.php'; use LEClient\LEFunctions ; require_once WPLE_DIR . 'classes/le-core.php'; require_once WPLE_DIR . 'classes/le-subdir-challenge.php'; require_once WPLE_DIR . 'classes/le-trait.php'; /** * WPLE_Admin class * * Handles all the aspects of plugin page & cert generation form * @since 1.0.0 */ class WPLE_Admin { private $FIREWALL ; public function __construct() { add_action( 'admin_enqueue_scripts', array( $this, 'wple_admin_styles' ) ); add_action( 'admin_menu', array( $this, 'wple_admin_menu_page' ) ); add_action( 'before_wple_admin_form', array( $this, 'wple_debug_log' ), 20, 1 ); add_action( 'admin_init', array( $this, 'wple_save_email_generate_certs' ) ); add_action( 'admin_init', array( $this, 'wple_download_files' ) ); add_action( 'plugins_loaded', array( $this, 'wple_load_plugin_textdomain' ) ); $show_rev = get_option( 'wple_show_review' ); if ( $show_rev != FALSE && $show_rev == 1 ) { add_action( 'admin_notices', array( $this, 'wple_rateus' ) ); } add_action( 'admin_init', array( $this, 'wple_review_handler' ) ); add_action( 'admin_init', array( $this, 'wple_reset_handler' ) ); add_action( 'wple_show_reviewrequest', array( $this, 'wple_set_review_flag' ) ); add_action( 'wp_ajax_wple_dismiss', array( $this, 'wple_dismiss_notice' ) ); add_action( 'wp_ajax_wple_admin_dnsverify', [ $this, 'wple_ajx_verify_dns' ] ); add_action( 'wple_ssl_reminder_notice', [ $this, 'wple_start_show_reminder' ] ); if ( FALSE !== get_option( 'wple_show_reminder' ) ) { add_action( 'admin_notices', [ $this, 'wple_reminder_notice' ] ); } add_action( 'admin_init', 'WPLE_Subdir_Challenge_Helper::download_challenge_files' ); add_action( 'wp_ajax_wple_admin_httpverify', [ $this, 'wple_ajx_verify_http' ] ); add_action( 'admin_init', [ $this, 'wple_continue_certification' ] ); if ( isset( $_GET['successnotice'] ) ) { add_action( 'admin_notices', array( $this, 'wple_success_notice' ) ); } add_action( 'admin_init', array( $this, 'wple_domain_verification' ) ); } /** * Enqueue admin styles * * @since 1.0.0 * @return void */ public function wple_admin_styles() { wp_enqueue_style( WPLE_NAME, WPLE_URL . 'admin/css/le-admin.min.css', FALSE, WPLE_VERSION, 'all' ); wp_enqueue_script( WPLE_NAME . '-popper', WPLE_URL . 'admin/js/popper.min.js', array( 'jquery' ), WPLE_VERSION, true ); wp_enqueue_script( WPLE_NAME . '-tippy', WPLE_URL . 'admin/js/tippy-bundle.iife.min.js', array( 'jquery' ), WPLE_VERSION, true ); wp_enqueue_script( WPLE_NAME, WPLE_URL . 'admin/js/le-admin.js', array( 'jquery' ), WPLE_VERSION, true ); wp_localize_script( WPLE_NAME, 'SCAN', array( 'adminajax' => admin_url( '/admin-ajax.php' ), 'base' => site_url( '/', 'https' ), ) ); } /** * Register plugin page * * @since 1.0.0 * @return void */ public function wple_admin_menu_page() { add_menu_page( WPLE_NAME, WPLE_NAME, 'manage_options', WPLE_SLUG, array( $this, 'wple_menu_page' ), plugin_dir_url( __DIR__ ) . 'admin/assets/icon.png', 100 ); } public function wple_load_plugin_textdomain() { load_plugin_textdomain( 'wp-letsencrypt-ssl', FALSE, basename( dirname( __FILE__ ) ) . '/languages/' ); } /** * Plugin page HTML * * @since 1.0.0 * @return void */ public function wple_menu_page() { $this->wple_subdir_ipaddress(); $eml = ''; $leopts = get_option( 'wple_opts' ); if ( $opts = get_option( 'wple_opts' ) ) { $eml = ( isset( $opts['email'] ) ? $opts['email'] : '' ); } $html = ' <div class="wple-header"> <img src="' . WPLE_URL . 'admin/assets/logo.png" class="wple-logo"/> <span class="wple-version">v' . WPLE_VERSION . '</span> </div>'; if ( FALSE === get_option( 'wple_plan_choosen' ) || isset( $_GET['comparison'] ) ) { $this->wple_initial_quick_pricing( $html ); return; } //5.1.0 $complete = ( FALSE !== get_option( 'wple_complete' ) ? 1 : 0 ); if ( $complete ) { $html .= '<div id="wple-sslgen">'; $this->wple_completed_block( $html ); $html .= '</div>'; if ( !wple_fs()->is__premium_only() || !wple_fs()->can_use_premium_code() ) { $this->wple_upgrade_block( $html ); } echo $html ; return; } $this->wple_success_block( $html ); $this->wple_error_block( $html ); if ( !isset( $_GET['wpleauto'] ) && isset( $_GET['subdir'] ) ) { $this->wple_subdir_challenges( $html, $leopts ); } if ( !wple_fs()->is__premium_only() || !wple_fs()->can_use_premium_code() ) { if ( isset( $_GET['subdir'] ) ) { $this->wple_upgrade_block( $html ); echo $html ; return; } if ( isset( $_GET['success'] ) ) { $this->wple_upgrade_block( $html ); echo $html ; return; } } $mappeddomain = ''; $currentdomain = esc_html( str_ireplace( array( 'http://', 'https://' ), array( '', '' ), site_url() ) ); $maindomain = $currentdomain; $slashpos = stripos( $currentdomain, '/' ); if ( FALSE !== $slashpos ) { //subdir installation $maindomain = substr( $currentdomain, 0, $slashpos ); $mappeddomain = '<label style="display: block; padding: 10px 5px; color: #aaa;font-size:15px;">' . esc_html__( 'PRIMARY DOMAIN', 'wp-letsencrypt-ssl' ) . '</label> <p style="width: 800px; max-width:100%; margin: 5px auto 20px;">' . $this->wple_kses( sprintf( __( '<strong>NOTE:</strong> Since you are willing to install SSL certificate for sub-directory site, SSL certificate will be generated for your primary domain <strong>%s</strong> which will cover your primary domain + ALL sub-directory sites.', 'wp-letsencrypt-ssl' ), $maindomain ) ) . '</p> <input type="text" name="wple_domain" class="wple-domain-input" value="' . esc_attr( $maindomain ) . '" readonly><br />'; } if ( isset( $leopts['type'] ) && $leopts['type'] == 'wildcard' ) { $html .= '<script> jQuery(document).ready(function(){ jQuery(".single-wildcard-switch").trigger("click"); }); </script>'; } $html .= '<div id="wple-sslgen"> <h2>' . esc_html__( 'ENTER YOUR EMAIL BELOW AND GENERATE SSL IN ONE CLICK', 'wp-letsencrypt-ssl' ) . '</h2>'; if ( is_multisite() && !wple_fs()->can_use_premium_code__premium_only() ) { $html .= '<p class="wple-multisite">' . $this->wple_kses( __( 'Upgrade to <strong>PRO</strong> version to avail Wildcard SSL support for multisite and ability to install SSL for mapped domains (different domain names).', 'wp-letsencrypt-ssl' ) ) . '</p>'; } $html .= WPLE_Trait::wple_progress_bar(); //$cname = ''; //if (FALSE === stripos($currentdomain, '/')) { // if (stripos($currentdomain, 'www') === FALSE) { // $cname = '<span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="' . esc_attr__("Add a CNAME with name 'www' pointing to your non-www domain", 'wp-letsencrypt-ssl') . '. ' . esc_attr__("Refer FAQ if you want to generate SSL for both www & non-www domain.", 'wp-letsencrypt-ssl') . '"></span>'; // } else { //$cname = '<span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="' . esc_attr__("Refer FAQ if you want to generate SSL for both www & non-www domain.", 'wp-letsencrypt-ssl') . '"></span>'; //} //} $bothchecked = ''; $leadminform = '<form method="post" class="le-genform single-genform">' . $mappeddomain . ' <input type="email" name="wple_email" class="wple_email" value="' . esc_attr( $eml ) . '" placeholder="' . esc_attr__( 'Enter your email address', 'wp-letsencrypt-ssl' ) . '" ><br />'; if ( FALSE === stripos( 'www', $maindomain ) ) { $altdomain = 'www.' . $maindomain; } else { $altdomain = str_ireplace( 'www.', '', $maindomain ); } $altdomaintest = wp_remote_head( 'http://' . $altdomain ); if ( !is_wp_error( $altdomaintest ) ) { //if (isset($_GET['includewww'])) { $leadminform .