PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.7
Code Manager v1.0.7
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Model.php
code-manager / Code_Manager Last commit date
Code_Manager.php 5 years ago Code_Manager_Export.php 5 years ago Code_Manager_Form.php 5 years ago Code_Manager_Import.php 5 years ago Code_Manager_Import_File.php 5 years ago Code_Manager_List.php 5 years ago Code_Manager_List_View.php 5 years ago Code_Manager_Model.php 5 years ago Code_Manager_Preview.php 5 years ago Code_Manager_Settings.php 5 years ago Code_Manager_Tabs.php 5 years ago Message_Box.php 5 years ago WP_List_Table.php 5 years ago
Code_Manager_Model.php
645 lines
1 <?php
2
3 namespace Code_Manager {
4
5 /**
6 * Class Code_Manager_Model
7 *
8 * Interface between code manager front-end and code manager database table.
9 *
10 * @author Peter Schulz
11 * @since 1.0.0
12 */
13 class Code_Manager_Model {
14
15 /**
16 * Base table name without prefix
17 */
18 const BASE_TABLE_NAME = 'code_manager';
19
20 /**
21 * Base table name with prefix
22 *
23 * @since 1.0.0
24 *
25 * @return string Real base table name
26 */
27 public static function get_base_table_name() {
28 global $wpdb;
29 return $wpdb->prefix . static::BASE_TABLE_NAME;
30 }
31
32 /**
33 * Check if base table exists
34 *
35 * @since 1.0.0
36 *
37 * @return bool TRUE = table found
38 */
39 public static function table_exists() {
40 global $wpdb;
41
42 $wpdb->query(
43 $wpdb->prepare( '
44 select true
45 from `information_schema`.`tables`
46 where table_schema = %s
47 and table_name = %s
48 ',
49 [
50 $wpdb->dbname,
51 self::get_base_table_name(),
52 ]
53 )
54 );
55 $wpdb->get_results();
56
57 return 1 === $wpdb->num_rows;
58 }
59
60 /**
61 * Get record from code manager table for given Code ID
62 *
63 * @since 1.0.0
64 *
65 * @param integer $code_id Code ID
66 *
67 * @return array
68 */
69 public static function dml_query( $code_id ) {
70 global $wpdb;
71 return $wpdb->get_results(
72 $wpdb->prepare(
73 'select * from `' . self::get_base_table_name() . '` ' .
74 'where code_id = %d',
75 [
76 $code_id
77 ]
78 ),
79 'ARRAY_A'
80 );
81 }
82
83 /**
84 * Get record from code manager table for given code name
85 *
86 * @since 1.0.0
87 *
88 * @param integer $code_name Code name
89 *
90 * @return array
91 */
92 public static function dml_query_by_name( $code_name ) {
93 global $wpdb;
94 return $wpdb->get_results(
95 $wpdb->prepare(
96 'select * from `' . self::get_base_table_name() . '` ' .
97 'where code_name = %s',
98 [
99 $code_name
100 ]
101 ),
102 'ARRAY_A'
103 );
104 }
105
106 /**
107 * Insert new row into code manager table
108 *
109 * @since 1.0.0
110 *
111 * @param string $code_name Code name
112 * @param integer $code_type Code type
113 * @param string $code Code
114 * @param string $code_author Author
115 * @param string $code_description Description
116 *
117 * @return int Code ID if insert was successful or -1 if insert failed
118 */
119 public static function dml_insert( $code_name, $code_type, $code, $code_author, $code_description, $code_enabled ) {
120 global $wpdb;
121 $rows = $wpdb->insert(
122 self::get_base_table_name(),
123 [
124 'code_name' => $code_name,
125 'code_type' => $code_type,
126 'code_enabled' => $code_enabled,
127 'code' => $code,
128 'code_author' => $code_author,
129 'code_description' => $code_description,
130 ]
131 );
132 return 1 === $rows ? $wpdb->insert_id : -1;
133 }
134
135 /**
136 * Update row in code manager table
137 *
138 * @since 1.0.0
139 *
140 * @param integer $code_id Code ID
141 * @param string $code_name Code name
142 * @param string $code_type Code type
143 * @param string $code Code
144 * @param string $code_author Author
145 * @param string $code_description Description
146 *
147 * @return integer Number of rows updated
148 */
149 public static function dml_update( $code_id, $code_name, $code_type, $code, $code_author, $code_description, $code_enabled ) {
150 $code_row = self::dml_query( $code_id );
151 $code_type_changed = false;
152
153 if ( is_array( $code_row ) && 1 === sizeof( $code_row ) ) {
154 if ( ! isset( $code_row[0]['code_type'] ) ) {
155 return 0;
156 } else {
157 if ( $code_type !== $code_row[0]['code_type'] ) {
158 $code_type_changed = true;
159 }
160 }
161 } else {
162 return 0;
163 }
164
165 $column_values = [
166 'code_name' => $code_name,
167 'code_type' => $code_type,
168 'code_enabled' => $code_enabled,
169 'code' => $code,
170 'code_author' => $code_author,
171 'code_description' => $code_description,
172 ];
173 if ( $code_type_changed ) {
174 $column_values['code_enabled'] = 0;
175 }
176
177 global $wpdb;
178 return $wpdb->update(
179 self::get_base_table_name(),
180 $column_values,
181 [
182 'code_id' => $code_id
183 ]
184 );
185 }
186
187 /**
188 * Delete row from code manager table
189 *
190 * @since 1.0.0
191 *
192 * @param integer $code_id Code ID
193 *
194 * @return integer Number of rows deleted
195 */
196 public static function dml_delete( $code_id ) {
197 global $wpdb;
198 return $wpdb->query(
199 $wpdb->prepare(
200 'delete from `' . self::get_base_table_name() . '` ' .
