ranger/rangerhq-radio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
v0.7.3
rangerhq-radio/inc/updater.php
T
ranger a9d76decae v0.7.3 — WordPress.org guideline 8 compliance + Privacy section 
Adds the Update URI guard pattern so one source tree produces two
compliant build artifacts:

* Gitea install (default): `Update URI:` header points at
  git.davidtkeane.com → wp.org skips this plugin → self-hosted
  updater runs normally.
* WordPress.org submission zip (build script strips that line):
  header is empty → `radio_should_skip_custom_updater()` returns
  true → entire updater file short-circuits at load time → wp.org
  takes over update delivery as guideline 8 requires.

Settings page now guards the Updates panel render with
`function_exists()` because the panel function only exists when
the updater was allowed to load.

Also adds a dedicated `== Privacy ==` section to readme.txt
covering every outbound connection (none from the plugin itself;
SomaFM audio + 30s songs.json poll while playing) and adds an
explicit link to SomaFM's terms of use (somafm.com/legal/).

No user-visible behaviour change in either distribution.
2026-05-30 04:21:25 +01:00

282 lines
13 KiB
PHP
Raw Permalink Blame History

<?php
/**
* Radio — self-hosted update checker against the Gitea repo.
*
* Direct port of the Buddy / Logbook updater (proven in production).
* Polls Gitea's /releases/latest, falls back to /tags?limit=1 when no
* formal Release object exists, compares against RADIO_VERSION,
* renders an Updates panel on the Settings page. Cached 12h on
* success, 1h on negative responses.
*
* Repo coordinates are constants you can override via define() in
* wp-config.php if the repo ever moves.
*/
if ( ! defined( 'ABSPATH' ) ) { exit; }
/**
* v0.7.3 — wp.org guideline 8 guard.
*
* If the plugin's `Update URI:` header is empty or points to wordpress.org,
* the plugin is being distributed via WordPress.org and core handles updates.
* In that case the self-hosted updater MUST stay dormant — serving updates
* from a non-wp.org server is explicitly prohibited by guideline 8.
*
* When `Update URI` points at our Gitea (the default for self-hosted /
* pre-submission installs), wp.org skips this plugin and our updater runs
* normally.
*
* The submission build script strips the `Update URI:` line from
* `radio.php` so this check trips and the entire updater becomes a no-op.
*/
function radio_should_skip_custom_updater() {
static $cached = null;
if ( null !== $cached ) { return $cached; }
if ( ! defined( 'RADIO_FILE' ) || ! function_exists( 'get_file_data' ) ) {
$cached = false;
return $cached;
}
$data = get_file_data( RADIO_FILE, array( 'UpdateURI' => 'Update URI' ) );
$uri = isset( $data['UpdateURI'] ) ? trim( $data['UpdateURI'] ) : '';
if ( '' === $uri ) { $cached = true; return $cached; } // empty → wp.org default
if ( false !== stripos( $uri, 'wordpress.org' ) ) { $cached = true; return $cached; } // explicit wp.org
$cached = false; // points at Gitea / other → custom updater runs
return $cached;
}
// Short-circuit: stop here entirely if wp.org is handling updates.
if ( radio_should_skip_custom_updater() ) { return; }
if ( ! defined( 'RADIO_GITEA_HOST' ) ) { define( 'RADIO_GITEA_HOST', 'https://git.davidtkeane.com' ); }
if ( ! defined( 'RADIO_GITEA_OWNER' ) ) { define( 'RADIO_GITEA_OWNER', 'ranger' ); }
if ( ! defined( 'RADIO_GITEA_REPO' ) ) { define( 'RADIO_GITEA_REPO', 'a-radio' ); }
function radio_gitea_repo_url() {
return RADIO_GITEA_HOST . '/' . RADIO_GITEA_OWNER . '/' . RADIO_GITEA_REPO;
}
function radio_gitea_releases_url() {
return radio_gitea_repo_url() . '/releases';
}
/**
* Fetch the latest release/tag, normalised. Returns null on hard
* error, or an array including `version`.
*/
function radio_fetch_latest_release( $force_refresh = false ) {
$cache_key = 'radio_gitea_latest';
if ( ! $force_refresh ) {
$cached = get_site_transient( $cache_key );
if ( is_array( $cached ) ) { return $cached; }
}
$base_api = RADIO_GITEA_HOST . '/api/v1/repos/' . RADIO_GITEA_OWNER . '/' . RADIO_GITEA_REPO;
