WordPress version update reminder

So I have some Linux, Ubuntu, servers that are used for shared hosting. Many of the customers use WordPress and I think that it’s an awesome solution that so many can get a great website up and running in almost no time. The flaw with WordPress is that it has a lot of security holes if they don’t upgrade to the latest version. WordPress has a great update feature, but since my customers do not log in on their sites they don’t see that, so what to do. I decided that sending them an email would maybe encourage them a little, specifically the site admin.

I couldn’t find any good script that solved my problem so I decided to copy paste something that would do the trick.

Updated and locate are a good start for finding version.php.

I’ve put my files under /root/scripts/wp-version

run-wp.version-finder.sh looks like this:

updatedb
locate wp-includes/version.php | xargs grep "wp_version = " > /root/scripts/wp-version/tmp-version.txt
php /root/scripts/wp-version/wp-version.php

The wp-version.php script looks like this:

 /root/scripts/wp-version/tmp-version.txt

// curl_init and mysql is needed for this to work.
// apt-get install php5-intl

// Adminiadress, sends short summary.
$AdminAdress = "admin@company.com";        // Change e-mail adress
$ServerName = "SERVER_NAME";
$Sender = "support@company.com";

$myFile = "/root/scripts/wp-version/tmp-version.txt";
$summary = "";

//check for latest WordPress version
$apiUrl = 'http://api.wordpress.org/core/version-check/1.6/';
$apiFile = 'cache/api.json';

// Verify that cache folder exist
if (!file_exists('cache')) {
    mkdir('cache', 0777, true);
}

if((is_file($apiFile) and filemtime($apiFile)< time()-3600) OR !is_file($apiFile)) {
    $apiContent = getData($apiUrl);
    if($apiContent!=''){
        file_put_contents($apiFile, $apiContent);
    }
}

$apiContent = file_get_contents($apiFile);
$apiReturn = unserialize($apiContent);
$current_version = $apiReturn['offers'][0]['current'];

$lines = file($myFile);

foreach ($lines as $line_num => $line) {
    $adminEmail = array();
    $siteAdminEmail = array();
    $wpversionArr = explode( "'", $line);
    $wpversion = $wpversionArr[1];

    // Verify against wordpress.org if the version is the latest.
    if (version_compare($wpversion, $current_version, '<')) {

        // Verify that the file wp-config.php is place.
        // There is a need to check if the file is found i one of the parent folders, future fix
        $filename = explode( "wp-includes/", $line);
        $filename = $filename[0] . "wp-config.php";

        if (file_exists($filename)) {
            $configlines = file($filename);
            $DB_USER = "";
            $DB_PASSWORD = "";
            $DB_HOST = "";
            $DB_NAME = "";
            $tbl_prefix = "";
            $siteurl = "";
            // get all the variables that is needed for mysql connection.
            foreach ($configlines as $line_num => $configline) {
                if (strpos($configline,"'DB_USER'") > 0 ) {
                    $DB_USER = (explode( "'", $configline));
                    $DB_USER = $DB_USER[3];
                }

                if (strpos($configline,"'DB_USER'") > 0 ) {
                    $DB_USER = (explode( "'", $configline));
                    $DB_USER = $DB_USER[3];
                }

                if (strpos($configline,"'DB_PASSWORD'") > 0 ) {
                    $DB_PASSWORD = (explode( "'", $configline));
                    $DB_PASSWORD = $DB_PASSWORD[3];
                }

                if (strpos($configline,"'DB_HOST'") > 0 ) {
                    $DB_HOST = (explode( "'", $configline));
                    $DB_HOST = $DB_HOST[3];
                }

                if (strpos($configline,"'DB_NAME'") > 0 ) {
                    $DB_NAME = (explode( "'", $configline));
                    $DB_NAME = $DB_NAME[3];
                }

                if (strpos($configline,"table_prefix") > 0 ) {
                    $tbl_prefix = (explode( "'", $configline));
                    $tbl_prefix = $tbl_prefix[1];
                }
            }
            // Connect to the wordpress database
            $con=mysqli_connect($DB_HOST,$DB_USER,$DB_PASSWORD,$DB_NAME) or die;

            // Check connection
            if (mysqli_connect_errno($con)) {
                echo "Failed to connect to MySQL: " . mysqli_connect_error();
            }

            // Retreve Site URL
            $sqlquery = "select option_value from " . $tbl_prefix . "options where option_name like 'siteurl'";
            $result = mysqli_query($con,$sqlquery);
            if (!$result) {
                echo "MySQL ERROR DIED! Retreve Site URL" . PHP_EOL;
                die('Invalid query: ' . mysql_error());
            }
            
            while($row = mysqli_fetch_array($result)) {
                $siteurl = $row['option_value'];
                $siteurl = (explode( "//", $siteurl));
                $siteurl = $siteurl[1];
            }
            // Write version of wordpress installation
            //echo "WP-Version is: " . $wpversion . PHP_EOL;