= '<span class="lecheck"> <label class="checkbox-label"> <input type="checkbox" name="wple_include_www" class="wple_include_www" value="1" ' . $bothchecked . '> <span class="checkbox-custom rectangular"></span> </label> ' . esc_html__( 'Generate SSL Certificate for both www & non-www version of domain', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="' . esc_attr__( "Before enabling this - please make sure both www & non-www version of your domain works!. Add a CNAME with name 'www' pointing to your non-www domain in your domain DNS zone editor", 'wp-letsencrypt-ssl' ) . '"></span></label> </span><br />'; //} } $leadminform .= '<span class="lecheck"> <label class="checkbox-label"> <input type="checkbox" name="wple_send_usage" value="1" checked> <span class="checkbox-custom rectangular"></span> </label> ' . esc_html__( 'Anonymously send response data to get better support', 'wp-letsencrypt-ssl' ) . '</label> </span><br />'; $leadminform .= '<span class="lecheck"> <label class="checkbox-label"> <input type="checkbox" name="wple_agree_le_tos" class="wple_agree_le" value="1"> <span class="checkbox-custom rectangular"></span> </label> ' . $this->wple_kses( sprintf( __( "I agree to <b>Let's Encrypt</b> %sTerms of service%s", "wp-letsencrypt-ssl" ), '<a href="' . esc_attr__( 'https://letsencrypt.org/repository/', 'wp-letsencrypt-ssl' ) . '" rel="nofollow" target="_blank" style="margin-left:5px">', '</a>' ), 'a' ) . ' </span> <span class="lecheck"> <label class="checkbox-label"> <input type="checkbox" name="wple_agree_gws_tos" class="wple_agree_gws" value="1"> <span class="checkbox-custom rectangular"></span> </label> ' . $this->wple_kses( sprintf( __( "I agree to <b>WP Encryption</b> %sTerms of service%s", "wp-letsencrypt-ssl" ), '<a href="https://gowebsmarty.com/terms-and-conditions/" rel="nofollow" target="_blank" style="margin-left:5px">', '</a>' ), 'a' ) . ' </span> ' . wp_nonce_field( 'legenerate', 'letsencrypt', false, false ) . ' <button type="submit" name="generate-certs" id="singledvssl">' . esc_html__( 'Generate Free SSL Certificate', 'wp-letsencrypt-ssl' ) . '</button> </form> <div id="wple-error-popper"> <div class="wple-flex"> <img src="' . WPLE_URL . 'admin/assets/loader.png" class="wple-loader"/> <div class="wple-error">Error</div> </div> </div>'; $nonwww = str_ireplace( 'www.', '', $currentdomain ); if ( FALSE !== ($ps = stripos( $nonwww, '/' )) ) { $nonwww = substr( $nonwww, 0, $ps ); } $wwwdomain = 'www.' . $nonwww; if ( FALSE != stripos( $currentdomain, 'www.' ) ) { $wwwdomain = $nonwww; $nonwww = 'www.' . $nonwww; } $html .= '<div class="wple-single-dv-ssl"> <div class="wple-info-box"> <h3>' . esc_html__( 'Domains Covered', 'wp-letsencrypt-ssl' ) . '</h3> <strong>' . $nonwww . '</strong> <div class="wple-www"><strong>' . $wwwdomain . '</strong></div> <div class="wple-wc"><strong>*.' . $nonwww . '</strong></div> </div>'; ob_start(); do_action( 'before_wple_admin_form', $html ); $html .= ob_get_contents(); ob_end_clean(); $html .= apply_filters( 'wple_admin_form', $leadminform ); ob_start(); do_action( 'after_wple_admin_form', $html ); $html .= ob_get_contents(); ob_end_clean(); $html .= '</div>'; $prosupport = $this->wple_kses( sprintf( __( 'Help your locale users by translating this page to your language!. %sSign-Up / Login and start translating right away%s.' ), '<a href="https://translate.wordpress.org/projects/wp-plugins/wp-letsencrypt-ssl/" target="_blank">', '</a>' ), 'a' ); $html .= ' <div class="le-powered"> <span>' . $prosupport . ' ' . $this->wple_kses( sprintf( 'SSL Certificate will be generated by %s (An open certificate authority).', "<b>Let's Encrypt</b>" ) ) . '</span> </div>'; $html .= ' </div><!--wple-sslgen-->'; if ( !wple_fs()->is__premium_only() || !wple_fs()->can_use_premium_code() ) { $this->wple_upgrade_block( $html ); } echo $html ; } /** * log process & error in debug.log file * * @since 1.0.0 * @param string $html * @return void */ public function wple_debug_log( $html ) { if ( !file_exists( WPLE_DEBUGGER ) ) { wp_mkdir_p( WPLE_DEBUGGER ); $htacs = '<Files debug.log>' . "\n" . 'Order allow,deny' . "\n" . 'Deny from all' . "\n" . '</Files>'; file_put_contents( WPLE_DEBUGGER . '.htaccess', $htacs ); } //show only upon error since 4.6.0 if ( isset( $_GET['error'] ) ) { $html = '<div class="toggle-debugger"><span class="dashicons dashicons-arrow-down-alt2"></span> ' . esc_html__( 'Show/hide full response', 'wp-letsencrypt-ssl' ) . '</div>'; $file = WPLE_DEBUGGER . 'debug.log'; if ( file_exists( $file ) ) { $log = file_get_contents( $file ); $hideh2 = ''; if ( isset( $_GET['dnsverified'] ) || isset( $_GET['dnsverify'] ) ) { $hideh2 = 'hideheader'; } $html .= '<div class="le-debugger running ' . $hideh2 . '"><h3>' . esc_html__( 'Response Log', 'wp-letsencrypt-ssl' ) . ':</h3>' . wp_kses_post( nl2br( $log ) ) . '</div>'; } else { $html .= '<div class="le-debugger">' . esc_html__( "Full response will be shown here", 'wp-letsencrypt-ssl' ) . '</div>'; } echo $html ; } } /** * Save email & proceed upon clicking install SSL * * @since 1.0.0 * @return void */ public function wple_save_email_generate_certs() { //since 2.4.0 //force https upon success if ( isset( $_POST['wple-https'] ) ) { if ( !wp_verify_nonce( $_POST['sslready'], 'wplehttps' ) ) { exit( 'Unauthorized access' ); } $basedomain = str_ireplace( array( 'http://', 'https://' ), array( '', '' ), addslashes( site_url() ) ); //4.7 if ( FALSE != stripos( $basedomain, '/' ) ) { $basedomain = substr( $basedomain, 0, stripos( $basedomain, '/' ) ); } $streamContext = stream_context_create( [ 'ssl' => [ 'capture_peer_cert' => true, ], ] ); $errorNumber = $errorDescription = ''; $client = @stream_socket_client( "ssl://{$basedomain}:443", $errorNumber, $errorDescription, 30, STREAM_CLIENT_CONNECT, $streamContext ); if ( !$client ) { wp_redirect( admin_url( '/admin.php?page=wp_encryption&success=1&nossl=1', 'http' ) ); exit; } // $SSLCheck = @fsockopen("ssl://" . $basedomain, 443, $errno, $errstr, 30); // if (!$SSLCheck) { // wp_redirect(admin_url('/admin.php?page=wp_encryption&success=1&nossl=1', 'http')); // exit(); // } $reverter = uniqid( 'wple' ); $savedopts = get_option( 'wple_opts' ); $savedopts['force_ssl'] = 1; $savedopts['revertnonce'] = $reverter; $this->wple_send_reverter_secret( $reverter ); update_option( 'wple_opts', $savedopts ); delete_option( 'wple_error' ); //complete update_option( 'wple_complete', 1 ); update_option( 'siteurl', str_ireplace( 'http:', 'https:', get_option( 'siteurl' ) ) ); update_option( 'home', str_ireplace( 'http:', 'https:', get_option( 'home' ) ) ); wp_redirect( admin_url( '/admin.php?page=wp_encryption', 'https' ) ); exit; } //single domain ssl if ( isset( $_POST['generate-certs'] ) ) { if ( !wp_verify_nonce( $_POST['letsencrypt'], 'legenerate' ) ) { die( 'Unauthorized request' ); } if ( empty($_POST['wple_email']) ) { wp_die( esc_html__( 'Please input valid email address', 'wp-letsencrypt-ssl' ) ); } $leopts = array( 'email' => sanitize_email( $_POST['wple_email'] ), 'date' => date( 'd-m-Y' ), 'expiry' => '', 'type' => 'single', 'send_usage' => ( isset( $_POST['wple_send_usage'] ) ? 