settings.php — Complianz – GDPR/CCPA Cookie Consent 7.5.0

complianz-gdpr / settings / settings.php

complianz-gdpr / settings Last commit date

assets 7 months ago build 5 days ago config 5 days ago media 2 years ago index.php 2 years ago settings.php 5 days ago wizard.php 2 years ago

settings.php

1215 lines

1	<?php
2	defined('ABSPATH') or die();
3
4	/**
5	* Enqueue Gutenberg block assets for backend editor.
6	*
7	* @since 1.0.0
8	*/
9	require_once( CMPLZ_PATH . 'settings/config/menu.php' );
10	require_once( CMPLZ_PATH . 'settings/config/blocks.php' );
11	require_once( CMPLZ_PATH . 'settings/wizard.php' );
12	require_once( CMPLZ_PATH . 'settings/config/fields-notices.php' );
13	require_once( CMPLZ_PATH . 'settings/media/wp_enqueue_media_override.php');
14	/**
15	* Fix for WPML issue where WPML breaks the rest api by adding a language locale in the url
16	*
17	* @param $url
18	* @param $path
19	* @param $blog_id
20	* @param $scheme
21	*
22	* @return string
23	*/
24	function cmplz_fix_rest_url_for_wpml( $url, $path, $blog_id, $scheme) {
25	if ( strpos($url, 'complianz/v')===false ) {
26	return $url;
27	}
28
29	$current_language = false;
30	if ( function_exists( 'icl_register_string' ) ) {
31	$current_language = apply_filters( 'wpml_current_language', null );
32	}
33
34	if ( function_exists('qtranxf_getLanguage') ){
35	$current_language = qtranxf_getLanguage();
36	}
37
38	if ( $current_language ) {
39	if ( strpos($url, '/'.$current_language.'/wp-json/') ) {
40	$url = str_replace( '/'.$current_language.'/wp-json/', '/wp-json/', $url);
41	}
42	}
43	return $url;
44	}
45	add_filter( 'rest_url', 'cmplz_fix_rest_url_for_wpml', 10, 4 );
46
47	/**
48	* @return void
49	* as we can't append #dashboard to the first menu item, we leave it at 'complianz', and replace the text. This is a bit hacky, but it works.
50	*/
51
52	function cmplz_fix_duplicate_menu_item() {
53	?>
54	<script>
55	window.addEventListener("load", () => {
56	let cmplzMain = document.querySelector('li.wp-has-submenu.toplevel_page_complianz a.wp-first-item');
57	if (cmplzMain) {
58	cmplzMain.innerHTML = cmplzMain.innerHTML.replace('Complianz', '<?php esc_html_e( 'Dashboard', 'complianz-gdpr' )?>');
59	}
60	});
61	</script>
62
63	<?php
64	/**
65	* Ensure the items are selected in sync with the complianz react menu.
66	*/
67	if(isset($_GET['page']) && $_GET['page']==='complianz') {
68	?>
69	<script>
70	const cmplzSetActive = (obj) => {
71	obj.classList.add('current');
72	obj.parentNode.classList.add('current');
73	}
74
75	window.addEventListener("load", () => {
76	let cmplzMain = document.querySelector('li.wp-has-submenu.toplevel_page_complianz a.wp-first-item');
77	if (cmplzMain) {
78	cmplzMain.href = '#';
79	}
80	});
81	//get the hash from the current url
82	let cmplzHash = window.location.hash;
83	//strip off anything after a /
84	if ( cmplzHash.indexOf('/') !== -1 ) {
85	cmplzHash = cmplzHash.substring(0, cmplzHash.indexOf('/'));
86	}
87	if ( !cmplzHash ) {
88	let cmplzMain = document.querySelector('li.wp-has-submenu.toplevel_page_complianz a.wp-first-item');
89	cmplzSetActive(cmplzMain);
90	} else {
91	let cmplzMenuItems = document.querySelector('li.wp-has-submenu.toplevel_page_complianz').querySelectorAll('a');
92	for (const link of cmplzMenuItems) {
93	if (cmplzHash && link.href.indexOf(cmplzHash) !== -1) {
94	cmplzSetActive(link);
95	} else {
96	link.classList.remove('current');
97	link.parentNode.classList.remove('current');
98	}
99	}
100	}
101
102	window.addEventListener('click', (e) => {
103	const cmplzTargetHref = e.target && e.target.href;
104	let cmplzIsMainMenu = false;
105	let cmplzIsWpMenu = false;
106	if (cmplzTargetHref && e.target.classList.contains('cmplz-main')) {
107	cmplzIsMainMenu = true;
108	} else if (cmplzTargetHref && cmplzTargetHref.indexOf('admin.php')!==-1) {
109	cmplzIsWpMenu = true;
110	}
111	if (!cmplzIsWpMenu && !cmplzIsMainMenu) {
112	return;
113	}
114	if (cmplzIsWpMenu) {
115	if (cmplzTargetHref && cmplzTargetHref.indexOf('page=complianz') !== -1) {
116	const parentElement = e.target.parentNode.parentNode;
117	const childLinks = parentElement.querySelectorAll('li, a');
118	// Loop through each 'a' element and add the class
119	for (const link of childLinks) {
120	link.classList.remove('current');
121	}
122	e.target.classList.add('current');
123	e.target.parentNode.classList.add('current');
124	}
125	} else {
126	//find cmplzTargetHref in wordpress menu
127	let cmplzMenuItems = document.querySelector('li.wp-has-submenu.toplevel_page_complianz').querySelectorAll('a');
128	for (const link of cmplzMenuItems) {
129	//check if last character of link.href is '#'
130	if (cmplzTargetHref.indexOf('dashboard')!==-1 && link.href.charAt(link.href.length - 1) === '#'){
131	cmplzSetActive(link);
132	} else if (cmplzTargetHref && link.href.indexOf(cmplzTargetHref) !== -1) {
133	cmplzSetActive(link);
134	} else {
135	link.classList.remove('current');
136	link.parentNode.classList.remove('current');
137	}
138	}
139	}
140	});
141	</script>
142	<?php
143	}
144	}
145	add_action('admin_footer', 'cmplz_fix_duplicate_menu_item');
146	/**
147	* WordPress doesn't allow for translation of chunks resulting of code splitting.
