Plugin Name: ManageWP - Worker
Plugin URI: https://managewp.com
Description: We help you efficiently manage all your WordPress websites. <strong>Updates, backups, 1-click login, migrations, security</strong> and more, on one dashboard. This service comes in two versions: standalone <a href="https://managewp.com">ManageWP</a> service that focuses on website management, and <a href="https://godaddy.com/pro">GoDaddy Pro</a> that includes additional tools for hosting, client management, lead generation, and more.
Author URI: https://godaddy.com
* This file is part of the ManageWP Worker plugin.
* (c) ManageWP LLC <contact@managewp.com>
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
if (!defined('ABSPATH') && (!defined('MWP_SKIP_BOOTSTRAP') || !MWP_SKIP_BOOTSTRAP)) {
if (!defined('MAX_PRIORITY_HOOK')) {
define('MAX_PRIORITY_HOOK', 2147483647);
* Handler for incomplete plugin installations.
if (!function_exists('mwp_fail_safe')):
* Reserved memory for fatal error handling execution context.
$GLOBALS['mwp_reserved_memory'] = str_repeat(' ', 1024 * 20);
* If we ever get only partially upgraded due to a server error or misconfiguration,
* attempt to disable the plugin.
$GLOBALS['mwp_reserved_memory'] = null;
$lastError = error_get_last();
$acceptedErrorTypes = array(
if (!$lastError || !in_array($lastError['type'], $acceptedErrorTypes)) {
$activePlugins = get_option('active_plugins');
$workerIndex = array_search(plugin_basename(__FILE__), $activePlugins);
if ($workerIndex === false) {
// Plugin is not yet enabled, possibly in activation context.
$errorSource = realpath($lastError['file']);
// We might be in eval() context.
// The only fatal error that we would get would be a 'Class 'X' not found in ...', so look out only for those messages.
if (!preg_match('/^(Uncaught Error: )?Class \'[^\']+\' not found/', $lastError['message']) &&
!preg_match('/^(Uncaught Error: )?Call to undefined method /', $lastError['message']) &&
!preg_match('/^require_once\(\): Failed opening required \'[^\']+\'/', $lastError['message'])
// Only look for files that belong to this plugin.
$pluginBase = realpath(dirname(__FILE__));
if (stripos($errorSource, $pluginBase) !== 0) {
// Signal ourselves that the installation is corrupt.
update_option('mwp_recovering', time());
$siteUrl = get_option('siteurl');
$path = (string)parse_url($siteUrl, PHP_URL_PATH);
$title = sprintf("ManageWP Worker corrupt on %s", $siteUrl);
$to = get_option('admin_email');
$brand = get_option('mwp_worker_brand');
if (!empty($brand['admin_email'])) {
$to = $brand['admin_email'];
$fullError = print_r($lastError, 1);
$serviceID = (string)get_option('mwp_service_key');
$body = sprintf("Corrupt ManageWP Worker v%s installation detected. Site URL in question is %s. User email is %s (service ID: %s). Attempting recovery process at %s. The error that caused this:\n\n<pre>%s</pre>", $GLOBALS['MMB_WORKER_VERSION'], $siteUrl, $to, $serviceID, date('Y-m-d H:i:s'), $fullError);
mail('recovery@managewp.com', $title, $body, "Content-Type: text/html");
// If we're inside a cron scope, don't attempt to hide this error.
if (defined('DOING_CRON') && DOING_CRON) {
// If we're inside a normal request scope retry the request so user doesn't have to see an ugly error page.
if (!empty($_SERVER['REQUEST_URI'])) {
$siteUrl .= substr($_SERVER['REQUEST_URI'], strlen($path));
if (isset($_SERVER['HTTP_MWP_ACTION'])) {
echo "\nMWP_RETRY_ME: 1\n", json_encode(array('error' => 'Worker recover started', 'exception' => array(
'message' => 'Worker recover started',
'type' => 'WORKER_RECOVER_STARTED',
} elseif (headers_sent()) {
// The headers are probably sent if the PHP configuration has the 'display_errors' directive enabled. In that case try a meta redirect.
printf('<meta http-equiv="refresh" content="0; url=%s">', htmlspecialchars($siteUrl, ENT_QUOTES));
header('Location: '.htmlspecialchars($siteUrl, ENT_QUOTES));
register_shutdown_function('mwp_fail_safe');
if (!class_exists('MwpWorkerResponder', false)):
* We're not allowed to use lambda functions because this is PHP 5.2, so use a responder
* class that's able to access the service container.
