PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.47
Code Manager v1.0.47
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Model.php
code-manager / Code_Manager Last commit date
Code_Manager.php 6 days ago Code_Manager_Dashboard.php 6 days ago Code_Manager_Export.php 6 days ago Code_Manager_Form.php 6 days ago Code_Manager_Import.php 6 days ago Code_Manager_Import_File.php 6 days ago Code_Manager_List.php 6 days ago Code_Manager_List_View.php 6 days ago Code_Manager_Model.php 6 days ago Code_Manager_Preview.php 6 days ago Code_Manager_Settings.php 6 days ago Code_Manager_Tabs.php 6 days ago Message_Box.php 6 days ago WP_List_Table.php 6 days ago
Code_Manager_Model.php
601 lines
1 <?php
2
3 /**
4 * Code Manager database model
5 *
6 * @package Code_Manager
7 */
8 namespace Code_Manager;
9
10 /**
11 * Class Code_Manager_Model
12 *
13 * Interface between code manager front-end and code manager database table.
14 *
15 * @author Peter Schulz
16 * @since 1.0.0
17 */
18 class Code_Manager_Model {
19 /**
20 * Base table name without prefix
21 */
22 const BASE_TABLE_NAME = 'code_manager';
23
24 /**
25 * Base table name with prefix
26 *
27 * @since 1.0.0
28 *
29 * @return string Real base table name
30 */
31 public static function get_base_table_name() {
32 global $wpdb;
33 return $wpdb->prefix . static::BASE_TABLE_NAME;
34 }
35
36 /**
37 * Check if base table exists
38 *
39 * @since 1.0.0
40 *
41 * @return bool TRUE = table found
42 */
43 public static function table_exists() {
44 global $wpdb;
45 $wpdb->query( $wpdb->prepare( '
46 select true
47 from `information_schema`.`tables`
48 where table_schema = %s
49 and table_name = %s
50 ', array($wpdb->dbname, self::get_base_table_name()) ) );
51 $wpdb->get_results();
52 return 1 === $wpdb->num_rows;
53 }
54
55 /**
56 * Get record from code manager table for given Code ID
57 *
58 * @since 1.0.0
59 *
60 * @param integer $code_id Code ID.
61 *
62 * @return array
63 */
64 public static function dml_query( $code_id ) {
65 global $wpdb;
66 return $wpdb->get_results( $wpdb->prepare( 'select * from `' . self::get_base_table_name() . '` ' . 'where code_id = %d', array($code_id) ), 'ARRAY_A' );
67 }
68
69 /**
70 * Get record from code manager table for given code name
71 *
72 * @since 1.0.0
73 *
74 * @param integer $code_name Code name.
75 *
76 * @return array
77 */
78 public static function dml_query_by_name( $code_name ) {
79 global $wpdb;
80 return $wpdb->get_results( $wpdb->prepare( 'select * from `' . self::get_base_table_name() . '` ' . 'where code_name = %s', array($code_name) ), 'ARRAY_A' );
81 }
82
83 /**
84 * Insert new row into code manager table
85 *
86 * @since 1.0.0
87 *
88 * @param string $code_name Code name.
89 * @param integer $code_type Code type.
90 * @param string $code Code.
91 * @param string $code_author Author.
92 * @param string $code_description Description.
93 * @param string $code_enabled Is code enabled?.
94 *
95 * @return int Code ID if insert was successful or -1 if insert failed
96 */
97 public static function dml_insert(
98 $code_name,
99 $code_type,
100 $code,
101 $code_author,
102 $code_description,
103 $code_enabled
104 ) {
105 global $wpdb;
106 $rows = $wpdb->insert( self::get_base_table_name(), array(
107 'code_name' => $code_name,
108 'code_type' => $code_type,
109 'code_enabled' => $code_enabled,
110 'code' => $code,
111 'code_author' => $code_author,
112 'code_description' => $code_description,
113 ) );
114 return ( 1 === $rows ? $wpdb->insert_id : -1 );
115 }
116
117 /**
118 * Update row in code manager table
119 *
120 * @since 1.0.0
121 *
122 * @param integer $code_id Code ID.