// Try formal Release first.
$response = wp_remote_get( $base_api . '/releases/latest', array( 'timeout' => 8 ) );
if ( is_wp_error( $response ) ) { return null; }
$code = (int) wp_remote_retrieve_response_code( $response );
$body = ( $code === 200 ) ? json_decode( wp_remote_retrieve_body( $response ), true ) : null;
// Fallback to /tags if no Release object exists yet.
if ( $code !== 200 || ! is_array( $body ) || empty( $body['tag_name'] ) ) {
$tags_response = wp_remote_get( $base_api . '/tags?limit=1', array( 'timeout' => 8 ) );
if ( ! is_wp_error( $tags_response )
&& (int) wp_remote_retrieve_response_code( $tags_response ) === 200 ) {
$tags = json_decode( wp_remote_retrieve_body( $tags_response ), true );
if ( is_array( $tags ) && ! empty( $tags[0]['name'] ) ) {
$body = array(
'tag_name' => $tags[0]['name'],
'html_url' => radio_gitea_repo_url() . '/src/tag/' . rawurlencode( $tags[0]['name'] ),
'body' => isset( $tags[0]['message'] ) ? $tags[0]['message'] : '',
'published_at' => isset( $tags[0]['commit']['created'] ) ? $tags[0]['commit']['created'] : null,
'assets' => array(),
);
$code = 200;
}
}
}
if ( $code !== 200 || ! is_array( $body ) || empty( $body['tag_name'] ) ) {
$info = array(
'version' => null,
'html_url' => radio_gitea_releases_url(),
'download_url' => null,
'body' => '',
'published_at' => null,
'error_code' => $code,
);
set_site_transient( $cache_key, $info, HOUR_IN_SECONDS );
return $info;
}
$version = ltrim( (string) $body['tag_name'], 'vV' );
// Prefer a .zip asset; fall back to Gitea source-archive URL.
$download_url = null;
if ( ! empty( $body['assets'] ) && is_array( $body['assets'] ) ) {
foreach ( $body['assets'] as $asset ) {
if ( isset( $asset['name'], $asset['browser_download_url'] )
&& substr( strtolower( $asset['name'] ), -4 ) === '.zip' ) {
$download_url = $asset['browser_download_url'];
break;
}
}
}
if ( ! $download_url ) {
$download_url = radio_gitea_repo_url() . '/archive/' . rawurlencode( $body['tag_name'] ) . '.zip';
}
$info = array(
'version' => $version,
'html_url' => isset( $body['html_url'] ) ? esc_url_raw( $body['html_url'] ) : '',
'download_url' => esc_url_raw( $download_url ),
'body' => isset( $body['body'] ) ? wp_strip_all_tags( $body['body'] ) : '',
'published_at' => isset( $body['published_at'] ) ? $body['published_at'] : null,
);
set_site_transient( $cache_key, $info, 12 * HOUR_IN_SECONDS );
return $info;
}
function radio_update_status( $force_refresh = false ) {
$current = defined( 'RADIO_VERSION' ) ? RADIO_VERSION : '0.0.0';
$latest = radio_fetch_latest_release( $force_refresh );
if ( ! $latest || empty( $latest['version'] ) ) {
$msg = __( 'No releases tagged on the Gitea repo yet.', 'a-radio' );
if ( $latest && ! empty( $latest['error_code'] ) && (int) $latest['error_code'] !== 404 ) {
/* translators: %d = HTTP status code returned by the Gitea API */
$msg = sprintf( __( 'Could not reach Gitea (HTTP %d). Try again in a few minutes.', 'a-radio' ), (int) $latest['error_code'] );
}
return array(
'status' => 'unknown',
'current' => $current,
'message' => $msg,
'repo_url' => radio_gitea_repo_url(),
);
}
if ( version_compare( $latest['version'], $current, '>' ) ) {
return array(
'status' => 'available',
'current' => $current,
'latest' => $latest['version'],
'html_url' => $latest['html_url'],
'download_url' => $latest['download_url'],
'published_at' => $latest['published_at'],
'body' => $latest['body'],
/* translators: 1: latest version available; 2: version currently installed */
'message' => sprintf( __( 'A new version (v%1$s) is available — you are on v%2$s.', 'a-radio' ), $latest['version'], $current ),
);
}
return array(
'status' => 'up-to-date',
'current' => $current,
'latest' => $latest['version'],
/* translators: %s = current installed version */
'message' => sprintf( __( 'You are up to date (v%s).', 'a-radio' ), $current ),
'repo_url' => radio_gitea_repo_url(),
);
}
add_action( 'wp_ajax_radio_check_updates', 'radio_ajax_check_updates' );
function radio_ajax_check_updates() {
if ( ! current_user_can( 'manage_options' ) ) {
wp_send_json_error( 'Insufficient permissions.', 403 );
