PluginProbe ʕ •ᴥ•ʔ
Check & Log Email – Easy Email Testing & Mail logging / trunk
Check & Log Email – Easy Email Testing & Mail logging vtrunk
1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9 2.0 2.0.1 2.0.10 2.0.11 2.0.12 2.0.13 2.0.13.1 2.0.13.2 2.0.14 2.0.2 2.0.3 2.0.4 2.0.5 2.0.5.1 2.0.6 2.0.7 2.0.8 2.0.9 trunk 0.5.7 0.6.0 0.6.1 0.6.2 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.12.1 1.0.13 1.0.13.1 1.0.2 1.0.3
check-email / include / helper-function.php
check-email / include Last commit date
Core 1 month ago Util 1 month ago Check_Email_Encode_Tab.php 1 month ago Check_Email_Notify_Tab.php 1 month ago Check_Email_SMTP_Tab.php 1 month ago class-check-email-header-parser.php 1 month ago class-check-email-log-autoloader.php 1 month ago class-check-email-newsletter.php 1 month ago deactivate-feedback.php 1 month ago helper-function.php 1 month ago install.php 1 month ago
helper-function.php
1325 lines
1 <?php
2
3 /**
4 * Helper Functions
5 *
6 * @package check-mail
7 * @subpackage Helper/Templates
8 * @copyright Copyright (c) 2016, René Hermenau
9 * @license http://opensource.org/licenses/gpl-2.0.php GNU Public License
10 * @since 1.4.0
11 */
12 // Exit if accessed directly
13 if( !defined( 'ABSPATH' ) )
14 exit;
15
16 /**
17 * Helper method to check if user is in the plugins page.
18 *
19 * @author René Hermenau
20 * @since 1.4.0
21 *
22 * @return bool
23 */
24
25 /**
26 * display deactivation logic on plugins page
27 *
28 * @since 1.4.0
29 */
30 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
31 function ck_mail_is_plugins_page() {
32
33 if(function_exists('get_current_screen')){
34 $screen = get_current_screen();
35 if(is_object($screen)){
36 if($screen->id == 'plugins' || $screen->id == 'plugins-network'){
37 return true;
38 }
39 }
40 }
41 return false;
42 }
43
44 add_filter('admin_footer', 'ck_mail_add_deactivation_feedback_modal');
45 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
46 function ck_mail_add_deactivation_feedback_modal() {
47
48 if( is_admin() && ck_mail_is_plugins_page() ) {
49
50 require_once CK_MAIL_PATH ."/include/deactivate-feedback.php";
51 }
52
53 }
54
55 /**
56 * send feedback via email
57 *
58 * @since 1.4.0
59 */
60 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
61 function ck_mail_send_feedback() {
62 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Reason: in form variable.
63 if( isset( $_POST['data'] ) ) {
64 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Reason: in form variable.
65 parse_str( sanitize_text_field( wp_unslash($_POST['data'])), $form );
66 }
67
68 if( !isset( $form['ck_mail_security_nonce'] ) || isset( $form['ck_mail_security_nonce'] ) && !wp_verify_nonce( sanitize_text_field( $form['ck_mail_security_nonce'] ), 'ck_mail_ajax_check_nonce' ) ) {
69 echo esc_html__('security_nonce_not_verified', 'check-email');
70 die();
71 }
72 if ( !current_user_can( 'manage_options' ) ) {
73 die();
74 }
75
76 $text = '';
77 if( isset( $form['ck_mail_disable_text'] ) ) {
78 if (is_array($form['ck_mail_disable_text'])) {
79 $text = implode( " ", $form['ck_mail_disable_text'] );
80 }
81 }
82
83 $headers = array();
84
85 $from = isset( $form['ck_mail_disable_from'] ) ? $form['ck_mail_disable_from'] : '';
86 if( $from ) {
87 $headers[] = "From: $from";
88 $headers[] = "Reply-To: $from";
89 }
90
91 $subject = isset( $form['ck_mail_disable_reason'] ) ? $form['ck_mail_disable_reason'] : '(no reason given)';
92
93 if($subject == 'technical issue'){
94
95 $subject = 'Check & Log Email '.$subject;
96 $text = trim($text);
97
98 if(!empty($text)){
99
100 $text = 'technical issue description: '.$text;
101
102 }else{
103
104 $text = 'no description: '.$text;
105 }
106
107 }else{
108 $subject = 'Check & Log Email';
109 }
110
111 $success = wp_mail( 'team@magazine3.in', $subject, $text, $headers );
112
113 echo 'sent';
114 die();
115 }
116 add_action( 'wp_ajax_ck_mail_send_feedback', 'ck_mail_send_feedback' );
117
118 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
119 function ck_mail_enqueue_makebetter_email_js() {
120
121 if ( is_admin() && ck_mail_is_plugins_page() ) {
122
123 $suffix = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
124
125 wp_register_script( 'ck_mail_make_better_js', CK_MAIL_URL . 'assets/js/admin/feedback'. $suffix .'.js', array( 'jquery' ), CK_MAIL_VERSION, true);
126 $data = array(
127 'ajax_url' => admin_url( 'admin-ajax.php' ),
128 'ck_mail_security_nonce' => wp_create_nonce('ck_mail_ajax_check_nonce'),
129 );
130 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
131 $data = apply_filters( 'ck_mail_localize_filter', $data, 'eztoc_admin_data' );
132
133 wp_localize_script( 'ck_mail_make_better_js', 'cn_ck_mail_admin_data', $data );
134 wp_enqueue_script( 'ck_mail_make_better_js' );
135 wp_enqueue_style( 'ck_mail_make_better_css', CK_MAIL_URL . 'assets/css/admin/feedback'. $suffix .'.css', array(), CK_MAIL_VERSION );
136
137 }
138
139 }
140 add_action( 'admin_enqueue_scripts', 'ck_mail_enqueue_makebetter_email_js' );
141
142
143 add_action('wp_ajax_ck_mail_subscribe_newsletter','ck_mail_subscribe_for_newsletter');
144 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
145 function ck_mail_subscribe_for_newsletter() {
146 if ( ! isset( $_POST['ck_mail_security_nonce'] ) ){
147 echo esc_html__('security_nonce_not_verified', 'check-email');
148 die();
149 }
150 if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['ck_mail_security_nonce'] ) ), 'ck_mail_ajax_check_nonce' ) ) {
151 echo esc_html__('security_nonce_not_verified', 'check-email');
152 die();
153 }
154 if ( !current_user_can( 'manage_options' ) ) {
155 die();
156 }
157 if (isset( $_POST['name'] ) && isset( $_POST['email'] ) && isset( $_POST['website'] )) {
