class-admin.php — Complianz – GDPR/CCPA Cookie Consent 7.4.4

complianz-gdpr / class-admin.php

complianz-gdpr Last commit date

DNSMPD 7 months ago assets 7 months ago config 6 months ago cookie 7 months ago cookiebanner 6 months ago cron 7 months ago documents 6 months ago gutenberg 7 months ago integrations 6 months ago languages 6 months ago mailer 1 year ago onboarding 1 year ago placeholders 7 months ago progress 2 years ago proof-of-consent 2 years ago rest-api 1 year ago settings 6 months ago templates 6 months ago upgrade 6 months ago websitescan 6 months ago LICENSE.txt 4 years ago README.md 7 months ago class-admin.php 6 months ago class-company.php 2 years ago class-cookie-blocker.php 7 months ago class-document.php 1 year ago class-export.php 2 years ago class-field.php 1 year ago class-installer.php 2 years ago class-review.php 11 months ago class-wizard.php 1 year ago complianz-gpdr.php 6 months ago composer.json 1 year ago functions-legacy.php 2 years ago functions.php 7 months ago gulpfile.js 1 year ago index.php 7 years ago loco.xml 4 years ago readme.txt 6 months ago security.md 2 years ago system-status.php 1 year ago uninstall.php 7 months ago upgrade.php 7 months ago

class-admin.php

577 lines

1	<?php
2	defined( 'ABSPATH' ) or die( );
3
4	if ( ! class_exists( "cmplz_admin" ) ) {
5	class cmplz_admin {
6	private static $_this;
7	public $error_message = "";
8	public $success_message = "";
9
10	function __construct() {
11	if ( isset( self::$_this ) ) {
12	wp_die( sprintf( '%s is a singleton class and you cannot create a second instance.',
13	get_class( $this ) ) );
14	}
15
16	self::$_this = $this;
17	add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_assets' ) );
18
19	$plugin = CMPLZ_PLUGIN;
20	add_filter( "plugin_action_links_$plugin", array( $this, 'plugin_settings_link' ) );
21	add_action( "in_plugin_update_message-{$plugin}", array( $this, 'plugin_update_message'), 10, 2 );
22	//add_filter( "auto_update_plugin", array( $this, 'override_auto_updates'), 99, 2 );
23
24	//multisite
25	add_filter( "network_admin_plugin_action_links_$plugin", array( $this, 'plugin_settings_link' ) );
26	add_filter( 'cmplz_option_cookie_domain', array($this, 'filter_cookie_domain'), 10, 2);
27
28	//admin notices
29	add_action( 'wp_ajax_cmplz_dismiss_admin_notice', array( $this, 'dismiss_warning' ) );
30	add_action( 'admin_notices', array( $this, 'show_admin_notice' ) );
31	add_action( 'admin_print_footer_scripts', array( $this, 'insert_dismiss_admin_notice_script' ) );
32	add_action( 'admin_init', array( $this, 'activation' ) );
33	add_action( 'upgrader_process_complete', array( $this, 'run_table_init_hook'), 10, 1);
34	add_action( 'wp_initialize_site', array( $this, 'run_table_init_hook'), 10, 1);
35	}
36
37	static function this() {
38	return self::$_this;
39	}
40
41	/**
42	* On Multisite site creation, run table init hook as well.
43	* @return void
44	*/
45	public function run_table_init_hook(){
46	do_action( 'cmplz_install_tables' );
47	//we need to run table creation across subsites as well.
