nikolareljin/authorizer.php

## authorizer.php
@@ -3,7 +3,7 @@
 Plugin Name: Authorizer
 Plugin URI: https://github.com/uhm-coe/authorizer
 Description: Authorizer limits login attempts, restricts access to specified users, and authenticates against external sources (e.g., Google, LDAP, or CAS).
-Version: 2.6.4
+Version: 2.6.5
 Author: Paul Ryan
 Author URI: http://www.linkedin.com/in/paulrryan/
 Text Domain: authorizer
@@ -232,9 +232,11 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {

 				// Run plugin activation on each site in the network.
 				$current_blog_id = $wpdb->blogid;
-				$sites = function_exists( 'get_sites' ) ? get_sites() : wp_get_sites( array( 'limit' => PHP_INT_MAX ) );
+//				$sites = function_exists( 'get_sites' ) ? get_sites() : wp_get_sites( array( 'limit' => PHP_INT_MAX ) );
+				$sites = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->blogs"));
 				foreach ( $sites as $site ) {
-					$blog_id = function_exists( 'get_sites' ) ? $site->blog_id : $site['blog_id'];
+//					$blog_id = function_exists( 'get_sites' ) ? $site->blog_id : $site['blog_id'];
+					$blog_id = $site->blog_id;
 					switch_to_blog( $blog_id );
 					// Set default plugin options and add current users to approved list.
 					$this->set_default_options();
@@ -1082,7 +1084,7 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
 			$time_180_days_ago = time() - $time_180_days;
 			if (
 				extension_loaded( 'openssl' ) &&
-				( ! file_exists( $cacert_path ) || filemtime( $cacert_path ) < $time_90_days_ago )
+				( ! file_exists( $cacert_path ) || filemtime( $cacert_path ) < $time_180_days_ago )
 			) {
 				// Get new cacert.pem file from https://curl.haxx.se/ca/cacert.pem.
 				$response = wp_safe_remote_get( $cacert_url );
@@ -2059,7 +2061,9 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
 			if ( $auth_settings['cas'] === '1' ) :
 				// Check if provided CAS URL is accessible.
 				$protocol = in_array( $auth_settings['cas_port'], array( '80', '8080' ) ) ? 'http' : 'https';
-				if ( ! $this->url_is_accessible( $protocol . '://' . $auth_settings['cas_host'] . ':' . $auth_settings['cas_port'] . $auth_settings['cas_path'] ) ) :
+				$cas_url = $protocol . '://' . $auth_settings['cas_host'] . ':' . $auth_settings['cas_port'] . $auth_settings['cas_path'];
+				$cas_url = trailingslashit( $cas_url ) . 'login'; // Check the specific CAS login endpoint
+				if ( ! $this->url_is_accessible( $cas_url ) ) :
 					$authorizer_options_url = $auth_settings['advanced_admin_menu'] === 'settings' ? admin_url( 'options-general.php?page=authorizer' ) : admin_url( '?page=authorizer' );
 					?><div class='notice notice-warning is-dismissible'>
 						<p><?php _e( "Can't reach CAS server. Please provide", 'authorizer' ); ?> <a href='<?php echo $authorizer_options_url; ?>&tab=external'><?php _e( 'accurate CAS settings', 'authorizer' ); ?></a> <?php _e( 'if you intend to use it.', 'authorizer' ); ?></p>
@@ -3569,11 +3573,8 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
 			$option = 'google';
 			$auth_settings_option = $this->get_plugin_option( $option, $this->get_admin_mode( $args ), 'allow override', 'print overlay' );