158 $api_url = 'http://magazine3.company/wp-json/api/central/email/subscribe';
159
160 $api_params = array(
161 'name' => sanitize_text_field(wp_unslash($_POST['name'])),
162 'email'=> sanitize_email(wp_unslash($_POST['email'])),
163 'website'=> sanitize_text_field(wp_unslash($_POST['website'])),
164 'type'=> 'checkmail'
165 );
166 wp_remote_post( $api_url, array( 'timeout' => 15, 'sslverify' => false, 'body' => $api_params ) );
167 }
168 wp_die();
169 }
170 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
171 function ck_mail_forward_mail($atts) {
172 if ( isset( $atts['to'] ) ) {
173 $to = $atts['to'];
174 if ( ! is_array( $to ) ) {
175 $to = explode( ',', $to );
176 }
177 }
178
179
180 if ( isset( $atts['subject'] ) ) {
181 $subject = $atts['subject'];
182 }
183
184 if ( isset( $atts['message'] ) ) {
185 $message = $atts['message'];
186 }
187
188 if ( isset( $atts['headers'] ) ) {
189 $headers = $atts['headers'];
190 }
191
192 if ( isset( $atts['attachments'] ) ) {
193 $attachments = $atts['attachments'];
194 }
195
196
197 $subject = esc_html__('Forward Email Check & Log ', 'check-email').$subject;
198
199 if ( ! is_array( $attachments ) ) {
200 $attachments = explode( "\n", str_replace( "\r\n", "\n", $attachments ) );
201 }
202 global $phpmailer;
203 if ( ! ( $phpmailer instanceof PHPMailer\PHPMailer\PHPMailer ) ) {
204 require_once ABSPATH . WPINC . '/PHPMailer/PHPMailer.php';
205 require_once ABSPATH . WPINC . '/PHPMailer/SMTP.php';
206 require_once ABSPATH . WPINC . '/PHPMailer/Exception.php';
207 $phpmailer = new PHPMailer\PHPMailer\PHPMailer( true );
208
209 $phpmailer::$validator = static function ( $email ) {
210 return (bool) is_email( $email );
211 };
212 }
213
214 // Headers.
215 $cc = array();
216 $bcc = array();
217 $reply_to = array();
218
219 if ( empty( $headers ) ) {
220 $headers = array();
221 } else {
222 if ( ! is_array( $headers ) ) {
223 $tempheaders = explode( "\n", str_replace( "\r\n", "\n", $headers ) );
224 } else {
225 $tempheaders = $headers;
226 }
227 $headers = array();
228
229 // If it's actually got contents.
230 if ( ! empty( $tempheaders ) ) {
231 // Iterate through the raw headers.
232 foreach ( (array) $tempheaders as $header ) {
233 if ( ! str_contains( $header, ':' ) ) {
234 if ( false !== stripos( $header, 'boundary=' ) ) {
235 $parts = preg_split( '/boundary=/i', trim( $header ) );
236 $boundary = trim( str_replace( array( "'", '"' ), '', $parts[1] ) );
237 }
238 continue;
239 }
240 // Explode them out.
241 list( $name, $content ) = explode( ':', trim( $header ), 2 );
242
243 // Cleanup crew.
244 $name = trim( $name );
245 $content = trim( $content );
246
247 switch ( strtolower( $name ) ) {
248 // Mainly for legacy -- process a "From:" header if it's there.
249 case 'from':
250 $bracket_pos = strpos( $content, '<' );
251 if ( false !== $bracket_pos ) {
252 // Text before the bracketed email is the "From" name.
253 if ( $bracket_pos > 0 ) {
254 $from_name = substr( $content, 0, $bracket_pos );
255 $from_name = str_replace( '"', '', $from_name );
256 $from_name = trim( $from_name );
257 }
258
259 $from_email = substr( $content, $bracket_pos + 1 );
260 $from_email = str_replace( '>', '', $from_email );
261 $from_email = trim( $from_email );
262
263 // Avoid setting an empty $from_email.
264 } elseif ( '' !== trim( $content ) ) {
265 $from_email = trim( $content );
266 }
267 break;
268 case 'content-type':
269 if ( str_contains( $content, ';' ) ) {
270 list( $type, $charset_content ) = explode( ';', $content );
271 $content_type = trim( $type );
272 if ( false !== stripos( $charset_content, 'charset=' ) ) {
273 $charset = trim( str_replace( array( 'charset=', '"' ), '', $charset_content ) );
274 } elseif ( false !== stripos( $charset_content, 'boundary=' ) ) {
275 $boundary = trim( str_replace( array( 'BOUNDARY=', 'boundary=', '"' ), '', $charset_content ) );
276 $charset = '';
277 }
278
279 // Avoid setting an empty $content_type.
280 } elseif ( '' !== trim( $content ) ) {
281 $content_type = trim( $content );
282 }
283 break;
284 case 'cc':
285 $cc = array_merge( (array) $cc, explode( ',', $content ) );
286 break;
287 case 'bcc':
288 $bcc = array_merge( (array) $bcc, explode( ',', $content ) );
289 break;
290 case 'reply-to':
291 $reply_to = array_merge( (array) $reply_to, explode( ',', $content ) );
292 break;
293 default:
294 // Add it to our grand headers array.
295 $headers[ trim( $name ) ] = trim( $content );
296 break;
297 }
298 }
299 }
300 }
301
302 // Empty out the values that may be set.
303 $phpmailer->clearAllRecipients();
304 $phpmailer->clearAttachments();
305 $phpmailer->clearCustomHeaders();
306 $phpmailer->clearReplyTos();
307 $phpmailer->Body = '';
308 $phpmailer->AltBody = '';
309
310 // Set "From" name and email.
311
312 // If we don't have a name from the input headers.
313 if ( ! isset( $from_name ) ) {
314 $from_name = 'WordPress';
315 }
316 if ( ! isset( $from_email ) ) {
317 // Get the site domain and get rid of www.
318 $sitename = wp_parse_url( network_home_url(), PHP_URL_HOST );
319 $from_email = 'wordpress@';
320
321 if ( null !== $sitename ) {
322 if ( str_starts_with( $sitename, 'www.' ) ) {
323 $sitename = substr( $sitename, 4 );
324 }
325
326 $from_email .= $sitename;
327 }
328 }
329
330 try {
331 $phpmailer->setFrom( $from_email, $from_name, false );
332 } catch ( PHPMailer\PHPMailer\Exception $e ) {
333 // error_log(esc_html__('Error in forwar email check & log : ', 'check-email').$e->getMessage());
334 return false;
335 }
336
337 // Set mail's subject and body.
338 $phpmailer->Subject = $subject;
339 $phpmailer->Body = $message;
340
341 // Set destination addresses, using appropriate methods for handling addresses.