148	* Several workarounds have popped up in JetPack and Woocommerce: https://developer.wordpress.com/2022/01/06/wordpress-plugin-i18n-webpack-and-composer/
149	* Below is mainly based on the Woocommerce solution, which seems to be the most simple approach. Simplicity is king here.
150	*
151	* @return array
152	*/
153	function cmplz_get_chunk_translations() {
154	//get all files from the settings/build folder
155	$files = scandir(CMPLZ_PATH . 'settings/build');
156	$json_translations = [];
157	foreach ($files as $file) {
158	if (strpos($file, '.js') === false) {
159	continue;
160	}
161
162	$chunk_handle = str_replace('.js', '', $file );
163	//temporarily register the script, so we can get a translations object.
164	wp_register_script( $chunk_handle, plugins_url('build/'.$file, __FILE__), [], true );
165	$path = defined('cmplz_premium') ? CMPLZ_PATH . 'languages' : false;
166	$localeData = load_script_textdomain( $chunk_handle, 'complianz-gdpr', $path );
167	if ( !empty($localeData) ){
168	$json_translations[] = $localeData;
169	}
170	wp_deregister_script( $chunk_handle );
171	}
172	return $json_translations;
173	}
174
175	function cmplz_plugin_admin_scripts() {
176
177	// replace with the actual path to your build directory
178	$buildDirPath = plugin_dir_path( __FILE__ ) . '/build';
179
180	// get the filenames in the build directory
181	$filenames = scandir( $buildDirPath );
182
183	// filter the filenames to get the JavaScript and asset filenames
184	$jsFilename = '';
185	$assetFilename = '';
186	foreach ( $filenames as $filename ) {
187	if ( strpos( $filename, 'index.' ) === 0 ) {
188	if ( substr( $filename, - 3 ) === '.js' ) {
189	$jsFilename = $filename;
190	} elseif ( substr( $filename, - 10 ) === '.asset.php' ) {
191	$assetFilename = $filename;
192	}
193	}
194	}
195
196	/**
197	* Register polyfill for React JSX runtime for version lower than 6.6.
198	*
199	* @TODO: Remove this once the minimum required version of WordPress is 6.6.
200	*/
201	global $wp_version;
202
203	if ( version_compare( $wp_version, '6.6', '<' ) && ! wp_script_is( 'react-jsx-runtime', 'registered' ) ) {
204	wp_enqueue_script(
205	'react-jsx-runtime',
206	plugins_url( 'assets/js/react-jsx-runtime.js', __FILE__ ),
207	[ 'react'], // it is a polyfill for react JSX runtime, it depends on react
208	CMPLZ_VERSION,
209	);
210	}
211
212	// check if the necessary files are found
213	if ( $jsFilename !== '' && $assetFilename !== '' ) {
214	$assetFilePath = $buildDirPath . '/' . $assetFilename;
215	$assetFile = require( $assetFilePath );
216	$handle = 'cmplz-settings';
217	cmplz_wp_enqueue_media();
218	wp_enqueue_script( $handle);
219	wp_enqueue_script(
220	$handle,
221	plugins_url( 'build/' . $jsFilename, __FILE__ ),
222	$assetFile['dependencies'],
223	$assetFile['version'],
224	true
225	);
226	wp_set_script_translations( $handle, 'complianz-gdpr' );
227
228	wp_localize_script(
229	'cmplz-settings',
230	'cmplz_settings',
231	apply_filters( 'cmplz_localize_script', [
232	'json_translations' => cmplz_get_chunk_translations(),
233	'site_url' => get_rest_url(),
234	'admin_url' => admin_url(),
235	'admin_ajax_url' => add_query_arg(
236	array(
237	'type' => 'errors',
238	'action' => 'cmplz_rest_api_fallback'
239	),
240	admin_url( 'admin-ajax.php' ) ),
241	'dashboard_url' => cmplz_admin_url(),
242	'upgrade_link' => cmplz_get_referral_url( 'menu', 'header'),
243	'plugin_url' => CMPLZ_URL,
244	'license_url' => is_multisite() ? cmplz_main_site_url('#settings/license') : '#settings/license',
245	'blocks' => cmplz_blocks(),
246	'is_premium' => defined( 'cmplz_premium' ),
247	'nonce' => wp_create_nonce( 'wp_rest' ),//to authenticate the logged in user
248	'cmplz_nonce' => wp_create_nonce( 'cmplz_react' ),
249	'menu' => cmplz_menu(),
250	'regions' => COMPLIANZ::$config->regions,
251	'user_id' => get_current_user_id(),
252	'is_multisite' => is_multisite(),
253	'is_multisite_plugin'=> defined('cmplz_premium_multisite'),
254	'onboarding_complete' => cmplz_wsc_auth::wsc_is_authenticated() \|\| COMPLIANZ::$wsc_onboarding->wsc_is_dismissed(),
255	'wsc_is_authenticated' => cmplz_wsc_auth::wsc_is_authenticated(),
256	'scan_upsell' => COMPLIANZ::$scan->get_scan_upsell_data(),
257	'referral' => [