1 : 0 ), 'include_www' => ( isset( $_POST['wple_include_www'] ) ? 1 : 0 ), 'agree_gws_tos' => ( isset( $_POST['wple_agree_gws_tos'] ) ? 1 : 0 ), 'agree_le_tos' => ( isset( $_POST['wple_agree_le_tos'] ) ? 1 : 0 ), ); if ( isset( $_POST['wple_domain'] ) && !is_multisite() ) { $leopts['subdir'] = 1; $leopts['domain'] = sanitize_text_field( $_POST['wple_domain'] ); } update_option( 'wple_opts', $leopts ); new WPLE_Core( $leopts ); } } /** * Download cert files based on clicked link * * certs for multisite mapped domains cannot be downloaded yet * @since 1.0.0 * @return void */ public function wple_download_files() { if ( isset( $_GET['le'] ) && current_user_can( 'manage_options' ) ) { switch ( $_GET['le'] ) { case '1': $file = uniqid() . '-cert.crt'; file_put_contents( $file, file_get_contents( ABSPATH . 'keys/certificate.crt' ) ); break; case '2': $file = uniqid() . '-key.pem'; file_put_contents( $file, file_get_contents( ABSPATH . 'keys/private.pem' ) ); break; case '3': $file = uniqid() . '-cabundle.crt'; file_put_contents( $file, file_get_contents( WPLE_DIR . 'cabundle/ca.crt' ) ); break; } header( 'Content-Description: File Transfer' ); header( 'Content-Type: text/plain' ); header( 'Content-Length: ' . filesize( $file ) ); header( 'Content-Disposition: attachment; filename=' . basename( $file ) ); readfile( $file ); exit; } } /** * Rate us admin notice * * @since 2.0.0 * @return void */ public function wple_rateus() { $cert = ABSPATH . 'keys/certificate.crt'; if ( file_exists( $cert ) ) { if ( isset( $_GET['page'] ) && $_GET['page'] == 'wp_encryption' ) { return; } $already_did = wp_nonce_url( admin_url( 'admin.php?page=wp_encryption' ), 'wple_reviewed', 'wplerated' ); $remind_later = wp_nonce_url( admin_url( 'admin.php?page=wp_encryption' ), 'wple_review_later', 'wplelater' ); $html = '<div class="notice notice-info wple-admin-review"> <div class="wple-review-box"> <img src="' . WPLE_URL . 'admin/assets/symbol.png"/> <span><strong>' . esc_html__( 'Congratulations!', 'wp-letsencrypt-ssl' ) . '</strong><p>' . $this->wple_kses( __( 'SSL certificate generated successfully!. <b>WP Encryption</b> just saved you several $$$ by generating free SSL certificate in record time!. Could you please do us a BIG favor & rate us with 5 star review to support further development of this plugin.', 'wp-letsencrypt-ssl' ) ) . '</p></span> </div> <a class="wple-lets-review wplerevbtn" href="https://wordpress.org/support/plugin/wp-letsencrypt-ssl/reviews/#new-post" rel="nofollow" target="_blank">' . esc_html__( 'Rate plugin', 'wp-letsencrypt-ssl' ) . '</a> <a class="wple-did-review wplerevbtn" href="' . $already_did . '" rel="nofollow">' . esc_html__( 'I already did', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-smiley"></span></a> <a class="wple-later-review wplerevbtn" href="' . $remind_later . '" rel="nofollow">' . esc_html__( 'Remind me later', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-clock"></span></a> </div>'; echo $html ; } } /** * Check if wp install is IP or subdir based * * @since 2.4.0 * @return void */ public function wple_subdir_ipaddress() { $siteURL = str_ireplace( array( 'http://', 'https://', 'www.' ), array( '', '', '' ), site_url() ); $flg = 0; if ( filter_var( $siteURL, FILTER_VALIDATE_IP ) ) { $flg = 1; } if ( FALSE !== stripos( $siteURL, 'localhost' ) ) { $flg = 1; } if ( FALSE != stripos( $siteURL, '/' ) && is_multisite() ) { $html = '<div class="wrap" id="le-wrap"> <div class="le-inner"> <div class="wple-header"> <img src="' . WPLE_URL . 'admin/assets/logo.png" class="wple-logo"/> <span class="wple-version">v' . esc_html( WPLE_VERSION ) . '</span> </div> <div class="wple-warning-notice"> <h2>' . esc_html__( 'You do not need to install SSL for each sub-directory site in multisite, Please install SSL for your primary domain and it will cover ALL sub directory sites too.', 'wp-letsencrypt-ssl' ) . '</h2> </div> </div> </div>'; echo $html ; wp_die(); } if ( $flg ) { $html = '<div class="wrap" id="le-wrap"> <div class="le-inner"> <div class="wple-header"> <img src="' . WPLE_URL . 'admin/assets/logo.png" class="wple-logo"/> <span class="wple-version">v' . esc_html( WPLE_VERSION ) . '</span> </div> <div class="wple-warning-notice"> <h2>' . esc_html__( 'SSL Certificates cannot be issued for localhost and IP address based WordPress site. Please use this on your real domain based WordPress site.', 'wp-letsencrypt-ssl' ) . ' ' . esc_html__( 'This restriction is not implemented by WP Encryption but its how SSL certificates work.', 'wp-letsencrypt-ssl' ) . '</h2> </div> </div> </div>'; echo $html ; wp_die(); } } /** * Upgrade to PRO * * @param string $html * @since 2.5.0 * @return void */ public function wple_upgrade_block( &$html ) { $upgradeurl = admin_url( '/admin.php?page=wp_encryption-pricing' ); $nopricing = get_option( 'wple_no_pricing' ); $automatic = esc_html__( 'Automatic', 'wp-letsencrypt-ssl' ); $manual = esc_html__( 'Manual', 'wp-letsencrypt-ssl' ); $domain = str_ireplace( array( 'https://', 'http://', 'www.' ), '', site_url() ); $dverify = $automatic; if ( stripos( $domain, '/' ) != FALSE ) { //subdir site $dverify = $manual; } $html .= ' <div id="wple-upgradepro">'; if ( FALSE !== ($cp = get_option( 'wple_have_cpanel' )) && $cp ) { $html .= '<strong style="display: block; text-align: center; color: #666;">Tired of manual SSL renewal every 90 days? WP Encryption Pro is 100% guaranteed to work on your cPanel hosted site! 7 Days Refund Policy - 100% Money Back Guarantee</strong>'; } $compareurl = 'https://wpencryption.com?utm_source=wordpress&utm_medium=comparison&utm_campaign=wpencryption'; if ( FALSE != $nopricing ) { $compareurl = admin_url( '/admin.php?page=wp_encryption&comparison=1' ); $upgradeurl = 'https://checkout.freemius.com/mode/dialog/plugin/6804/plan/11103/licenses/1/'; $html .= '<div class="wple-error-firewall fire-pro wple-procdn"> <div> <img src="' . WPLE_URL . 'admin/assets/firewall-shield-pro.png"/> </div> <div class="wple-upgrade-features"> <span><b>Premium SSL</b><br>Private EdgeSSL<sup>TM</sup> SSL Certificate provided by Sectigo. Automatic renewal - No configuration required.</span> <span><b>Firewall</b><br>Protection against known vulnerabilities, Bad Bots, Brute Force, DDOS, Spam & much more attack vectors.</span> <span><b>CDN Performance</b><br>Your site is served from 42 full scale edge locations for faster content delivery and faster performance.</span> </div> </div>'; } else { $html .= '<div class="wple-plans"> <span class="free">* ' . esc_html__( 'FREE', 'wp-letsencrypt-ssl' ) . '</span> <span class="pro">* ' . esc_html__( 'PRO', 'wp-letsencrypt-ssl' ) . '</span> </div> <div class="wple-plan-compare"> <div class="wple-compare-item"> <img src="' . WPLE_URL . 'admin/assets/verified.png"/> <h4>' . esc_html__( 'HTTP Verification', 'wp-letsencrypt-ssl' ) . '</h4> <span class="wple-free">' . $manual . '</span> <span class="wple-pro">' . $automatic . '</span> </div> <div class="wple-compare-item"> <img src="' . WPLE_URL . 