-			// Make sure php5-curl extension is installed on server.
-			$curl_installed_message = ! function_exists( 'curl_init' ) ? '<span style="color: red;">(' . __( 'Warning: <a href="http://www.php.net//manual/en/curl.installation.php" target="_blank" style="color: red;">PHP CURL extension</a> is <strong>not</strong> installed', 'authorizer' ) . ')</span>' : '';
-
 			// Print option elements.
-			?><input type="checkbox" id="auth_settings_<?php echo $option; ?>" name="auth_settings[<?php echo $option; ?>]" value="1"<?php checked( 1 == $auth_settings_option ); ?> /><label for="auth_settings_<?php echo $option; ?>"><?php _e( 'Enable Google Logins', 'authorizer' ); ?></label> <?php echo $curl_installed_message; ?><?php
+			?><input type="checkbox" id="auth_settings_<?php echo $option; ?>" name="auth_settings[<?php echo $option; ?>]" value="1"<?php checked( 1 == $auth_settings_option ); ?> /><label for="auth_settings_<?php echo $option; ?>"><?php _e( 'Enable Google Logins', 'authorizer' ); ?></label><?php
 		}


@@ -3630,21 +3631,13 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
 			$option = 'cas';
 			$auth_settings_option = $this->get_plugin_option( $option, $this->get_admin_mode( $args ), 'allow override', 'print overlay' );

-			// Make sure php5-curl extension is installed on server.
-			$curl_installed_message = ! function_exists( 'curl_init' ) ? __( '<a href="http://www.php.net//manual/en/curl.installation.php" target="_blank" style="color: red;">PHP CURL extension</a> is not installed', 'authorizer' ) : '';
-
 			// Make sure php_openssl extension is installed on server.
 			$openssl_installed_message = ! extension_loaded( 'openssl' ) ? __( '<a href="http://stackoverflow.com/questions/23424459/enable-php-openssl-not-working" target="_blank" style="color: red;">PHP openssl extension</a> is not installed', 'authorizer' ) : '';

 			// Build error message string.
 			$error_message = '';
-			if ( strlen( $curl_installed_message ) > 0 || strlen( $openssl_installed_message ) > 0 ) {
-				$error_message = '<span style="color: red;">(' .
-					__( 'Warning', 'authorizer' ) . ': ' .
-					$curl_installed_message .
-					( strlen( $curl_installed_message ) > 0 && strlen( $openssl_installed_message ) > 0 ? '; ' : '' ) .
-					$openssl_installed_message .
-					')</span>';
+			if ( strlen( $openssl_installed_message ) > 0 ) {
+				$error_message = '<span style="color: red;">(' . __( 'Warning', 'authorizer' ) . ': ' . $openssl_installed_message . ')</span>';
 			}

 			// Print option elements.
@@ -5535,26 +5528,12 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
 		 * @return boolean     Whether the URL is publicly reachable
 		 */
 		function url_is_accessible( $url ) {
-			// Make sure php5-curl extension is installed on server.
-			if ( ! function_exists( 'curl_init' ) ) {
-				// Note: This will silently fail, saying url is not accessible.
-				// Warn user elsewhere that they should install curl.
-				return false;
-			}
-
-			// Use curl to retrieve the URL.
-			$handle = curl_init( $url );
-			$cacert_path = plugin_dir_path( __FILE__ ) . 'vendor/cacert.pem';
-			curl_setopt( $handle, CURLOPT_CAINFO, $cacert_path );
-			curl_setopt( $handle, CURLOPT_RETURNTRANSFER, TRUE );
-			curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, FALSE );
-			curl_setopt( $handle, CURLOPT_CONNECTTIMEOUT, 5 );
-			$response = curl_exec( $handle );
-			$http_code = curl_getinfo( $handle, CURLINFO_HTTP_CODE );
-			curl_close( $handle );
+			// Use wp_remote_retrieve_response_code() to retrieve the URL.
+			$response = wp_remote_get( $url );
+			$response_code = wp_remote_retrieve_response_code( $response );