48	if ( is_multisite() ) {
49	$sites = get_sites();
50	if (count($sites)>0) {
51	foreach ($sites as $site) {
52	switch_to_blog($site->blog_id);
53	do_action( 'cmplz_install_tables' );
54	restore_current_blog();
55	}
56	}
57	}
58	}
59
60	public function activation(){
61	if ( !cmplz_admin_logged_in() ){
62	return;
63	}
64
65	if ( get_option( 'cmplz_run_activation' ) ) {
66	update_option('cmplz_activation_time', time(), false );
67	cmplz_update_option_no_hooks( 'use_cdb_api', 'yes' );
68	COMPLIANZ::$documents_admin->preload_privacy_info();
69	$this->run_table_init_hook();
70	delete_option( 'cmplz_run_activation' );
71	}
72	}
73
74	/**
75	* Hooked into ajax call to dismiss a warning
76	* @hooked wp_ajax_cmplz_dismiss_warning
77	*/
78
79	public function dismiss_warning() {
80	$error = false;
81
82	if ( !cmplz_user_can_manage() ) {
83	$error = true;
84	}
85
86	if ( !isset($_POST['id']) ) {
87	$error = true;
88	}
89
90	if ( !$error ) {
91	$warning_id = sanitize_title($_POST['id']);
92	$dismissed_warnings = get_option( 'cmplz_dismissed_warnings', array() );
93	if ( !in_array($warning_id, $dismissed_warnings) ) {
94	$dismissed_warnings[] = $warning_id;
95	}
96	update_option('cmplz_dismissed_warnings', $dismissed_warnings, false );
97	delete_transient('complianz_warnings');
98	delete_transient('complianz_warnings_admin_notices');
99	}
100
101	$out = array(
102	'success' => ! $error,
103	);
104
105	die( json_encode( $out ) );
106	}
107
108	/**
109	* Sanitize the cookiedomain
110	* @param string $fieldname
111	* @param string $fieldvalue
112	*
113	* @return string\|string[]
114	*/
115
116	public function filter_cookie_domain( $fieldvalue, $fieldname ){
117	if ( ! cmplz_user_can_manage() ) {
118	return $fieldvalue;
119	}
120
121	//sanitize the cookie domain
122	return str_replace(array("https://", "http://", "www."), "", $fieldvalue);
123	}
124
125	/**
126	* check for website hardening plugins
127	*
128	* @return bool
129	*/
130	public function no_security_plugin_active(){
131	//create switch statement
132	if (defined('rsssl_version')) return false; //really simple security
133	if (defined('WORDFENCE_VERSION')) return false; //wordfence
134	if (class_exists('ITSEC_Core')) return false; //ithemes
135	if (class_exists('AIO_WP_Security')) return false; // All in one security
136	if (class_exists('SG_Security')) return false; // Siteground security
137	if (defined('DEFENDER_VERSION')) return false;
138	if (defined('SUCURISCAN_INIT')) return false;
139	if (defined('JETPACK__VERSION')) return false;
140	if (defined('BULLETPROOF_VERSION')) return false;
141	if (class_exists('MCWPSettings')) return false;
142	if (function_exists('GOTMLS_install')) return false; //anti malware security and brute force firewall
143
144	return true;
145	}
146
147	/**
148	* Add a major changes notice to the plugin updates message
149	* @param $plugin_data
150	* @param $response
151	*/
152	public function plugin_update_message($plugin_data, $response){
153	// if ( strpos($response->slug , 'complianz') !==false && $response->new_version === '7.0.0' && !cmplz_get_option("beta") ) {
154	// echo '<br /><b>' . '&nbsp'.cmplz_sprintf(__("This is a major release and while tested thoroughly you might experience conflicts or lost data. We recommend you back up your data before updating and check your configuration after update.", "complianz-gdpr").'</b>','<a target="_blank" href="https://complianz.io/upgrade-to-complianz-7-0/">','</a>');
155	// }
156
157	if ( strpos($response->slug , 'complianz') !==false && strpos($response->new_version, 'beta.')!==false && cmplz_get_option("beta") ) {
158	echo '<br /><b>' . '&nbsp'.__("It is highly recommended that you back up your data before updating to the Beta version. Beta versions are not intended for production environments or critical systems. They are best suited for users who are willing to explore new features and provide feedback.", "complianz-gdpr").'</b>';