342 $address_headers = compact( 'to', 'cc', 'bcc', 'reply_to' );
343
344 foreach ( $address_headers as $address_header => $addresses ) {
345 if ( empty( $addresses ) ) {
346 continue;
347 }
348
349 foreach ( (array) $addresses as $address ) {
350 try {
351 // Break $recipient into name and address parts if in the format "Foo <bar@baz.com>".
352 $recipient_name = '';
353
354 if ( preg_match( '/(.*)<(.+)>/', $address, $matches ) ) {
355 if ( count( $matches ) === 3 ) {
356 $recipient_name = $matches[1];
357 $address = $matches[2];
358 }
359 }
360
361 switch ( $address_header ) {
362 case 'to':
363 $phpmailer->addAddress( $address, $recipient_name );
364 break;
365 case 'cc':
366 $phpmailer->addCc( $address, $recipient_name );
367 break;
368 case 'bcc':
369 $phpmailer->addBcc( $address, $recipient_name );
370 break;
371 case 'reply_to':
372 $phpmailer->addReplyTo( $address, $recipient_name );
373 break;
374 }
375 } catch ( PHPMailer\PHPMailer\Exception $e ) {
376 continue;
377 }
378 }
379 }
380
381 // Set to use PHP's mail().
382 $phpmailer->isMail();
383
384 // Set Content-Type and charset.
385
386 // If we don't have a Content-Type from the input headers.
387 if ( ! isset( $content_type ) ) {
388 $content_type = 'text/html';
389 }
390
391 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
392 $content_type = apply_filters( 'wp_mail_content_type', $content_type );
393
394 $phpmailer->ContentType = $content_type;
395
396 // Set whether it's plaintext, depending on $content_type.
397 if ( 'text/html' === $content_type ) {
398 $phpmailer->isHTML( true );
399 }
400
401 // If we don't have a charset from the input headers.
402 if ( ! isset( $charset ) ) {
403 $charset = get_bloginfo( 'charset' );
404 }
405
406 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
407 $phpmailer->CharSet = apply_filters( 'wp_mail_charset', $charset );
408
409 // Set custom headers.
410 if ( ! empty( $headers ) ) {
411 foreach ( (array) $headers as $name => $content ) {
412 // Only add custom headers not added automatically by PHPMailer.
413 if ( ! in_array( $name, array( 'MIME-Version', 'X-Mailer' ), true ) ) {
414 try {
415 $phpmailer->addCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) );
416 } catch ( PHPMailer\PHPMailer\Exception $e ) {
417 continue;
418 }
419 }
420 }
421
422 if ( false !== stripos( $content_type, 'multipart' ) && ! empty( $boundary ) ) {
423 $phpmailer->addCustomHeader( sprintf( 'Content-Type: %s; boundary="%s"', $content_type, $boundary ) );
424 }
425 }
426
427 if ( ! empty( $attachments ) ) {
428 foreach ( $attachments as $filename => $attachment ) {
429 $filename = is_string( $filename ) ? $filename : '';
430
431 try {
432 $phpmailer->addAttachment( $attachment, $filename );
433 } catch ( PHPMailer\PHPMailer\Exception $e ) {
434 continue;
435 }
436 }
437 }
438
439 /**
440 * Fires after PHPMailer is initialized.
441 *
442 * @since 2.2.0
443 *
444 * @param PHPMailer $phpmailer The PHPMailer instance (passed by reference).
445 */
446 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
447 do_action_ref_array( 'phpmailer_init', array( &$phpmailer ) );
448
449 $mail_data = compact( 'to', 'subject', 'message', 'headers', 'attachments' );
450
451 // Send!
452 try {
453 $send = $phpmailer->send();
454 return $send;
455 } catch ( PHPMailer\PHPMailer\Exception $e ) {
456 // error_log(esc_html__('Error in forwar email send check & log : ', 'check-email').$e->getMessage());
457 return false;
458 }
459 }
460 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
461 function ck_mail_create_error_logs() {
462
463 global $wpdb;
464
465 $table_name = $wpdb->prefix . 'check_email_error_logs';
466 $charset_collate = $wpdb->get_charset_collate();
467 // phpcs:disable.
468 if ( $wpdb->get_var( $wpdb->prepare( "show tables like %s",$wpdb->esc_like( $table_name )) ) != $table_name ) {
469
470 $sql = "CREATE TABLE IF NOT EXISTS `$table_name` (
471 `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
472 `check_email_log_id` INT DEFAULT NULL,
473 `content` TEXT DEFAULT NULL,
474 `initiator` TEXT DEFAULT NULL,
475 `event_type` TINYINT UNSIGNED NOT NULL DEFAULT '0',
476 `created_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
477 PRIMARY KEY (id)
478 )
479 ENGINE='InnoDB'
480 {$charset_collate};";
481
482 $wpdb->query($sql);
483 }
484 // phpcs:enable.
485 }
486 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
487 function ck_mail_create_spam_analyzer_table() {
488
489 global $wpdb;
490
491 $table_name = $wpdb->prefix . 'check_email_spam_analyzer';
492 $charset_collate = $wpdb->get_charset_collate();
493 // phpcs:disable.
494 if ( $wpdb->get_var( $wpdb->prepare( "show tables like %s",$wpdb->esc_like( $table_name )) ) != $table_name ) {
495
496 $sql = "CREATE TABLE IF NOT EXISTS `$table_name` (
497 `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
498 `html_content` LONGTEXT DEFAULT NULL,
499 `spam_assassin` LONGTEXT DEFAULT NULL,
500 `authenticated` LONGTEXT DEFAULT NULL,
501 `block_listed` TEXT DEFAULT NULL,
502 `broken_links` TEXT DEFAULT NULL,
503 `final_score` TEXT DEFAULT NULL,
504 `test_date` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
505 `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
506 PRIMARY KEY (`id`)
507 )
508 ENGINE='InnoDB'
509 {$charset_collate};";
510
511 $wpdb->query($sql);
512 }
513 // phpcs:enable.