}
check_ajax_referer( 'radio_check_updates', 'nonce' );
delete_site_transient( 'radio_gitea_latest' );
wp_send_json_success( radio_update_status( true ) );
}
function radio_render_updates_panel() {
$status = radio_update_status( false );
$nonce = wp_create_nonce( 'radio_check_updates' );
$repo_url = radio_gitea_repo_url();
$rel_url = radio_gitea_releases_url();
?>
<div class="radio-updates" style="max-width:720px; margin-top:24px; padding:18px 20px; background:#fff; border:1px solid #ccd0d4; border-radius:4px;">
<h2 style="margin-top:0;"><?php esc_html_e( 'Updates', 'a-radio' ); ?></h2>
<p style="margin:0 0 12px;">
<?php esc_html_e( 'Radio is self-hosted on Gitea. Click Check now to ask the repo whether there is a newer release than the one you are running.', 'a-radio' ); ?>
</p>
<p id="radio-update-status" style="margin:0 0 12px;">
<strong><?php esc_html_e( 'Status:', 'a-radio' ); ?></strong>
<span id="radio-update-status-text"><?php echo esc_html( $status['message'] ); ?></span>
<?php if ( $status['status'] === 'available' && ! empty( $status['download_url'] ) ) : ?>
<br>
<a href="<?php echo esc_url( $status['download_url'] ); ?>" class="button button-primary" style="margin-top:8px;">
<?php
/* translators: %s is the latest version number, e.g. "0.2.0" */
/* translators: %s = latest available version number, e.g. "0.7.0" */
echo esc_html( sprintf( __( 'Download v%s (.zip)', 'a-radio' ), $status['latest'] ) );
?>
</a>
<?php if ( ! empty( $status['html_url'] ) ) : ?>
<a href="<?php echo esc_url( $status['html_url'] ); ?>" target="_blank" rel="noopener" style="margin-left:8px;"><?php esc_html_e( 'View release notes →', 'a-radio' ); ?></a>
<?php endif; ?>
<?php endif; ?>
</p>
<p style="margin:0 0 4px;">
<button type="button" id="radio-check-updates-btn" class="button" data-nonce="<?php echo esc_attr( $nonce ); ?>">
↻ <?php esc_html_e( 'Check now', 'a-radio' ); ?>
</button>
<a href="<?php echo esc_url( $repo_url ); ?>" target="_blank" rel="noopener" class="button" style="margin-left:6px;"><?php esc_html_e( 'View on Gitea', 'a-radio' ); ?></a>
<a href="<?php echo esc_url( $rel_url ); ?>" target="_blank" rel="noopener" class="button" style="margin-left:6px;"><?php esc_html_e( 'View all releases', 'a-radio' ); ?></a>
</p>
<p style="margin:10px 0 0; color:#646970; font-size:12px;">
<?php esc_html_e( 'Manual update path: download the .zip, deactivate the plugin in WordPress, upload via Plugins → Add New → Upload, reactivate. Your settings survive the upgrade (state is stored in user_meta).', 'a-radio' ); ?>
</p>
<?php if ( defined( 'RADIO_SUPPORT_URL' ) && RADIO_SUPPORT_URL ) : ?>
<a class="radio-support-link" href="<?php echo esc_url( RADIO_SUPPORT_URL ); ?>" target="_blank" rel="noopener">
<?php esc_html_e( 'Like Radio? If You fancy to buy me a coffee →', 'a-radio' ); ?>
</a>
<?php endif; ?>
</div>
<script>
(function () {
var btn = document.getElementById('radio-check-updates-btn');
var statusText = document.getElementById('radio-update-status-text');
if (!btn || !statusText) { return; }
btn.addEventListener('click', function () {
var nonce = btn.getAttribute('data-nonce');
btn.disabled = true;
var orig = btn.textContent;
btn.textContent = '↻ Checking…';
statusText.textContent = 'Asking Gitea…';
var fd = new FormData();
fd.append('action', 'radio_check_updates');
fd.append('nonce', nonce);
fetch(ajaxurl, { method: 'POST', credentials: 'same-origin', body: fd })
.then(function (r) { return r.json(); })
.then(function (res) {
if (!res || !res.success) {
statusText.textContent = (res && res.data) ? String(res.data) : 'Check failed.';
} else {
statusText.textContent = res.data.message || 'Check complete.';
if (res.data.status === 'available' && res.data.download_url) {
setTimeout(function () { window.location.reload(); }, 400);
}
}
})
.catch(function () { statusText.textContent = 'Network error — try again in a moment.'; })
.finally(function () {
btn.disabled = false;
btn.textContent = orig;
});
});
})();
</script>
<?php
}
Reference in New Issue View Git Blame Copy Permalink