helpers
1 month ago
tables
1 month ago
aIProviderInterface.php
1 month ago
assets.php
1 month ago
baseObject.php
1 month ago
builderBlock.php
1 month ago
controller.php
1 month ago
date.php
1 month ago
db.php
1 month ago
dispatcher.php
1 month ago
errors.php
1 month ago
field.php
1 month ago
fieldAdapter.php
1 month ago
frame.php
1 month ago
helper.php
1 month ago
html.php
1 month ago
installer.php
1 month ago
installerDbUpdater.php
1 month ago
integration.php
1 month ago
modInstaller.php
1 month ago
model.php
1 month ago
module.php
1 month ago
req.php
1 month ago
response.php
1 month ago
table.php
1 month ago
uri.php
1 month ago
user.php
1 month ago
utils.php
1 month ago
validator.php
1 month ago
view.php
1 month ago
req.php
248 lines
| 1 | <?php |
| 2 | if ( ! defined( 'ABSPATH' ) ) { |
| 3 | exit; |
| 4 | } |
| 5 | class WaicReq { |
| 6 | protected static $_requestData; |
| 7 | protected static $_requestMethod; |
| 8 | public static $_requestWithNonce = false; |
| 9 | |
| 10 | public static function init() { |
| 11 | // Empty for now |
| 12 | } |
| 13 | |
| 14 | /** |
| 15 | * Function getVar |
| 16 | * |
| 17 | * @param string $name key in variables array |
| 18 | * @param string $from from where get result = "all", "input", "get" |
| 19 | * @param mixed $default default value - will be returned if $name wasn't found |
| 20 | * @return mixed value of a variable, if didn't found - $default (NULL by default) |
| 21 | */ |
| 22 | public static function getVar( $name, $from = 'all', $default = null, $html = false, $base = true ) { |
| 23 | if (self::$_requestWithNonce) { |
| 24 | $nonce = empty($_REQUEST['_wpnonce']) ? '' : sanitize_text_field(wp_unslash($_REQUEST['_wpnonce'])); |
| 25 | if (!wp_verify_nonce($nonce, 'my-nonce')) { |
| 26 | echo esc_html__('Security check', 'ai-copilot-content-generator'); |
| 27 | exit(); |
| 28 | } |
| 29 | } |
| 30 | |
| 31 | $from = strtolower($from); |
| 32 | if ('all' == $from) { |
| 33 | if (isset($_GET[$name])) { |
| 34 | $from = 'get'; |
| 35 | } elseif (isset($_POST[$name])) { |
| 36 | $from = 'post'; |
| 37 | } |
| 38 | } |
| 39 | |
| 40 | switch ($from) { |
| 41 | case 'get': |
| 42 | if (isset($_GET[$name])) { |
| 43 | return sanitize_text_field(wp_unslash($_GET[$name])); |
| 44 | } |
| 45 | break; |
| 46 | case 'post': |
| 47 | if (isset($_POST[$name])) { |
| 48 | if (is_array($_POST[$name])) { |
| 49 | /*self::addSanitizeHook(); |
| 50 | $data = sanitize_text_field(wp_unslash($_POST[$name])); |
| 51 | self::removeSanitizeHook(); |
| 52 | return $html && is_array($html) ? self::recursive_sanitize_text_field($data, $html) : $data;*/ |
| 53 | return self::recursive_sanitize_text_field($_POST[$name], $html); |
| 54 | } else { |
| 55 | if (true === $html) { |
| 56 | /*self::addSanitizeHook(); |
| 57 | $data = sanitize_text_field(wp_unslash($_POST[$name])); |
| 58 | self::removeSanitizeHook();*/ |
| 59 | $data = wp_unslash($_POST[$name]); |
| 60 | return $base ? base64_encode($data) : wp_kses_post($data); |
| 61 | } |
| 62 | return sanitize_text_field(wp_unslash($_POST[$name])); |
| 63 | //return ( true === $html ? base64_encode($_POST[$name]) : sanitize_text_field($_POST[$name]) ); |
| 64 | } |
| 65 | } |
| 66 | break; |
| 67 | case 'file': |