201 'where code_id = %d',
202 [
203 $code_id
204 ]
205 )
206 );
207 }
208
209 /**
210 * Get shortcode for a given code id
211 *
212 * @since 1.0.0
213 *
214 * @param integer $code_id Code ID
215 *
216 * @return string Code
217 */
218 public static function get_code_from_id( $code_id ) {
219 if ( is_numeric( $code_id ) ) {
220 global $wpdb;
221 $query = 'select * from `' . self::get_base_table_name() . "` where code_id = %d";
222 $code =
223 $wpdb->get_results(
224 $wpdb->prepare(
225 $query,
226 [
227 $code_id
228 ]
229 ),
230 'ARRAY_A'
231 );
232
233 if ( 1 === $wpdb->num_rows ) {
234 return $code[0]['code'];
235 }
236 }
237
238 return '';
239 }
240
241 /**
242 * Get shortcode for a given code name
243 *
244 * @since 1.0.0
245 *
246 * @param integer $code_id Code ID
247 *
248 * @return string Code
249 */
250 protected static function get_code_from_name( $code_name ) {
251 if ( '' !== $code_name ) {
252 global $wpdb;
253 $query = 'select * from `' . self::get_base_table_name() . "` where code_name = %s";
254 $code =
255 $wpdb->get_results(
256 $wpdb->prepare(
257 $query,
258 [
259 $code_name
260 ]
261 ),
262 'ARRAY_A'
263 );
264
265 if ( 1 === $wpdb->num_rows ) {
266 return $code[0]['code'];
267 }
268 }
269
270 return '';
271 }
272
273 /**
274 * Get codes for a given code type
275 *
276 * @since 1.0.0
277 *
278 * @param string $code_type Code type
279 *
280 * @return array List of code
281 */
282 public static function get_codes( $code_type ) {
283 global $wpdb;
284 $query = 'select * from `' . self::get_base_table_name() . '` ' .
285 "where code_type = '{$code_type}'"; // No prepare needed
286 return $wpdb->get_results( $query, 'ARRAY_A' );
287 }
288
289 /**
290 * Get active codes (status = enabled) for a given code type
291 *
292 * @since 1.0.0
293 *
294 * @param string $code_type Code type
295 *
296 * @return array List of code
297 */
298 public static function get_active_codes( $code_type ) {
299 global $wpdb;
300 $query = 'select * from `' . self::get_base_table_name() . '` ' .
301 "where code_type = '{$code_type}' and code_enabled > 0"; // No prepare needed
302 return $wpdb->get_results( $query, 'ARRAY_A' );
303 }
304
305 /**
306 * Update code from ajax request (insert when new: code_id = -1)
307 *
308 * @since 1.0.0
309 */
310 public static function update_code() {
311 self::header_no_cache();
312
313 if (
314 isset( $_REQUEST['wpnonce'] ) ||
315 isset( $_REQUEST['code_id'] ) ||
316 isset( $_REQUEST['code_name'] ) ||
317 isset( $_REQUEST['code_type'] ) ||
318 isset( $_REQUEST['code'] )
319 ) {
320 // All arguments available, start update process
321 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
322
323 // Check if actions is allowed
324 $wp_nonce = isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : ''; // input var okay.