 			// Return true if the document has loaded successfully without any redirection or error
-			return $http_code >= 200 && $http_code < 400;
+			return $response_code >= 200 && $response_code < 300;
 		}
	@@ -3,7 +3,7 @@
	Plugin Name: Authorizer
	Plugin URI: https://github.com/uhm-coe/authorizer
	Description: Authorizer limits login attempts, restricts access to specified users, and authenticates against external sources (e.g., Google, LDAP, or CAS).
	-Version: 2.6.4
	+Version: 2.6.5
	Author: Paul Ryan
	Author URI: http://www.linkedin.com/in/paulrryan/
	Text Domain: authorizer
	@@ -232,9 +232,11 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {

	// Run plugin activation on each site in the network.
	$current_blog_id = $wpdb->blogid;
	- $sites = function_exists( 'get_sites' ) ? get_sites() : wp_get_sites( array( 'limit' => PHP_INT_MAX ) );
	+// $sites = function_exists( 'get_sites' ) ? get_sites() : wp_get_sites( array( 'limit' => PHP_INT_MAX ) );
	+ $sites = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->blogs"));
	foreach ( $sites as $site ) {
	- $blog_id = function_exists( 'get_sites' ) ? $site->blog_id : $site['blog_id'];
	+// $blog_id = function_exists( 'get_sites' ) ? $site->blog_id : $site['blog_id'];
	+ $blog_id = $site->blog_id;
	switch_to_blog( $blog_id );
	// Set default plugin options and add current users to approved list.
	$this->set_default_options();
	@@ -1082,7 +1084,7 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
	$time_180_days_ago = time() - $time_180_days;
	if (
	extension_loaded( 'openssl' ) &&
	- ( ! file_exists( $cacert_path ) \|\| filemtime( $cacert_path ) < $time_90_days_ago )
	+ ( ! file_exists( $cacert_path ) \|\| filemtime( $cacert_path ) < $time_180_days_ago )
	) {
	// Get new cacert.pem file from https://curl.haxx.se/ca/cacert.pem.
	$response = wp_safe_remote_get( $cacert_url );
	@@ -2059,7 +2061,9 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
	if ( $auth_settings['cas'] === '1' ) :
	// Check if provided CAS URL is accessible.
	$protocol = in_array( $auth_settings['cas_port'], array( '80', '8080' ) ) ? 'http' : 'https';
	- if ( ! $this->url_is_accessible( $protocol . '://' . $auth_settings['cas_host'] . ':' . $auth_settings['cas_port'] . $auth_settings['cas_path'] ) ) :
	+ $cas_url = $protocol . '://' . $auth_settings['cas_host'] . ':' . $auth_settings['cas_port'] . $auth_settings['cas_path'];
	+ $cas_url = trailingslashit( $cas_url ) . 'login'; // Check the specific CAS login endpoint
	+ if ( ! $this->url_is_accessible( $cas_url ) ) :
	$authorizer_options_url = $auth_settings['advanced_admin_menu'] === 'settings' ? admin_url( 'options-general.php?page=authorizer' ) : admin_url( '?page=authorizer' );
	?><div class='notice notice-warning is-dismissible'>
	<p><?php _e( "Can't reach CAS server. Please provide", 'authorizer' ); ?> <a href='<?php echo $authorizer_options_url; ?>&tab=external'><?php _e( 'accurate CAS settings', 'authorizer' ); ?></a> <?php _e( 'if you intend to use it.', 'authorizer' ); ?></p>
	@@ -3569,11 +3573,8 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
	$option = 'google';
	$auth_settings_option = $this->get_plugin_option( $option, $this->get_admin_mode( $args ), 'allow override', 'print overlay' );