| 68 | case 'files': |
| 69 | if (isset($_FILES[$name])) { |
| 70 | return sanitize_file_name($_FILES[$name]); |
| 71 | } |
| 72 | break; |
| 73 | case 'session': |
| 74 | if (isset($_SESSION[$name])) { |
| 75 | return sanitize_text_field($_SESSION[$name]); |
| 76 | } |
| 77 | break; |
| 78 | case 'server': |
| 79 | if (isset($_SERVER[$name])) { |
| 80 | return sanitize_text_field(wp_unslash($_SERVER[$name])); |
| 81 | } |
| 82 | break; |
| 83 | case 'cookie': |
| 84 | if (isset($_COOKIE[$name])) { |
| 85 | $value = sanitize_text_field(wp_unslash($_COOKIE[$name])); |
| 86 | if (strpos($value, '_JSON:') === 0) { |
| 87 | $value = explode('_JSON:', $value); |
| 88 | $value = WaicUtils::jsonDecode(array_pop($value)); |
| 89 | } |
| 90 | return $value; |
| 91 | } |
| 92 | break; |
| 93 | } |
| 94 | return $default; |
| 95 | } |
| 96 | public static function recursive_sanitize_text_field( $array, $html = false ) { |
| 97 | $isHtml = is_array($html); |
| 98 | foreach ( $array as $key => &$value ) { |
| 99 | if ( is_array( $value ) ) { |
| 100 | $value = self::recursive_sanitize_text_field($value, $html); |
| 101 | } else { |
| 102 | $value = ( $isHtml && !is_numeric($key) && in_array($key, $html) ? base64_encode($value) : wp_kses_post($value) ); |
| 103 | } |
| 104 | } |
| 105 | return $array; |
| 106 | } |
| 107 | public static function isEmpty( $name, $from = 'all' ) { |
| 108 | $val = self::getVar($name, $from); |
| 109 | return empty($val); |
| 110 | } |
| 111 | public static function setVar( $name, $val, $in = 'input', $params = array() ) { |
| 112 | $in = strtolower($in); |
| 113 | switch ($in) { |
| 114 | case 'get': |
| 115 | $_GET[$name] = $val; |
| 116 | break; |
| 117 | case 'post': |
| 118 | $_POST[$name] = $val; |
| 119 | break; |
| 120 | case 'session': |
| 121 | $_SESSION[$name] = $val; |
| 122 | break; |
| 123 | case 'cookie': |
| 124 | $expire = isset($params['expire']) ? time() + $params['expire'] : 0; |
| 125 | $path = isset($params['path']) ? $params['path'] : '/'; |
| 126 | if (is_array($val) || is_object($val)) { |
| 127 | $saveVal = '_JSON:' . WaicUtils::jsonEncode( $val ); |
| 128 | } else { |
| 129 | $saveVal = $val; |
| 130 | } |
| 131 | setcookie($name, $saveVal, $expire, $path); |
| 132 | break; |
| 133 | } |
| 134 | } |
| 135 | public static function clearVar( $name, $in = 'input', $params = array() ) { |
| 136 | if (self::$_requestWithNonce) { |
| 137 | $nonce = empty($_REQUEST['_wpnonce']) ? '' : sanitize_text_field(wp_unslash($_REQUEST['_wpnonce'])); |
| 138 | if (!wp_verify_nonce($nonce, 'my-nonce')) { |
| 139 | esc_html__('Security check', 'ai-copilot-content-generator'); |
| 140 | exit(); |
| 141 | } |
| 142 | } |
| 143 | $in = strtolower($in); |
| 144 | switch ($in) { |
| 145 | case 'get': |
| 146 | if (isset($_GET[$name])) { |
| 147 | unset($_GET[$name]); |
| 148 | } |
| 149 | break; |
| 150 | case 'post': |
| 151 | if (isset($_POST[$name])) { |
| 152 | unset($_POST[$name]); |
| 153 | } |
| 154 | break; |
| 155 | case 'session': |
| 156 | if (isset($_SESSION[$name])) { |
| 157 | unset($_SESSION[$name]); |
| 158 | } |
| 159 | break; |
| 160 | case 'cookie': |
| 161 | $path = isset($params['path']) ? $params['path'] : '/'; |
| 162 | setcookie($name, '', time() - 3600, $path); |
