Changeset 42631 for trunk/src/wp-admin/includes/plugin-install.php

Timestamp:

02/01/2018 05:16:15 AM (7 years ago)

Author:

dd32

Message:

Plugins: Use api.wordpress.org/plugins/info/1.2/ for querying plugins & plugin information.

See #43192.
Fixes #29274.

File:

• trunk/src/wp-admin/includes/plugin-install.php (modified) (9 diffs)

trunk/src/wp-admin/includes/plugin-install.php

@@ -100 +100 @@
  */
 function plugins_api( $action, $args = array() ) {
+    // include an unmodified $wp_version
+    include( ABSPATH . WPINC . '/version.php' );
 
     if ( is_array( $args ) ) {
@@ -105 +107 @@
     }
 
-    if ( ! isset( $args->per_page ) ) {
-        $args->per_page = 24;
+    if ( 'query_plugins' == $action ) {
+        if ( ! isset( $args->per_page ) ) {
+            $args->per_page = 24;
+        }
     }
 
     if ( ! isset( $args->locale ) ) {
         $args->locale = get_user_locale();
+    }
+
+    if ( ! isset( $args->wp_version ) ) {
+        $args->wp_version = substr( $wp_version, 0, 3 ); // X.y
     }
 
@@ -142 +150 @@
 
     if ( false === $res ) {
-        // include an unmodified $wp_version
-        include( ABSPATH . WPINC . '/version.php' );
-
-        $url = $http_url = 'http://api.wordpress.org/plugins/info/1.0/';
+
+        $url = 'http://api.wordpress.org/plugins/info/1.2/';
+        $url = add_query_arg(
+            array(
+                'action'  => $action,
+                'request' => $args,
+            ),
+            $url
+        );
+
+        $http_url = $url;
         if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) {
             $url = set_url_scheme( $url, 'https' );
@@ -153 +168 @@
             'timeout'    => 15,
             'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ),
-            'body'       => array(
-                'action'  => $action,
-                'request' => serialize( $args ),
-            ),
         );
-        $request   = wp_remote_post( $url, $http_args );
+        $request   = wp_remote_get( $url, $http_args );
 
         if ( $ssl && is_wp_error( $request ) ) {
@@ -169 +180 @@
                 headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE
             );
-            $request = wp_remote_post( $http_url, $http_args );
+            $request = wp_remote_get( $http_url, $http_args );
         }
 
@@ -183 +194 @@
             );
         } else {
-            $res = maybe_unserialize( wp_remote_retrieve_body( $request ) );
-            if ( ! is_object( $res ) && ! is_array( $res ) ) {
+            $res = json_decode( wp_remote_retrieve_body( $request ), true );
+            if ( is_array( $res ) ) {
+                // Object casting is required in order to match the info/1.0 format.
+                $res = (object) $res;
+            } elseif ( null === $res ) {
                 $res = new WP_Error(
                     'plugins_api_failed',
@@ -194 +208 @@
                     wp_remote_retrieve_body( $request )
                 );
+            }
+
+            if ( isset( $res->error ) ) {
+                $res = new WP_Error( 'plugins_api_failed', $res->error );
             }
         }
@@ -486 +504 @@
         'plugin_information', array(
             'slug'   => wp_unslash( $_REQUEST['plugin'] ),
-            'is_ssl' => is_ssl(),
-            'fields' => array(
-                'banners'         => true,
-                'reviews'         => true,
-                'downloaded'      => false,
-                'active_installs' => true,
-            ),
         )
     );
@@ -708 +719 @@
             <ul class="contributors">
                 <?php
-                foreach ( (array) $api->contributors as $contrib_username => $contrib_profile ) {
-                    if ( empty( $contrib_username ) && empty( $contrib_profile ) ) {
-                        continue;
+                foreach ( (array) $api->contributors as $contrib_username => $contrib_details ) {
+                    $contrib_name = $contrib_details['display_name'];
+                    if ( ! $contrib_name ) {
+                        $contrin_name = $contrib_username;
                     }
-                    if ( empty( $contrib_username ) ) {
-                        $contrib_username = preg_replace( '/^.+\/(.+)\/?$/', '\1', $contrib_profile );
-                    }
-                    $contrib_username = sanitize_user( $contrib_username );
-                    if ( empty( $contrib_profile ) ) {
-                        echo "<li><img src='https://wordpress.org/grav-redirect.php?user={$contrib_username}&amp;s=36' width='18' height='18' alt='' />{$contrib_username}</li>";
-                    } else {
-                        echo "<li><a href='{$contrib_profile}' target='_blank'><img src='https://wordpress.org/grav-redirect.php?user={$contrib_username}&amp;s=36' width='18' height='18' alt='' />{$contrib_username}</a></li>";
-                    }
+                    $contrib_name = esc_html( $contrib_name );
+
+                    $contrib_profile = esc_url( $contrib_details['profile'] );
+                    $contrib_avatar = esc_url( add_query_arg( 's', '36', $contrib_details['avatar'] ) );
+
+                    echo "<li><a href='{$contrib_profile}' target='_blank'><img src='{$contrib_avatar}' width='18' height='18' alt='' />{$contrib_name}</a></li>";
                 }
                 ?>