private $responseSent = false;
function __construct(MWP_ServiceContainer_Interface $container)
$this->container = $container;
* @param Exception|Error $e
* @param MWP_Http_ResponseInterface|null $response
function callback($e = null, MWP_Http_ResponseInterface $response = null)
if ($response !== null) {
$responseEvent = new MWP_Event_MasterResponse($response);
$this->container->getEventDispatcher()->dispatch(MWP_Event_Events::MASTER_RESPONSE, $responseEvent);
$lastResponse = $responseEvent->getResponse();
if ($lastResponse !== null) {
if (!$this->responseSent) {
// This looks pretty ugly, but the "execute PHP" function handles fatal errors and wraps them
// in a valid action response. That fatal error may also be handled by the global fatal error
// handler, which also wraps the error in a response. We keep the state in this class, so we
// don't send a worker response twice, first time as an action response, second time as a
// If this is to be removed, simply remove fatal error handling from the "execute PHP" action.
$this->responseSent = true;
// Exception is thrown and the response is empty. This should never happen, so don't try to hide it.
public function getCallback()
return array($this, 'callback');
if (!function_exists('mwp_container')):
* @return MWP_ServiceContainer_Interface
if ($container === null) {
$parameters = (array)get_option('mwp_container_parameters', array()) + (array)get_option('mwp_container_site_parameters', array());
$requestId = isset($_GET['mwprid']) && is_string($_GET['mwprid']) ? $_GET['mwprid'] : null;
$container = new MWP_ServiceContainer_Production(array(
'worker_realpath' => __FILE__,
'worker_basename' => 'worker/init.php',
'worker_version' => $GLOBALS['MMB_WORKER_VERSION'],
'worker_revision' => $GLOBALS['MMB_WORKER_REVISION'],
'request_id' => $requestId,
if (!class_exists('MwpRecoveryKit', false)):
* This class must be isolated from the rest of the ManageWP Worker library, because
* we're counting that we have only this file and WordPress bootstrapped.
const MAX_LOGGED_ERRORS = 5;
private static $errorLog = array();
private static function requestJson($url)
$response = wp_remote_get($url, array('timeout' => 60));
if ($response instanceof WP_Error) {
throw new Exception('Unable to download checksum.json: '.$response->get_error_message());
if ($response['response']['code'] !== 200) {
throw new Exception('Unable to download checksum.json: invalid status code ('.$response['response']['code'].')');
$responseJson = json_decode($response['body'], true);
if (empty($responseJson) || !is_array($responseJson)) {
throw new Exception('Error while parsing checksum.json.');
public function recover($version)
$lockTime = $wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = 'mwp_incremental_recover_lock' LIMIT 1");
if ($lockTime && time() - (int)$lockTime < 1200) { // lock for 20 minutes
throw new Exception('Another incremental update or recovery process is already active', 1337);
register_shutdown_function(array($this, 'releaseLock'));
update_option('mwp_incremental_recover_lock', time());
$dirName = realpath(dirname(__FILE__));
$filesAndChecksums = $this->requestJson(sprintf('http://s3-us-west-2.amazonaws.com/mwp-orion-public/worker/raw/%s/checksum.json', $version));
$files = $this->recoverFiles($dirName, $filesAndChecksums, $version);
public function releaseLock()
delete_option('mwp_incremental_recover_lock');
public static function selfUpdate()
if (get_option('mwp_recovering')) {
$response = self::requestJson('http://s3-us-west-2.amazonaws.com/mwp-orion-public/worker/latest.json');
$response += array('version' => '0.0.0', 'schedule' => 86400, 'autoUpdate' => false, 'checksum' => array());
wp_clear_scheduled_hook('mwp_auto_update');
wp_schedule_single_event(current_time('timestamp') + $response['schedule'], 'mwp_auto_update');
if (!$response['autoUpdate']) {
if (version_compare($response['version'], $GLOBALS['MMB_WORKER_VERSION'], '<')) {
self::recoverFiles(dirname(__FILE__), $response['checksum'], $response['version']);
mwp_logger()->error("Self-update failed.", array('exception' => $e));
private static function clearUnknownFiles($filesAndChecksums, $fs)
/** @var WP_Filesystem_Base $fs */
$base = dirname(__FILE__);
if (version_compare(phpversion(), '5.3', '<')) {
$directory = new RecursiveDirectoryIterator($base);
$directory = new RecursiveDirectoryIterator($base, RecursiveDirectoryIterator::SKIP_DOTS);
'init.php' => 1, // safe-guard
'functions.php' => 1, // safe-guard
$files = array_keys(iterator_to_array(new RecursiveIteratorIterator($directory, RecursiveIteratorIterator::SELF_FIRST, RecursiveIteratorIterator::CATCH_GET_CHILD)));
foreach ($files as $file) {
$file = preg_replace('/^'.preg_quote($base, '/').'/', '', $file, 1, $count);
$file = strtr($file, '\\', '/');
$file = ltrim($file, '/');
if (isset($filesAndChecksums[$file]) || isset($ignoreDelete[$file])) {
$fs->delete($fs->find_folder(WP_PLUGIN_DIR).'worker/'.$file, false, 'f');
public static function recoverFiles($dirName, array $filesAndChecksums, $version)
set_error_handler(array(__CLASS__, 'logError'));
require_once ABSPATH.'wp-admin/includes/file.php';
require_once ABSPATH.'wp-admin/includes/template.php';
$fsMethod = get_filesystem_method();
if ($fsMethod !== 'direct') {
$options = request_filesystem_credentials('');
/** @var WP_Filesystem_Base $fs */
$fs = $GLOBALS['wp_filesystem'];
$lastError = error_get_last();
$errorMessage = $lastError ? $lastError['message'] : '(no error logged)';
throw new Exception('Unable to connect to the file system: '.$errorMessage);
$cachedFilesAndChecksums = $filesAndChecksums;
// First create directories and remove them from the array.