123 * @param string $code_name Code name.
124 * @param string $code_type Code type.
125 * @param string $code Code.
126 * @param string $code_author Author.
127 * @param string $code_description Description.
128 * @param string $code_enabled Is code enabled?.
129 *
130 * @return integer Number of rows updated
131 */
132 public static function dml_update(
133 $code_id,
134 $code_name,
135 $code_type,
136 $code,
137 $code_author,
138 $code_description,
139 $code_enabled
140 ) {
141 $code_row = self::dml_query( $code_id );
142 $code_type_changed = false;
143 if ( is_array( $code_row ) && 1 === count( $code_row ) ) {
144 if ( !isset( $code_row[0]['code_type'] ) ) {
145 return 0;
146 } else {
147 if ( $code_type !== $code_row[0]['code_type'] ) {
148 $code_type_changed = true;
149 }
150 }
151 } else {
152 return 0;
153 }
154 $column_values = array(
155 'code_name' => $code_name,
156 'code_type' => $code_type,
157 'code_enabled' => $code_enabled,
158 'code' => $code,
159 'code_author' => $code_author,
160 'code_description' => $code_description,
161 );
162 if ( $code_type_changed ) {
163 $column_values['code_enabled'] = 0;
164 }
165 global $wpdb;
166 return $wpdb->update( self::get_base_table_name(), $column_values, array(
167 'code_id' => $code_id,
168 ) );
169 }
170
171 /**
172 * Delete row from code manager table
173 *
174 * @since 1.0.0
175 *
176 * @param integer $code_id Code ID.
177 *
178 * @return integer Number of rows deleted
179 */
180 public static function dml_delete( $code_id ) {
181 global $wpdb;
182 return $wpdb->query( $wpdb->prepare( 'delete from `' . self::get_base_table_name() . '` ' . 'where code_id = %d', array($code_id) ) );
183 }
184
185 /**
186 * Get shortcode for a given code id
187 *
188 * @since 1.0.0
189 *
190 * @param integer $code_id Code ID.
191 * @param string $action Action.
192 *
193 * @return string Code
194 */
195 public static function get_code_from_id( $code_id, $action = null ) {
196 if ( is_numeric( $code_id ) ) {
197 global $wpdb;
198 $query = 'select * from `' . self::get_base_table_name() . '` where code_id = %d';
199 $code = $wpdb->get_results( $wpdb->prepare( $query, array($code_id) ), 'ARRAY_A' );
200 if ( 1 === $wpdb->num_rows ) {
201 if ( null === $action ) {
202 return $code[0]['code'];
203 } else {
204 return wp_json_encode( $code[0] );
205 }
206 }
207 }
208 return '';
209 }
210
211 /**
212 * Get shortcode for a given code name
213 *
214 * @since 1.0.0
215 *
216 * @param integer $code_id Code ID
217 *
218 * @return string Code
219 */
220 protected static function get_code_from_name( $code_name ) {
221 if ( '' !== $code_name ) {
222 global $wpdb;
223 $query = 'select * from `' . self::get_base_table_name() . '` where code_name = %s';
224 $code = $wpdb->get_results( $wpdb->prepare( $query, array($code_name) ), 'ARRAY_A' );
225 if ( 1 === $wpdb->num_rows ) {
226 return $code[0]['code'];
227 }
228 }
229 return '';
230 }
231
232 /**
233 * Get codes for a given code type
234 *
235 * @since 1.0.0
236 *
237 * @param string $code_type Code type.
238 *
239 * @return array List of code
240 */
241 public static function get_codes( $code_type ) {
242 global $wpdb;
243 $query = 'select * from `' . self::get_base_table_name() . '` ' . "where code_type = '{$code_type}'";
244 // No prepare needed.
245 return $wpdb->get_results( $query, 'ARRAY_A' );
246 }
247
248 public static function copy_code( $code_id ) {
249 }
250
251 protected static function get_unique_code_name( $code_id ) {
252 }
253
254 /**
255 * Get active codes (status = enabled) for a given code type
256 *
257 * @since 1.0.0
258 *
259 * @param string $code_type Code type.
