class-adbc-automation-validator.php
7 months ago
class-adbc-common-validator.php
12 hours ago
class-adbc-selected-items-validator.php
3 months ago
class-adbc-settings-validator.php
12 hours ago
class-adbc-tables-validator.php
7 months ago
class-adbc-settings-validator.php
304 lines
| 1 | <?php |
| 2 | |
| 3 | // Exit if accessed directly |
| 4 | if ( ! defined( 'ABSPATH' ) ) |
| 5 | exit; |
| 6 | |
| 7 | /** |
| 8 | * ADBC Settings validator class. |
| 9 | * |
| 10 | * This class provides functions to validate and sanitize the plugin settings. |
| 11 | */ |
| 12 | class ADBC_Settings_Validator { |
| 13 | |
| 14 | private const MIN_FILE_AND_DATABASE_LINES_BATCHES = 100; // 100 lines of rows to process at once |
| 15 | private const MAX_FILE_AND_DATABASE_LINES_BATCHES = 1000000; // 1 million lines or rows to process at once |
| 16 | private const MIN_FILE_CONTENT_CHUNKS = 50; // 50KB |
| 17 | private const MAX_FILE_CONTENT_CHUNKS = 10240; // 10MB |
| 18 | private const MIN_MAX_EXECUTION_TIME = 30; |
| 19 | private const MAX_MAX_EXECUTION_TIME = 300; // 5 minutes |
| 20 | private const MIN_CPU_WORK_TIME_MS = 100; // 100 milliseconds |
| 21 | private const MAX_CPU_WORK_TIME_MS = 1000; // 1 second |
| 22 | private const MIN_CPU_REST_TIME_MS = 1; // 1 millisecond |
| 23 | private const MAX_CPU_REST_TIME_MS = 100; // 100 milliseconds |
| 24 | |
| 25 | // Holds all valid settings keys. |
| 26 | private static $default_settings_keys = array(); |
| 27 | |
| 28 | // Holds the names of the tabs that can be hidden in the settings page. |
| 29 | private static $hiddenable_tabs = array( |
| 30 | 'tables', |
| 31 | 'options', |
| 32 | 'posts_meta', |
| 33 | 'users_meta', |
| 34 | 'transients', |
| 35 | 'cron_jobs', |
| 36 | 'woocommerce', |
| 37 | 'automation', |
| 38 | 'analytics', |
| 39 | 'addons_activity', |
| 40 | 'info_and_logs', |
| 41 | 'post_types', |
| 42 | ); |
| 43 | |
| 44 | /** |
| 45 | * Checks if the given key is a valid setting key. |
| 46 | * |
| 47 | * @param string $key The setting key to check. |
| 48 | * @return bool True if the key is valid, false otherwise. |
| 49 | */ |
| 50 | public static function is_valid_setting_key( $key ) { |
| 51 | if ( empty( self::$default_settings_keys ) ) { |
| 52 | self::$default_settings_keys = ADBC_Settings::instance()->get_settings_keys(); |
| 53 | } |
| 54 | return in_array( $key, self::$default_settings_keys, true ); |
| 55 | } |
| 56 | |
| 57 | /** |
| 58 | * Checks if the given value is a valid installed date string. |
| 59 | * |
| 60 | * @param string $key The setting key. (not used in this function, but kept for consistency) |
| 61 | * @param string $date_string The date string to check. |
| 62 | * @return bool True if the date string is valid, false otherwise. |
| 63 | */ |
| 64 | public static function is_valid_date( $key, $date_string ) { |
| 65 | $date = DateTime::createFromFormat( "d/m/Y", $date_string ); |
| 66 | $date_errors = DateTime::getLastErrors(); |
| 67 | return $date !== false |
| 68 | && empty( $date_errors['warning_count'] ) |
| 69 | && $date->format( 'd/m/Y' ) === $date_string; |
| 70 | } |
| 71 | |
| 72 | /** |
| 73 | * Checks if the given array of tab names are all valid hiddenable tabs. |
| 74 | * |
| 75 | * @param string $key The setting key. |