// Must be done before shuffling because of nesting.
foreach ($filesAndChecksums as $relativePath => $checksum) {
unset ($filesAndChecksums[$relativePath]);
$absolutePath = $dirName.'/'.$relativePath;
// Directories are ordered first.
if (!is_dir($absolutePath)) {
$fs->mkdir($fs->find_folder(WP_PLUGIN_DIR).'worker/'.$relativePath);
// Check and recreate files. Shuffle them so multiple running instances have a smaller collision.
$recoveredFiles = array();
$filesAndChecksums = self::shuffleAssoc($filesAndChecksums);
while ($checksum = current($filesAndChecksums)) {
if ($retryCount >= $retryUpTo) {
throw new Exception($lastError);
$relativePath = key($filesAndChecksums);
$absolutePath = $dirName.'/'.$relativePath;
if (file_exists($absolutePath) && md5_file($absolutePath) === $checksum) {
next($filesAndChecksums);
$fileUrl = sprintf('http://s3-us-west-2.amazonaws.com/mwp-orion-public/worker/raw/%s/%s', $version, $relativePath);
$response = wp_remote_get($fileUrl, array('timeout' => 60));
if ($response instanceof WP_Error) {
$lastError = 'Unable to download file '.$fileUrl.': '.$response->get_error_message();
if ($response['response']['code'] !== 200) {
$lastError = 'Unable to download file '.$fileUrl.': invalid status code ('.$response['response']['code'].')';
$saved = $fs->put_contents($fs->find_folder(WP_PLUGIN_DIR).'worker/'.$relativePath, $response['body']);
if (is_callable(array($fs, '__destruct'))) {
$lastError = 'File saving failed.';
if (count(self::$errorLog)) {
$lastError .= sprintf(" Last %d logged errors:%s", min(self::MAX_LOGGED_ERRORS, count(self::$errorLog)), "\n - ".implode("\n - ", self::$errorLog));
$recoveredFiles[] = $relativePath;
next($filesAndChecksums);
self::clearUnknownFiles($cachedFilesAndChecksums, $fs);
if (function_exists('opcache_reset')) {
public static function logError($code, $message, $file = 'Unknown', $line = 0)
self::$errorLog[] = sprintf('Error [%d]: %s in %s on line %d', $code, $message, $file, $line);
if (count(self::$errorLog) > self::MAX_LOGGED_ERRORS) {
array_shift(self::$errorLog);
private static function shuffleAssoc($array)
$keys = array_keys($array);
foreach ($keys as $key) {
$shuffled[$key] = $array[$key];
public function selfDeactivate($reason)
if (isset($_SERVER['MWP2_VERSION_ID'])) {
$activePlugins = get_option('active_plugins');
$workerIndex = array_search(plugin_basename(__FILE__), $activePlugins);
if ($workerIndex === false) {
// Plugin is not yet enabled, possibly in activation context.
unset($activePlugins[$workerIndex]);
$activePlugins = array_values($activePlugins);
delete_option('mwp_recovering');
update_option('active_plugins', $activePlugins);
if ($lastError = error_get_last()) {
$lastErrorMessage = "\n\nLast error: ".$lastError['message'];
mail('recovery@managewp.com', sprintf("ManageWP Worker recovery aborted on %s", get_option('siteurl')), sprintf("ManageWP Worker v%s. Reason: %s%s", $GLOBALS['MMB_WORKER_VERSION'], $reason, $lastErrorMessage));
if (!function_exists('mwp_activation_hook')) {
function mwp_activation_hook()
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