260 *
261 * @return array List of code
262 */
263 public static function get_active_codes( $code_type ) {
264 global $wpdb;
265 $query = 'select * from `' . self::get_base_table_name() . '` ' . "where code_type = '{$code_type}' and code_enabled > 0";
266 // No prepare needed.
267 return $wpdb->get_results( $query, 'ARRAY_A' );
268 }
269
270 /**
271 * Return only PHP, HTML and JS shortcodes
272 *
273 * @return mixed
274 */
275 public static function get_active_shortcodes() {
276 global $wpdb;
277 $query = 'select * from `' . self::get_base_table_name() . '` ' . "where code_type like '%shortcode%' and code_type not like '%css%' and code_enabled > 0";
278 // No prepare needed.
279 return $wpdb->get_results( $query, 'ARRAY_A' );
280 }
281
282 /**
283 * Update code from ajax request (insert when new: code_id = -1)
284 *
285 * @since 1.0.0
286 */
287 public static function update_code() {
288 self::header_no_cache();
289 if ( isset( $_REQUEST['wpnonce'] ) || isset( $_REQUEST['code_id'] ) || isset( $_REQUEST['code_name'] ) || isset( $_REQUEST['code_type'] ) || isset( $_REQUEST['code'] ) ) {
290 // All arguments available, start update process.
291 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
292 // input var okay.
293 // Check if actions is allowed.
294 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
295 // input var okay.
296 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
297 echo 'ERR-Token expired, please refresh page';
298 wp_die();
299 }
300 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) );
301 // input var okay.
302 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) );
303 // input var okay.
304 $code = wp_unslash( $_REQUEST['code'] );
305 // input var okay.
306 global $wpdb;
307 $wpdb->suppress_errors( true );
308 if ( '-1' === $code_id ) {
309 // Insert new code.
310 $rows_inserted = $wpdb->insert( self::get_base_table_name(), array(
311 'code_name' => $code_name,
312 'code_type' => $code_type,
313 'code' => $code,
314 ) );
315 echo ( 1 === $rows_inserted ? 'INS-' . esc_attr( $wpdb->insert_id ) : 'ERR-' . esc_html( $wpdb->last_error ) );
316 } else {
317 // Update existing code.
318 $code_row = self::dml_query( $code_id );
319 $code_type_changed = false;
320 if ( is_array( $code_row ) && 1 === count( $code_row ) ) {
321 if ( !isset( $code_row[0]['code_type'] ) ) {
322 echo 'UPD-0';
323 wp_die();
324 } else {
325 if ( $code_type !== $code_row[0]['code_type'] ) {
326 $code_type_changed = true;
327 }
328 }
329 } else {
330 echo 'UPD-0';
331 wp_die();
332 }
333 $set_columns = 'set code_name = %s, code_type = %s, code = %s ';
334 if ( $code_type_changed ) {
335 $set_columns .= ', code_enabled = 0 ';
336 }
337 $update = 'update ' . self::get_base_table_name() . ' ' . $set_columns . 'where code_id = %d';
338 $rows_updated = $wpdb->query( $wpdb->prepare( $update, array(
339 $code_name,
340 $code_type,
341 $code,
342 $code_id
343 ) ) );
344 echo ( '' === $wpdb->last_error ? 'UPD-' . esc_attr( $rows_updated ) : 'ERR-' . esc_html( $wpdb->last_error ) );
345 }
346 } else {
347 echo 'ERR-Wrong arguments';
348 }
349 wp_die();
350 }
351
352 /**
353 * Activate code preview from ajax request for a given code_id
354 *
355 * @since 1.0.0
356 */
357 public static function activate_code_preview() {
358 self::header_no_cache();
359 if ( is_user_logged_in() && isset( $_REQUEST['wpnonce'] ) && isset( $_REQUEST['code_id'] ) ) {
360 // Check if action is allowed.
361 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
362 // input var okay.
