| Disable Functions: Path : /opt/wp/plugins/jetpack/modules/protect/ |
| Current File : //opt/wp/plugins/jetpack/modules/protect/blocked-login-page.php |
<?php // phpcs:ignore - WordPress.Files.FileName.InvalidClassFileName
use Automattic\Jetpack\Connection\Client;
use Automattic\Jetpack\Redirect;
/**
* Class Jetpack_Protect_Blocked_Login_Page
*
* Instanciated on the wp-login page when Jetpack modules are loaded and $pagenow
* is available, or during the login_head hook.
*
* Class will only be instanciated if Protect has detected a hard blocked IP address.
*/
class Jetpack_Protect_Blocked_Login_Page {
/**
* Instance of the class.
*
* @var Jetpack_Protect_Blocked_Login_Page
*/
private static $instance = null;
/**
* Can send recovery emails. defaults to true.
*
* @var bool
*/
public $can_send_recovery_emails;
/**
* The IP address.
*
* @var string
*/
public $ip_address;
/**
* Valid blocked user ID.
*
* @var int
*/
public $valid_blocked_user_id;
/**
* The email address.
*
* @var string
*/
public $email_address;
/**
* URL to support page
*
* @deprecated 8.5.0 Use Jetpack_Protect_Blocked_Login_Page::get_help_url()
* @see Jetpack_Protect_Blocked_Login_Page::get_help_url()
*
* @var string string $HELP_URL
*/
const HELP_URL = 'https://jetpack.com/support/security-features/#unblock';
const HTTP_STATUS_CODE_TOO_MANY_REQUESTS = 429;
/**
* Singleton implementation
*
* @param string $ip_address - the IP address.
*
* @return object
*/
public static function instance( $ip_address ) {
if ( ! is_a( self::$instance, 'Jetpack_Protect_Blocked_Login_Page' ) ) {
self::$instance = new Jetpack_Protect_Blocked_Login_Page( $ip_address );
}
return self::$instance;
}
/**
* Singleton implementation
*
* @param string $ip_address - the IP address.
*/
public function __construct( $ip_address ) {
/**
* Filter controls if an email recovery form is shown to blocked IPs.
*
* A recovery form allows folks to re-gain access to the login form
* via an email link if their IP was mistakenly blocked.
*
* @module protect
*
* @since 5.6.0
*
* @param bool $can_send_recovery_emails Defaults to true.
*/
$this->can_send_recovery_emails = apply_filters( 'jetpack_protect_can_send_recovery_emails', true );
$this->ip_address = $ip_address;
add_filter( 'wp_authenticate_user', array( $this, 'check_valid_blocked_user' ), 10, 1 );
add_filter( 'site_url', array( $this, 'add_args_to_login_post_url' ), 10, 3 );
add_filter( 'network_site_url', array( $this, 'add_args_to_login_post_url' ), 10, 3 );
add_filter( 'lostpassword_url', array( $this, 'add_args_to_lostpassword_url' ), 10, 2 );
add_filter( 'login_url', array( $this, 'add_args_to_login_url' ), 10, 3 );
add_filter( 'lostpassword_redirect', array( $this, 'add_args_to_lostpassword_redirect_url' ), 10, 1 );
}
/**
* Gets the URL that redirects to the support page on unblocking
*
* @since 8.5.0
*
* @return string
*/
public static function get_help_url() {
return Redirect::get_url( 'jetpack-support-security-features', array( 'anchor' => 'unblock' ) );
}
/**
* Add arguments to lost password redirect url.
*
* @param string $url - the URL.
*/
public function add_args_to_lostpassword_redirect_url( $url ) {
if ( $this->valid_blocked_user_id ) {
$url = empty( $url ) ? wp_login_url() : $url;
$url = add_query_arg(
array(
'validate_jetpack_protect_recovery' => $_GET['validate_jetpack_protect_recovery'], // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
'user_id' => $_GET['user_id'], // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
'checkemail' => 'confirm',
),
$url
);
}
return $url;
}
/**
* Add arguments to lost password redirect url.
*
* @param string $url - the URL.
* @param string $redirect - where to redirect to.
*/
public function add_args_to_lostpassword_url( $url, $redirect ) {
if ( $this->valid_blocked_user_id ) {
$args = array(
'validate_jetpack_protect_recovery' => $_GET['validate_jetpack_protect_recovery'], // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
'user_id' => $_GET['user_id'], // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
'action' => 'lostpassword',
);
if ( ! empty( $redirect ) ) {
$args['redirect_to'] = $redirect;
}
$url = add_query_arg( $args, $url );
}
return $url;
}
/**
* Add arguments to login post url.