258	'source' => cmplz_get_source(),
259	'ref_id' => cmplz_get_ref(),
260	'has_partner' => cmplz_get_ref() !== false,
261	],
262	] )
263	);
264	}
265	}
266
267	/**
268	* Get admin url, adjusted for multisite
269	* @return string\|null
270	*/
271	function cmplz_admin_url($path=''){
272	if (is_network_admin()) {
273	switch_to_blog(get_main_site_id());
274	}
275	$url = add_query_arg(array('page' => 'complianz'), admin_url('admin.php') );
276	if (is_network_admin()) {
277	restore_current_blog();
278	}
279	return $url.$path;
280	}
281
282	/**
283	* Get admin url, adjusted for multisite
284	* @return string\|null
285	*/
286	function cmplz_main_site_url($path=''){
287	$switch_back = false;
288	if ( !is_main_site()) {
289	$switch_back = true;
290	switch_to_blog(get_main_site_id());
291	}
292	$url = add_query_arg(array('page' => 'complianz'), admin_url('admin.php') );
293	if ($switch_back) {
294	restore_current_blog();
295	}
296	return $url.$path;
297	}
298
299	/**
300	* Add SSL menu
301	*
302	* @return void
303	*/
304	function cmplz_add_option_menu() {
305	if ( !cmplz_user_can_manage() ) {
306	return;
307	}
308
309	$warnings = COMPLIANZ::$admin->get_warnings( array(
310	'plus_ones' => true,
311	) );
312	$warning_count = count( $warnings );
313	$warning_title = esc_attr( cmplz_sprintf( '%s plugin warnings', $warning_count ) );
314	$plus_one = " <span class='update-plugins count-$warning_count' title='$warning_title'><span class='update-count'>" . number_format_i18n( $warning_count ) . "</span></span>";
315	$page_hook_suffix = add_menu_page(
316	'Complianz',
317	'Complianz'.$plus_one,
318	apply_filters('cmplz_capability','manage_privacy'),
319	'complianz',
320	'cmplz_settings_page',
321	CMPLZ_URL . 'assets/images/menu-icon.svg',
322	CMPLZ_MAIN_MENU_POSITION
323	);
324
325	add_submenu_page(
326	'complianz#dashboard',
327	__( 'Dashboard', 'complianz-gdpr' ).$plus_one,
328	__( 'Dashboard', 'complianz-gdpr' ),
329	apply_filters('cmplz_capability','manage_privacy'),
330	'complianz',
331	'cmplz_settings_page'
332	);
333
334	add_submenu_page(
335	'complianz',
336	__( 'Wizard', 'complianz-gdpr' ),
337	__( 'Wizard', 'complianz-gdpr' ),
338	apply_filters('cmplz_capability','manage_privacy'),
339	'complianz#wizard',
340	'cmplz_settings_page'
341	);
342	do_action( 'cmplz_cookiebanner_menu' );
343	add_submenu_page(
344	'complianz',
345	__( 'Integrations', 'complianz-gdpr' ),
346	__( 'Integrations', 'complianz-gdpr' ),
347	apply_filters('cmplz_capability','manage_privacy'),
348	'complianz#integrations',
349	'cmplz_settings_page'
350	);
351	add_submenu_page(
352	'complianz',
353	__( 'Settings', 'complianz-gdpr' ),
354	__( 'Settings', 'complianz-gdpr' ),
355	apply_filters('cmplz_capability','manage_privacy'),
356	'complianz#settings',
357	'cmplz_settings_page'
358	);
359	add_submenu_page(
360	'complianz',
361	__( 'Tools', 'complianz-gdpr' ),
362	__( 'Tools', 'complianz-gdpr' ),
363	apply_filters('cmplz_capability','manage_privacy'),
364	'complianz#tools',
365	'cmplz_settings_page'
366	);
367
368
369	do_action( 'cmplz_admin_menu' );
370	if ( defined( 'cmplz_free' ) && cmplz_free ) {
371	global $submenu;
372	if (isset($submenu['complianz'])) {
373	$class = 'cmplz-submenu';
374	$highest_index = count($submenu['complianz']);
375	$submenu['complianz'][] = array(
376	__( 'Upgrade to premium', 'complianz-gdpr' ),
377	apply_filters('cmplz_capability','manage_privacy'),
378	cmplz_get_referral_url( 'menu', 'admin-submenu', 'https://complianz.io/l/pricing' )
379	);
380	if ( isset( $submenu['complianz'][$highest_index] ) ) {
381	if (! isset ($submenu['complianz'][$highest_index][4])) $submenu['complianz'][$highest_index][4] = '';
382	$submenu['complianz'][$highest_index][4] .= ' ' . $class;
383	}
384	}
385	}
386
387	add_action( "admin_print_scripts-{$page_hook_suffix}", 'cmplz_plugin_admin_scripts' );
388	}
389	add_action( 'admin_menu', 'cmplz_add_option_menu' );
390
391
392	/**
393	* Render the settings page
394	*/
395
396	function cmplz_settings_page()
397	{
398	if (!cmplz_user_can_manage()) {
399	return;
400	}
401	?>
402	<div id="complianz" class="cmplz"></div>
403	<div id="complianz-modal"></div>
404	<?php
405	}
406
407	/**
408	* If the rest api is blocked, the code will try an admin ajax call as fall back.