363 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
364 echo 'ERR-Token expired, please refresh page';
365 wp_die();
366 }
367 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
368 // input var okay.
369 Code_Manager_Preview::add_user_preview_code_id( $code_id );
370 echo 'OK';
371 } else {
372 echo 'ERR-Wrong arguments';
373 }
374 wp_die();
375 }
376
377 /**
378 * Deactivate code preview from ajax request for a given code_id
379 *
380 * @since 1.0.0
381 */
382 public static function deactivate_code_preview() {
383 self::header_no_cache();
384 if ( is_user_logged_in() && isset( $_REQUEST['wpnonce'] ) && isset( $_REQUEST['code_id'] ) ) {
385 // Check if action is allowed.
386 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
387 // input var okay.
388 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
389 echo 'ERR-Token expired, please refresh page';
390 wp_die();
391 }
392 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
393 // input var okay.
394 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
395 echo 'OK';
396 } else {
397 echo 'ERR-Wrong arguments';
398 }
399 wp_die();
400 }
401
402 /**
403 * Reset all previewed code IDs
404 *
405 * @since 1.0.0
406 */
407 public static function reset_preview() {
408 self::header_no_cache();
409 if ( is_user_logged_in() && isset( $_REQUEST['wpnonce'] ) ) {
410 // Check if action is allowed.
411 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
412 // input var okay.
413 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
414 echo 'ERR-Token expired, please refresh page';
415 wp_die();
416 }
417 global $wpdb;
418 $wpdb->query( "delete from {$wpdb->prefix}usermeta where meta_key = 'code_manager_preview_code_ids'" );
419 echo 'OK';
420 } else {
421 echo 'ERR-Wrong arguments';
422 }
423 wp_die();
424 }
425
426 /**
427 * Activate code from ajax request for a given code_id
428 *
429 * @since 1.0.0
430 */
431 public static function activate_code() {
432 self::header_no_cache();
433 if ( isset( $_REQUEST['wpnonce'] ) && isset( $_REQUEST['code_id'] ) && isset( $_REQUEST['code_item_value'] ) ) {
434 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
435 // input var okay.
436 // Check if action is allowed.
437 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
438 // input var okay.
439 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
440 echo 'ERR-Token expired, please refresh page';
441 wp_die();
442 }
443 $code_item_value = sanitize_text_field( wp_unslash( $_REQUEST['code_item_value'] ) );
444 // input var okay.
445 $update_values = array(
446 'code_enabled' => $code_item_value,
447 );
448 global $wpdb;
449 $wpdb->suppress_errors( true );
450 $rows_update = $wpdb->update( self::get_base_table_name(), $update_values, array(
451 'code_id' => $code_id,
452 ) );
453 echo ( '' === $wpdb->last_error ? 'UPD-' . esc_attr( $rows_update ) : 'ERR-' . esc_html( $wpdb->last_error ) );
454 } else {
455 echo 'ERR-Wrong arguments';
456 }
457 }
458
459 /**
460 * Get a list with all available codes from ajax request
461 *
462 * @since 1.0.0
463 */
464 public static function get_code_list() {
465 self::header_no_cache();
466 // Check if action is allowed.
467 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
468 // input var okay.
469 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
470 echo 'ERR-Token expired, please refresh page';
471 wp_die();
472 }
473 $code_manager_tab = new Code_Manager_Tabs();
474 $code_type_groups = $code_manager_tab->get_code_types();
475 $code_types = array('');
476 foreach ( $code_type_groups as $code_type_group ) {
477 foreach ( $code_type_group as $key => $value ) {
478 $code_types[] = $key;
479 }
480 }
481 global $wpdb;
482 $query = 'select code_id, code_name, code_type, code_enabled from ' . self::get_base_table_name() . ' ' . "where code_type in ('" . implode( "','", $code_types ) . "') " . 'order by code_name';
483 $rows = $wpdb->get_results( $query, 'ARRAY_A' );
484 $i = 0;
485 $count = count( $rows );
486 while ( $i < $count ) {
487 $rows[$i]['preview_enabled'] = Code_Manager_Preview::is_code_id_preview_enabled( $rows[$i]['code_id'] );
488 $i++;
489 }
490 echo wp_json_encode( $rows );
491 wp_die();
492 }
493
494 /**
495 * Get code from ajax request
496 *
497 * @return void
498 */
499 public static function get_code() {
500 if ( isset( $_POST['wpda_action'] ) && 'all' === $_POST['wpda_action'] ) {
501 self::header_no_cache( 'application/json' );
502 } else {
503 self::header_no_cache();
504 }
505 if ( isset( $_REQUEST['code_id'] ) ) {
506 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
507 // input var okay.