514 }
515 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
516 function ck_mail_insert_spam_analyzer($data_to_insert) {
517
518 global $wpdb;
519
520 $table_name = $wpdb->prefix . 'check_email_spam_analyzer';
521 $wpdb->insert( $table_name, $data_to_insert ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching, WordPress.DB.PreparedSQL.NotPrepared
522 }
523 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
524 function ck_mail_insert_error_logs($data_to_insert) {
525
526 global $wpdb;
527
528 $table_name = $wpdb->prefix . 'check_email_error_logs';
529 $wpdb->insert( $table_name, $data_to_insert ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching, WordPress.DB.PreparedSQL.NotPrepared
530 }
531 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
532 function ck_mail_local_file_get_contents($file_path){
533
534 // Include WordPress Filesystem API
535 if ( ! function_exists( 'WP_Filesystem' ) ) {
536 require_once( ABSPATH . 'wp-admin/includes/file.php' );
537 }
538
539 // Initialize the API
540 global $wp_filesystem;
541 if ( ! WP_Filesystem() ) {
542 return false;
543 }
544 // Check if the file exists
545 if ( $wp_filesystem->exists( $file_path ) ) {
546 // Read the file content
547 $file_content = $wp_filesystem->get_contents( $file_path );
548 return $file_content;
549 } else {
550 return false;
551 }
552
553 }
554 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
555 function ck_mail_update_network_settings() {
556 // Check nonce
557 check_ajax_referer( 'ck_mail_ajax_check_nonce', 'nonce' );
558
559 // Check if user is allowed to manage network options
560 if ( ! current_user_can( 'manage_check_email' ) ) {
561 wp_send_json_error(esc_html__('Unauthorized user', 'check-email') );
562 return;
563 }
564 if ( isset( $_POST['check-email-log-global'] ) ) {
565 $all_fields = array_map('sanitize_text_field', wp_unslash($_POST['check-email-log-global']));
566
567 // Sanitize all the key
568 if ( ! empty( $all_fields ) ) {
569 foreach ($all_fields as $key => $value) {
570 $all_fields[sanitize_key( $key ) ] = sanitize_text_field( $value );
571 }
572 if ( isset( $all_fields['smtp_username'] ) ) {
573 $all_fields['smtp_username'] = base64_encode( $all_fields['smtp_username'] );
574 }
575 if ( isset( $all_fields['smtp_password'] ) ) {
576 $all_fields['smtp_password'] = base64_encode( $all_fields['smtp_password'] );
577 }
578 $all_fields['enable_smtp'] = 1;
579
580 if (!isset($all_fields['enable_global'])) {
581 $all_fields['enable_global'] = 0;
582 }
583 $old_settings = get_site_option('check-email-log-global-smtp');
584
585 if ( ! empty( $old_settings ) && is_array( $old_settings ) ) {
586 $updated_settings = array_merge( $old_settings, $all_fields );
587 } else {
588 $updated_settings = $all_fields;
589 }
590 update_site_option( 'check-email-log-global-smtp', $updated_settings );
591 if ( isset($all_fields['mailer'] ) == 'outlook' && isset( $_POST['check-email-outlook-options'] ) ) {
592 $outlook_fields = array_map('sanitize_text_field', wp_unslash($_POST['check-email-outlook-options']));
593 if(isset($outlook_fields['client_id']) && !empty($outlook_fields['client_id'])){
594 $outlook_option['client_id'] = base64_encode($outlook_fields['client_id']);
595 }
596 if(isset($outlook_fields['client_secret']) && !empty($outlook_fields['client_secret'])){
597 $outlook_option['client_secret'] = base64_encode($outlook_fields['client_secret']);
598 }
599 $auth = new CheckEmail\Core\Auth( 'outlook' );
600 $auth->update_mailer_option( $outlook_option );
601 }
602 wp_send_json_success();
603 }
604 } else {
605 wp_send_json_error(esc_html__('Invalid input', 'check-email') );
606 }
607 }
608
609 add_action( 'wp_ajax_update_network_settings', 'ck_mail_update_network_settings' );
610 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
611 function ck_mail_check_dns() {
612 // Check nonce
613 if ( isset( $_POST['ck_mail_security_nonce'] ) ) {
614 if ( !wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['ck_mail_security_nonce'] ) ), 'ck_mail_security_nonce' ) ){
615 die( '-1' );
616 }
617
618 // Check if user is allowed to manage network options
619 if ( ! current_user_can( 'manage_check_email' ) ) {
620 wp_send_json_error(esc_html__('Unauthorized user', 'check-email') );
621 return;
622 }
623 // $api_url = 'http://127.0.0.1:8000/custom-api/check-dns';
624 $api_url = 'https://enchain.tech/custom-api/check-dns';
625 $domain = null;
626 if ( isset( $_POST['domain'] ) ) {
627 $domain = sanitize_text_field( wp_unslash( $_POST['domain'] ) );
628 }
629 $api_params = array(
630 'domain' => $domain,
631 );
632
633 $response = wp_remote_post( $api_url, array( 'timeout' => 15, 'sslverify' => false, 'body' => $api_params ) );
634
635 if ( ! is_wp_error( $response ) ) {
636 $response = wp_remote_retrieve_body( $response );
637 $response = json_decode( $response, true );
638 if (isset($response['is_error'])) {
639 $result = $response;
640 }else{
641 $result['is_error'] = 0;
642 $result['data'] = $response;
643 }
644 echo wp_json_encode( $result );
645 } else {
646 $error_message = $response->get_error_message();
647 echo wp_json_encode( array( 'response' => $error_message ) );
648 }
649 }
650 wp_die();
651 }
652 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
653 function ck_email_verify($email) {
654 $spoof_valid = 1;
655 $dns_valid = 1;
656 $email_valid = 1;
657 if (class_exists('\Egulias\EmailValidator\EmailValidator')) {
658 $validator = new \Egulias\EmailValidator\EmailValidator();
659 // ietf.org has MX records signaling a server with email capabilities
660 $email_valid = $validator->isValid($email, new \Egulias\EmailValidator\Validation\RFCValidation());
661 $dns_valid = $validator->isValid($email, new \Egulias\EmailValidator\Validation\DNSCheckValidation());
662 $spoof_valid = $validator->isValid($email, new \Egulias\EmailValidator\Validation\Extra\SpoofCheckValidation());
663 }
664 $response['status'] = true;
665 $response['spoof_valid'] = ($spoof_valid) ? 1 : 0;
666 $response['dns_valid'] = ($dns_valid) ? 1 : 0;
667 $response['email_valid'] = ($email_valid) ? 1 : 0;
668 return $response;
669 }
670
671 add_action( 'wp_ajax_check_dns', 'ck_mail_check_dns' );
672 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
673 function ck_mail_check_email_analyze() {
674 // Check nonce
675 if (isset($_POST['ck_mail_security_nonce'])) {
676 if ( !wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['ck_mail_security_nonce'] ) ), 'ck_mail_security_nonce' ) ){
677 die( '-1' );
678 }
679 if ( ! current_user_can( 'manage_check_email' ) ) {
680 wp_send_json_error(esc_html__('Unauthorized user', 'check-email') );
681 return;
682 }
683 // $api_url = 'http://127.0.0.1:8000/custom-api/email-analyze';
684 $api_url = 'https://spamanalyser.check-email.tech/custom-api/email-analyze';
685 $current_user = wp_get_current_user();
686 $email = $current_user->user_email;
687 if ( !empty( $email ) ) {
688 $to = 'plugintest@check-email.tech';
689 $title = esc_html__("Test email to analyze check email", "check-email");
