diff --git a/features/checksum-plugin.feature b/features/checksum-plugin.feature index 7e754741..d37b1aa0 100644 --- a/features/checksum-plugin.feature +++ b/features/checksum-plugin.feature @@ -215,3 +215,12 @@ Feature: Validate checksums for WordPress plugins """ Verified 1 of 1 plugins. """ + + Scenario: Verifies Hello Dolly + Given a WP install + + When I run `wp plugin verify-checksums hello` + Then STDOUT should contain: + """ + Verified 1 of 1 plugins. + """ diff --git a/src/Checksum_Plugin_Command.php b/src/Checksum_Plugin_Command.php index 99a8b942..d35c82a6 100644 --- a/src/Checksum_Plugin_Command.php +++ b/src/Checksum_Plugin_Command.php @@ -105,6 +105,11 @@ public function __invoke( $args, $assoc_args ) { continue; } + if ( 'hello' === $plugin->name ) { + $this->verify_hello_dolly_from_core( $assoc_args ); + continue; + } + if ( false === $version ) { WP_CLI::warning( "Could not retrieve the version for plugin {$plugin->name}, skipping." ); ++$skips; @@ -143,7 +148,6 @@ public function __invoke( $args, $assoc_args ) { if ( ! $strict && $this->is_soft_change_file( $file ) ) { continue; } - $result = $this->check_file_checksum( dirname( $plugin->file ) . '/' . $file, $checksums[ $file ] ); if ( true !== $result ) { $this->add_error( $plugin->name, $file, is_string( $result ) ? $result : 'Checksum does not match' ); @@ -173,6 +177,29 @@ public function __invoke( $args, $assoc_args ) { ); } + private function verify_hello_dolly_from_core( $assoc_args ) { + $file = 'hello.php'; + $wp_version = get_bloginfo( 'version', 'display' ); + $insecure = (bool) Utils\get_flag_value( $assoc_args, 'insecure', false ); + $wp_org_api = new WpOrgApi( [ 'insecure' => $insecure ] ); + $locale = ''; + + try { + $checksums = $wp_org_api->get_core_checksums( $wp_version, empty( $locale ) ? 'en_US' : $locale ); + } catch ( Exception $exception ) { + WP_CLI::error( $exception ); + } + + if ( ! is_array( $checksums ) || ! isset( $checksums['wp-content/plugins/hello.php'] ) ) { + WP_CLI::error( "Couldn't get hello.php checksum from WordPress.org." ); + } + + $md5_file = md5_file( $this->get_absolute_path( '/' ) . $file ); + if ( $md5_file !== $checksums['wp-content/plugins/hello.php'] ) { + $this->add_error( 'hello', $file, 'Checksum does not match' ); + } + } + /** * Adds a new error to the array of detected errors. * @@ -255,7 +282,6 @@ private function check_file_checksum( $path, $checksums ) { && array_key_exists( 'sha256', $checksums ) ) { $sha256 = $this->get_sha256( $this->get_absolute_path( $path ) ); - return in_array( $sha256, (array) $checksums['sha256'], true ); }