508 // Check if action is allowed.
509 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
510 // input var okay.
511 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-get-code' . Code_manager::get_current_user_login() ) ) {
512 echo 'ERR-Token expired, please refresh page';
513 wp_die();
514 }
515 echo self::get_code_from_id( $code_id, ( isset( $_POST['wpda_action'] ) ? sanitize_text_field( wp_unslash( $_POST['wpda_action'] ) ) : null ) );
516 } else {
517 echo 'ERR-Wrong arguments';
518 }
519 wp_die();
520 }
521
522 /**
523 * Check if code is enabled through ajax
524 *
525 * @return void
526 */
527 public static function is_code_preview_enabled() {
528 self::header_no_cache();
529 if ( isset( $_REQUEST['wpnonce'] ) && isset( $_REQUEST['code_id'] ) ) {
530 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
531 // input var okay.
532 // Check if action is allowed.
533 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
534 // input var okay.
535 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-get-code' . Code_manager::get_current_user_login() ) ) {
536 echo 'ERR-Token expired, please refresh page';
537 wp_die();
538 }
539 echo ( Code_Manager_Preview::is_code_id_preview_enabled( $code_id ) ? 'true' : 'false' );
540 } else {
541 echo 'ERR-Wrong arguments';
542 }
543 wp_die();
544 }
545
546 /**
547 * Check if code name exists from ajax request
548 *
549 * @since 1.0.0
550 */
551 public static function code_name_exists() {
552 self::header_no_cache();
553 if ( isset( $_REQUEST['code_name'] ) ) {
554 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) );
555 // input var okay.
556 // Check if action is allowed.
557 $wp_nonce = ( isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : '' );
558 // input var okay.
559 if ( !wp_verify_nonce( $wp_nonce, 'code-manager-get-code' . Code_manager::get_current_user_login() ) ) {
560 echo 'ERR-Token expired, please refresh page';
561 wp_die();
562 }
563 if ( '' === self::get_code_from_name( $code_name ) ) {
564 echo 'OK';
565 } else {
566 echo 'ERR-Exists';
567 }
568 } else {
569 echo 'ERR-Wrong arguments';
570 }
571 wp_die();
572 }
573
574 /**
575 * Sends header to browser (allows content type changes)
576 *
577 * @param string $content_type Content type.
578 * @since 1.0.0
579 */
580 protected static function header_no_cache( $content_type = 'text/plain' ) {
581 if ( ob_get_length() ) {
582 // Clear buffer to prevent errors (not 100% proof).
583 ob_clean();
584 }
585 if ( isset( $_REQUEST['code_manager_content_type'] ) ) {
586 // Check if action is allowed.
587 $wp_nonce = ( isset( $_REQUEST['wpnonce_content_type'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce_content_type'] ) ) : '' );
588 // input var okay.
589 if ( wp_verify_nonce( $wp_nonce, 'code_manager_content_type' ) ) {
590 $content_type = sanitize_text_field( wp_unslash( $_REQUEST['code_manager_content_type'] ) );
591 // input var okay.
592 }
593 }
594 header( 'Cache-Control: no-store, no-cache, must-revalidate, max-age=0' );
595 header( 'Cache-Control: post-check=0, pre-check=0', false );
596 header( 'Pragma: no-cache' );
597 header( "Content-Type: {$content_type}; charset=utf-8" );
598 }
599
600 }
601