159	}
160	}
161	/**
162	* If this update is to 6, don't auto update
163	* Deactivated as of 6.0
164	*
165	* @param $update
166	* @param $item
167	*
168	* @return false\|mixed
169	*/
170	public function override_auto_updates( $update, $item ) {
171	if ( isset( $item->slug ) && strpos($item->slug , 'complianz') !==false && version_compare($item->new_version, '6.0.0', '>=') ) {
172	return false;
173	}
174	return $update;
175	}
176
177	/**
178	* Enqueue some assets
179	*
180	* @param $hook
181	*/
182	public function enqueue_assets( $hook ) {
183	if ( strpos( $hook, 'complianz' ) === false) {
184	return;
185	}
186	$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
187	$rtl = is_rtl() ? 'rtl/' : '';
188	$url = trailingslashit(CMPLZ_URL) . "assets/css/{$rtl}admin{$min}.css";
189	$path = trailingslashit(CMPLZ_PATH) . "assets/css/{$rtl}admin{$min}.css";
190	wp_enqueue_style( 'complianz-admin', $url, ['wp-components'], filemtime($path) );
191	}
192
193	/**
194	* Add custom link to plugins overview page
195	*
196	* @hooked plugin_action_links_$plugin
197	*
198	* @param array $links
199	*
200	* @return array $links
201	*/
202
203	public function plugin_settings_link( $links ) {
204	$settings_link = '<a href="'
205	. admin_url( "admin.php?page=complianz" )
206	. '" class="cmplz-settings-link">'
207	. __( "Settings", 'complianz-gdpr' ) . '</a>';
208	array_unshift( $links, $settings_link );
209
210	$support_link = defined( 'cmplz_free' )
211	? "https://wordpress.org/support/plugin/complianz-gdpr"
212	: cmplz_get_referral_url( 'articles', 'plugins-page-support', 'https://complianz.io/support' );
213	$faq_link = '<a target="_blank" href="' . $support_link . '">'
214	. __( 'Support', 'complianz-gdpr' ) . '</a>';
215	array_unshift( $links, $faq_link );
216
217	if ( ! defined( 'cmplz_premium' ) ) {
218	$upgrade_link
219	= '<a style="color:#2DAAE1;font-weight:bold" target="_blank" href="' . cmplz_get_referral_url( 'menu', 'plugins-page', 'https://complianz.io/l/pricing' ) . '">'
220	. __( 'Upgrade to premium', 'complianz-gdpr' ) . '</a>';
221	array_unshift( $links, $upgrade_link );
222	}
223
224	return $links;
225	}
226
227	/**
228	* Insert some ajax script to dismiss the admin notice
229	*
230	* @since 2.0
231	*
232	* @access public
233	*
234	* type: dismiss, later
235	*
236	*/
237
238	public function insert_dismiss_admin_notice_script() {
239	$ajax_nonce = wp_create_nonce( "cmplz_dismiss_admin_notice" );
240	?>
241	<script type='text/javascript'>
242	jQuery(document).ready(function ($) {
243	$(".cmplz-admin-notice.notice.is-dismissible").on("click", ".notice-dismiss, .cmplz-btn-dismiss-notice", function (event) {
244	var id = $('.cmplz-admin-notice').data('admin_notice_id');
245	var data = {
246	'action': 'cmplz_dismiss_admin_notice',
247	'id': id,
248	'token': '<?php echo $ajax_nonce; ?>'
249	};
250	$.post(ajaxurl, data, function (response) {
251	$(".cmplz-admin-notice.notice.is-dismissible").remove();
252	});
253	});
254	});
255	</script>
256	<?php
257	}
258
259	/**
260	* Show an admin notice from our warnings list
261	* @return void
262	*/
263	public function show_admin_notice(){
264	//delete_transient( 'complianz_warnings' );
265	if ( cmplz_get_option( 'disable_notifications' ) ) {
266	return;
267	}
268
269	$warnings = $this->get_warnings( [ 'admin_notices' => true] );
270	if (count($warnings)==0) {
271	return;
272	}
273
274	//only one admin notice at the same time.
275	$keys = array_keys($warnings);
276	$id = $keys[0];
277	$warning = $warnings[$id];
278	$this->admin_notice($warning, $id);
279	}
280
281	/**
282	* @param array $warning
283	*/
284	public function admin_notice( $warning, $id='' ) {
285	if (!isset($warning['open'])) {
286	return;
287	}
288	/**
289	* Prevent notice from being shown on Gutenberg page, as it strips off the class we need for the ajax callback.