690 $body = esc_html__('This test email will analyze score', "check-email");
691 $site_name = get_bloginfo('name');
692 $headers = [
693 'Content-Type: text/html; charset=UTF-8',
694 'From: '.$site_name .'<'.$email.'>',
695 'Reply-To: '.$email
696 ];
697 wp_mail($to, $title, $body, $headers);
698 }
699 $api_params = array(
700 'email' => $email,
701 );
702
703 if (function_exists('ck_mail_create_spam_analyzer_table') ) {
704 ck_mail_create_spam_analyzer_table();
705 }
706
707 $response = wp_remote_post( $api_url, array( 'timeout' => 15, 'sslverify' => false, 'body' => $api_params ) );
708
709 if ( ! is_wp_error( $response ) ) {
710 $response = wp_remote_retrieve_body( $response );
711 $response = json_decode( $response, true );
712 if (isset($response['is_error']) && $response['is_error'] == 1) {
713 $result = $response;
714 }else{
715 $result['is_error'] = 0;
716 $result['data'] = $response;
717 // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated , WordPress.Security.ValidatedSanitizedInput.MissingUnslash , WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
718 $ip_address = $_SERVER['SERVER_ADDR']; // Replace with your target IP
719 $blocklist = check_email_is_ip_blocked($ip_address);
720 $result['blocklist'] = $blocklist;
721 $result['ip_address'] = $ip_address;
722 $spam_final_score = 0;
723 $block_final_score = 0;
724 $auth_final_score = 0;
725 $link_final_score = 0;
726 if ( isset( $response['spamcheck_result'] )) {
727 $spam_score = $response['spamcheck_result']['score'];
728 if ($spam_score > 0) {
729 $spam_final_score = 2.5;
730 } else if ($spam_score < 0 && $spam_score > -5) {
731 $spam_final_score = 1.5;
732 } else if ($spam_score < -5) {
733 $spam_final_score = 0;
734 }
735 }
736 $block_count = 0;
737 foreach ($blocklist as $key => $value) {
738 if($value['status']){
739 $block_count +=1;
740 }
741 }
742 if ($block_count == 0) {
743 $block_final_score = 2.5;
744 } else if ($block_count > 0 && $block_count <= 12) {
745 $block_final_score = 1.5;
746 } else if ($block_count > 12) {
747 $block_final_score = 0;
748 }
749 if ( isset( $response['authenticated'] )) {
750 $auth_count = 0;
751 foreach ($response['authenticated'] as $key => $value) {
752 if( ! $value['status'] ){
753 $auth_count +=1;
754 }
755 }
756 if ($auth_count == 0) {
757 $auth_final_score = 2.5;
758 } else if ($auth_count > 0 && $auth_count < 3) {
759 $auth_final_score = 1.5;
760 } else if ($auth_count >= 3) {
761 $auth_final_score = 0;
762 }
763 }
764 if ( isset( $response['links'] ) ) {
765 $link_count = 0;
766 foreach ($response['links'] as $key => $value) {
767 if( $value['status'] > 200 ){
768 $link_count +=1;
769 }
770 }
771 if ($link_count > 0) {
772 $link_final_score = 0;
773 } else {
774 $link_final_score = 2.5;
775 }
776 }
777 $final_score = ($link_final_score + $auth_final_score + $block_final_score + $spam_final_score);
778 $spam_score_get = get_option('check_email_spam_score_' . $current_user->user_email,[]);
779 $current_date_time = current_time('Y-m-d H:i:s');
780 $spam_score_get[$current_date_time] = array('score' => $final_score, 'datetime' => $current_date_time);
781 $spam_score = array_reverse($spam_score_get);
782 $n = 1;
783 foreach (array_reverse($spam_score_get) as $key => $value) {
784 if( $n > 15 ){
785 unset($spam_score[$key]);
786 }
787 $n++;
788 }
789 update_option('check_email_spam_score_' . $current_user->user_email, $spam_score);
790 $result['previous_spam_score'] = $spam_score;
791 $result['previous_email_result'] = ck_email_verify($email);
792 $data_to_insert = array(
793 'html_content' => wp_json_encode($response['html_tab']),
794 'spam_assassin' => wp_json_encode(array('data'=> $response['spamcheck_result'],'spam_final_score' => $spam_final_score)),
795 'authenticated' => wp_json_encode(array('data'=> $response['authenticated'],'auth_final_score' => $auth_final_score)),
796 'block_listed' => wp_json_encode(array('data'=> $blocklist,'block_final_score' => $block_final_score)),
797 'broken_links' => wp_json_encode(array('data'=> $response['links'],'link_final_score' => $link_final_score)),
798 'final_score' => $final_score,
799 'test_date' => $current_date_time,
800 );
801 if ( function_exists('ck_mail_insert_spam_analyzer') ) {
802 ck_mail_insert_spam_analyzer($data_to_insert);
803 }
804 }
805 echo wp_json_encode( $result );
806 } else {
807 $error_message = $response->get_error_message();
808 echo wp_json_encode( array( 'response' => $error_message ) );
809 }
810 }
811 wp_die();
812 }
813
814 add_action( 'wp_ajax_check_email_analyze', 'ck_mail_check_email_analyze' );
815
816 add_action('wp_ajax_checkmail_save_admin_fcm_token', 'checkmail_save_admin_fcm_token');
817 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
818 function checkmail_save_admin_fcm_token() {
819 $result['status'] = false;
820 if (!isset($_POST['ck_mail_security_nonce'])) {
821 return;
822 }
823 if (!wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['ck_mail_security_nonce'])), 'ck_mail_security_nonce')) {
824 return;
825 }
826 if (isset($_POST['token']) && !empty($_POST['token'])) {
827
828 $current_user = wp_get_current_user();
829
830 if (in_array('administrator', (array) $current_user->roles)) {
831
832 $device_tokens = get_option('checkmail_admin_fcm_token');
833 if (!is_array($device_tokens)) {
834 $device_tokens = [];
835 }
836 $new_token = sanitize_text_field(wp_unslash(($_POST['token'] )));
837
838 if (!in_array($new_token, $device_tokens)) {
839 $device_tokens[] = $new_token;
840 }
841 $device_tokens = array_slice(array_unique($device_tokens), -5);
842 update_option('checkmail_admin_fcm_token', $device_tokens);
843 $result['status'] = true;
844 }
845 }
846 echo wp_json_encode( $result );
847 wp_die();
848 }
849
850
851
852 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
853 function check_email_is_ip_blocked($ip) {
854 $dnsbl_list = [
855 "zen.spamhaus.org",
856 "bl.spamcop.net",
857 "dnsbl.sorbs.net",
858 "b.barracudacentral.org",
859 "spam.dnsbl.sorbs.net",
860 "pbl.spamhaus.org",
861 "xbl.spamhaus.org",
862 "dbl.spamhaus.org",
863 "cbl.abuseat.org",
864 "psbl.surriel.com",
865 "rbl.spamlab.com",
866 "rbl.dns-servicios.com",
867 "dnsbl.spfbl.net",
868 "ipbl.mailspike.net",
869 "aspews.ext.sorbs.net",
870 "ubl.unsubscore.com",
871 "dnsbl.kempt.net",
872 "truncate.gbudb.net",
873 "rbl.efnetrbl.org",
874 "dnsbl-1.uceprotect.net",
875 "all.s5h.net",
876 "dnsbl.inps.de",
877 "dnsbl.dronebl.org",
878 "hostkarma.junkemailfilter.com"
879 ];
880 $reversed_ip = implode(".", array_reverse(explode(".", $ip)));
881 $blocked_on = [];
882
883 foreach ($dnsbl_list as $blocklist) {
884 $query = $reversed_ip . "." . $blocklist;
885 // Perform DNS lookup
886 $outpt = checkdnsrr($query, "A");
887 if ($outpt) {
888 $blocked_on[] = array('status' => 1,'ip' => $blocklist);
889 }else{
890 $blocked_on[] = array('status' => 0,'ip' => $blocklist);
891 }
892 }
893 return $blocked_on;
894 }
895
896
897 // email and phone encoding start
898 /**
899 * Define filter-priority constant, unless it has already been defined.