'admin/assets/DNS.png"/> <h4>' . esc_html__( 'DNS Verification', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="' . esc_attr__( 'In case of HTTP verification fail / not possible', 'wp-letsencrypt-ssl' ) . '"></span></h4> <span class="wple-free">' . $manual . '</span> <span class="wple-pro">' . $automatic . '</span> </div> <div class="wple-compare-item"> <img src="' . WPLE_URL . 'admin/assets/Certificate.png"/> <h4>' . esc_html__( 'Certificate Issuance', 'wp-letsencrypt-ssl' ) . '</h4> <span class="wple-free">' . $automatic . '</span> <span class="wple-pro">' . $automatic . '</span> </div> <div class="wple-compare-item"> <img src="' . WPLE_URL . 'admin/assets/Install.png"/> <h4>' . esc_html__( 'Certificate Installation', 'wp-letsencrypt-ssl' ) . ' <!--<span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="' . esc_attr__( 'PRO - We offer one time free manual support for non-cPanel based sites', 'wp-letsencrypt-ssl' ) . '"></span>--></h4> <span class="wple-free">' . $manual . '</span> <span class="wple-pro">' . $automatic . '</span> </div> <div class="wple-compare-item"> <img src="' . WPLE_URL . 'admin/assets/renewal.png"/> <h4>' . esc_html__( 'Auto Renewal', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="' . esc_attr__( 'Expires in 90 days', 'wp-letsencrypt-ssl' ) . '"></span></h4> <span class="wple-free">' . $manual . '</span> <span class="wple-pro">' . $automatic . '</span> </div> <div class="wple-compare-item"> <img src="' . WPLE_URL . 'admin/assets/wildcard.png"/> <h4>' . esc_html__( 'Wildcard SSL', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="' . esc_attr__( 'PRO - Your domain DNS must be managed by cPanel or Godaddy for full automation', 'wp-letsencrypt-ssl' ) . '"></span></h4> <span class="wple-free">' . esc_html__( 'Not Available', 'wp-letsencrypt-ssl' ) . '</span> <span class="wple-pro">' . esc_html__( 'Available', 'wp-letsencrypt-ssl' ) . '</span> </div> <div class="wple-compare-item"> <img src="' . WPLE_URL . 'admin/assets/multisite.png"/> <h4>' . esc_html__( 'Multisite Support', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="' . esc_attr__( 'PRO - Support for Multisite + Mapped domains', 'wp-letsencrypt-ssl' ) . '"></span></h4> <span class="wple-free">' . esc_html__( 'Not Available', 'wp-letsencrypt-ssl' ) . '</span> <span class="wple-pro">' . esc_html__( 'Available', 'wp-letsencrypt-ssl' ) . '</span> </div> </div>'; } $html .= '<div class="wple-upgrade-pro"> <a href="' . $compareurl . '" target="_blank" class="wplecompare">' . esc_html__( 'COMPARE FREE & PRO VERSION', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-external"></span></a>'; // if (isset($_GET['success']) && FALSE == $nopricing) { // $html .= '<a href="' . $upgradeurl . '">' . esc_html__('UPGRADE TO PRO', 'wp-letsencrypt-ssl') . '<span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Requires cPanel or root SSH access"></span></a> // <a href="https://wpencryption.com/#firewall" target="_blank">' . esc_html__('UPGRADE TO FIREWALL', 'wp-letsencrypt-ssl') . '<span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Why buy an SSL alone when you can get Premium SSL + CDN + Firewall Security for even lower cost."></span></a>'; // } else { $html .= '<a href="' . $upgradeurl . '">' . esc_html__( 'UPGRADE TO PRO', 'wp-letsencrypt-ssl' ) . '</a>'; // } $html .= '</div> </div><!--wple-upgradepro--> '; } /** * Success Message block * * @param string $html * @since 2.5.0 * @return void */ public function wple_success_block( &$html ) { //since 2.4.0 if ( isset( $_GET['success'] ) ) { $this->wple_wellknown_htaccess(); update_option( 'wple_error', 5 ); //all success $html .= ' <div id="wple-sslgenerator"> <div class="wple-success-form">'; if ( !isset( $_GET['resume'] ) && !isset( $_GET['nossl'] ) ) { $this->wple_send_success_mail(); } $html .= '<h2><span class="dashicons dashicons-yes"></span> ' . $this->wple_kses( __( '<b>Congrats! SSL Certificate have been successfully generated.</b>', 'wp-letsencrypt-ssl' ) ) . '</h2> <h3 style="width: 87%; margin: 0px auto; color: #7b8279; font-weight:400;">' . $this->wple_kses( __( 'We just completed major task of generating SSL certificate! Now we have ONE final step to complete.', 'wp-letsencrypt-ssl' ) ) . '</h3>'; $html .= WPLE_Trait::wple_progress_bar(); $nopricing = get_option( 'wple_no_pricing' ); $colclass = ( FALSE != $nopricing ? 'wple-three-cols' : '' ); $html .= ' <div class="wple-success-flex"> <div class="wple-success-flex-video"> <iframe width="560" height="315" src="https://www.youtube.com/embed/aKvvVlAlZ14" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe> </div> <div class="wple-success-flex-final"> <ul class="download-ssl-certs"> <li> <span>1. ' . esc_html__( 'Download SSL certificates from below', 'wp-letsencrypt-ssl' ) . '</span> <ul> <li class="le-dwnld"><a href="?page=wp_encryption&le=1">' . esc_html__( 'Download cert file', 'wp-letsencrypt-ssl' ) . '</a></li> <li class="le-dwnld"><a href="?page=wp_encryption&le=2">' . esc_html__( 'Download key file', 'wp-letsencrypt-ssl' ) . '</a></li> <li class="le-dwnld"><a href="?page=wp_encryption&le=3">' . esc_html__( 'Download ca bundle', 'wp-letsencrypt-ssl' ) . '</a></li> </ul> </li> <li>2. ' . sprintf( __( 'Open %sSSL/TLS%s option on your cPanel', 'wp-letsencrypt-ssl' ), '<strong>', '</strong>' ) . '</li> <li>3. ' . esc_html__( 'Copy/Paste cert files into appropriate fields', 'wp-letsencrypt-ssl' ) . '</li> <li>4. ' . sprintf( __( 'Click on %sInstall certificate%s', 'wp-letsencrypt-ssl' ), '<strong>', '</strong>' ) . '</li> <li>5. ' . sprintf( __( 'Please wait few minutes and click on %sEnable HTTPS Now%s button', 'wp-letsencrypt-ssl' ), '<strong>', '</strong>' ) . '</li> </ul> </div> </div> <div class="wple-success-cols ' . $colclass . '"> <div> <h3>' . esc_html__( "Don't have cPanel?", 'wp-letsencrypt-ssl' ) . '</h3> <p>' . sprintf( __( 'Download the certs and send it to your hosting support to install it for you. If you have root SSH access, you can refer our %sDOCS%s for server specific instructions.', 'wp-letsencrypt-ssl' ), '<a href="https://wpencryption.com/docs/?cp=' . esc_attr( get_option( 'wple_have_cpanel' ) ) . '&utm_campaign=wpencryption&utm_source=wordpress&utm_medium=installdocs" target="_blank">', '</a>' ) . '</p> </div> <div> <h3>' . esc_html__( "Test SSL Installation", 'wp-letsencrypt-ssl' ) . '</h3> <p>' . esc_html__( "After installing SSL certs on your cPanel, open your site in https:// and click on padlock to see if valid certificate exists. You can also test your site's SSL on SSLLabs.com", "wp-letsencrypt-ssl" ) . '</p> </div> <div> <h3>' . esc_html__( "By Clicking Enable HTTPS", 'wp-letsencrypt-ssl' ) . '</h3> <p>' . esc_html__( 'Your site & admin url will be changed to https:// and all assets, js, css, images will strictly load over https:// to avoid mixed content errors.', 'wp-letsencrypt-ssl' ) . '</p> </div>'; if ( FALSE == $nopricing ) { $html .= '<div> <h3>' . esc_html__( "Looking for instant SSL solution?", 'wp-letsencrypt-ssl' ) . '</h3> <p>' . sprintf( __( 'Why pay for an SSL certificate alone when you can get %sPremium Sectigo SSL%s + %sCDN Performance%s + %sSecurity Firewall%s for even lower cost with our %sCDN%s Service.', 'wp-letsencrypt-ssl' ), '<strong>', '</strong>', '<strong>', '</strong>', '<strong>', '</strong>', '<a href="https://wpencryption.com/cdn-firewall/?utm_campaign=wpencryption&utm_source=wordpress&utm_medium=gocdn" target="_blank">', '</a>' ) . '!.