*
* @param string $url - the URL.
* @param string $path - the path.
* @param string $scheme -the scheme(?).
*/
public function add_args_to_login_post_url( $url, $path, $scheme ) {
if ( $this->valid_blocked_user_id && ( 'login_post' === $scheme || 'login' === $scheme ) ) {
$url = add_query_arg(
array(
'validate_jetpack_protect_recovery' => $_GET['validate_jetpack_protect_recovery'], // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
'user_id' => $_GET['user_id'], // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
),
$url
);
}
return $url;
}
/**
* Add arguments to login post url.
*
* @param string $url - the URL.
* @param string $redirect - where we want to redirect to.
* @param string $force_reauth -if we're forcing reauthorization.
*/
public function add_args_to_login_url( $url, $redirect, $force_reauth ) {
if ( $this->valid_blocked_user_id ) {
$args = array(
'validate_jetpack_protect_recovery' => $_GET['validate_jetpack_protect_recovery'], // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
'user_id' => $_GET['user_id'], // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
);
if ( ! empty( $redirect ) ) {
$args['redirect_to'] = $redirect;
}
if ( ! empty( $force_reauth ) ) {
$args['reauth'] = '1';
}
$url = add_query_arg( $args, $url );
}
return $url;
}
/**
* Check if user is blocked.
*
* @param string $user - the user.
*/
public function check_valid_blocked_user( $user ) {
if ( $this->valid_blocked_user_id && $this->valid_blocked_user_id != $user->ID ) { // phpcs:ignore Universal.Operators.StrictComparisons.LooseNotEqual
return new WP_Error( 'invalid_recovery_token', __( 'The recovery token is not valid for this user.', 'jetpack' ) );
}
return $user;
}
/**
* Check if user is valid.
*/
public function is_blocked_user_valid() {
if ( ! $this->can_send_recovery_emails ) {
return false;
}
if ( $this->valid_blocked_user_id ) {
return true;
}
if ( ! isset( $_GET['validate_jetpack_protect_recovery'], $_GET['user_id'] ) ) { // phpcs:ignore: WordPress.Security.NonceVerification.Recommended -- no changes made if this isn't set.
return false;
}
if ( ! $this->is_valid_protect_recovery_key( $_GET['validate_jetpack_protect_recovery'], $_GET['user_id'] ) ) { // phpcs:ignore: WordPress.Security.NonceVerification.Recommended -- no changes made if this isn't set.
return false;
}
$this->valid_blocked_user_id = (int) $_GET['user_id']; // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nothing on the site is changed in response to this request.
return true;
}
/**
* Checks if recovery key is valid.
*
* @param string $key - they recovery key.
* @param string $user_id - the User ID.
*/
public function is_valid_protect_recovery_key( $key, $user_id ) {
$path = sprintf( '/sites/%d/protect/recovery/confirm', Jetpack::get_option( 'id' ) );
$response = Client::wpcom_json_api_request_as_blog(
$path,
'1.1',
array(
'method' => 'post',
),
array(
'token' => $key,
'user_id' => $user_id,
'ip' => $this->ip_address,
)
);
$result = json_decode( wp_remote_retrieve_body( $response ) );
if ( is_wp_error( $result ) || empty( $result ) || isset( $result->error ) ) {
return false;
}
return true;
}
/**
* Check if we should render the recovery form.
*/
public function render_and_die() {
if ( ! $this->can_send_recovery_emails ) {
$this->render_blocked_login_message();
return;
}
if ( isset( $_GET['validate_jetpack_protect_recovery'] ) && $_GET['user_id'] ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- no site changes, just throws invalid token error.
$error = new WP_Error( 'invalid_token', __( "Oops, we couldn't validate the recovery token.", 'jetpack' ) );
$this->protect_die( $error );
return;
}
if (
isset( $_GET['jetpack-protect-recovery'] ) &&
isset( $_POST['_wpnonce'] ) &&
wp_verify_nonce( $_POST['_wpnonce'], 'bypass-protect' )
) {
$this->process_recovery_email();
return;
}
if ( isset( $_GET['loggedout'] ) && 'true' === $_GET['loggedout'] ) {
$this->protect_die( __( 'You successfully logged out.', 'jetpack' ) );
}
$this->render_recovery_form();
}
/**
* Render the blocked login message.