| 76 | * @param array $tab_names The array of tab names to check. |
| 77 | * @return bool True if all tab names are valid, false otherwise. |
| 78 | */ |
| 79 | public static function are_valid_hiddenable_tabs( $key, $tab_names ) { |
| 80 | if ( ! is_array( $tab_names ) ) |
| 81 | return false; |
| 82 | |
| 83 | foreach ( $tab_names as $tab_name ) { |
| 84 | if ( ! in_array( $tab_name, self::$hiddenable_tabs, true ) ) { |
| 85 | return false; |
| 86 | } |
| 87 | } |
| 88 | |
| 89 | return true; |
| 90 | } |
| 91 | |
| 92 | /** |
| 93 | * Checks if the given value is a valid scan setting value. Used mainly for file_lines_batch, database_rows_batch, file_content_chunks, and scan_max_execution_time. |
| 94 | * |
| 95 | * @param string $key The scan setting key. |
| 96 | * @param mixed $value The value to check. |
| 97 | * @return bool True if the value is valid, false otherwise. |
| 98 | */ |
| 99 | public static function is_scan_setting_valid( $key, $value ) { |
| 100 | |
| 101 | switch ( $key ) { |
| 102 | case 'file_lines_batch': |
| 103 | return ADBC_Common_Validator::is_number_between_min_and_max( $value, self::MIN_FILE_AND_DATABASE_LINES_BATCHES, self::MAX_FILE_AND_DATABASE_LINES_BATCHES ); |
| 104 | case 'file_content_chunks': |
| 105 | return ADBC_Common_Validator::is_number_between_min_and_max( $value, self::MIN_FILE_CONTENT_CHUNKS, self::MAX_FILE_CONTENT_CHUNKS ); |
| 106 | case 'scan_max_execution_time': |
| 107 | // For the max execution time, we allow 0 as a special case to indicate that the user wants the default value. |
| 108 | // If not 0, we check if the number set it is between the min and max values. |
| 109 | if ( $value === 0 ) |
| 110 | return true; |
| 111 | return ADBC_Common_Validator::is_number_between_min_and_max( $value, self::MIN_MAX_EXECUTION_TIME, self::MAX_MAX_EXECUTION_TIME ); |
| 112 | default: |
| 113 | return false; |
| 114 | } |
| 115 | } |
| 116 | |
| 117 | /** |
| 118 | * Checks if the given CPU throttle value is valid (milliseconds). |
| 119 | * |
| 120 | * @param string $key The setting key. |
| 121 | * @param int $value The value to check. |
| 122 | * @return bool True if the value is valid, false otherwise. |
| 123 | */ |
| 124 | public static function is_cpu_usage_time_valid( $key, $value ) { |
| 125 | |
| 126 | switch ( $key ) { |
| 127 | case 'cpu_work_time_ms': |
| 128 | return ADBC_Common_Validator::is_number_between_min_and_max( $value, self::MIN_CPU_WORK_TIME_MS, self::MAX_CPU_WORK_TIME_MS ); |
| 129 | case 'cpu_rest_time_ms': |
| 130 | return ADBC_Common_Validator::is_number_between_min_and_max( $value, self::MIN_CPU_REST_TIME_MS, self::MAX_CPU_REST_TIME_MS ); |
| 131 | default: |
| 132 | return false; |
| 133 | } |
| 134 | } |
| 135 | |
| 136 | /** |
| 137 | * Checks if the given array of notifications keys are all valid notifications keys. |
| 138 | * |
| 139 | * @param string $key The setting key (not used in this function, but kept for consistency). |
| 140 | * @param array $notifications_keys The array of notifications keys to check. |
| 141 | * @return bool True if all notification keys are valid, false otherwise. |
| 142 | */ |
| 143 | public static function are_valid_notifications_keys( $key, $notifications_keys ) { |
| 144 | if ( ! is_array( $notifications_keys ) ) |
| 145 | return false; |
| 146 | |