</p> </div>'; } $html .= '</div> <ul> <!--<li>' . $this->wple_kses( __( '<b>Note:</b> Use below "Enable HTTPS" button ONLY after SSL certificate is successfully installed on your cPanel', 'wp-letsencrypt-ssl' ) ) . '</li>--> </ul>'; if ( isset( $_GET['nossl'] ) ) { $html .= '<h3 style="color:#ff4343;margin-bottom:10px;">' . esc_html__( 'We could not detect valid SSL certificate on your site!. Please wait as it may take few minutes if you installed SSL certificate on your cPanel / Server just now.', 'wp-letsencrypt-ssl' ) . '</h3> <p>' . esc_html__( 'Switching to HTTPS without properly installing the SSL certificate might break your site.', 'wp-letsencrypt-ssl' ) . '</p>'; } $html .= '<form method="post"> ' . wp_nonce_field( 'wplehttps', 'sslready', false, false ) . ' <button type="submit" name="wple-https">' . esc_html__( 'ENABLE HTTPS NOW', 'wp-letsencrypt-ssl' ) . '</button> </form> </div> </div><!--wple-sslgenerator-->'; } } /** * Show pending challenges * * @return void */ public function wple_domain_verification() { //since 5.1.0 if ( isset( $_GET['restart'] ) ) { delete_option( 'wple_error' ); delete_option( 'wple_complete' ); wp_redirect( admin_url( '/admin.php?page=wp_encryption' ), 302 ); exit; } $estage = get_option( 'wple_error' ); if ( FALSE !== $estage && $estage == 2 && !isset( $_GET['subdir'] ) && !isset( $_GET['error'] ) && !isset( $_GET['includewww'] ) && !isset( $_GET['wpleauto'] ) && isset( $_GET['page'] ) && $_GET['page'] == 'wp_encryption' && !isset( $_GET['success'] ) && !isset( $_GET['wplereset'] ) ) { wp_redirect( admin_url( '/admin.php?page=wp_encryption&subdir=1' ), 302 ); exit; } if ( FALSE !== $estage && $estage == 5 && !isset( $_GET['subdir'] ) && !isset( $_GET['error'] ) && !isset( $_GET['includewww'] ) && !isset( $_GET['wpleauto'] ) && isset( $_GET['page'] ) && $_GET['page'] == 'wp_encryption' && !isset( $_GET['resume'] ) && !isset( $_GET['nossl'] ) && !isset( $_GET['wplereset'] ) ) { wp_redirect( admin_url( '/admin.php?page=wp_encryption&success=1&resume=1' ), 302 ); exit; } } /** * Error Message block * * @param string $html * @since 2.5.0 * @return void */ public function wple_error_block( &$html ) { if ( !isset( $_GET['subdir'] ) && !isset( $_GET['success'] ) ) { if ( isset( $_GET['error'] ) || FALSE != ($error_code = get_option( 'wple_error' )) ) { $error_code = get_option( 'wple_error' ); $generic = esc_html__( 'There was some issue while generating SSL for your site. Please check debug log or try Reset option once.', 'wp-letsencrypt-ssl' ); $generic .= '<p style="font-size:16px;color:#888">' . sprintf( esc_html__( 'Feel free to open support ticket at %s for any help.', 'wp-letsencrypt-ssl' ), 'https://wordpress.org/support/plugin/wp-letsencrypt-ssl/#new-topic-0' ) . '</p>'; $firerec = sprintf( esc_html__( "We highly recommend switching to our %sFIREWALL%s service for %sPremium SSL%s + %sCDN%s + %sFirewall Security%s.", 'wp-letsencrypt-ssl' ), '<a href="https://wpencryption.com/cdn-firewall/?utm_campaign=wpencryption&utm_source=wordpress&utm_medium=gocdn" target="_blank">', '</a>', '<strong>', '</strong>', '<strong>', '</strong>', '<strong>', '</strong>' ); $thirdparty = esc_html__( "Your hosting server don't seem to support third party SSL.", "wp-letsencrypt-ssl" ); if ( FALSE !== $error_code && ($error_code == 1 || $error_code == 400) ) { $generic .= '<p class="firepro">' . $thirdparty . ' ' . sprintf( esc_html__( "We highly recommend switching to our %sFIREWALL%s service for %sPremium SSL%s + %sCDN%s + %sFirewall Security%s.", 'wp-letsencrypt-ssl' ), '<a href="https://wpencryption.com/cdn-firewall/?utm_campaign=wpencryption&utm_source=wordpress&utm_medium=gocdn" target="_blank">', '</a>', '<strong>', '</strong>', '<strong>', '</strong>', '<strong>', '</strong>' ) . '</p>'; } else { if ( file_exists( ABSPATH . 'keys/certificate.crt' ) ) { $generic .= '<br><br>' . $this->wple_kses( __( 'You already seem to have certificate generated and stored. Please try downloading certs from <strong>Download SSL Certificates</strong> page and open in a text editor like notepad to check if certificate is not empty.', 'wp-letsencrypt-ssl' ) ); } } if ( FALSE !== $error_code && $error_code == 429 ) { $generic = sprintf( esc_html__( 'Too many registration attempts from your IP address (%s). Please try after 2-3 hours.', 'wp-letsencrypt-ssl' ), 'https://letsencrypt.org/docs/rate-limits/' ); $generic .= '<p class="firepro">' . $firerec . '</p>'; $generic .= '<p style="font-size:17px;color:#888">' . sprintf( esc_html__( 'Feel free to open support ticket at %s for any help.', 'wp-letsencrypt-ssl' ), 'https://wordpress.org/support/plugin/wp-letsencrypt-ssl/#new-topic-0' ) . '</p>'; } if ( $error_code != 5 ) { $html .= ' <div id="wple-sslgenerator" class="error"> <div class="wple-error-message"> ' . $generic . ' </div> </div><!--wple-sslgenerator-->'; } } } } /** * Send email to user on success * * @since 3.0.0 */ private function wple_send_success_mail() { $opts = get_option( 'wple_opts' ); $to = sanitize_email( $opts['email'] ); $subject = esc_html__( 'Congratulations! Your SSL certificates have been generated using WP Encryption Plugin', 'wp-letsencrypt-ssl' ); $headers = array( 'Content-Type: text/html; charset=UTF-8' ); $body = '<h2>' . esc_html__( 'You are just ONE step behind enabling HTTPS for your WordPress site', 'wp-letsencrypt-ssl' ) . '</h2>'; $body .= '<p>' . esc_html__( 'Download the generated SSL certificates from below given links and install it on your cPanel following the video tutorial', 'wp-letsencrypt-ssl' ) . ' (https://youtu.be/KQ2HYtplPEk). ' . esc_html__( 'These certificates expires on', 'wp-letsencrypt-ssl' ) . ' <b>' . esc_html( $opts['expiry'] ) . '</b></p> <br/> <a href="' . admin_url( '/admin.php?page=wp_encryption&le=1', 'http' ) . '" style="background: #0073aa; text-decoration: none; color: #fff; padding: 12px 20px; display: inline-block; margin: 10px 10px 10px 0; font-weight: bold;">' . esc_html__( 'Download Cert File', 'wp-letsencrypt-ssl' ) . '</a> <a href="' . admin_url( '/admin.php?page=wp_encryption&le=2', 'http' ) . '" style="background: #0073aa; text-decoration: none; color: #fff; padding: 12px 20px; display: inline-block; margin: 10px; font-weight: bold;">' . esc_html__( 'Download Key File', 'wp-letsencrypt-ssl' ) . '</a> <a href="' . admin_url( '/admin.php?page=wp_encryption&le=3', 'http' ) . '" style="background: #0073aa; text-decoration: none; color: #fff; padding: 12px 20px; display: inline-block; margin: 10px; font-weight: bold;">' . esc_html__( 'Download CA File', 'wp-letsencrypt-ssl' ) . '</a> <br/>'; if ( FALSE == get_option( 'wple_no_pricing' ) ) { $body .= '<img src="' . site_url( '/wp-content/plugins/wp-letsencrypt-ssl/admin/assets/free-vs-pro.png', 'http' ) . '"/><br /><br />'; $body .= '<b>' . esc_html__( 'WP Encryption PRO can automate this entire process in one click including SSL installation on cPanel hosting and auto renewal of certificates every 90 days', 'wp-letsencrypt-ssl' ) . '!. <br><a href="' . admin_url( '/admin.php?page=wp_encryption-pricing', 'http' ) . '" style="background: #0073aa; text-decoration: none; color: #fff; padding: 12px 20px; display: inline-block; margin: 10px 0; font-weight: bold;">' . esc_html__( 'UPGRADE TO PREMIUM', 'wp-letsencrypt-ssl' ) . '</a></b><br /><br />'; $body .