*/
public function render_blocked_login_message() {
$this->protect_die( $this->get_html_blocked_login_message() );
}
/**
* Process sending a recovery email.
*/
public function process_recovery_email() {
$sent = $this->send_recovery_email();
$show_recovery_form = true;
if ( is_wp_error( $sent ) ) {
if ( 'email_already_sent' === $sent->get_error_code() ) {
$show_recovery_form = false;
}
$this->protect_die( $sent, null, true, $show_recovery_form );
} else {
$this->render_recovery_success();
}
}
/**
* Send the recovery form.
*/
public function send_recovery_email() {
$email = isset( $_POST['email'] ) ? $_POST['email'] : ''; // phpcs:ignore WordPress.Security.NonceVerification.Missing -- only triggered after bypass-protect nonce check is done.
if ( sanitize_email( $email ) !== $email || ! is_email( $email ) ) {
return new WP_Error( 'invalid_email', __( "Oops, looks like that's not the right email address. Please try again!", 'jetpack' ) );
}
$user = get_user_by( 'email', trim( $email ) );
if ( ! $user ) {
return new WP_Error( 'invalid_user', __( "Oops, we couldn't find a user with that email. Please try again!", 'jetpack' ) );
}
$this->email_address = $email;
$path = sprintf( '/sites/%d/protect/recovery/request', Jetpack::get_option( 'id' ) );
$response = Client::wpcom_json_api_request_as_blog(
$path,
'1.1',
array(
'method' => 'post',
),
array(
'user_id' => $user->ID,
'ip' => $this->ip_address,
)
);
$code = wp_remote_retrieve_response_code( $response );
$result = json_decode( wp_remote_retrieve_body( $response ) );
if ( self::HTTP_STATUS_CODE_TOO_MANY_REQUESTS === $code ) {
// translators: email address the recovery instructions were sent to.
return new WP_Error( 'email_already_sent', sprintf( __( 'Recovery instructions were sent to %s. Check your inbox!', 'jetpack' ), $this->email_address ) );
} elseif ( is_wp_error( $result ) || empty( $result ) || isset( $result->error ) ) {
return new WP_Error( 'email_send_error', __( 'Oops, we were unable to send a recovery email. Try again.', 'jetpack' ) );
}
return true;
}
/**
* Prevent login by locking the login page.
*
* @param string $content - the content of the page.
* @param string $title - the page title.
* @param string $back_link - the back link.
* @param string $recovery_form - the recovery form.
*/
public function protect_die( $content, $title = null, $back_link = false, $recovery_form = false ) {
if ( empty( $title ) ) {
$title = __( 'Jetpack has locked your site\'s login page.', 'jetpack' );
}
if ( is_wp_error( $content ) ) {
$svg = '<svg class="gridicon gridicons-notice" height="24" width="24" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><g><path d="M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10S17.523 2 12 2zm1 15h-2v-2h2v2zm0-4h-2l-.5-6h3l-.5 6z"/></g></svg>';
$content = '<span class="error"> ' . $svg . $content->get_error_message() . '</span>';
}
$content = '<p>' . $content . '</p>';
// If for some reason the login pop up box show up in the wp-admin.
if ( isset( $_GET['interim-login'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- no changes to the site itself, just rendering an error message.
$content = '<style>html{ background-color: #fff; } #error-message { margin:0 auto; padding: 1em; box-shadow: none; } </style>' . $content;
}
$this->display_page( $title, $content, $back_link, $recovery_form );
}
/**
* Render the recovery form.
*/
public function render_recovery_form() {
$content = $this->get_html_blocked_login_message();
$this->protect_die( $content, null, null, true );
}
/**
* Render the recovery instructions.
*/
public function render_recovery_success() {
// translators: the email address the recovery email was sent to.
$this->protect_die( sprintf( __( 'Recovery instructions were sent to %s. Check your inbox!', 'jetpack' ), $this->email_address ) );
}
/**
* Get the HTML for the blocked login message.