409	*
410	* @return void
411	*/
412	function cmplz_rest_api_fallback(){
413	$response = $data = [];
414	$error = $action = $do_action =false;
415	if ( ! cmplz_user_can_manage() ) {
416	$error = true;
417	}
418
419	//if the site is using this fallback, we want to show a notice
420	update_option('cmplz_ajax_fallback_active', time(), false );
421	$requestData = json_decode(file_get_contents('php://input'), true);
422	if (empty($requestData)) {
423	$requestData = $_GET;
424	}
425
426	if ( $requestData ) {
427	$action = $requestData['rest_action'] ?? false;
428	$action = sanitize_text_field( $action );
429	$data = $requestData['data'] ?? false;
430	if ( strpos($action, 'complianz/v1/do_action/')!==false ){
431	$do_action = strtolower(str_replace('complianz/v1/do_action/', '',$action ));
432	}
433	}
434	if (!$error) {
435	if ( strpos($action, 'fields/get')!==false) {
436	$response = cmplz_rest_api_fields_get();
437	} else if (strpos($action, 'fields/set')!==false) {
438	$request = new WP_REST_Request();
439	$response = cmplz_rest_api_fields_set($request);
440	} else if ($do_action) {
441	$request = new WP_REST_Request();
442	$request->set_param('action', $do_action);
443	$request->set_param('data', $data);
444	$response = cmplz_do_action($request );
445	}
446	}
447	if ( ob_get_length() ) {
448	ob_clean();
449	}
450	header( "Content-Type: application/json" );
451	echo json_encode($response);
452	exit;
453	}
454	add_action( 'wp_ajax_cmplz_rest_api_fallback', 'cmplz_rest_api_fallback' );
455
456	add_action( 'rest_api_init', 'cmplz_settings_rest_route', 10 );
457	function cmplz_settings_rest_route() {
458	if (!cmplz_user_can_manage()) {
459	return;
460	}
461
462	register_rest_route( 'complianz/v1', 'fields/get', array(
463	'methods' => 'GET',
464	'callback' => 'cmplz_rest_api_fields_get',
465	'permission_callback' => function () {
466	return cmplz_user_can_manage();
467	}
468	) );
469
470	register_rest_route( 'complianz/v1', 'fields/set', array(
471	'methods' => 'POST',
472	'callback' => 'cmplz_rest_api_fields_set',
473	'permission_callback' => function () {
474	return cmplz_user_can_manage();
475	}
476	) );
477
478	register_rest_route( 'complianz/v1', 'do_action/(?P<action>[a-z\_\-]+)', array(
479	'methods' => 'POST',
480	'callback' => 'cmplz_do_action',
481	'permission_callback' => function () {
482	return cmplz_user_can_manage();
483	}
484	) );
485	}
486
487
488	/**
489	* @param WP_REST_Request $request
490	*
491	* @return array
492	*/
493	function cmplz_do_action($request){
494	if ( !cmplz_user_can_manage() ) {
495	return [];
496	}
497
498	$data = $request->get_param('data');
499	$nonce = $request->get_param('nonce');
500	if ( empty($nonce) && isset($data['nonce'])){
501	$nonce = $data['nonce'];
502	}
503
504	if ( ! wp_verify_nonce( $nonce, 'cmplz_react' ) ) {
505	return [];
506	}
507	$action = sanitize_title($request->get_param('action'));
508	switch($action){
509	case 'get_pages_list':
510	$data = COMPLIANZ::$document->get_pages_list($request);
511	break;
512	case 'update_custom_legal_document_id':
513	$data = COMPLIANZ::$documents_admin->update_custom_legal_document_id($request);
514	break;
515	case 'plugin_actions':
516	$data = cmplz_plugin_actions($request);
517	break;
518	case 'otherpluginsdata':
519	$data = cmplz_other_plugins_data();
520	break;
521	case 'get_cookiebanner_required':
522	$is_required = COMPLIANZ::$banner_loader->site_needs_cookie_warning();
523	$data = ['required' => $is_required];
524	break;
525	case 'reset_settings':
526	$data = cmplz_reset_settings();
527	break;
528	default:
529	$data = apply_filters("cmplz_do_action", [], $action, $request);
530	}
531
532	// Only add request_success if it's not already set by the handler
533	if ( ! isset( $data['request_success'] ) ) {
534	$data['request_success'] = true;
535	}
536
537	if ( ob_get_length() ) {
538	ob_clean();
539	}
540	return $data;
541	}
542
543	/**
544	* Reset all settings to default
545	*/
546	function cmplz_reset_settings() {
547	if ( ! cmplz_user_can_manage() ) {
548	return [];
549	}
550
551	COMPLIANZ::$scan->reset_pages_list(false, true);
552	$options = array(
553	'cmplz_first_sync_started',
554	'cmplz_post_scribe_required',
555	'cmplz_activation_time',
556	'cmplz_review_notice_shown',
557	"cmplz_wizard_completed_once",
558	'cmplz_options',
559	'complianz_active_policy_id',
560	'complianz_scan_token',
561	'cmplz_license_notice_dismissed',
562	'cmplz_license_status',
563	'cmplz_changed_cookies',
564	'cmplz_plugins_changed',
565	'cmplz_detected_stats',
566	'cmplz_deleted_cookies',
567	'cmplz_reported_cookies',
568	'cmplz_sync_cookies_complete',
569	'cmplz_sync_cookies_after_services_complete',
570	'cmplz_sync_services_complete',
571	'cmplz_detected_social_media',
572	'cmplz_detected_thirdparty_services',
573	//'cmplz_vendorlist_downloaded_once',
574	);
575
576	foreach ( $options as $option_name ) {
577	delete_option( $option_name );
578	delete_site_option( $option_name );
579	}
580
581	global $wpdb;
582	$table_names = array(
583	$wpdb->prefix . 'cmplz_statistics',
584	$wpdb->prefix . 'cmplz_cookies',
585	$wpdb->prefix . 'cmplz_services'
586	);
587
588	foreach ( $table_names as $table_name ) {
