Plugins: Block plugin updates if required PHP version is not supported.

When a plugin states it requires a specific minimum PHP version (as defined in the `requires_php` field included in the plugin update API response), a user should not be allowed to update that plugin when the server does not satisfy the minimum PHP version.

When this scenario is encountered, the update buttons and links are disabled and links to educational resources about PHP are displayed to the user with a notice.

Props afragen, schlessera, desrosj.
Fixes #43987. 

git-svn-id: https://develop.svn.wordpress.org/trunk@44937 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Jonathan Desrosiers 2019-03-20 01:43:05 +00:00
parent 1b97ea1fcf
commit 97bb59d939
3 changed files with 55 additions and 27 deletions

View File

@ -746,9 +746,10 @@ class WP_Plugins_List_Table extends WP_List_Table {
}
$compatible_php = ( empty( $plugin_data['requires_php'] ) || version_compare( phpversion(), $plugin_data['requires_php'], '>=' ) );
$class = $is_active ? 'active' : 'inactive';
$checkbox_id = 'checkbox_' . md5( $plugin_data['Name'] );
if ( $restrict_network_active || $restrict_network_only || in_array( $status, array( 'mustuse', 'dropins' ) ) ) {
if ( $restrict_network_active || $restrict_network_only || in_array( $status, array( 'mustuse', 'dropins' ) ) || ! $compatible_php ) {
$checkbox = '';
} else {
/* translators: %s: plugin name */

View File

@ -769,8 +769,8 @@ function install_plugin_information() {
' ' . __( '<a href="%s" target="_blank">Click here to learn more about updating PHP</a>.' ),
esc_url( wp_get_update_php_url() )
);
echo '</p>';
wp_update_php_annotation();
wp_update_php_annotation( '</p><p><em>', '</em>' );
} else {
echo '</p>';
}
@ -827,7 +827,14 @@ function install_plugin_information() {
break;
case 'update_available':
if ( $status['url'] ) {
if ( $compatible_php ) {
echo '<a data-slug="' . esc_attr( $api->slug ) . '" data-plugin="' . esc_attr( $status['file'] ) . '" id="plugin_update_from_iframe" class="button button-primary right" href="' . $status['url'] . '" target="_parent">' . __( 'Install Update Now' ) . '</a>';
} else {
printf(
'<button type="button" class="button button-primary button-disabled right" disabled="disabled">%s</button>',
_x( 'Cannot Update', 'plugin' )
);
}
}
break;
case 'newer_installed':

View File

@ -400,7 +400,10 @@ function wp_plugin_update_row( $file, $plugin_data ) {
$active_class = is_plugin_active( $file ) ? ' active' : '';
}
echo '<tr class="plugin-update-tr' . $active_class . '" id="' . esc_attr( $response->slug . '-update' ) . '" data-slug="' . esc_attr( $response->slug ) . '" data-plugin="' . esc_attr( $file ) . '"><td colspan="' . esc_attr( $wp_list_table->get_column_count() ) . '" class="plugin-update colspanchange"><div class="update-message notice inline notice-warning notice-alt"><p>';
$compatible_php = ( empty( $response->requires_php ) || version_compare( phpversion(), $response->requires_php, '>=' ) );
$notice_type = $compatible_php ? 'notice-warning' : 'notice-error';
echo '<tr class="plugin-update-tr' . $active_class . '" id="' . esc_attr( $response->slug . '-update' ) . '" data-slug="' . esc_attr( $response->slug ) . '" data-plugin="' . esc_attr( $file ) . '"><td colspan="' . esc_attr( $wp_list_table->get_column_count() ) . '" class="plugin-update colspanchange"><div class="update-message notice inline ' . $notice_type . ' notice-alt"><p>';
if ( ! current_user_can( 'update_plugins' ) ) {
/* translators: 1: plugin name, 2: details URL, 3: additional link attributes, 4: version number */
@ -413,7 +416,7 @@ function wp_plugin_update_row( $file, $plugin_data ) {
/* translators: 1: plugin name, 2: version number */
esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $plugin_name, $response->new_version ) )
),
$response->new_version
esc_attr( $response->new_version )
);
} elseif ( empty( $response->package ) ) {
/* translators: 1: plugin name, 2: details URL, 3: additional link attributes, 4: version number */
@ -426,9 +429,10 @@ function wp_plugin_update_row( $file, $plugin_data ) {
/* translators: 1: plugin name, 2: version number */
esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $plugin_name, $response->new_version ) )
),
$response->new_version
esc_attr( $response->new_version )
);
} else {
if ( $compatible_php ) {
/* translators: 1: plugin name, 2: details URL, 3: additional link attributes, 4: version number, 5: update URL, 6: additional link attributes */
printf(
__( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a> or <a href="%5$s" %6$s>update now</a>.' ),
@ -439,7 +443,7 @@ function wp_plugin_update_row( $file, $plugin_data ) {
/* translators: 1: plugin name, 2: version number */
esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $plugin_name, $response->new_version ) )
),
$response->new_version,
esc_attr( $response->new_version ),
wp_nonce_url( self_admin_url( 'update.php?action=upgrade-plugin&plugin=' ) . $file, 'upgrade-plugin_' . $file ),
sprintf(
'class="update-link" aria-label="%s"',
@ -447,6 +451,22 @@ function wp_plugin_update_row( $file, $plugin_data ) {
esc_attr( sprintf( __( 'Update %s now' ), $plugin_name ) )
)
);
} else {
/* translators: 1: plugin name, 2: details URL, 3: additional link attributes, 4: version number 5: Update PHP page URL */
printf(
__( 'There is a new version of %1$s available, but it doesn&#8217;t work with your version of PHP. <a href="%2$s" %3$s>View version %4$s details</a> or <a href="%5$s">learn more about updating PHP</a>.' ),
$plugin_name,
esc_url( $details_url ),
sprintf(
'class="thickbox open-plugin-details-modal" aria-label="%s"',
/* translators: 1: plugin name, 2: version number */
esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $plugin_name, $response->new_version ) )
),
esc_attr( $response->new_version ),
esc_url( wp_get_update_php_url() )
);
wp_update_php_annotation( '<br><span class="description">', '</span>' );
}
}
/**