            // Retreve all Admins email address
            $sqlquery = "SELECT * FROM " . $tbl_prefix . "users JOIN " . $tbl_prefix . "usermeta ON ( " . $tbl_prefix . "users.id = " . $tbl_prefix . "usermeta.user_id ) WHERE " . $tbl_prefix . "usermeta.meta_key LIKE    'wp_user_level' AND " . $tbl_prefix . "usermeta.meta_value =    '10'";
            $result = mysqli_query($con,$sqlquery);
            if (!$result) {
                echo "MySQL ERROR DIED! Retreve all Admins email" . PHP_EOL;
                die('Invalid query: ' . mysql_error());
            }

            while($row = mysqli_fetch_array($result)) {
// Uncomment to send e-mail to all Admins.
//                send_email( $row['option_value'], $siteurl, $wpversion, $current_version);
                $tmp = $row['user_email'];
                array_push($adminEmail, $tmp);
            }

            // Retrive the Site Admin email address and spam them until they upgrade wordpress.
            $sqlquery = "select option_value from " . $tbl_prefix . "options where option_name like 'admin_email'";
            $result = mysqli_query($con,$sqlquery);
            
            if (!$result) {
                die('Invalid query: ' . mysql_error());
            }

            while($row = mysqli_fetch_array($result)) {
// Uncomment to send e-mail to all Site-Admins.        
//                send_email( $row['option_value'], $siteurl, $wpversion, $current_version);
                $tmp =  $row['option_value'];
                array_push($siteAdminEmail, $tmp);
            }
    
            mysqli_close($con);
        } else {
            echo "NO file found" . PHP_EOL;
        }
        $siteurlUTF8 = idn_to_utf8($siteurl);
        $adminEmailComma = join(", ", $adminEmail);
        $siteAdminEmailComma = join(", ", $siteAdminEmail);

        $summary .= $siteurlUTF8 . "
 ";
        $summary .= "version: " . $wpversion . "
 ";
        $summary .= "Admin Emails: " . $adminEmailComma . "
 ";
        $summary .= "SiteAdmin Emails: " . $siteAdminEmailComma . "

 " . "\r\n";
    }
}

// Comment next line to not send e-mail to server admin.sendAdminSummary($AdminAdress, $summary);


function send_email($address, $siteurl, $wpversion, $current_version){
    global $Sender;
    
    $to    = $address;
    $subject = "Detfinns en ny version av wordpress forsajten: " . idn_to_utf8($siteurl) ;
    $message = '' . $subject . '


Hej

Du får detta meddelande gäller sajten: ' . idn_to_utf8($siteurl) . '. 
Det har kommit en ny version ' . $current_version . ' av wordpress och eftersom du fortfarande använder version ' . $wpversion . ' så bör den upgraderas. 

Scandinavian Hosting


';

    $headers = 'MIME-Version: 1.0' . "\n";
    $headers .= 'Content-type: text/html; charset=utf-8' . "\n";
    $headers .= 'From: ' . $Sender . "\n";
    $headers .= 'Reply-To: ' . $Sender . "\n";

    mail($to, $subject, $message, $headers);
}


functionsendAdminSummary($address, $summary){
    global $current_version;
    global $ServerName;
    global $Sender;
    
    $to    = $address;
    $subject = "Sammanställning avWordpresssajter sombehöveruppdateras";
    $message = '' . $subject . '


Hej

Här kommer en sammanställning av sajter som behöver uppdateras på ' . $ServerName  . ' 
Senaste versionen av WordPress är ' . $current_version . '

 ' . $summary . '

Med Vänlig Hälsning
Scandinavian Hosting


';

    $headers = 'MIME-Version: 1.0' . "\n";
    $headers .= 'Content-type: text/html; charset=utf-8' . "\n";
    $headers .= 'From: ' . $Sender . "\n";
    $headers .= 'Reply-To: ' . $Sender . "\n";

    mail($to, $subject, $message, $headers);
}

// http://yalamber.com/2012/12/get-the-latest-version-number-of-wordpress-using-api/
function getData($url) {
    if(is_callable('curl_init')){
        $ch = curl_init();
        $timeout = 5;
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
        $data = curl_exec($ch);
        curl_close($ch);
        return $data;
    }else{
        return file_get_contents($url);
    }
}

?>

 

The get it all to work I run the main script once a month, first monday at 8:00

cronetab-e

Add a line that looks like this:

0 8 * * 1 /root/scripts/wp-version/run-wp-version.sh

That is all
As always, post a comment if you find it useful.