*/
public function get_html_blocked_login_message() {
$icon = '<svg class="gridicon gridicons-spam" style="fill:#d94f4f" height="24" width="24" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><g><path d="M17 2H7L2 7v10l5 5h10l5-5V7l-5-5zm-4 15h-2v-2h2v2zm0-4h-2l-.5-6h3l-.5 6z"/></g></svg>';
$ip = str_replace( 'http://', '', esc_url( 'http://' . $this->ip_address ) );
return sprintf(
// translators: the IP address that was flagged.
__( '<p>Your IP address <code>%2$s</code> has been flagged for potential security violations. You can unlock your login by sending yourself a special link via email. <a href="%3$s">Learn More</a></p>', 'jetpack' ), // phpcs:ignore WordPress.WP.I18n.NoHtmlWrappedStrings
$icon,
$ip,
esc_url( self::get_help_url() )
);
}
/**
* Get the HTML recovery form.
*/
public function get_html_recovery_form() {
ob_start(); ?>
<div>
<form method="post" action="?jetpack-protect-recovery=true">
<?php wp_nonce_field( 'bypass-protect' ); ?>
<p><label for="email"><?php esc_html_e( 'Your email', 'jetpack' ); ?><br/></label>
<input type="email" name="email" class="text-input"/>
<input type="submit" class="button"
value="<?php esc_attr_e( 'Send email', 'jetpack' ); ?>"/>
</p>
</form>
</div>
<?php
$contents = ob_get_contents();
ob_end_clean();
return $contents;
}
/**
* Display the page.
*
* @param string $title - the page title.
* @param string $message - the message we're sending.
* @param string $back_button - the back button.
* @param string $recovery_form - the recovery form.
*/
public function display_page( $title, $message, $back_button = false, $recovery_form = false ) {
if ( ! headers_sent() ) {
nocache_headers();
header( 'Content-Type: text/html; charset=utf-8' );
}
$text_direction = 'ltr';
if ( is_rtl() ) {
$text_direction = 'rtl';
}
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
<?php
if ( function_exists( 'language_attributes' ) && function_exists( 'is_rtl' ) ) {
language_attributes();
} else {
echo "dir='$text_direction'"; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
}
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width">
<?php
if ( get_option( 'blog_public' ) ) {
echo "<meta name='robots' content='noindex,follow' />\n";
} else {
echo "<meta name='robots' content='noindex,nofollow' />\n";
}
?>
<title><?php echo esc_html( $title ); ?></title>
<style type="text/css">
html {
background: #f6f6f6;
}
body {
color: #2e4453;
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif;
margin: 2em auto;
padding: 1em 2em;
max-width: 460px;
text-align: left;
}
body.is-rtl {
text-align: right;
}
h1 {
clear: both;
color: #3d596d;
font-size: 24px;
margin:0 0 24px 0;
padding: 0;
font-weight: 400;
}
#error-message {