589	if ( $wpdb->get_var( "SHOW TABLES LIKE '$table_name'" ) === $table_name ) {
590	$wpdb->query( "TRUNCATE TABLE $table_name" );
591	}
592	}
593
594	$banners = cmplz_get_cookiebanners( array( 'status' => 'all' ) );
595	foreach ( $banners as $banner ) {
596	$banner = cmplz_get_cookiebanner( $banner->ID );
597	$banner->delete( true );
598	}
599	//ensure the activation will run again
600	update_option( 'cmplz_run_activation', true, false );
601
602
603	return [ 'success'=> true, 'id'=>'reset_settings','message' => __( 'Data successfully cleared', 'complianz-gdpr' ) ];
604	}
605
606	/**
607	* Process plugin installation or activation actions
608	*
609	* @param WP_REST_Request $request
610	*
611	* @return array
612	*/
613
614	function cmplz_plugin_actions($request){
615	if ( !cmplz_user_can_manage() ) {
616	return [];
617	}
618	$slug = $request->get_param('slug');
619	$action = $request->get_param('pluginAction');
620	if ( $action==='download' \|\| $action==='activate' ) {
621	require_once(CMPLZ_PATH . 'class-installer.php');
622	$installer = new cmplz_installer($slug);
623	}
624
625	if ( $action==='download' ) {
626	$installer->download_plugin();
627	} else if ( $action === 'activate' ) {
628	$installer->activate_plugin();
629	}
630	return cmplz_other_plugins_data($slug);
631	}
632
633	/**
634	* Get plugin data for other plugin section
635	* @param string $slug
636	* @return array
637	*/
638	function cmplz_other_plugins_data($slug=false){
639	if ( !cmplz_user_can_manage() ) {
640	return [];
641	}
642	$plugins = array(
643	[
644	'slug' => 'complianz-terms-conditions',
645	'constant_free' => 'cmplz_tc_version',
646	'create' => admin_url('admin.php?page=terms-conditions'),
647	'wordpress_url' => 'https://wordpress.org/plugins/complianz-terms-conditions/',
648	'title' => 'Complianz - '. __("Terms & Conditions", "complianz-gdpr"),
649	'summary' => __("Configure your own Terms and Conditions.", 'complianz-gdpr'),
650	'description' => __("A simple, but in-depth wizard will configure a Terms and Conditions page for your website or for those of your clients.", 'complianz-gdpr'),
651	'image' => "complianz-gdpr.png",
652	],
653	[
654	'slug' => 'really-simple-ssl',
655	'constant_free' => 'rsssl_version',
656	'constant_premium' => 'rsssl_pro',
657	'wordpress_url' => 'https://wordpress.org/plugins/really-simple-ssl/',
658	'upgrade_url' => 'https://really-simple-ssl.com/pro?src=cmplz-plugin',
659	'title' => "Really Simple Security",
660	'summary' => __("Lightweight plugin. Heavyweight security features.", 'complianz-gdpr'),
661	'description' => __("Leverage your SSL certificate to the fullest, with health checks, security headers, hardening, vulnerability detection and more.", 'complianz-gdpr'),
662	'image' => "really-simple-ssl.png",
663	]
664	);
665
666	foreach ($plugins as $index => $plugin ){
667	$star_rating = false;
668	require_once(CMPLZ_PATH . 'class-installer.php');
669	$installer = new cmplz_installer($plugin['slug']);
670	#if slug defined, get star rating as well
671	if ( $slug ) {
672	$plugin_info = $installer->get_plugin_info();
673	$star_rating = ['rating' => $plugin_info->rating, 'rating_count' => $plugin_info->num_ratings ];
674	}
675
676	if ( isset($plugin['constant_premium']) && defined($plugin['constant_premium']) ) {
677	$plugins[ $index ]['pluginAction'] = 'installed';
678	} else if ( !$installer->plugin_is_downloaded() && !$installer->plugin_is_activated() ) {
679	$plugins[$index]['pluginAction'] = 'download';
680	} else if ( $installer->plugin_is_downloaded() && !$installer->plugin_is_activated() ) {
681	$plugins[ $index ]['pluginAction'] = 'activate';
682	} else {
683	if (isset($plugin['constant_premium']) ) {
684	$plugins[$index]['pluginAction'] = 'upgrade-to-premium';
685	} else {
686	$plugins[ $index ]['pluginAction'] = 'installed';
687	}
688	}
689	}
690
691	if ( $slug ) {
692	foreach ($plugins as $key=> $plugin) {
693	if ($plugin['slug']===$slug){
694	if ($star_rating) $plugin['star_rating'] = $star_rating;
695
696	return $plugin;
697	}
698	}
699	}
700
701	// If first plugin Complianz T&C is not installed, return only that one
702	if ($plugins[0]['pluginAction'] !== 'installed') {
703	return ['plugins' => [$plugins[0]]];
704	}
705
706	// If first plugin is installed, return only the second one
707	return ['plugins' => [$plugins[1]]];
708	}
709
710
711	/**
712	* List of allowed field types
713	* @param $type
714	*
715	* @return mixed\|string
716	*/
717	function cmplz_sanitize_field_type($type){
718	$types = [
719	'hidden',
720	'license',
721	'database',
722	'checkbox',
723	'multicheckbox',
724	'password',
725	'radio',
726	'text',
727	'text_checkbox',
728	'borderradius',
729	'borderwidth',
730	'colorpicker',
731	'css',
732	'editor',
733	'textarea',
734	'document',
735	'number',
736	'email',
737	'select',
738	'phone',
739	'url',
740	'processors',
741	'thirdparties',
742	];
743	if ( in_array( $type, $types, true ) ){
744	return $type;
745	}
746	return 'checkbox';
747	}
748
749	/**
750	* @param WP_REST_Request $request
751	*
752	* @return array
753	*/
754	function cmplz_rest_api_fields_set( WP_REST_Request $request): array {