900 */
901 if ( ! defined( 'CHECK_EMAIL_E_FILTER_PRIORITY' ) ) {
902 define(
903 'CHECK_EMAIL_E_FILTER_PRIORITY',
904 (integer) get_option( 'check_email_e_filter_priority', 2000 )
905 );
906 }
907
908 if ( ! defined( 'CHECK_EMAIL_E_REGEXP' ) ) {
909 define(
910 'CHECK_EMAIL_E_REGEXP',
911 '{
912 (?:mailto:)? # Optional mailto:
913 (?:
914 [-!#$%&*+/=?^_`.{|}~\w\x80-\xFF]+ # Local part before @
915 )
916 \@ # At sign (@)
917 (?:
918 [-a-z0-9\x80-\xFF]+(\.[-a-z0-9\x80-\xFF]+)*\.[a-z]+ # Domain name
919 |
920 \[[\d.a-fA-F:]+\] # IPv4/IPv6 address
921 )
922 }xi'
923 );
924 }
925
926 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
927 $encode_options = get_option('check-email-email-encode-options', true);
928 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
929 $is_enable = ( isset( $encode_options['is_enable'] ) ) ? $encode_options['is_enable'] : 0;
930 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
931 $email_using = ( isset( $encode_options['email_using'] ) ) ? $encode_options['email_using'] : "";
932 if ( $is_enable && $email_using == 'filters' ) {
933 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
934 foreach ( array( 'the_content', 'the_excerpt', 'widget_text', 'comment_text', 'comment_excerpt' ) as $filter ) {
935 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
936 add_filter( $filter, 'check_email_e_encode_emails', CHECK_EMAIL_E_FILTER_PRIORITY );
937 }
938 }
939 if ( $is_enable && $email_using == 'full_page' ) {
940 add_action( 'wp', 'check_email_full_page_scanner',999 );
941 }
942
943 add_action( 'init', 'check_email_e_register_shortcode', 2000 );
944 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
945 function check_email_e_register_shortcode() {
946 if ( ! shortcode_exists( 'checkmail-encode' ) ) {
947 add_shortcode( 'checkmail-encode', 'check_email_e_shortcode' );
948 }
949 }
950 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
951 function check_email_rot47($str) {
952 $rotated = '';
953 foreach (str_split($str) as $char) {
954 $ascii = ord($char);
955 if ($ascii >= 33 && $ascii <= 126) {
956 $rotated .= chr(33 + (($ascii + 14) % 94));
957 } else {
958 $rotated .= $char;
959 }
960 }
961 return $rotated;
962 }
963 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
964 function check_email_encode_str( $string, $hex = false ) {
965 $encode_options = get_option('check-email-email-encode-options', true);
966 $email_technique = ( isset( $encode_options['email_technique'] ) ) ? $encode_options['email_technique'] : "";
967 if (strpos($string, 'mailto:') !== false) {
968 $string = str_replace('mailto:', '', $string);
969 switch ($email_technique) {
970 case 'css_direction':
971 $reversed_email = strrev($string);
972 // Wrap it with the span and necessary CSS
973 return 'mailto:'.esc_html($reversed_email);
974 break;
975 case 'rot_13':
976 $encoded_email = check_email_rot13($string);
977 return 'mailto:'.esc_html($encoded_email);
978 break;
979 case 'rot_47':
980 $encoded_email = check_email_rot47($string);
981 return 'mailto:'.esc_html($encoded_email);
982 break;
983
984 default:
985 # code...
986 break;
987 }
988 }else{
989 switch ($email_technique) {
990 case 'css_direction':
991 $reversed_email = strrev($string);
992 // Wrap it with the span and necessary CSS
993 return ' <span style="direction: rtl; unicode-bidi: bidi-override;">' . esc_html($reversed_email) . '</span>';
994 break;
995 case 'rot_13':
996 $encoded_email = check_email_rot13($string);
997 return ' <span class="check-email-encoded-email" >' . esc_html($encoded_email).' </span>';
998 break;
999 case 'rot_47':
1000 $encoded_email = check_email_rot47($string);
1001 return ' <span class="check-email-rot47-email" >' . esc_html($encoded_email).' </span>';
1002 break;
1003
1004 default:
1005 # code...