box-sizing: border-box;
background: white;
box-shadow: 0 0 0 1px rgba(200, 215, 225, 0.5), 0 1px 2px #e9eff3;
padding: 24px;
}
#error-message img {
margin: 0 auto;
display: block;
}
#error-page {
margin-top: 50px;
}
#error-page p {
font-size: 14px;
line-height: 1.5;
margin: 24px 0 0;
}
#error-page code {
font-family: Consolas, Monaco, monospace;
}
ul li {
margin-bottom: 10px;
font-size: 14px;
}
a {
color: #00aadc;
}
label {
font-weight: bold;
font-size:16px;
}
a:hover,
a:active {
color: #0085be;
}
a:focus {
color: #124964;
-webkit-box-shadow: 0 0 0 1px #4f94d4,
0 0 2px 1px rgba(30, 140, 190, .8);
box-shadow: 0 0 0 1px #4f94d4,
0 0 2px 1px rgba(30, 140, 190, .8);
outline: none;
}
.button {
background: #00aadc;
color: white;
border-color: #008ab3;
border-style: solid;
border-width: 1px 1px 2px;
cursor: pointer;
display: inline-block;
margin: 0;
margin-right: 0px;
outline: 0;
overflow: hidden;
font-weight: 500;
text-overflow: ellipsis;
text-decoration: none;
vertical-align: top;
box-sizing: border-box;
font-size: 14px;
line-height: 21px;
border-radius: 4px;
padding: 7px 14px 9px;
-webkit-appearance: none;
-moz-appearance: none;
appearance: none;
font-size: 14px;
width: 100%;
}
.button:hover,
.button:focus {
border-color: #005082;
outline: none;
}
.button:focus {
border-color: #005082;
-webkit-box-shadow: 0 0 3px rgba(0, 115, 170, .8);
box-shadow: 0 0 3px rgba(0, 115, 170, .8);
outline: none;
}
.button::-moz-focus-inner {
border: 0;
}
.button:active {
border-width: 2px 1px 1px;
}
.gridicon {
fill: currentColor;
vertical-align: middle;
}
#error-footer {
padding: 16px;
}
#error-footer a {
text-decoration: none;
line-height:20px;
font-size: 14px;
color: #4f748e;
}
#error-footer a:hover {
color: #2e4453;
}
#error-footer .gridicon{
width: 16px;
}
#error-footer .gridicons-help {
width: 24px;
margin-right:8px;
}
.is-rtl #error-footer .gridicons-help {
margin-left:8px;
}
.error {
background: #d94f4f;
color:#FFF;
display: block;
border-radius: 3px;
line-height: 1.5;
padding: 16px;
padding-left: 42px;
}
.is-rtl .error {
padding-right: 42px;
}
.error .gridicon {
float: left;
margin-left: -32px;
}
.is-rtl .error .gridicon {
float: right;
margin-right: -32px;
}
.text-input {
margin: 0;
padding: 7px 14px;
width: 100%;
color: #2e4453;
font-size: 16px;
line-height: 1.5;
border: 1px solid #c8d7e1;
background-color: white;
transition: all .15s ease-in-out;
box-sizing: border-box;
margin: 8px 0 16px;
}
#image {
display: block;
width: 200px;
margin: 0 auto;
}
<?php
$rtl_class = '';
if ( 'rtl' === $text_direction ) {
$rtl_class = 'class="is-rtl"';
echo 'body { font-family: Tahoma, Arial; }';
}
?>
</style>
</head>
<body id="error-page" <?php echo $rtl_class; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