755	if ( !cmplz_user_can_manage() ) {
756	return [];
757	}
758
759	if ( COMPLIANZ::$wizard->get_lock_user() !== get_current_user_id() ) {
760	return [];
761	}
762	$data = $request->get_param('data');
763	$nonce = $request->get_param('nonce');
764	if ( empty($nonce) && isset($data['nonce'])) {
765	$nonce = $data['nonce'];
766	}
767	if ( ! wp_verify_nonce( $nonce, 'cmplz_react' ) ) {
768	return [];
769	}
770
771	$fields = $request->get_param('fields');
772	$finish = (bool) $request->get_param('finish');
773	$config_fields = COMPLIANZ::$config->fields;
774	$config_ids = array_column($config_fields, 'id');
775	foreach ( $fields as $index => $field ) {
776	$config_field_index = in_array( $field['id'], $config_ids, true );
777	if ( $config_field_index===false ){
778	unset($fields[$index]);
779	}
780	}
781
782	$options = get_option( 'cmplz_options', [] );
783	//build a new options array
784	foreach ( $fields as $index => $field ) {
785	$prev_value = $options[ $field['id'] ] ?? false;
786
787	$value = cmplz_sanitize_field( $field['value'] , $field['type'], $field['id']);
788	$fields[$index]['value'] = $value;
789	$fields[$index]['prev_value'] = $prev_value;
790	$fields[$index]['type'] = cmplz_sanitize_field_type($field['type']);
791	$fields[$index]['id'] = cmplz_sanitize_title_preserve_uppercase($field['id']);
792
793	do_action( "cmplz_before_save_option", $fields[$index]['id'], $value, $prev_value, $fields[$index]['type'] );
794	$options[ $field['id'] ] = $value;
795	$options = cmplz_maybe_add_source_option($options, $value, $field );
796	}
797
798	foreach ( $fields as $field ) {
799	$options = apply_filters( 'cmplz_before_save_options', $options, $field['id'], $field['value'], $field['prev_value'], $field['type'] );
800	}
801
802	if ( ! empty( $options ) ) {
803	update_option( 'cmplz_options', $options );
804	}
805
806	foreach ( $fields as $field ) {
807	$prev_value = $options[ $field['id'] ] ?? false;
808	if ( isset($field['translatable']) && $field['translatable']) {
809
810	$value = $field['value'];
811	$type = $field['type'];
812	$id = $field['id'];
813	if ( is_array( $value ) && ( $type === 'thirdparties' \|\| $type === 'processors' ) ) {
814	foreach ( $value as $item_key => $item ) {
815	//contains the values of an item
816	foreach ( $item as $key => $key_value ) {
817	cmplz_register_translation( $key_value, $item_key . '_' . $id . "_" . $key );
818	}
819	}
820	} else {
821	cmplz_register_translation( $value, $id );
822	}
823
824	}
825	do_action( "cmplz_after_save_field", $field['id'], $field['value'], $prev_value, $field['type'] );
826	}
827	do_action('cmplz_after_saved_fields', $fields );
828	cmplz_delete_transient('cmplz_blocked_scripts');
829	if ($finish){
830	do_action('cmplz_finish_wizard');
831	}
832	if ( ob_get_length() ) {
833	ob_clean();
834	}
835	$fields = cmplz_fields(true, $options);
836	$fields = apply_filters('cmplz_after_saved_fields', $fields );
837
838	return [
839	'request_success' => true,
840	'fields' => $fields,
841	//fields to update the progress bar and notices
842	'notices' => COMPLIANZ::$progress->notices(),
843	'show_cookiebanner' => cmplz_cookiebanner_should_load(true),
844	'field_notices' => cmplz_field_notices(),
845	];
846	}
847
848	/**
849	* Update a complianz option
850	*
851	* @param string $name
852	* @param mixed $value
853	*
854	* @return void
855	*/
856	if (!function_exists('cmplz_update_option')) {
857	function cmplz_update_option( string $name, $value ) {
858	if ( ! cmplz_admin_logged_in() ) {
859	return;
860	}
861	$config_fields = COMPLIANZ::$config->fields;
862	$config_ids = array_column( $config_fields, 'id' );
863
864	$config_field_index = array_search( $name, $config_ids );
865	$config_field = $config_fields[ $config_field_index ] ?? false;
866	if ( $config_field_index === false ) {
867	return;
868	}
869
870	$type = isset( $config_field['type'] ) ? $config_field['type'] : false;
871	if ( ! $type ) {
872	return;
873	}
874
875	$options = get_option( 'cmplz_options', [] );
876
877	if ( ! is_array( $options ) ) {
878	$options = [];
879	}
880
881	/*
882	* Some fields are duplicate, but opposite, like safe_mode vs 'enable_cookie_blocker'.
883	* This function will get the value as its mapped value in the related field.
884	* Then the value is saved in that related field
885	*/
886
887	$prev_value = $options[ $name ] ?? false;
888	$name = cmplz_sanitize_title_preserve_uppercase( $name );
889	$type = cmplz_sanitize_field_type( $type );
890	$value = cmplz_sanitize_field( $value, $type, $name );
891	$value = apply_filters( "cmplz_field_value", $value, cmplz_sanitize_title_preserve_uppercase( $name ), $type );
892	$options[ $name ] = $value;
893	$options = cmplz_maybe_add_source_option( $options, $value, $config_field );
894	$options = apply_filters( 'cmplz_before_save_options', $options, $name, $value, $prev_value, $type );
895
896	update_option( 'cmplz_options', $options );
897
898	do_action( "cmplz_after_save_field", $name, $value, $prev_value, $type );
899	}
900	}
901
902	/**
903	* Update a complianz option without running the hooks
904	* This is needed to prevent infinite loops, when used in the hook callback itself.