1006 break;
1007 }
1008 }
1009
1010
1011 $chars = str_split( $string );
1012 $string_length = (int) abs(crc32($string) / strlen($string));
1013 $length = max($string_length, 1);
1014 $seed = random_int($length, PHP_INT_MAX);
1015
1016 foreach ( $chars as $key => $char ) {
1017 $ord = ord( $char );
1018
1019 if ( $ord < 128 ) { // ignore non-ascii chars
1020 $r = ( $seed * ( 1 + $key ) ) % 100; // pseudo "random function"
1021
1022 if ( $r > 75 && $char !== '@' && $char !== '.' ); // plain character (not encoded), except @-signs and dots
1023 else if ( $hex && $r < 25 ) $chars[ $key ] = '%' . bin2hex( $char ); // hex
1024 else if ( $r < 45 ) $chars[ $key ] = '&#x' . dechex( $ord ) . ';'; // hexadecimal
1025 else $chars[ $key ] = "&#{$ord};"; // decimal (ascii)
1026 }
1027 }
1028
1029 return implode( '', $chars );
1030 }
1031 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1032 function check_email_e_shortcode( $attributes, $content = '' ) {
1033 $atts = shortcode_atts( array(
1034 'link' => null,
1035 'class' => null,
1036 ), $attributes, 'checkmail-encode' );
1037
1038 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
1039 $method = apply_filters( 'check_email_e_method', 'check_email_encode_str' );
1040
1041 if ( ! empty( $atts[ 'link' ] ) ) {
1042 $link = esc_url( $atts[ 'link' ], null, 'shortcode' );
1043
1044 if ( $link === '' ) {
1045 return $method( $content );
1046 }
1047
1048 if ( empty( $atts[ 'class' ] ) ) {
1049 return sprintf(
1050 '<a href="%s">%s</a>',
1051 $method( $link ),
1052 $method( $content )
1053 );
1054 }
1055
1056 return sprintf(
1057 '<a href="%s" class="%s">%s</a>',
1058 $method( $link ),
1059 esc_attr( $atts[ 'class' ] ),
1060 $method( $content )
1061 );
1062 }
1063
1064 return $method( $content );
1065 }
1066 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1067 function check_email_e_encode_emails( $string ) {
1068 if ( ! is_string( $string ) ) {
1069 return $string;
1070 }
1071 // abort if `check_email_e_at_sign_check` is true and `$string` doesn't contain a @-sign
1072 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
1073 if ( apply_filters( 'check_email_e_at_sign_check', true ) && strpos( $string, '@' ) === false ) {
1074 return $string;
1075 }
1076 // override encoding function with the 'check_email_e_method' filter
1077 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
1078 $method = apply_filters( 'check_email_e_method', 'check_email_encode_str' );
1079 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
1080 $regexp = apply_filters( 'check_email_e_regexp', CHECK_EMAIL_E_REGEXP );
1081
1082 $callback = function ( $matches ) use ( $method ) {
1083 return $method( $matches[ 0 ] );
1084 };
1085
1086 if ( has_filter( 'check_email_e_callback' ) ) {
1087 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
1088 $callback = apply_filters( 'check_email_e_callback', $callback, $method );
1089 return preg_replace_callback( $regexp, $callback, $string );
1090 }
1091
1092 return preg_replace_callback( $regexp, $callback, $string );
1093 }
1094 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1095 function check_email_full_page_scanner() {
1096 if(!is_admin() ) {
1097 ob_start('check_email_full_page_callback');
1098 }
1099 }
1100 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1101 function check_email_full_page_callback($string) {
1102 return check_email_e_encode_emails($string);
1103 }
1104
1105
1106 add_action( 'wp_enqueue_scripts', 'ck_mail_enqueue_encoder_js' );
1107 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1108 function ck_mail_enqueue_encoder_js() {
1109 $encode_options = get_option('check-email-email-encode-options', true);
1110 $is_enable = ( isset( $encode_options['is_enable'] ) ) ? $encode_options['is_enable'] : 0;
1111 if ( $is_enable ) {
1112 $email_using = ( isset( $encode_options['email_using'] ) ) ? $encode_options['email_using'] : "";
1113 $email_technique = ( isset( $encode_options['email_technique'] ) ) ? $encode_options['email_technique'] : "";
1114
1115 $check_email = wpchill_check_email();
1116 $plugin_dir_url = plugin_dir_url( $check_email->get_plugin_file() );
1117 $suffix = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
1118 wp_register_script( 'checkemail_encoder', $plugin_dir_url . 'assets/js/check-email-front'. $suffix .'.js', array(), $check_email->get_version(), true );
1119 $data = array();
1120 $data['email_using'] = $email_using;
1121 $data['is_enable'] = $is_enable;
1122 $data['email_technique'] = $email_technique;
1123
1124 wp_localize_script( 'checkemail_encoder', 'checkemail_encoder_data', $data );
1125 wp_enqueue_script( 'checkemail_encoder' );
1126 }
1127 }
1128 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1129 function check_email_rot13( $string ) {
1130
1131 $from = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
1132 $to = 'nopqrstuvwxyzabcdefghijklmNOPQRSTUVWXYZABCDEFGHIJKLM';
1133
1134 return strtr( $string, $from, $to );
1135 }
1136
1137 // email and phone encoding end
1138 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1139 function check_email_track_email_open() {
1140 // phpcs:ignore WordPress.Security.NonceVerification.Recommended
1141 if (isset($_GET['action']) && $_GET['action'] === 'check_email_track_email_open' && isset($_GET['open_tracking_id']) && isset($_GET['_wpnonce'])) {
1142 // phpcs:ignore WordPress.Security.NonceVerification.Recommended
1143 if (!check_email_verify_extended_nonce(sanitize_text_field( wp_unslash($_GET['_wpnonce'])))) {
1144 return false;
1145 }
1146 // phpcs:ignore WordPress.Security.NonceVerification.Recommended
1147 $open_tracking_id = absint($_GET['open_tracking_id']);
1148
1149 if ($open_tracking_id) {
1150 global $wpdb;
1151 $table_name = $wpdb->prefix . 'check_email_log';
1152 $query = $wpdb->prepare(
1153 // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
1154 "SELECT * FROM {$table_name} WHERE open_tracking_id = %s",
1155 $open_tracking_id
1156 );
1157 // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared, WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching,PluginCheck.Security.DirectDB.UnescapedDBParameter
1158 $record = $wpdb->get_row($query);
1159
1160 if ($record) {
1161 $data_to_update = [
1162 'open_count' => $record->open_count + 1
1163 ];
1164 $where = [
1165 'open_tracking_id' => $open_tracking_id,
1166 ];
1167 // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared, WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
1168 $wpdb->update( $table_name, $data_to_update, $where );
1169 header("Content-Type: image/png");