<h1 id="error-title"><?php echo esc_html( $title ); ?></h1>
<div id="error-message">
<svg id="image" xmlns="http://www.w3.org/2000/svg" x="0px" y="0px" viewBox="0 0 250 134">
<path fill="#E9EFF4" d="M205.2,129.8c3.7-0.7,7.4-0.9,11.1-1.1l5.5-0.1l5.5,0c3.7,0,7.4,0.1,11.1,0.2c3.7,0.1,7.4,0.3,11.1,0.8 c0.3,0,0.5,0.3,0.5,0.6c0,0.2-0.2,0.4-0.5,0.5c-3.7,0.5-7.4,0.6-11.1,0.8c-3.7,0.1-7.4,0.2-11.1,0.2l-5.5,0l-5.5-0.1 c-3.7-0.1-7.4-0.4-11.1-1.1c-0.1,0-0.2-0.2-0.2-0.3C205,129.9,205.1,129.8,205.2,129.8"/>
<path fill="#E9EFF4" d="M0.2,130.9c3-0.7,5.9-0.9,8.9-1.1l4.4-0.1l4.4,0c3,0,5.9,0.1,8.9,0.2c3,0.1,5.9,0.3,8.9,0.8 c0.3,0,0.5,0.3,0.4,0.6c0,0.2-0.2,0.4-0.4,0.4c-3,0.5-5.9,0.6-8.9,0.8c-3,0.1-5.9,0.2-8.9,0.2l-4.4,0l-4.4-0.1 c-3-0.1-5.9-0.4-8.9-1.1c-0.1,0-0.2-0.2-0.2-0.3C0,131,0.1,130.9,0.2,130.9"/>
<path fill="#C8D7E2" d="M101.6,130.1H70.1V52.5c0-8.5,6.9-15.3,15.3-15.3h16.1V130.1z"/>
<path fill="#0DA9DD" d="M191.5,130.1h-73.8v-5.4c0-8.9,7.2-16.1,16.1-16.1h57.7V130.1z"/>
<path fill="#C7E9F5" d="M55.2,25.6l-0.1,9.8L55,57l-0.1,21.6c0,0.2,0.2,0.4,0.4,0.4c0.2,0,0.4-0.2,0.4-0.4L56.6,57l0.8-21.6 c0.1-3.3,0.2-6.5,0.3-9.8H55.2z"/>
<path fill="#C7E9F5" d="M203.1,25.6l0.1,18.1c0.2,28.8,0.4,57.6,1.2,86.3c0,0.4,0.4,0.8,0.8,0.8c0.4,0,0.8-0.3,0.8-0.8 c0.8-28.8,1-57.6,1.2-86.3l0.1-18.1H203.1z"/>
<path fill="#7FD3F2" d="M55.3,25.6v-8.2v-6.8c0-5.9,4-10.7,9-10.7h134c5,0,9,4.8,9,10.7v14.9H55.3z"/>
<path fill="#005083" d="M210.7,25.6c-13.3,1.1-26.7,1-40,1l-40,0.2l-40-0.2c-13.3-0.1-26.7,0-40-1V25c13.3-1.1,26.7-1,40-1l40-0.2 l40,0.2c13.3,0.1,26.7,0,40,1V25.6z"/>
<polygon fill="#C7E9F5" points="168.7,95.6 117.7,95.6 117.7,44.6 "/>
<path fill="#C8D7E2" d="M191.5,56.5c0,11-8.9,19.9-19.9,19.9c-11,0-19.9-8.9-19.9-19.9c0-11,8.9-19.9,19.9-19.9 C182.6,36.6,191.5,45.5,191.5,56.5"/>
<path fill="#FFFFFF" d="M213.2,95.5c-3.3-5.1-3.2-16.7-3.2-28.4h-32.3c0,0-5.2,25.5,4.6,33c7.5-0.1,29.9-0.6,29.9-0.6"/>
<path fill="#C8D7E2" d="M213.5,95.3l-0.1-0.1l-0.3-0.5c-0.2-0.4-0.3-0.7-0.5-1.1c-0.3-0.8-0.5-1.6-0.7-2.4c-0.1-0.5-0.2-1.1-0.3-1.6 c-0.4,0-0.8,0-1.2,0c0.5,2.1,1.1,4.3,2.4,6.1l0.2,0.2c0.2,0,0.4-0.1,0.5-0.3C213.6,95.5,213.6,95.4,213.5,95.3L213.5,95.3z"/>
<path fill="#C8D7E2" d="M212.5,98.6c-0.1,0-0.2,0-0.3,0l-0.1,0H212l-0.3,0l-0.6,0l-1.3,0l-2.5,0l-5,0l-19.5,0.2 c-1.9-1.7-3.1-4.1-3.8-6.5c-0.8-2.6-1.1-5.4-1.2-8.2c-0.2-5.2,0.3-10.4,1.1-15.6l5.7-0.1c0-0.9,0-1.8,0-2.6l-4.4,0l-2.5,0 c-0.4,0-0.8,0.2-1,0.5c-0.1,0.2-0.2,0.3-0.3,0.5l-0.1,0.3l-0.2,1.2c-0.3,1.7-0.5,3.3-0.7,5c-0.3,3.3-0.5,6.7-0.4,10.1 c0.1,3.4,0.5,6.7,1.5,10c0.5,1.6,1.2,3.2,2.2,4.7c0.5,0.7,1,1.4,1.7,2c0.3,0.3,0.6,0.6,1,0.9l0.1,0.1c0.1,0,0.2,0.1,0.3,0.2 c0.2,0.1,0.5,0.1,0.6,0.1l0.6,0l20-0.6l5-0.2l2.5-0.1l1.2,0l0.3,0l0.2,0c0,0,0.3,0,0.4-0.1c0.3-0.2,0.5-0.5,0.5-0.9 C213.1,99.1,212.9,98.7,212.5,98.6z"/>