= "<h3>" . esc_html__( "Don't have cPanel hosting?", 'wp-letsencrypt-ssl' ) . "</h3>"; $body .= '<p>' . $this->wple_kses( __( 'We offer one time free manual support for Premium users for installing the generated SSL certificates via <b>SSH</b>. With free version, You can download and send these SSL certificates to your hosting support asking them to install these SSL certificates.', 'wp-letsencrypt-ssl' ) ) . '</p><br /><br />'; } wp_mail( $to, $subject, $body, $headers ); } /** * Ability to revert back to HTTP * * @since 3.3.0 * @param string $revertcode * @return void */ private function wple_send_reverter_secret( $revertcode ) { $to = get_bloginfo( 'admin_email' ); $sub = esc_html__( 'You have successfully forced HTTPS on your site', 'wp-letsencrypt-ssl' ); $header = array( 'Content-Type: text/html; charset=UTF-8' ); $rcode = sanitize_text_field( $revertcode ); $body = $this->wple_kses( __( "HTTPS have been strictly forced on your site now!. In rare cases, this may cause issue / make the site un-accessible <b>IF</b> you dont have valid SSL certificate installed for your WordPress site. Kindly save the below <b>Secret code</b> to revert back to HTTP in such a case.", 'wp-letsencrypt-ssl' ) ) . "\r\n <br><br>\r\n <strong>{$rcode}</strong><br><br>" . $this->wple_kses( __( "Opening the revert url will <b>IMMEDIATELY</b> turn back your site to HTTP protocol & revert back all the force SSL changes made by WP Encryption in one go!. Please follow instructions given at https://wordpress.org/support/topic/locked-out-unable-to-access-site-after-forcing-https-2/", 'wp-letsencrypt-ssl' ) ) . "<br>\r\n <br>\r\n " . esc_html__( "Revert url format", 'wp-letsencrypt-ssl' ) . ": http://yourdomainname.com/?reverthttps=SECRETCODE<br>\r\n " . esc_html__( "Example:", 'wp-letsencrypt-ssl' ) . " http://gowebsmarty.in/?reverthttps=wple43643sg5qaw<br>\r\n <br>\r\n " . esc_html__( "We have spent several hours to craft this plugin to perfectness. Please take a moment to rate us with 5 stars", 'wp-letsencrypt-ssl' ) . " - https://wordpress.org/support/plugin/wp-letsencrypt-ssl/reviews/#new-post\r\n <br />"; wp_mail( $to, $sub, $body, $header ); } /** * Escape html but retain bold * * @since 3.3.3 * @param string $translated * @param string $additional Additional allowed html tags * @return void */ private function wple_kses( $translated, $additional = '' ) { $allowed = array( 'strong' => array(), 'b' => array(), ); if ( $additional == 'a' ) { $allowed['a'] = array( 'href' => array(), 'rel' => array(), 'target' => array(), 'title' => array(), ); } return wp_kses( $translated, $allowed ); } /** * Handles review box actions * * @since 4.4.0 * @return void */ public function wple_review_handler() { if ( isset( $_GET['wplerated'] ) ) { if ( !wp_verify_nonce( $_GET['wplerated'], 'wple_reviewed' ) ) { wp_die( 'Unauthorized request' ); } delete_option( 'wple_show_review' ); wp_redirect( admin_url( '/admin.php?page=wp_encryption' ), 302 ); } else { if ( isset( $_GET['wplelater'] ) ) { if ( !wp_verify_nonce( $_GET['wplelater'], 'wple_review_later' ) ) { wp_die( 'Unauthorized request' ); } delete_option( 'wple_show_review' ); wp_schedule_single_event( strtotime( '+3 day', time() ), 'wple_show_reviewrequest' ); wp_redirect( admin_url( '/admin.php?page=wp_encryption' ), 302 ); } } //since 5.0.0 $this->wple_intro_pricing_handler(); } /** * Sets review flag to show review request * * @since 4.4.0 */ public function wple_set_review_flag() { update_option( 'wple_show_review', 1 ); } /** * Handle the reset keys action * * @since 4.5.0 * @return void */ public function wple_reset_handler() { if ( isset( $_GET['wplereset'] ) ) { if ( !current_user_can( 'manage_options' ) ) { exit( 'No Trespassing Allowed' ); } if ( !wp_verify_nonce( $_GET['wplereset'], 'restartwple' ) ) { exit( 'No Trespassing Allowed' ); } $keys = ABSPATH . 'keys/'; $files = array( $keys . 'public.pem', $keys . 'private.pem', $keys . 'order', $keys . 'fullchain.crt', $keys . 'certificate.crt', $keys . '__account/private.pem', $keys . '__account/public.pem' ); foreach ( $files as $file ) { if ( file_exists( $file ) ) { unlink( $file ); } } delete_option( 'wple_error' ); delete_option( 'wple_complete' ); add_action( 'admin_notices', array( $this, 'wple_reset_success' ) ); } //since 4.6.0 if ( isset( $_GET['wplesslrenew'] ) ) { if ( !wp_verify_nonce( $_GET['wplesslrenew'], 'wple_renewed' ) ) { exit( 'Unauthorized' ); } delete_option( 'wple_show_reminder' ); wp_redirect( admin_url( '/admin.php?page=wp_encryption' ), 302 ); } } /** * Reset success notice * * @since 4.5.0 */ public function wple_reset_success() { echo '<div class="notice notice-success is-dismissable"> <p>' . esc_html( 'Reset successful!. You can start with the SSL install process again.', 'wp-letsencrypt-ssl' ) . '</p> </div>' ; } /** * Local check DNS records via Ajax * * @since 4.6.0 * @return void */ public function wple_ajx_verify_dns() { if ( isset( $_POST['nc'] ) ) { if ( !wp_verify_nonce( $_POST['nc'], 'verifydnsrecords' ) ) { exit( 'Unauthorized' ); } $toVerify = get_option( 'wple_opts' ); if ( array_key_exists( 'dns_challenges', $toVerify ) && !empty($toVerify['dns_challenges']) ) { $toVerify = $dnspendings = $toVerify['dns_challenges']; //array foreach ( $toVerify as $index => $item ) { $domain_code = explode( '||', $item ); $acme = '_acme-challenge.' . esc_html( $domain_code[0] ); $requestURL = 'https://dns.google.com/resolve?name=' . addslashes( $acme ) . '&type=TXT'; $handle = curl_init(); curl_setopt( $handle, CURLOPT_URL, $requestURL ); curl_setopt( $handle, CURLOPT_RETURNTRANSFER, true ); curl_setopt( $handle, CURLOPT_FOLLOWLOCATION, true ); $response = json_decode( trim( curl_exec( $handle ) ) ); if ( $response->Status === 0 && isset( $response->Answer ) ) { //if ($answer->type == 16) { $fh = fopen( WPLE_DEBUGGER . 'debug.log', 'a' ); fwrite( $fh, "\n" . wp_kses_post( $requestURL . ' should return ' . $domain_code[1] ) . "\n" ); fclose( $fh ); foreach ( $response->Answer as $answer ) { $livecode = str_ireplace( '"', '', $answer->data ); if ( $livecode == $domain_code[1] ) { unset( $dnspendings[$index] ); } } } else { echo 'fail' ; } } } else { if ( empty($toVerify['dns_challenges']) ) { echo 1 ; exit; } echo 'fail' ; exit; } if ( empty($dnspendings) ) { echo 1 ; } else { echo "fail" ; } exit; } echo 'fail' ; exit; } /** * Show expiry reminder in admin notice * * @see 4.6.0 * @return void */ public function wple_start_show_reminder() { update_option( 'wple_show_reminder', 1 ); } public function wple_reminder_notice() { $already_did = wp_nonce_url( admin_url( 'admin.php?page=wp_encryption' ), 'wple_renewed', 'wplesslrenew' ); $html = '<div class="notice notice-info wple-admin-review"> <div class="wple-review-box wple-reminder-notice"> <img src="' . WPLE_URL . 