325 if ( ! wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
326 echo 'ERR-Not authorized';
327 wp_die();
328 }
329
330 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
331 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
332 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
333
334 global $wpdb;
335 $wpdb->suppress_errors( true );
336
337 if ( '-1' == $code_id ) {
338 // Insert new code
339 $rows_inserted = $wpdb->insert(
340 self::get_base_table_name(),
341 [
342 'code_name' => $code_name,
343 'code_type' => $code_type,
344 'code' => $code
345 ]
346 );
347
348 echo 1 === $rows_inserted ? 'INS-' . $wpdb->insert_id : 'ERR-' . $wpdb->last_error;
349 } else {
350 // Update existing code
351 $code_row = self::dml_query( $code_id );
352 $code_type_changed = false;
353
354 if ( is_array( $code_row ) && 1 === sizeof( $code_row ) ) {
355 if ( ! isset( $code_row[0]['code_type'] ) ) {
356 echo 'UPD-0';
357 wp_die();
358 } else {
359 if ( $code_type !== $code_row[0]['code_type'] ) {
360 $code_type_changed = true;
361 }
362 }
363 } else {
364 echo 'UPD-0';
365 wp_die();
366 }
367
368 $set_columns = 'set code_name = %s, code_type = %s, code = %s ';
369 if ( $code_type_changed ) {
370 $set_columns .= ', code_enabled = 0 ';
371 }
372
373 $rows_updated = $wpdb->query(
374 $wpdb->prepare(
375 'update ' . self::get_base_table_name() . ' ' .
376 $set_columns .
377 'where code_id = %d',
378 [
379 $code_name,
380 $code_type,
381 $code,
382 $code_id
383 ]
384 )
385 );
386
387 echo '' === $wpdb->last_error ? "UPD-{$rows_updated}" : 'ERR-' . $wpdb->last_error;
388 }
389 } else {
390 echo 'ERR-Wrong arguments';
391 }
392
393 wp_die();
394 }
395
396 /**
397 * Activate code preview from ajax request for a given code_id
398 *
399 * @since 1.0.0
400 */
401 public static function activate_code_preview() {
402 self::header_no_cache();
403
404 if ( is_user_logged_in() && isset( $_REQUEST['wpnonce'] ) && isset( $_REQUEST['code_id'] ) ) {
405 // Check if action is allowed
406 $wp_nonce = isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : ''; // input var okay.
407 if ( ! wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
408 echo 'ERR-Not authorized';
409 wp_die();
410 }
411
412 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
413
414 Code_Manager_Preview::add_user_preview_code_id( $code_id );
415
416 echo 'OK';
417 } else {
418 echo 'ERR-Wrong arguments';
419 }
420
421 wp_die();
422 }
423
424 /**
425 * Deactivate code preview from ajax request for a given code_id
426 *
427 * @since 1.0.0
428 */
429 public static function deactivate_code_preview() {
430 self::header_no_cache();
431
432 if ( is_user_logged_in() && isset( $_REQUEST['wpnonce'] ) && isset( $_REQUEST['code_id'] ) ) {
433 // Check if action is allowed
434 $wp_nonce = isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : ''; // input var okay.
435 if ( ! wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
436 echo 'ERR-Not authorized';
437 wp_die();
438 }
439
440 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
441
442 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
443
444 echo 'OK';
445 } else {
446 echo 'ERR-Wrong arguments';
447 }
448
449 wp_die();
450 }
451
452 /**
453 * Reset all previewed code IDs
454 *
455 * @since 1.0.0
456 */
457 public static function reset_preview() {
458 self::header_no_cache();
459
460 if ( is_user_logged_in() && isset( $_REQUEST['wpnonce'] ) ) {
461 // Check if action is allowed
462 $wp_nonce = isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : ''; // input var okay.
463 if ( ! wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
464 echo 'ERR-Not authorized';
465 wp_die();
466 }
467
468 global $wpdb;
469 $wpdb->query( "delete from {$wpdb->prefix}usermeta where meta_key = 'code_manager_preview_code_ids'" );
470
471 echo 'OK';
472 } else {
473 echo 'ERR-Wrong arguments';
474 }
475
476 wp_die();
477 }
478
479 /**
480 * Activate code from ajax request for a given code_id
481 *
482 * @since 1.0.0
483 */
484 public static function activate_code() {
485 self::header_no_cache();
486
487 if (
488 isset( $_REQUEST['wpnonce'] ) &&
489 isset( $_REQUEST['code_id'] ) &&
490 isset( $_REQUEST['code_item_value'] )
491 ) {
492 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
493
494 // Check if action is allowed
495 $wp_nonce = isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : ''; // input var okay.
496 if ( ! wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
497 echo 'ERR-Not authorized';
498 wp_die();
499 }
500
501 $code_item_value = sanitize_text_field( wp_unslash( $_REQUEST['code_item_value'] ) ); // input var okay.
