Cli multisite

cli/purge.cls.php

@@ -157,6 +157,7 @@ public function url($args)
 	{
 		$data = array(
 			Router::ACTION => Core::ACTION_QS_PURGE,
+			Router::VALIDATE_PURGE => Router::get_hash(Router::VALIDATE_PURGE),
 		);
 		$url = $args[0];
 		$deconstructed = wp_parse_url($url);
@@ -166,6 +167,8 @@ public function url($args)
 		}
 
 		if (is_multisite()) {
+			$data['switch_blog'] = get_current_blog_id();
+
 			if (get_blog_id_from_url($deconstructed['host'], '/') === 0) {
 				WP_CLI::error('Multisite url passed in is invalid.');
 				return;

src/core.cls.php

@@ -320,6 +320,9 @@ public function proceed_action($action)
 		switch ($action) {
 			case self::ACTION_QS_PURGE:
 				Purge::set_purge_related();
+				$full_url = (\is_ssl() ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
+				$full_url_no_query = strtok($full_url, '?');
+				$this->cls('Purge')->purge_url( $full_url_no_query, false, true );
 				break;
 
 			case self::ACTION_QS_SHOW_HEADERS:

src/purge.cls.php

@@ -773,7 +773,7 @@ public function purge_tag($val)
 	 * @since 1.0.7
 	 * @access public
 	 */
-	public function purge_url($url, $purge2 = false, $quite = false)
+	public function purge_url($url, $purge2 = false, $quiet = false)
 	{
 		$val = trim($url);
 		if (empty($val)) {
@@ -796,7 +796,7 @@ public function purge_url($url, $purge2 = false, $quite = false)
 
 		self::add($hash, $purge2);
 
-		!$quite && !defined('LITESPEED_PURGE_SILENT') && Admin_Display::succeed(sprintf(__('Purge url %s', 'litespeed-cache'), $val));
+		!$quiet && !defined('LITESPEED_PURGE_SILENT') && Admin_Display::succeed(sprintf(__('Purge url %s', 'litespeed-cache'), $val));
 	}
 
 	/**

src/router.cls.php

@@ -14,6 +14,7 @@ class Router extends Base
 {
 	const NONCE = 'LSCWP_NONCE';
 	const ACTION = 'LSCWP_CTRL';
+	const VALIDATE_PURGE = 'VALIDATE_PURGE';
 
 	const ACTION_SAVE_SETTINGS_NETWORK = 'save-settings-network';
 	const ACTION_DB_OPTM = 'db_optm';
@@ -270,16 +271,20 @@ public function is_role_simulation()
 	 *
 	 * @since  3.3
 	 */
-	public static function get_hash()
+	public static function get_hash($item_name = null)
 	{
+		if(!$item_name){
+			$item_name = self::ITEM_HASH;
+		}
+
 		// Reuse previous hash if existed
-		$hash = self::get_option(self::ITEM_HASH);
+		$hash = self::get_option($item_name);
 		if ($hash) {
 			return $hash;
 		}
 
 		$hash = Str::rrand(6);
-		self::update_option(self::ITEM_HASH, $hash);
+		self::update_option($item_name, $hash);
 		return $hash;
 	}
 
@@ -501,12 +506,30 @@ private function verify_action()
 		// Each action must have a valid nonce unless its from admin ip and is public action
 		// Validate requests nonce (from admin logged in page or cli)
 		if (!$this->verify_nonce($action)) {
-			// check if it is from admin ip
-			if (!$this->is_admin_ip()) {
+			// check if action is from admin ip. skip test for action Core::ACTION_QS_PURGE.
+			if ( $action != Core::ACTION_QS_PURGE && !$this->is_admin_ip()) {
 				Debug2::debug('[Router] LSCWP_CTRL query string - did not match admin IP: ' . $action);
 				return;
 			}
 
+			$save_blog = get_current_blog_id();
+			if ($_REQUEST['switch_blog']) {
+				// If request parameter "switch_blog", switch to correct blog to generate hash.
+				switch_to_blog($_REQUEST['switch_blog']);
+			}
+			$hash = Router::get_hash(self::VALIDATE_PURGE);
+			if ($_REQUEST['switch_blog']) {
+				// Restore blog if needed.
+				switch_to_blog($save_blog);
+			}
+
+
+			// Validate request for action Core::ACTION_QS_PURGE. test if request parameter isset and is correct.
+			if( $action == Core::ACTION_QS_PURGE && ( !isset($_REQUEST[Router::VALIDATE_PURGE]) || $_REQUEST[Router::VALIDATE_PURGE] != $hash ) ){
+				Debug2::debug('[Router] LSCWP_CTRL query string - could not validate request for: ' . $action);
+				return;
+			}
+
 			// check if it is public action
 			if (
 				!in_array($action, array(
@@ -518,7 +541,7 @@ private function verify_action()
 					Core::ACTION_QS_PURGE_EMPTYCACHE,
 				))
 			) {
-				Debug2::debug('[Router] LSCWP_CTRL query string - did not match admin IP Actions: ' . $action);
+				Debug2::debug('[Router] LSCWP_CTRL query string - did not match public action: ' . $action);
 				return;
 			}
 
@@ -764,4 +787,4 @@ public function handler($cls)
 
 		return $this->cls($cls)->handler();
 	}
-}
+}

src/vary.cls.php

@@ -667,7 +667,7 @@ public function finalize()
 		$tp_cookies = $this->_finalize_curr_vary_cookies();
 
 		if (!$tp_cookies) {
-			Debug2::debug2('[Vary] no custimzed vary');
+			Debug2::debug2('[Vary] no customized vary');
 			return;
 		}