905	*
906	* @param string $name
907	* @param mixed $value
908	*
909	* @return void
910	*/
911	if (!function_exists('cmplz_update_option_no_hooks')) {
912	function cmplz_update_option_no_hooks( string $name, $value ) {
913	if ( ! cmplz_admin_logged_in() ) {
914	return;
915	}
916	$config_fields = COMPLIANZ::$config->fields;
917	$config_ids = array_column( $config_fields, 'id' );
918	$config_field_index = array_search( $name, $config_ids );
919	$config_field = $config_fields[ $config_field_index ];
920	if ( $config_field_index === false ) {
921	return;
922	}
923
924	$type = isset( $config_field['type'] ) ? $config_field['type'] : false;
925	if ( ! $type ) {
926	return;
927	}
928
929	$options = get_option( 'cmplz_options', [] );
930
931	if ( ! is_array( $options ) ) {
932	$options = [];
933	}
934
935	$name = cmplz_sanitize_title_preserve_uppercase( $name );
936	$type = cmplz_sanitize_field_type( $type );
937	$value = cmplz_sanitize_field( $value, $type, $name );
938	$value = apply_filters( "cmplz_field_value", $value, $name , $type );
939	$options[ $name ] = $value;
940	update_option( 'cmplz_options', $options );
941	}
942	}
943	/**
944	* Some fields are duplicate, but opposite, like safe_mode vs 'enable_cookie_blocker'.
945	* This function will convert the value to equivalent value in the related field.
946	* @param $options
947	* @param $value
948	* @param $field
949	*
950	* @return int\|mixed\|string
951	*/
952	function cmplz_maybe_add_source_option($options, $value, $field){
953	if (!isset($field['source_id'])) {
954	return $options;
955	}
956	//convert value to mapped source value
957	$source_mapping = array_flip($field['source_mapping']);
958	if ( !isset($source_mapping[$value]) ) {
959	return $options;
960	}
961
962	$mapped_value = $source_mapping[$value];
963
964	//get the source field, and update the value in that field.
965	$config_fields = COMPLIANZ::$config->fields;;
966	$config_ids = array_column($config_fields, 'id');
967	$source_field_index = array_search( $field['source_id'], $config_ids, true );
968	$source_field = $config_fields[$source_field_index];
969	$options[$source_field['id']] = $mapped_value;
970	return $options;
971	}
972
973	/**
974	* Get the rest api fields
975	* @return array
976	*/
977	function cmplz_rest_api_fields_get(): array {
978	if ( !cmplz_user_can_manage() ) {
979	return [];
980	}
981	$nonce = $_GET['nonce'] ?? false;
982	if ( ! wp_verify_nonce( $nonce, 'cmplz_react' ) ) {
983	return [];
984	}
985
986	if ( !COMPLIANZ::$wizard->wizard_is_locked() \|\| COMPLIANZ::$wizard->get_lock_user() === get_current_user_id() ) {
987	COMPLIANZ::$wizard->lock_wizard();
988	}
989
990	delete_option('cmplz_ajax_fallback_active' );
991
992	$output = array();
993	$fields = cmplz_fields();
994	$output['fields'] = $fields;
995	$output['field_notices'] = cmplz_field_notices();
996	$output['request_success'] = true;
997	$output['locked_by'] = COMPLIANZ::$wizard->get_lock_user() ? COMPLIANZ::$wizard->get_lock_user() : get_current_user_id();
998	if ( ob_get_length() ) {
999	ob_clean();
1000	}
1001	return apply_filters('cmplz_rest_api_fields_get', $output);
1002	}
1003
1004	/**
1005	* Sanitize a field
1006	*
1007	* @param mixed $value
1008	* @param string $type
1009	* @param string $id
1010	*
1011	* @return array\|bool\|int\|string\|void
1012	*/
1013	function cmplz_sanitize_field( $value, string $type, string $id ) {
1014	switch ( $type ) {
1015	case 'checkbox':
1016	case 'number':
1017	return (int) $value;
1018	case 'hidden':
1019	return sanitize_title($value);
1020	case 'document':
1021	return in_array($value, ['generated','custom','url','none']) ? $value : false;
1022	case 'url':
1023	return esc_url_raw($value);
1024	case 'license':
1025	return $value;
1026	case 'multicheckbox':
1027	if ( ! is_array( $value ) ) {
1028	$value = empty($value) ? [] : [$value => 1];
1029	}
1030	return array_map( 'sanitize_text_field', $value );
1031	case 'email':
1032	return strtolower(sanitize_email( $value ));
1033	case 'processors':
1034	return cmplz_sanitize_processors($value);
1035	case 'thirdparties':
1036	return cmplz_sanitize_thirdparties($value);
1037	case 'editor':
1038	return wp_kses_post($value);
1039	case 'colorpicker':
1040	return cmplz_sanitize_color_picker($value);
1041	case 'textarea':
1042	return wp_kses_post($value);
1043	case 'select':
1044	case 'password':
1045	case 'text':
1046	default:
1047	return sanitize_text_field( $value );
1048	}
1049	}
1050
1051	function cmplz_sanitize_color_picker($value) {
1052
1053	if ( !is_array($value)) {
1054	return false;
1055	}
1056
1057	foreach ( $value as $key => $color ) {
1058	$value[sanitize_text_field($key)] = sanitize_hex_color($color);