'admin/assets/symbol.png"/> <span><strong>WP ENCRYPTION: ' . esc_html__( 'Your SSL certificate expires in less than 10 days', 'wp-letsencrypt-ssl' ) . '</strong><p>' . $this->wple_kses( __( 'Renew your SSL certificate today to avoid your site from showing as insecure. Please support our contribution by upgrading to <strong>Pro</strong> and avail automatic renewal with automatic installation.', 'wp-letsencrypt-ssl' ) ) . '</p></span> </div> <a class="wple-lets-review wplerevbtn" href="' . admin_url( '/admin.php?page=wp_encryption-pricing' ) . '">' . esc_html__( 'Upgrade to Pro', 'wp-letsencrypt-ssl' ) . '</a> <a class="wple-did-review wplerevbtn" href="' . $already_did . '">' . esc_html__( 'I already renewed', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-smiley"></span></a> </div>'; echo $html ; } /** * Manual HTTP challenges for subdir sites * * @since 4.7.0 * @param string $html * @param array $opts * @return string */ public function wple_subdir_challenges( &$html, $opts ) { if ( isset( $_GET['subdir'] ) ) { $html .= ' <div id="wple-sslgenerator"> <div class="wple-success-form"> ' . WPLE_Subdir_Challenge_Helper::show_challenges( $opts ) . ' </div> </div><!--wple-sslgenerator-->'; } } /** * Local check HTTP records via Ajax for subdir sites * * @since 4.7.0 * @return void */ public function wple_ajx_verify_http() { if ( isset( $_POST['nc'] ) ) { if ( !wp_verify_nonce( $_POST['nc'], 'verifyhttprecords' ) ) { exit( 'Unauthorized' ); } $domain = str_ireplace( array( 'https://', 'http://' ), '', site_url() ); if ( stripos( $domain, '/' ) != FALSE ) { //subdir site $domain = substr( $domain, 0, stripos( $domain, '/' ) ); } $opts = get_option( 'wple_opts' ); $httpch = $opts['challenge_files']; if ( empty($httpch) ) { echo 1 ; exit; } foreach ( $httpch as $index => $ch ) { $check = LEFunctions::checkHTTPChallenge( $domain, $ch['file'], $ch['value'] ); if ( !$check ) { echo 'fail' ; exit; } } echo 1 ; exit; } } /** * Continue process on wpleauto param * * @return void */ public function wple_continue_certification() { if ( isset( $_GET['wpleauto'] ) ) { $leopts = get_option( 'wple_opts' ); if ( $_GET['wpleauto'] == 'http' ) { new WPLE_Core( $leopts ); } else { //DNS new WPLE_Core( $leopts, true, false, true ); } } } /** * Simple success notice for admin * * @since 4.7.2 * @return void */ public function wple_success_notice() { $html = '<div class="notice notice-success"> <p>' . esc_html__( 'Success', 'wp-letsencrypt-ssl' ) . '!</p> </div>'; echo $html ; } /** * Show Pricing table once on activation * * @since 5.0.0 * @param string $html * @return $html */ public function wple_initial_quick_pricing( &$html ) { $host = site_url(); if ( FALSE != ($slashpos = stripos( $host, '/', 9 )) ) { $host = substr( $host, 0, $slashpos ); } $cp = $host . ':2083'; if ( FALSE === stripos( $host, 'https' ) ) { $cp = $host . ':2082'; } $response = wp_remote_get( $cp, [ 'headers' => [ 'Connection' => 'close', ], 'sslverify' => false, ] ); $cpanel = true; if ( is_wp_error( $response ) ) { $cpanel = false; } $html .= '<div id="wple-sslgen">'; if ( $cpanel ) { update_option( 'wple_have_cpanel', 1 ); $html .= $this->wple_cpanel_pricing_table( 'cPanel' ); } else { update_option( 'wple_have_cpanel', 0 ); if ( isset( $_SERVER['GD_PHP_HANDLER'] ) ) { if ( $_SERVER['SERVER_SOFTWARE'] == 'Apache' && isset( $_SERVER['GD_PHP_HANDLER'] ) && $_SERVER['DOCUMENT_ROOT'] == '/var/www' ) { $html .= $this->wple_firewall_pricing_table(); } } else { $html .= $this->wple_cpanel_pricing_table( '' ); } } $html .= '</div>'; echo $html ; } /** * Pricing table html * * @since 5.0.0 * @return $table */ public function wple_cpanel_pricing_table( $cpanel = '' ) { ob_start(); ?> <h2 class="pricing-intro-head"><?php esc_html_e( 'SAVE $80+ EVERY YEAR IN SSL CERTIFICATE FEE', 'wp-letsencrypt-ssl' ); ?></h2> <h4 class="pricing-intro-subhead">Purchase once and use for lifetime - Trusted Globally by <b>50,000+</b> WordPress Users (Looking for <a href="<?php echo admin_url( '/admin.php?page=wp_encryption&gopro=3' ) ; ?>">Annual</a> | <a href="<?php echo admin_url( '/admin.php?page=wp_encryption&gopro=2' ) ; ?>">Unlimited Sites License?</a>)</h4> <div id="quick-pricing-table"> <div class="free-pricing-col wplepricingcol"> <div class="quick-pricing-head free"> <h3>FREE</h3> <large>$0</large> </div> <ul> <li><strong>Manual</strong> domain verification</li> <li><strong>Manual</strong> SSL installation</li> <li><strong>Manual</strong> SSL renewal</li> <li><strong>Mixed</strong> Content Scanner <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Scan your site to detect which insecure assets are causing browser padlock to not show"></span></li> <li><strong>Expires</strong> in 90 days <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="You will manually need to re-generate SSL certificate every 90 days using WP Encryption"></span></li> <li><strong>Basic</strong> support</li> </ul> <div class="pricing-btn-block"> <a href="<?php echo admin_url( '/admin.php?page=wp_encryption&gofree=1' ) ; ?>" class="pricingbtn free">Select Plan</a> </div> </div> <div class="pro-pricing-col wplepricingcol"> <div class="quick-pricing-head pro"> <span class="wple-trending">Popular</span> <h3>PRO</h3> <div class="quick-price-row"> <large>$39<sup>.99</sup></large> <small>/lifetime</small> </div> </div> <ul> <li><strong>Automatic</strong> domain verification</li> <li><strong>Automatic</strong> SSL installation</li> <li><strong>Automatic</strong> SSL renewal</li> <li><strong>Wildcard</strong> SSL support <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="One SSL certificate to cover all your sub-domains"></span></li> <li><strong>Multisite</strong> mapped domains <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Install SSL for different domains mapped to your multisite network with MU domain mapping plugin"></span></li> <li><strong>DNS</strong> Automation <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Automatic Domain verification with DNS if HTTP domain verification fails"></span></li> <li><strong>Never</strong> expires <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Never worry about SSL again - Your SSL certificate will be automatically renewed in background"></span></li> <li><strong>Priority</strong> support <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="gowebsmarty.in"></span></li> </ul> <div class="pricing-btn-block"> <a href="<?php echo admin_url( '/admin.php?page=wp_encryption&gopro=1' ) ; ?>" class="pricingbtn free">Select Plan</a> </div> </div> </div> <br /> <?php if ( $cpanel != '' ) { ?> <div class="quick-refund-policy"> <strong>7 Days Refund Policy - 100% Money back guarantee!</strong> <p>We are showing this recommendation because you have cPanel hosting where our PRO plugin is 100% guaranteed to work. Your purchase will be completely refunded if our plugin failed to work on your site.</p> </div> <?php } ?> <?php $table = ob_get_clean(); return $table; } public function wple_firewall_pricing_table() { ob_start(); ?> <h2 class="pricing-intro-head">SAVE MORE THAN 50% IN SSL CERTIFICATE FEE EVERY YEAR</h2> <h4 class="pricing-intro-subhead">Enjoy hassle free <strong>CDN + PREMIUM SSL</strong> for lowest price ever! <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Buying an SSL certificate ALONE would cost you atleast $80+ PER YEAR!"></span>.