<path fill="#FFFFFF" d="M223.1,84.8c-3.3-5.1-4.8-16.7-4.8-28.4h-32.3c0,0-3.5,25.5,6.3,33c7.5-0.1,29.9-0.6,29.9-0.6"/>
<path fill="#C8D7E2" d="M222.9,84.9c-1.3-2.1-2.2-4.4-2.8-6.7c-0.6-2.4-1.1-4.8-1.5-7.2c-0.7-4.8-1-9.1-1-13.9l0,0l-31,0.1l0,0 c-0.4,2.8-0.5,5.1-0.5,7.9c-0.1,2.9,0,5.7,0.3,8.6c0.3,2.8,0.8,5.7,1.7,8.3c0.9,2.6,2.3,5.2,4.5,6.9l-0.4-0.1l14.9-0.2 c5-0.1,10-0.1,14.9-0.1c0.1,0,0.3,0.1,0.3,0.3c0,0.1-0.1,0.3-0.2,0.3c-5,0.2-10,0.4-14.9,0.5l-14.9,0.4c-0.1,0-0.3,0-0.4-0.1l0,0 c-2.5-1.9-3.9-4.7-5-7.4c-1-2.8-1.5-5.7-1.9-8.6c-0.3-2.9-0.4-5.8-0.4-8.8c0.1-2.9,0.2-5.8,0.6-8.8c0-0.4,0.4-0.6,0.7-0.6h0 l32.3,0.1h0c0.3,0,0.6,0.3,0.6,0.6v0c0,4.8,0.2,9.6,0.7,14.4c0.3,2.4,0.6,4.8,1.2,7.1c0.5,2.3,1.2,4.7,2.4,6.8c0,0.1,0,0.1,0,0.2 C223.1,85,223,85,222.9,84.9"/>
<path fill="#C8D7E2" d="M192.1,67.1c1.6-0.9,3.4-1.2,5.1-1.3c1.7-0.2,3.5-0.2,5.2-0.2c3.5,0.1,6.9,0.2,10.3,1c0.1,0,0.2,0.2,0.2,0.3 c0,0.1-0.1,0.2-0.2,0.2c-3.4,0.2-6.9,0-10.3,0c-1.7,0-3.4,0-5.1,0c-1.7,0-3.4,0.1-5.1,0.3l0,0c-0.1,0-0.1,0-0.1-0.1 C192,67.2,192.1,67.1,192.1,67.1"/>
<path fill="#C8D7E2" d="M194.1,74c1.4,0,2.7,0,4.1,0c1.4,0,2.7,0,4.1,0c2.7,0,5.4-0.1,8.2-0.2c0.1,0,0.3,0.1,0.3,0.3 c0,0.1-0.1,0.2-0.2,0.3c-1.3,0.5-2.7,0.7-4.1,0.9c-1.4,0.2-2.8,0.2-4.2,0.3c-1.4,0-2.8,0-4.2-0.2c-1.4-0.2-2.8-0.4-4.1-1.1 c-0.1,0-0.1-0.1,0-0.2C193.9,74.1,194,74,194.1,74L194.1,74z"/>
<path fill="#86A6BD" d="M40.2,88.6c-0.5,0-0.8-0.4-0.9-0.9l-0.1-8.2c0-0.7,0-1.4,0-2.1c0.1-0.7,0.2-1.5,0.4-2.2c0.4-1.4,1-2.8,1.9-4 c1.7-2.5,4.3-4.3,7.1-5.1c0.7-0.2,1.5-0.3,2.2-0.5c0.7-0.1,1.5-0.1,2.2-0.1c1.3,0,2.9,0,4.4,0.4c2.9,0.7,5.6,2.5,7.4,4.9 c0.9,1.2,1.6,2.6,2.1,4c0.5,1.4,0.6,3,0.6,4.4l0,16.4c0,0.7-0.6,1.3-1.3,1.3l-6.7,0c-0.7,0-1.3-0.6-1.3-1.3v0l0-10.8l0-5.4 c0-1.4-0.7-2.8-1.8-3.5c-0.6-0.4-1.3-0.6-2-0.7c-0.7,0-1.9,0-2.5,0c-1.4,0.1-2.7,1-3.3,2.3c-0.3,0.7-0.4,1.3-0.4,2.1l0,2.7 l-0.1,5.4l0,0c0,0.5-0.4,0.9-1,0.9"/>
<path fill="#FFFFFF" d="M41.1,86.9l0.1-7.3c-0.1-2.6,0.7-5,2.1-7.1c1.4-2,3.6-3.5,5.9-4.1c0.6-0.2,1.2-0.3,1.8-0.3 c0.6,0,1.2-0.1,1.9,0c1.4,0,2.5,0,3.7,0.4c2.4,0.6,4.5,2,5.9,4c0.7,1,1.3,2.1,1.6,3.2c0.4,1.2,0.5,2.3,0.5,3.7l0,15.1l0,0l-4.2,0 l0-9.5l0-5.4c0-2.2-1.2-4.4-3-5.5c-0.9-0.6-2-0.9-3.1-1c-1.1,0-1.7,0-2.9,0c-2.2,0.2-4.2,1.7-5.1,3.6c-0.5,0.9-0.7,2.1-0.6,3.1 l0,2.7l0.1,4.4l0,0L41.1,86.9L41.1,86.9"/>
<path fill="#86A6BD" d="M36.3,133c-1.9,0-3.8-1.1-4.8-2.8c-0.5-0.8-0.7-1.8-0.7-2.8l0-2.4l0-9.6l-0.1-9.6l0-4.8c0-0.7,0-1.8,0.3-2.8 c0.3-1,0.9-1.8,1.7-2.5c0.8-0.6,1.7-1.1,2.7-1.3c1.1-0.2,1.8-0.1,2.6-0.1l4.8,0l9.6-0.1l19.2,0c2.1,0,4.1,1.2,5.1,3 c0.5,0.9,0.8,2,0.8,3l0,2.4l0,9.6l-0.1,9.6l0,4.8c0,0.7,0,1.8-0.4,2.8c-0.3,0.9-1,1.8-1.7,2.4c-0.8,0.6-1.7,1.1-2.7,1.2 c-1.1,0.1-1.8,0-2.6,0.1l-4.8,0l-9.6-0.1L36.3,133z"/>