1170 echo esc_html(base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/wcAAgMBAptL0ygAAAAASUVORK5CYII='));
1171 exit;
1172 }
1173 }
1174 }
1175
1176 }
1177 add_action('init', 'check_email_track_email_open');
1178 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1179 function check_email_generate_extended_nonce($action = -1, $lifetime = WEEK_IN_SECONDS) {
1180 $i = wp_nonce_tick() - (floor(time() / $lifetime) - floor(time() / (DAY_IN_SECONDS * 2)));
1181 return wp_create_nonce($action . $i);
1182 }
1183 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1184 function check_email_verify_extended_nonce($nonce, $action = -1, $lifetime = WEEK_IN_SECONDS) {
1185 $i = wp_nonce_tick() - (floor(time() / $lifetime) - floor(time() / (DAY_IN_SECONDS * 2)));
1186
1187 if (wp_verify_nonce($nonce, $action . $i)) {
1188 return true;
1189 }
1190 if (wp_verify_nonce($nonce, $action . ($i - 1))) {
1191 return true;
1192 }
1193 return false;
1194 }
1195 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1196 function check_email_content_with_tracking($open_tracking_id) {
1197 $nonce = check_email_generate_extended_nonce();
1198 $tracking_url = add_query_arg(
1199 array(
1200 '_wpnonce'=>$nonce,
1201 'open_tracking_id' => $open_tracking_id,
1202 'action' => 'check_email_track_email_open',
1203 ),
1204 site_url('/check-email-tracking/')
1205 );
1206 $tracking_url = esc_url_raw($tracking_url);
1207 // phpcs:ignore PluginCheck.CodeAnalysis.ImageFunctions.NonEnqueuedImage
1208 $email_content = "<img src='$tracking_url' class='check-email-tracking' alt='' width='1' height='1' style='display:none;' />";
1209 return $email_content;
1210 }
1211
1212 if ( is_admin() ) {
1213 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1214 function checmail_dashboard_widget() {
1215 echo '<canvas id="checkmail-dashboard-chart" style="width: 100%; height: 250px;"></canvas>';
1216 echo '
1217 <div style="margin-top: 10px; text-align: center; display: flex; justify-content: space-between; align-items: center;">
1218 <div>
1219 <select id="checkmail-dashboard-date-range">
1220 <option value="7">'.esc_html__('Last 7 Days', 'check-email').'</option>
1221 <option value="14">'.esc_html__('Last 14 Days', 'check-email').'</option>
1222 <option value="30">'.esc_html__('Last 30 Days', 'check-email').'</option>
1223 </select>
1224 </div>
1225 <div style="margin-top: 10px; text-align: center; font-size: 14px;">
1226 <p><span style="color: blue; font-weight: bold;" id="js_checkmail_total"></span> |
1227 <span style="color: green; font-weight: bold;" id="js_checkmail_sent"></span> |
1228 <span style="color: red; font-weight: bold;" id="js_checkmail_failed"></span></p>
1229 </div>
1230 </div>
1231 ';
1232 }
1233 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1234 function check_email_add_checmail_dashboard_widget() {
1235 $option = get_option( 'check-email-log-core' );
1236
1237 if(!isset( $option['enable_dashboard_widget']) || (isset( $option['enable_dashboard_widget']) && $option['enable_dashboard_widget'] ) ){
1238 wp_add_dashboard_widget(
1239 'checmail_dashboard_widget',
1240 esc_html__('Check & Log Email Activity', 'check-email'),
1241 'checmail_dashboard_widget'
1242 );
1243 }
1244 }
1245 add_action('wp_dashboard_setup', 'check_email_add_checmail_dashboard_widget');
1246 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1247 function check_email_custom_dashboard_scripts($hook) {
1248 if ($hook !== 'index.php') return;
1249 $option = get_option( 'check-email-log-core' );
1250 if(!isset( $option['enable_dashboard_widget']) || (isset( $option['enable_dashboard_widget']) && $option['enable_dashboard_widget'] ) ){
1251 $suffix = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
1252 wp_enqueue_script('chartjs', CK_MAIL_URL . 'assets/js/admin/chart.js', [], CK_MAIL_VERSION, true);
1253 wp_register_script('checkmail-dashboard-chart', CK_MAIL_URL . 'assets/js/admin/checkmail-dashboard-chart'. $suffix .'.js', ['jquery','chartjs'], CK_MAIL_VERSION, true);
1254 $data = array(
1255 'ajax_url' => admin_url( 'admin-ajax.php' ),
1256 'ck_mail_security_nonce' => wp_create_nonce('ck_mail_ajax_check_nonce'),
1257 );
1258
1259 wp_localize_script( 'checkmail-dashboard-chart', 'checkmail_chart', $data );
1260 wp_enqueue_script( 'checkmail-dashboard-chart' );
1261 }
1262
1263
1264
1265 }
1266 add_action('admin_enqueue_scripts', 'check_email_custom_dashboard_scripts');
1267 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
1268 function check_email_get_email_analytics_data() {
1269 if( !isset( $_GET['ck_mail_security_nonce'] ) || isset( $_GET['ck_mail_security_nonce'] ) && !wp_verify_nonce( sanitize_text_field( wp_unslash( $_GET['ck_mail_security_nonce'] ) ), 'ck_mail_ajax_check_nonce' ) ) {
1270 echo esc_html__('security_nonce_not_verified', 'check-email');
1271 die();
1272 }
1273 if ( !current_user_can( 'manage_options' ) ) {
1274 die();
1275 }
1276 global $wpdb;
1277
1278 $table_name = $wpdb->prefix . 'check_email_log';
1279 $ck_days = isset($_GET['ck_days']) ? sanitize_text_field( wp_unslash( $_GET['ck_days'] ) ) : 7;
1280 $query = $wpdb->prepare(
1281 // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
1282 "SELECT * FROM $table_name WHERE sent_date >= CURDATE() - INTERVAL %d DAY",
1283 $ck_days
1284 );
1285 // phpcs:ignore InterpolatedNotPrepared
1286 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching, WordPress.DB.PreparedSQL.NotPrepared,PluginCheck.Security.DirectDB.UnescapedDBParameter
1287 $results = $wpdb->get_results($query);
1288
1289 $data = [
1290 'labels' => [],
1291 'sent' => [],
1292 'failed' => [],
1293 ];
1294
1295
1296 $daily_counts = [];
1297 foreach ($results as $row) {
1298 $created_at = $row->sent_date;
1299 $status = $row->result;
1300 $date = gmdate('M j', strtotime($created_at));
1301 if (!isset($daily_counts[$date])) {
1302 $daily_counts[$date] = ['sent' => 0, 'failed' => 0];
1303 }
1304 if ($status == 1) {
1305 $daily_counts[$date]['sent']++;
1306 } else {
1307 $daily_counts[$date]['failed']++;
1308 }
1309 }
1310 ksort($daily_counts);
1311 foreach ($daily_counts as $date => $counts) {
1312 $data['labels'][] = $date;
1313 $data['sent'][] = $counts['sent'];
1314 $data['failed'][] = $counts['failed'];
1315 }
1316
1317 $data['total_mail'] = array_sum($data['sent']) + array_sum($data['failed']);
1318 $data['total_failed'] = array_sum($data['failed']);
1319 $data['total_sent'] = array_sum($data['sent']);
1320
1321 wp_send_json($data);
1322 }
1323 add_action('wp_ajax_get_email_analytics', 'check_email_get_email_analytics_data');
1324
1325 }