| 163 | break; |
| 164 | } |
| 165 | } |
| 166 | public static function get( $what ) { |
| 167 | if (self::$_requestWithNonce) { |
| 168 | $nonce = empty($_REQUEST['_wpnonce']) ? '' : sanitize_text_field(wp_unslash($_REQUEST['_wpnonce'])); |
| 169 | if (!wp_verify_nonce($nonce, 'my-nonce')) { |
| 170 | esc_html__('Security check', 'ai-copilot-content-generator'); |
| 171 | exit(); |
| 172 | } |
| 173 | } |
| 174 | $what = strtolower($what); |
| 175 | $vars = null; |
| 176 | //self::addSanitizeHook(); |
| 177 | switch ($what) { |
| 178 | case 'get': |
| 179 | $vars = self::sanitizeArray($_GET); |
| 180 | break; |
| 181 | case 'post': |
| 182 | $vars = self::sanitizeArray($_POST); |
| 183 | break; |
| 184 | case 'session': |
| 185 | $vars = self::sanitizeArray($_SESSION); |
| 186 | break; |
| 187 | case 'files': |
| 188 | $vars = self::sanitizeFilesArray($_FILES); |
| 189 | break; |
| 190 | } |
| 191 | //self::removeSanitizeHook(); |
| 192 | return $vars; |
| 193 | } |
| 194 | public static function sanitizeArray( $arr ) { |
| 195 | $newArr = array(); |
| 196 | foreach ($arr as $k => $v) { |
| 197 | $newArr[$k] = is_array($v) ? self::sanitizeArray($v) : _sanitize_text_fields($v, false); |
| 198 | } |
| 199 | return $newArr; |
| 200 | } |
| 201 | public static function sanitizeFilesArray( $arr ) { |
| 202 | $newArr = array(); |
| 203 | foreach ($arr as $k => $v) { |
| 204 | $newArr[$k] = is_array($v) ? self::sanitizeFilesArray($v) : $v; |
| 205 | } |
| 206 | return $newArr; |
| 207 | } |
| 208 | public static function getMethod() { |
| 209 | if (!self::$_requestMethod) { |
| 210 | self::$_requestMethod = strtoupper( self::getVar('method', 'all', isset($_SERVER['REQUEST_METHOD']) ? sanitize_text_field(wp_unslash($_SERVER['REQUEST_METHOD'])) : '') ); |
| 211 | } |
| 212 | return self::$_requestMethod; |
| 213 | } |
| 214 | public static function getAdminPage() { |
| 215 | $pagePath = self::getVar('page'); |
| 216 | if (!empty($pagePath) && strpos($pagePath, '/') !== false) { |
| 217 | $pagePath = explode('/', $pagePath); |
| 218 | return str_replace('.php', '', $pagePath[count($pagePath) - 1]); |
| 219 | } |
| 220 | return false; |
| 221 | } |
| 222 | public static function getRequestUri( $simple = false) { |
| 223 | $uri = isset($_SERVER['REQUEST_URI']) ? sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI'])) : ''; |
| 224 | if ($simple && !empty($uri)) { |
| 225 | $parts = wp_parse_url($uri); |
| 226 | $path = isset($parts['path']) ? $parts['path'] : $uri; |
| 227 | $uri = str_replace('/wp-json', '', $path); |
| 228 | } |
| 229 | return $uri; |
| 230 | } |
| 231 | public static function getMode() { |
| 232 | $mod = self::getVar('mod'); |
| 233 | if (!$mod) { |
| 234 | $mod = self::getVar('page'); //Admin usage |
| 235 | } |
| 236 | return $mod; |
| 237 | } |
| 238 | public static function addSanitizeHook() { |
| 239 | add_filter('sanitize_text_field', array('WaicReq', 'skipSanitize'), 9999, 2); |
| 240 | } |
| 241 | public static function removeSanitizeHook() { |
| 242 | remove_filter('sanitize_text_field', array('WaicReq', 'skipSanitize'), 9999, 2); |
| 243 | } |
| 244 | public static function skipSanitize( $sanitized, $text ) { |
| 245 | return $text; |
| 246 | } |
| 247 | } |
| 248 |