<path fill="#FFFFFF" d="M74.8,112.3l-0.1-9.6l0-2.4c0-0.6-0.1-1.1-0.4-1.6c-0.6-1-1.7-1.6-2.8-1.6l-19.2,0L42.7,97l-4.8,0 c-0.8,0-1.7,0-2.2,0c-0.6,0.1-1.1,0.3-1.6,0.7c-0.5,0.4-0.8,0.9-1,1.4c-0.2,0.6-0.2,1.1-0.2,2l0,4.8l-0.1,9.6l0,9.6l0,2.4 c0,0.6,0.2,1.3,0.5,1.8c0.6,1.1,1.9,1.8,3.1,1.8l19.2-0.1l9.6-0.1l4.8,0c0.8,0,1.7,0,2.2-0.1c0.6-0.1,1.2-0.4,1.6-0.8 c0.5-0.4,0.8-0.9,1-1.5c0.2-0.6,0.2-1.1,0.2-2l0-4.8L74.8,112.3z"/>
<path fill="#86A6BD" d="M48.1,121.4l2.9-6.2c0.3-0.6,0.2-1.3-0.3-1.8c-1-1-1.5-2.5-1.2-4c0.3-1.7,1.7-3.1,3.4-3.4 c2.9-0.6,5.4,1.6,5.4,4.4c0,1.2-0.5,2.3-1.3,3.1c-0.5,0.5-0.6,1.2-0.3,1.8l2.9,6.2c0.1,0.2-0.1,0.5-0.3,0.5H48.4 C48.1,121.9,48,121.6,48.1,121.4"/>
</svg>
<?php echo $message; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- message includes HTML that's marked up ourselves. ?>
<?php
if ( $recovery_form ) {
echo $this->get_html_recovery_form(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- content is escaped in the function.
}
?>
</div>
<div id="error-footer">
<?php
if ( $back_button && ! $recovery_form ) {
if ( 'rtl' === $text_direction ) {
$back_button_icon = '<svg class="gridicon gridicons-arrow-right" height="24" width="24" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><g><path d="M12 4l-1.41 1.41L16.17 11H4v2h12.17l-5.58 5.59L12 20l8-8-8-8z"/></g></svg>';
} else {
$back_button_icon = '<svg class="gridicon gridicons-arrow-left" height="24" width="24" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><g><path d="M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.41L7.83 13H20v-2z"/></g></svg>';
}
?>
<a href='javascript:history.back()'
<?php
printf(
/* translators: %s is HTML markup, for a back icon. */
__( '%s Back', 'jetpack' ), // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
$back_button_icon // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
);
?>
</a>
<?php
} else {
$help_icon = '<svg class="gridicon gridicons-help" height="24" width="24" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><g><path d="M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10S17.523 2 12 2zm1 16h-2v-2h2v2zm0-4.14V15h-2v-2c0-.552.448-1 1-1 1.103 0 2-.897 2-2s-.897-2-2-2-2 .897-2 2H8c0-2.21 1.79-4 4-4s4 1.79 4 4c0 1.862-1.278 3.413-3 3.86z"/></g></svg>';
?>
<a href="<?php echo esc_url( self::get_help_url() ); ?>" rel="noopener noreferrer" target="_blank">
<?php
printf(
/* translators: %s is HTML markup, for a help icon. */
__( '%s Get help unlocking your site', 'jetpack' ), // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
$help_icon // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
);
?>
</a>
<?php } ?>
</div>
</body>
</html>
<?php
die();
}
}