| 147 | $valid_notifications_keys = ADBC_Notifications::get_notifications_keys(); // Call the static method to get the valid notifications keys. |
| 148 | |
| 149 | foreach ( $notifications_keys as $notification_key => $dismissed ) { |
| 150 | |
| 151 | // If the notification key is not valid, return false. |
| 152 | if ( ! in_array( $notification_key, $valid_notifications_keys, true ) ) { |
| 153 | |
| 154 | return false; |
| 155 | } |
| 156 | |
| 157 | // If the dismissed format is not valid, return false. |
| 158 | if ( ! is_array( $dismissed ) || count( $dismissed ) !== 1 || ! array_key_exists( 'dismissed', $dismissed ) || ! is_bool( $dismissed['dismissed'] ) ) { |
| 159 | return false; |
| 160 | } |
| 161 | |
| 162 | } |
| 163 | |
| 164 | return true; |
| 165 | } |
| 166 | |
| 167 | /** |
| 168 | * Checks if the given value is a valid api scan balance value. |
| 169 | * |
| 170 | * @param string $key The setting key. (not used in this function, but kept for consistency) |
| 171 | * @param string $value The value to check. |
| 172 | * @return bool True if the value is valid, false otherwise. |
| 173 | */ |
| 174 | public static function is_api_scan_balance_valid( $key, $api_scan_balance ) { |
| 175 | if ( ! is_array( $api_scan_balance ) ) |
| 176 | return false; |
| 177 | foreach ( $api_scan_balance as $scan_key => $value ) { |
| 178 | if ( ! in_array( $scan_key, array( 'quota', 'usage', 'ttl', 'total_quota', 'total_consumed', 'updated_at' ), true ) ) |
| 179 | return false; |
| 180 | if ( ! is_int( $value ) && $value < 0 ) |
| 181 | return false; |
| 182 | } |
| 183 | return true; |
| 184 | } |
| 185 | |
| 186 | /** |
| 187 | * Checks if the given value is a valid security code. |
| 188 | * |
| 189 | * @param string $key The setting key. (not used in this function, but kept for consistency) |
| 190 | * @param string $security_code The security code to check. |
| 191 | * @return bool True if the security code is valid, false otherwise. |
| 192 | */ |
| 193 | public static function is_security_code_valid( $key, $security_code ) { |
| 194 | if ( ! is_string( $security_code ) ) |
| 195 | return false; |
| 196 | if ( strlen( $security_code ) !== ADBC_SECURITY_CODE_LENGTH ) |
| 197 | return false; |
| 198 | if ( ! preg_match( '/^[0-9a-z_]+$/', $security_code ) ) |
| 199 | return false; |
| 200 | return true; |
| 201 | } |
| 202 | |
| 203 | /** |
| 204 | * Checks if the given value is a valid execution data array. Used in analytics and addons activity validation settings. |
| 205 | * |
| 206 | * @param string $key The setting key. (not used in this function, but kept for consistency) |
| 207 | * @param array $execution_data The execution data array to check. |
| 208 | * @return bool True if the execution data is valid, false otherwise. |
| 209 | */ |
| 210 | public static function is_execution_data_valid( $key, $execution_data ) { |
| 211 | |
| 212 | if ( ! is_array( $execution_data ) ) |
| 213 | return false; |
| 214 | |
| 215 | if ( ! array_key_exists( 'success', $execution_data ) || ! array_key_exists( 'fail', $execution_data ) ) |
| 216 | return false; |
| 217 | |
| 218 | // If there are any other keys in the array, we don't want them. |
| 219 | if ( count( $execution_data ) > 2 ) |
| 220 | return false; |
| 221 | |