	- // Make sure php5-curl extension is installed on server.
	- $curl_installed_message = ! function_exists( 'curl_init' ) ? '<span style="color: red;">(' . __( 'Warning: <a href="http://www.php.net//manual/en/curl.installation.php" target="_blank" style="color: red;">PHP CURL extension</a> is <strong>not</strong> installed', 'authorizer' ) . ')</span>' : '';
	-
	// Print option elements.
	- ?><input type="checkbox" id="auth_settings_<?php echo $option; ?>" name="auth_settings[<?php echo $option; ?>]" value="1"<?php checked( 1 == $auth_settings_option ); ?> /><label for="auth_settings_<?php echo $option; ?>"><?php _e( 'Enable Google Logins', 'authorizer' ); ?></label> <?php echo $curl_installed_message; ?><?php
	+ ?><input type="checkbox" id="auth_settings_<?php echo $option; ?>" name="auth_settings[<?php echo $option; ?>]" value="1"<?php checked( 1 == $auth_settings_option ); ?> /><label for="auth_settings_<?php echo $option; ?>"><?php _e( 'Enable Google Logins', 'authorizer' ); ?></label><?php
	}


	@@ -3630,21 +3631,13 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
	$option = 'cas';
	$auth_settings_option = $this->get_plugin_option( $option, $this->get_admin_mode( $args ), 'allow override', 'print overlay' );

	- // Make sure php5-curl extension is installed on server.
	- $curl_installed_message = ! function_exists( 'curl_init' ) ? __( '<a href="http://www.php.net//manual/en/curl.installation.php" target="_blank" style="color: red;">PHP CURL extension</a> is not installed', 'authorizer' ) : '';
	-
	// Make sure php_openssl extension is installed on server.
	$openssl_installed_message = ! extension_loaded( 'openssl' ) ? __( '<a href="http://stackoverflow.com/questions/23424459/enable-php-openssl-not-working" target="_blank" style="color: red;">PHP openssl extension</a> is not installed', 'authorizer' ) : '';

	// Build error message string.
	$error_message = '';
	- if ( strlen( $curl_installed_message ) > 0 \|\| strlen( $openssl_installed_message ) > 0 ) {
	- $error_message = '<span style="color: red;">(' .
	- __( 'Warning', 'authorizer' ) . ': ' .
	- $curl_installed_message .
	- ( strlen( $curl_installed_message ) > 0 && strlen( $openssl_installed_message ) > 0 ? '; ' : '' ) .
	- $openssl_installed_message .
	- ')</span>';
	+ if ( strlen( $openssl_installed_message ) > 0 ) {
	+ $error_message = '<span style="color: red;">(' . __( 'Warning', 'authorizer' ) . ': ' . $openssl_installed_message . ')</span>';
	}

	// Print option elements.
	@@ -5535,26 +5528,12 @@ if ( ! class_exists( 'WP_Plugin_Authorizer' ) ) {
	* @return boolean Whether the URL is publicly reachable
	*/
	function url_is_accessible( $url ) {
	- // Make sure php5-curl extension is installed on server.
	- if ( ! function_exists( 'curl_init' ) ) {
	- // Note: This will silently fail, saying url is not accessible.
	- // Warn user elsewhere that they should install curl.
	- return false;
	- }
	-
	- // Use curl to retrieve the URL.
	- $handle = curl_init( $url );
	- $cacert_path = plugin_dir_path( __FILE__ ) . 'vendor/cacert.pem';
	- curl_setopt( $handle, CURLOPT_CAINFO, $cacert_path );
	- curl_setopt( $handle, CURLOPT_RETURNTRANSFER, TRUE );
	- curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, FALSE );
	- curl_setopt( $handle, CURLOPT_CONNECTTIMEOUT, 5 );
	- $response = curl_exec( $handle );
	- $http_code = curl_getinfo( $handle, CURLINFO_HTTP_CODE );
	- curl_close( $handle );
	+ // Use wp_remote_retrieve_response_code() to retrieve the URL.
	+ $response = wp_remote_get( $url );
	+ $response_code = wp_remote_retrieve_response_code( $response );

	// Return true if the document has loaded successfully without any redirection or error
	- return $http_code >= 200 && $http_code < 400;
	+ return $response_code >= 200 && $response_code < 300;
	}