</h4> <div id="quick-pricing-table" class="non-cpanel-plans"> <div class="free-pricing-col wplepricingcol"> <div class="quick-pricing-head free"> <h3>FREE</h3> <large>$0</large> </div> <ul> <li><strong>Manual</strong> domain verification</li> <li><strong>Manual</strong> SSL installation</li> <li><strong>Manual</strong> SSL renewal</li> <li><strong>Expires</strong> in 90 days <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="You will manually need to re-generate SSL certificate every 90 days using WP Encryption"></span></li> <li><strong>Basic</strong> support</li> </ul> <div class="pricing-btn-block"> <a href="<?php echo admin_url( '/admin.php?page=wp_encryption&gofree=1' ) ; ?>" class="pricingbtn free">Select Plan</a> </div> </div> <div class="pro-pricing-col wplepricingcol firewallplan"> <div class="quick-pricing-head pro"> <span class="wple-trending" style="top:10px">Billed<br>Annually</span> <h3>CDN</h3> <div class="quick-price-row"> <large>$3<sup>.33</sup></large> <small>/month</small> </div> </div> <ul> <li><strong>Premium</strong> SSL Certificate <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="SECTIGO Private SSL"></span></li> <li><strong>Automatic</strong> SSL Renewal</li> <li><strong>Content</strong> Deliver Network <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Your site is cached and served from 45 full-scale edge locations worldwide for fastest delivery and low TTFB thus improving Google pagespeed score"></span></li> <li><strong>Security</strong> Firewall <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="All your site traffic routed through secure StackPath firewall offering protection against DDOS attacks, XSS, SQL injection, File inclusion, Common WordPress exploits, CSRF, etc.,"></span></li> <li><strong>Instant</strong> <a href="https://wpencryption.com/cdn-firewall/?utm_campaign=wpencryption&utm_source=wordpress&utm_medium=gocdn" target="_blank">Setup</a> <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="Get! Set! Go! right from your WordPress dashboard using our easy to setup wizard"></span></li> <li><strong>Priority</strong> Support</li> </ul> <div class="pricing-btn-block"> <a href="<?php echo admin_url( '/admin.php?page=wp_encryption&gofirewall=1' ) ; ?>" class="pricingbtn free">Select Plan</a> </div> </div> </div> <div class="inro-pricing-refund"> 7 days money back guarantee <span class="dashicons dashicons-editor-help wple-tooltip" data-tippy="If you are not satisfied with the service within 7 days of purchase, We will refund your purchase no questions asked"></span> </div> <?php $table = ob_get_clean(); return $table; } /** * Intro pricing table handler * * @since 5.0.0 * @return void */ public function wple_intro_pricing_handler() { $goplan = ''; if ( isset( $_GET['gofree'] ) ) { update_option( 'wple_plan_choosen', 1 ); wp_redirect( admin_url( '/admin.php?page=wp_encryption' ), 302 ); exit; } else { if ( isset( $_GET['gopro'] ) ) { update_option( 'wple_plan_choosen', 1 ); if ( $_GET['gopro'] == 2 ) { //unlimited wp_redirect( admin_url( '/admin.php?page=wp_encryption-pricing&checkout=true&plan_id=8210&plan_name=pro&billing_cycle=lifetime&pricing_id=10873¤cy=usd' ), 302 ); } else { if ( $_GET['gopro'] == 3 ) { //annual wp_redirect( admin_url( '/admin.php?page=wp_encryption-pricing' ), 302 ); } else { //single lifetime wp_redirect( admin_url( '/admin.php?page=wp_encryption-pricing&checkout=true&plan_id=8210&plan_name=pro&billing_cycle=lifetime&pricing_id=7965¤cy=usd' ), 302 ); } } exit; } else { if ( isset( $_GET['gofirewall'] ) ) { update_option( 'wple_plan_choosen', 1 ); wp_redirect( 'https://checkout.freemius.com/mode/dialog/plugin/6804/plan/11103/licenses/1/', 302 ); exit; } } } } /** * After all stages completion * * @param string $html * @return void */ public function wple_completed_block( &$html ) { $html .= WPLE_Trait::wple_progress_bar(); $cert = ABSPATH . 'keys/certificate.crt'; $leopts = get_option( 'wple_opts' ); $future = strtotime( $leopts['expiry'] ); //Future date. $timefromdb = time(); $timeleft = $future - $timefromdb; $daysleft = round( $timeleft / 24 / 60 / 60 ); $renewtext = esc_html__( 'Renew SSL Certificate', 'wp-letsencrypt-ssl' ); $renewlink = '<a href="#" class="letsrenew wple-tooltip disabled" data-tippy="' . esc_html__( 'This renew button will get enabled during last 30 days of current SSL certificate expiry', 'wp-letsencrypt-ssl' ) . ' ' . esc_html__( 'You can also click on STEP 1 in above progress bar to renew/re-generate SSL Certificate again.', 'wp-letsencrypt-ssl' ) . '">' . $renewtext . '</a>'; if ( $daysleft <= 30 ) { $renewlink = '<a href="' . admin_url( '/admin.php?page=wp_encryption&restart=1' ) . '" class="letsrenew">' . $renewtext . '</a>'; } $headline = esc_html__( 'Woohoo! WP Encryption just saved you $$$ in SSL Certificate Fee.', 'wp-letsencrypt-ssl' ); $html .= '<div id="wple-completed"> <div class="wple-completed-review"> <h2>' . $headline . '</h2> <p>' . sprintf( __( 'Can you please do us a BIG favor by leaving a %s%s%s%s%s rating on WordPress.org', 'wp-letsencrypt-ssl' ), '<span class="dashicons dashicons-star-filled"></span>', '<span class="dashicons dashicons-star-filled"></span>', '<span class="dashicons dashicons-star-filled"></span>', '<span class="dashicons dashicons-star-filled"></span>', '<span class="dashicons dashicons-star-filled"></span>' ) . '</p> <a href="https://wordpress.org/support/plugin/wp-letsencrypt-ssl/reviews/#new-post" target="_blank" class="letsrate">' . esc_html__( 'LEAVE A RATING', 'wp-letsencrypt-ssl' ) . ' <span class="dashicons dashicons-external"></span></a> ' . $renewlink . ' <small>' . esc_html__( 'Just takes a moment', 'wp-letsencrypt-ssl' ) . '</small> </div>'; if ( file_exists( $cert ) && isset( $leopts['expiry'] ) ) { $html .= '<div class="wple-completed-remaining"> <div class="progress--circle progress--' . esc_attr( $daysleft ) . '"> <div class="progress__number"><strong>' . esc_html( $daysleft ) . '</strong><br><small>' . esc_html__( 'Days', 'wp-letsencrypt-ssl' ) . '</small></div> </div> <div class="wple-circle-expires"> <strong>' . esc_html__( 'Your current SSL certificate expires on', 'wp-letsencrypt-ssl' ) . ': <b>' . esc_html( $leopts['expiry'] ) . '</b></strong> <p>' . esc_html__( "Let's Encrypt SSL Certificate expires in 90 days by default. You can easily regenerate new SSL certificate using RENEW SSL CERTIFICATE option found on left.", "wp-letsencrypt-ssl" ) . ' ' . esc_html__( 'Major browsers like Chrome will start showing insecure site warning IF you fail to renew / re-generate certs before this expiry date. If you are using PRO version - SSL certificates will be auto renewed in background 30 days prior to expiry date.', 'wp-letsencrypt-ssl' ) . '</p> </div> </div>'; } $html .= '</div>'; } /** * Make verificiation possible with broken cert * * @return void */ public function wple_wellknown_htaccess() { $dir = ABSPATH . '.well-known/acme-challenge/.htaccess'; if ( !file_exists( $dir ) ) { $file = fopen( $dir, "w" ); } else { $file = true; } if ( is_writable( $dir ) && $file !== false ) { $ruleset = "<IfModule mod_rewrite.c>" . "\n"; $ruleset .= "RewriteEngine on" . "\n"; $ruleset .= "RewriteCond %{HTTPS} =on [NC]" . "\n"; $ruleset .= "RewriteRule ^(.*)\$ http://%{HTTP_HOST}%{REQUEST_FILENAME} [R=301,L]" . "\n"; $ruleset .= "</IfModule>" . "\n"; insert_with_markers( $dir, 'WP_Encryption', $ruleset ); } } }