1059	}
1060
1061	return $value;
1062	}
1063	/**
1064	* Sanizite a processors field
1065	* @param array $processors
1066	*
1067	* @return array
1068	*/
1069	function cmplz_sanitize_processors($processors) {
1070	if ( !is_array($processors) ) {
1071	$processors = [];
1072	}
1073	$defaults = [
1074	'name' => '',
1075	'processing_agreement' => false,
1076	'country' => false,
1077	'purpose' => '',
1078	'data' => '',
1079	'saved_by_user' => false,
1080	];
1081
1082	foreach ( $processors as $index => $processor ) {
1083	$processor = wp_parse_args($processor, $defaults);
1084	$processor['name'] = sanitize_text_field($processor['name']);
1085	$processor['processing_agreement'] = (int) $processor['processing_agreement'];
1086	$processor['country'] = sanitize_text_field($processor['country']);
1087	$processor['purpose'] = sanitize_text_field($processor['purpose']);
1088	$processor['data'] = sanitize_text_field($processor['data']);
1089	$processor['saved_by_user'] = (bool) $processor['saved_by_user'];
1090	$processors[$index] = $processor;
1091	}
1092	return $processors;
1093	}
1094
1095	/**
1096	* Sanizite a processors field
1097	*
1098	* @param array $thirdparties
1099	*
1100	* @return array
1101	*/
1102	function cmplz_sanitize_thirdparties( $thirdparties ): array {
1103	if (!is_array($thirdparties)) {
1104	$thirdparties = [];
1105	}
1106	$defaults = [
1107	'name' => '',
1108	'country' => false,
1109	'purpose' => '',
1110	'data' => '',
1111	'saved_by_user' => false,
1112	];
1113
1114	foreach ( $thirdparties as $index => $thirdparty ) {
1115	$thirdparty = wp_parse_args($thirdparty, $defaults);
1116	$thirdparty['name'] = sanitize_text_field($thirdparty['name']);
1117	$thirdparty['country'] = sanitize_text_field($thirdparty['country']);
1118	$thirdparty['purpose'] = sanitize_text_field($thirdparty['purpose']);
1119	$thirdparty['data'] = sanitize_text_field($thirdparty['data']);
1120	$thirdparty['saved_by_user'] = (bool) $thirdparty['saved_by_user'];
1121	$thirdparty[$index] = $thirdparty;
1122	}
1123	return $thirdparties;
1124	}
1125
1126	/**
1127	* Sanitize and encode a password
1128	*
1129	* @param $password
1130	*
1131	* @return mixed\|string
1132	*/
1133	function cmplz_encode_password($password) {
1134	if (!cmplz_user_can_manage()) {
1135	return $password;
1136	}
1137	if ( strlen(trim($password)) === 0 ) {
1138	return $password;
1139	}
1140
1141	$password = sanitize_text_field($password);
1142	if (strpos( $password , 'cmplz_') !== FALSE ) {
1143	return $password;
1144	}
1145
1146	$key = get_site_option('cmplz_key');
1147	if ( !$key ) {
1148	update_site_option( 'cmplz_key' , time() );
1149	$key = get_site_option('cmplz_key');
1150	}
1151
1152	$ivlength = openssl_cipher_iv_length('aes-256-cbc');
1153	$iv = openssl_random_pseudo_bytes($ivlength);
1154	$ciphertext_raw = openssl_encrypt($password, 'aes-256-cbc', $key, 0, $iv);
1155	$key = base64_encode( $iv.$ciphertext_raw );
1156
1157	return 'cmplz_'.$key;
1158	}
1159
1160	/**
1161	* Check if the server side conditions apply
1162	*
1163	* @param array $conditions
1164	*
1165	* @return bool
1166	*/
1167
1168	function cmplz_conditions_apply( array $conditions ){
1169	if (!cmplz_user_can_manage()) {
1170	return false;
1171	}
1172	$defaults = ['relation' => 'AND'];
1173	$conditions = wp_parse_args($conditions, $defaults);
1174	$relation = $conditions['relation'] === 'AND' ? 'AND' : 'OR';
1175	unset($conditions['relation']);
1176	$condition_applies = true;
1177
1178	foreach ( $conditions as $condition => $condition_value ) {
1179	$invert = substr($condition, 1)==='!';
1180	$condition = ltrim($condition, '!');
1181
1182	if ( is_array($condition_value)) {
1183	$this_condition_applies = cmplz_conditions_apply($condition_value);
1184	} else {
1185	//check if it's a function
1186	if (substr($condition, -2) === '()'){
1187	$func = $condition;
1188	if ( preg_match( '/(.)\:\:(.)->(.*)/i', $func, $matches)) {
1189	$class = $matches[2];
1190	$func = $matches[3];
1191	$func = str_replace('()', '', $func);
1192	$this_condition_applies = COMPLIANZ::${$class}->$func() === $condition_value;
1193	} else {
1194	$func = str_replace('()', '', $func);
1195	$this_condition_applies = $func() === $condition_value;
1196	}
1197	} else {
1198	$this_condition_applies = cmplz_get_option($condition) === $condition_value;
1199	}
1200
1201	if ( $invert ){
1202	$this_condition_applies = !$this_condition_applies;
1203	}
1204
1205	}
1206
1207	if ($relation === 'AND') {
1208	$condition_applies = $condition_applies && $this_condition_applies;
1209	} else {
1210	$condition_applies = $condition_applies \|\| $this_condition_applies;
1211	}
1212	}
1213
1214	return $condition_applies;
1215	}