502 $update_values = [
503 'code_enabled' => $code_item_value
504 ];
505
506 global $wpdb;
507 $wpdb->suppress_errors( true );
508 $rows_update = $wpdb->update(
509 self::get_base_table_name(),
510 $update_values,
511 [
512 'code_id' => $code_id
513 ]
514 );
515
516 echo '' === $wpdb->last_error ? "UPD-{$rows_update}" : 'ERR-' . $wpdb->last_error;
517 } else {
518 echo 'ERR-Wrong arguments';
519 }
520 }
521
522 /**
523 * Get a list with all available codes from ajax request
524 *
525 * @since 1.0.0
526 */
527 public static function get_code_list() {
528 self::header_no_cache();
529
530 // Check if action is allowed
531 $wp_nonce = isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : ''; // input var okay.
532 if ( ! wp_verify_nonce( $wp_nonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
533 echo 'ERR-Not authorized';
534 wp_die();
535 }
536
537 $code_manager_tabs_class = CODE_MANAGER_TAB_CLASS;
538 $code_manager_tabs = new $code_manager_tabs_class();
539 $code_type_groups = $code_manager_tabs->get_code_types();
540 $code_types = [''];
541 foreach ( $code_type_groups as $code_type_group ) {
542 foreach ( $code_type_group as $key => $value ) {
543 $code_types[] = $key;
544 }
545 }
546
547 global $wpdb;
548 $query = 'select code_id, code_name, code_type, code_enabled from ' . self::get_base_table_name() . ' ' .
549 "where code_type in ('" . implode( "','", $code_types ) . "') " .
550 'order by code_name';
551 $rows = $wpdb->get_results( $query, 'ARRAY_A' );
552
553 $i = 0;
554 while ( $i < sizeof( $rows ) ) {
555 $rows[$i]['preview_enabled'] = Code_Manager_Preview::is_code_id_preview_enabled( $rows[$i]['code_id'] );
556 $i++;
557 }
558 echo json_encode( $rows );
559
560 wp_die();
561 }
562
563 public static function get_code() {
564 self::header_no_cache();
565
566 if ( isset( $_REQUEST['code_id'] ) ) {
567 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
568
569 // Check if action is allowed
570 $wp_nonce = isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : ''; // input var okay.
571 if ( ! wp_verify_nonce( $wp_nonce, 'code-manager-get-code' . Code_manager::get_current_user_login() ) ) {
572 echo 'ERR-Not authorized';
573 wp_die();
574 }
575
576 echo self::get_code_from_id( $code_id );
577 } else {
578 echo 'ERR-Wrong arguments';
579 }
580
581 wp_die();
582 }
583
584 /**
585 * Check if code name exists from ajax request
586 *
587 * @since 1.0.0
588 */
589 public static function code_name_exists() {
590 self::header_no_cache();
591
592 if ( isset( $_REQUEST['code_name'] ) ) {
593 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
594
595 // Check if action is allowed
596 $wp_nonce = isset( $_REQUEST['wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ) : ''; // input var okay.
597 if ( ! wp_verify_nonce( $wp_nonce, 'code-manager-get-code' . Code_manager::get_current_user_login() ) ) {
598 echo 'ERR-Not authorized';
599 wp_die();
600 }
601
602 if ( '' === self::get_code_from_name( $code_name ) ) {
603 echo 'OK';
604 } else {
605 echo 'ERR-Exists';
606 }
607 } else {
608 echo 'ERR-Wrong arguments';
609 }
610
611 wp_die();
612 }
613
614 /**
615 * Sends header to browser (allows content type changes)
616 *
617 * @since 1.0.0
618 */
619 protected static function header_no_cache() {
620 if ( ob_get_length() ) {
621 // Clear buffer to prevent errors (not 100% proof)
622 ob_clean();
623 }
624
625 $content_type = 'text/plain';
626
627 if ( isset( $_REQUEST['code_manager_content_type'] ) ) {
628 // Check if action is allowed
629 $wp_nonce = isset( $_REQUEST['wpnonce_content_type'] ) ?
630 sanitize_text_field( wp_unslash( $_REQUEST['wpnonce_content_type'] ) ) : ''; // input var okay.
631 if ( wp_verify_nonce( $wp_nonce, 'code_manager_content_type' ) ) {
632 $content_type =
633 sanitize_text_field( wp_unslash( $_REQUEST['code_manager_content_type'] ) ); // input var okay.
634 }
635 }
636
637 header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
638 header("Cache-Control: post-check=0, pre-check=0", false);
639 header("Pragma: no-cache");
640 header("Content-Type: {$content_type}; charset=utf-8");
641 }
642
643 }
644
645 }