290	*
291	* */
292
293	$screen = get_current_screen();
294	if ( $screen && $screen->parent_base === 'edit' ) {
295	return;
296	}
297	?>
298	<style>
299	#message.cmplz-admin-notice {
300	margin-left:10px !important;
301	}
302	.cmplz-admin-notice-container {
303	display:flex;
304	}
305	.cmplz-admin-notice-logo {
306	margin:20px 10px;
307	}
308	.cmplz-admin-notice-content {
309	margin: 20px 30px;
310	}
311	</style>
312	<div id="message"
313	class="updated fade notice is-dismissible cmplz-admin-notice really-simple-plugins"
314	data-admin_notice_id="<?php echo $id?>"
315	style="border-left:4px solid #333">
316	<div class="cmplz-admin-notice-container">
317	<div class="cmplz-admin-notice-logo"><img width=80px"
318	src="<?php echo CMPLZ_URL ?>assets/images/icon-logo.svg"
319	alt="logo">
320	</div>
321	<div class="cmplz-admin-notice-content">
322	<p><?php echo wp_kses_post($warning['open']) ?>
323	<?php
324	if (isset($warning['url'])) {
325	$target = strpos( $warning['url'], 'complianz.io' )!==false ? 'target="_blank"' : '';
326	$warning_title = isset($warning['title']) ? $warning['title'] : __('this topic', 'complianz-gdpr');
327	$link_text = cmplz_sprintf( __('Read more about %s', 'complianz-gdpr'), $warning_title );
328	$aria_label = cmplz_sprintf( __('Read more about %s', 'complianz-gdpr'), $warning_title );
329	?><a href="<?php echo esc_url_raw($warning['url'])?>" <?php echo $target?> aria-label="<?php echo esc_attr($aria_label); ?>"><?php echo $link_text; ?></a><?php
330	}
331	?>
332	</p>
333	<br /><button class="cmplz-btn-dismiss-notice button-secondary"><?php esc_html_e(__("Dismiss","complianz-gdpr"))?></button>
334	</div>
335	</div>
336	</div>
337	<?php
338
339	}
340
341	/**
342	* get a list of applicable warnings.
343	*
344	* @param array $args
345	*
346	* @return array
347	*/
348
349	public function get_warnings( $args = array() ) {
350	if ( ! cmplz_user_can_manage() ) {
351	return [];
352	}
353	$disable_notifications = cmplz_get_option( 'disable_notifications' );
354	$defaults = array(
355	'cache' => true,
356	'status' => 'all',
357	'plus_ones' => false,
358	'progress_items_only' => false,
359	'admin_notices' => false,
360	);
361	$args = wp_parse_args($args, $defaults);
362
363	// if ($disable_notifications) {
364	// $args['status'] = 'urgent';
365	// }
366	$admin_notice = $args['admin_notices'] ? '_admin_notices' : '';
367
368	$cache = $args['cache'];
369	if ( cmplz_is_logged_in_rest() ) {
370	$cache = false;
371	}
372	$warnings = $cache ? get_transient( 'complianz_warnings'.$admin_notice ) : false;
373	//re-check if there are no warnings, or if the transient has expired
374	if ( ! $warnings ) {
375	$warnings = [];
376	$warning_type_defaults = array(
377	'plus_one' => false,
378	'warning_condition' => '_true_',
379	'success_conditions' => array(),
380	'relation' => 'OR',
381	'status' => 'open',
382	'dismissible' => true,
383	'include_in_progress' => false,
384	'admin_notice' => false,
385	);
386
387	$warning_types = cmplz_load_warning_types();
388	if (empty($warning_types)) {
389	return [];
390	}
391
392
393	foreach ($warning_types as $id => $warning_type) {
394	$warning_types[$id] = wp_parse_args($warning_type, $warning_type_defaults );
395	}
396
397	$dismissed_warnings = get_option('cmplz_dismissed_warnings', array() );
398	foreach ( $warning_types as $id => $warning ) {
399	if ( in_array( sanitize_title($id), $dismissed_warnings) ) {
400	continue;
401	}
402
403	if ( $args['admin_notices'] && !$warning['admin_notice']){
404	continue;
405	}
406
407	if ( !$args['admin_notices'] && $warning['admin_notice']){
408	continue;
409	}
410
411	$show_warning = $this->validate_function($warning['warning_condition']);
412	if ( !$show_warning ) {
413	continue;
414	}
415
416	$relation = $warning['relation'];
417	if ( $relation === 'AND' ) {
418	$success = TRUE;
419	} else {
420	$success = FALSE;
421	}
422	foreach ( $warning[ 'success_conditions'] as $func) {
423	$condition = $this->validate_function($func);
424	if ( $relation === 'AND' ) {
425	$success = $success && $condition;
426	} else {
427	$success = $success \|\| $condition;
428	}
429	}
430
431	if ( !$success ) {
432	if ( isset( $warning['open']) ) {
433	$warning['message'] = $warning['open'];
434	$warning['status'] = 'open';
435	$warnings[$id] = $warning;
436	} else if (isset( $warning['urgent']) ) {
437	$warning['message'] = $warning['urgent'];
438	$warning['status'] = 'urgent';
439	$warnings[$id] = $warning;
440	} else if (isset( $warning['premium']) ) {
441	$warning['message'] = $warning['premium'];
442	$warning['status'] = 'premium';
443	$warnings[$id] = $warning;
444	}
445	} else {
446	if (isset( $warning['completed']) ) {
447	$warning['message'] = $warning['completed'];
448	$warning['status'] = 'completed';
449	$warning['plus_one'] = false;
450	$warnings[$id] = $warning;
451	}
452	}
453	}
454	set_transient( 'complianz_warnings'.$admin_notice, $warnings, HOUR_IN_SECONDS );
455	}
456
457	//filtering outside cache if, to make sure all warnings are saved for the cache.