| 222 | $success_value = $execution_data['success']; |
| 223 | $fail_value = $execution_data['fail']; |
| 224 | |
| 225 | // Allowed values are 0 or a timestamp (integer) of 10 digits. |
| 226 | if ( $success_value !== 0 && ( strlen( $success_value ) !== 10 || ! ctype_digit( (string) $success_value ) ) ) |
| 227 | return false; |
| 228 | |
| 229 | if ( $fail_value !== 0 && ( strlen( $fail_value ) !== 10 || ! ctype_digit( (string) $fail_value ) ) ) |
| 230 | return false; |
| 231 | |
| 232 | return true; |
| 233 | |
| 234 | } |
| 235 | |
| 236 | /** |
| 237 | * Checks if the given value is a valid keep last setting. |
| 238 | * |
| 239 | * @param string $key The setting key. (not used in this function, but kept for consistency) |
| 240 | * @param array $keep_last The keep last setting to check. |
| 241 | * @return bool True if the keep last setting is valid, false otherwise. |
| 242 | */ |
| 243 | public static function is_keep_last_valid( $key, $keep_last ) { |
| 244 | |
| 245 | if ( ! is_array( $keep_last ) ) |
| 246 | return false; |
| 247 | |
| 248 | foreach ( $keep_last as $items_type => $value ) { |
| 249 | if ( ! ADBC_Cleanup_Type_Registry::is_valid_items_type( $items_type ) ) |
| 250 | return false; |
| 251 | if ( ! is_array( $value ) || count( $value ) !== 2 ) |
| 252 | return false; |
| 253 | if ( ! array_key_exists( 'type', $value ) || ! array_key_exists( 'value', $value ) ) |
| 254 | return false; |
| 255 | if ( ! in_array( $value['type'], array( 'days', 'items' ), true ) ) |
| 256 | return false; |
| 257 | if ( ! is_int( $value['value'] ) || $value['value'] <= 0 || $value['value'] > 10000 ) |
| 258 | return false; |
| 259 | } |
| 260 | |
| 261 | return true; |
| 262 | |
| 263 | } |
| 264 | |
| 265 | /** |
| 266 | * Checks if the given value is a valid performance settings. |
| 267 | * |
| 268 | * @param string $key The setting key. (not used in this function, but kept for consistency) |
| 269 | * @param array $value The value to check. |
| 270 | * @return bool True if the value is valid, false otherwise. |
| 271 | */ |
| 272 | public static function is_performance_settings_valid( $key, $value ) { |
| 273 | switch ( $key ) { |
| 274 | case 'database_rows_batch': |
| 275 | return ADBC_Common_Validator::is_number_between_min_and_max( $value, self::MIN_FILE_AND_DATABASE_LINES_BATCHES, self::MAX_FILE_AND_DATABASE_LINES_BATCHES ); |
| 276 | case 'sql_or_native_cleanup_method': |
| 277 | return in_array( $value, [ 'sql', 'native' ], true ); |
| 278 | default: |
| 279 | return false; |
| 280 | } |
| 281 | } |
| 282 | |
| 283 | /** |
| 284 | * Checks if the given value is a valid general cleanup auto count setting. |
| 285 | * |
| 286 | * @param string $key The setting key. (not used in this function, but kept for consistency) |
| 287 | * @param array $value The value to check. |
| 288 | * |
| 289 | * @return bool True if the value is valid, false otherwise. |
| 290 | */ |
| 291 | public static function is_general_cleanup_auto_count_valid( $key, $value ) { |
| 292 | |
| 293 | if ( ! is_array( $value ) ) |
| 294 | return false; |
| 295 | |
| 296 | foreach ( $value as $items_type ) |
| 297 | if ( ! ADBC_Cleanup_Type_Registry::is_valid_items_type( $items_type ) ) |
| 298 | return false; |
| 299 | |
| 300 | return true; |
| 301 | |
| 302 | } |
| 303 | |
| 304 | } |