458	//filter by status
459	if ($args['status'] !== 'all' ) {
460	$filter_statuses = is_array($args['status']) ? $args['status'] : array($args['status']);
461	foreach ($warnings as $id => $warning ) {
462	if ( !in_array( $warning['status'], $filter_statuses) ) {
463	unset( $warnings[$id] );
464	}
465	}
466	}
467
468	//filter by plus ones
469	if ($args['plus_ones']) {
470	//if notifications disabled, we return an empty array when the plus ones are requested.
471	if ( $disable_notifications ) {
472	return array();
473	}
474
475	foreach ($warnings as $id => $warning ) {
476	//prevent notices on upgrade to 5.0
477	if ( !isset( $warning['plus_one'])) continue;
478
479	if ( !$warning['plus_one'] ){
480	unset($warnings[$id]);
481	}
482	}
483	}
484
485	//filter for progress bar
486	if ($args['progress_items_only']) {
487	foreach ($warnings as $id => $warning ) {
488	//prevent notices on upgrade to 5.0
489	if ( !isset( $warning['include_in_progress'])) continue;
490
491	if ( !$warning['include_in_progress'] ){
492	unset($warnings[$id]);
493	}
494	}
495	}
496
497	//sort so warnings are on top
498	$completed = array();
499	$open = array();
500	$urgent = array();
501
502	if ( ! empty( $warnings ) ) {
503	foreach ( $warnings as $key => $warning ) {
504	if ( isset($warning['status']) && $warning['status'] === 'urgent' ) {
505	$urgent[$key] = $warning;
506	} elseif ( isset($warning['status']) && $warning['status'] === 'open' ) {
507	$open[$key] = $warning;
508	} else {
509	$completed[$key] = $warning;
510	}
511	}
512	}
513
514	return $urgent + $open + $completed;
515	}
516
517	/**
518	* Get output of function, in format 'function', or 'class()->sub()->function'
519	* We can pass one variable to the function
520	* @param string $func
521	* @return string\|bool
522	*/
523
524	private function validate_function( $func ){
525	$invert = false;
526	if (strpos($func, 'NOT ') !== FALSE ) {
527	$func = str_replace('NOT ', '', $func);
528	$invert = true;
529	}
530
531	if ( empty($func) ) {
532	return true;
533	}
534
535	if ( strpos($func, 'get_option_') !== false ) {
536	$field = str_replace( 'get_option_', '', $func );
537	$output = get_option( $field );
538	} else if ( preg_match( '/get_value_(.)==(.)/i', $func, $matches)) {
539	$fieldname = $matches[1];
540	$value = $matches[2];
541	$output = cmplz_get_option( $fieldname ) === $value;
542	} else if ( $func === '_true_') {
543	$output = true;
544	} else if ( $func === '_false_' ) {
545	$output = false;
546	} else {
547	if ( preg_match( '/(.)->(.)/i', $func, $matches)) {
548	if (preg_match( '/(.)->(.)$(.*)$/i', $func, $sub_matches )) {
549	$class = $sub_matches[1];
550	$function = $sub_matches[2];
551	$variable = $sub_matches[3];
552	$output = COMPLIANZ::${$class}->$function($variable);
553	} else {
554	$class = $matches[1];
555	$function = $matches[2];
556	$output = COMPLIANZ::${$class}->$function();
557	}
558	} else if ( preg_match( '/(.)$(.)$/i', $func, $matches ) ) {
559	$func = $matches[1];
560	$variable = $matches[2];
561	$output = $func($variable);
562	} else{
563	$output = $func();
564	}
565	}
566
567	if ( $invert ) {
568	$output = !$output;
569	}
570
571	return $output;
572	}
573
574
575	}
576	} //class closure
577