PluginProbe ʕ •ᴥ•ʔ
Cookiebot by Usercentrics – Automatic Cookie Banner for GDPR/CCPA & Google Consent Mode / 4.6.5
Cookiebot by Usercentrics – Automatic Cookie Banner for GDPR/CCPA & Google Consent Mode v4.6.5
4.7.2 4.7.1 trunk 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 3.0.0 3.0.1 3.1.0 3.10.0 3.10.1 3.11.1 3.11.2 3.11.3 3.2.0 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.6.0 3.6.1 3.6.2 3.6.5 3.6.6 3.7.0 3.7.1 3.8.0 3.9.0 4.0.0 4.0.1 4.0.2 4.0.3 4.1.0 4.1.1 4.2.0 4.2.1 4.2.10 4.2.11 4.2.12 4.2.13 4.2.14 4.2.2 4.2.3 4.2.4 4.2.5 4.2.6 4.2.7 4.2.8 4.2.9 4.3.0 4.3.1 4.3.10 4.3.11 4.3.12 4.3.2 4.3.3 4.3.4 4.3.5 4.3.6 4.3.7 4.3.7.1 4.3.8 4.3.9 4.3.9.1 4.4.0 4.4.1 4.4.2 4.5.0 4.5.1 4.5.10 4.5.11 4.5.2 4.5.3 4.5.4 4.5.5 4.5.6 4.5.7 4.5.8 4.5.9 4.6.0 4.6.1 4.6.2 4.6.3 4.6.4 4.6.5 4.6.6 4.6.7 4.7.0
cookiebot / src / lib / Account_Service.php
cookiebot / src / lib Last commit date
buffer 1 year ago script_loader_tag 4 months ago traits 3 months ago Account_Service.php 3 months ago Consent_API_Helper.php 1 year ago Cookie_Consent.php 3 months ago Cookie_Consent_Interface.php 1 year ago Cookiebot_Activated.php 4 months ago Cookiebot_Admin_Links.php 1 year ago Cookiebot_Automatic_Updates.php 1 year ago Cookiebot_Deactivated.php 5 months ago Cookiebot_Frame.php 1 year ago Cookiebot_Javascript_Helper.php 7 months ago Cookiebot_Review.php 3 months ago Cookiebot_WP.php 3 months ago Dependency_Container.php 3 months ago Settings_Page_Tab.php 1 year ago Settings_Service.php 1 year ago Settings_Service_Interface.php 1 year ago Supported_Languages.php 1 year ago Supported_Regions.php 1 year ago WP_Rocket_Helper.php 1 year ago Widgets.php 1 year ago global-deprecations.php 1 year ago helper.php 3 months ago
Account_Service.php
373 lines
1 <?php
2
3 namespace cybot\cookiebot\lib;
4
5 use cybot\cookiebot\settings\pages\Dashboard_Page;
6 use cybot\cookiebot\lib\Cookiebot_WP;
7 use function add_action;
8 use function admin_url;
9 use function check_ajax_referer;
10 use function current_user_can;
11 use function esc_html__;
12 use function esc_url_raw;
13 use function is_email;
14 use function sanitize_email;
15 use function sanitize_text_field;
16 use function update_option;
17 use function wp_enqueue_script;
18 use function wp_json_encode;
19 use function wp_localize_script;
20 use function wp_remote_post;
21 use function wp_remote_retrieve_body;
22 use function wp_remote_retrieve_response_code;
23 use function wp_send_json_error;
24 use function wp_send_json_success;
25 use function wp_script_is;
26 use function wp_remote_get;
27 use function current_time;
28
29 class Account_Service {
30
31 public function __construct() {
32 $this->register_hooks();
33 }
34
35 public function register_hooks() {
36 add_action( 'admin_enqueue_scripts', array( $this, 'cookiebot_admin_script' ), 100 );
37 add_action( 'wp_ajax_cookiebot_store_cbid', array( $this, 'ajax_store_cbid' ) );
38 add_action( 'wp_ajax_cookiebot_get_cbid', array( $this, 'ajax_get_cbid' ) );
39 add_action( 'wp_ajax_cookiebot_get_auth_token', array( $this, 'ajax_get_auth_token' ) );
40 add_action( 'wp_ajax_cookiebot_set_gcm_enabled', array( $this, 'ajax_set_gcm_enabled' ) );
41 add_action( 'wp_ajax_cookiebot_set_banner_enabled', array( $this, 'ajax_set_banner_enabled' ) );
42 add_action( 'wp_ajax_cookiebot_set_auto_blocking_mode', array( $this, 'ajax_set_auto_blocking_mode' ) );
43 add_action( 'wp_ajax_cookiebot_process_auth_code', array( $this, 'ajax_process_auth_code' ) );
44 add_action( 'wp_ajax_cookiebot_dismiss_banner', array( $this, 'ajax_dismiss_banner' ) );
45 add_action( 'wp_ajax_cookiebot_post_user_data', array( $this, 'ajax_post_user_data' ) );
46 add_action( 'wp_ajax_cookiebot_get_user_data', array( $this, 'ajax_get_user_data' ) );
47 add_action( 'wp_ajax_cookiebot_store_scan_details', array( $this, 'ajax_store_scan_details' ) );
48 add_action( 'wp_ajax_cookiebot_get_scan_details', array( $this, 'ajax_get_scan_details' ) );
49 add_action( 'wp_ajax_cookiebot_store_configuration', array( $this, 'ajax_store_configuration' ) );
50 add_action( 'wp_ajax_cookiebot_delete_auth_token', array( $this, 'ajax_delete_auth_token' ) );
51 add_action( 'wp_ajax_cookiebot_store_onboarding_status', array( $this, 'ajax_store_onboarding_status' ) );
52 add_action( 'wp_ajax_cookiebot_update_scan_id', array( $this, 'ajax_update_scan_id' ) );
53 }
54
55 public function cookiebot_admin_script( $hook ) {
56 if ( 'toplevel_page_' . Dashboard_Page::ADMIN_SLUG !== $hook ) {
57 return;
58 }
59
60 $is_authenticated = ! empty( Cookiebot_WP::get_auth_token() );
61 $cbid = Cookiebot_WP::get_cbid();
62 $user_data = Cookiebot_WP::get_user_data();
63 $was_onboarded = Cookiebot_WP::was_onboarded_via_signup();
64
65 if ( ! $is_authenticated && ! empty( $cbid ) && ! empty( $user_data ) && ! empty( $was_onboarded ) ) {
66 wp_enqueue_script(
67 'cookiebot-account-static-js',
68 asset_url( 'js/backend/account-static.js' ),
69 array( 'jquery' ),
70 Cookiebot_WP::COOKIEBOT_PLUGIN_VERSION,
71 true
72 );
73
74 wp_localize_script(
75 'cookiebot-account-static-js',
76 'cookiebot_account',
77 array(
78 'ajax_url' => admin_url( 'admin-ajax.php' ),
79 'nonce' => wp_create_nonce( 'cookiebot-account' ),
80 'has_user_data' => ! empty( $user_data ),
81 'has_cbid' => ! empty( $cbid ),
82 'debug' => defined( 'WP_DEBUG' ) && WP_DEBUG,
83 'auth_expired_flow' => true,
84 )
85 );
86 } else {
87 wp_enqueue_script(
88 'cookiebot-account-js',
89 asset_url( 'js/backend/account.js' ),
90 array(),
91 Cookiebot_WP::COOKIEBOT_PLUGIN_VERSION,
92 true
93 );
94
95 wp_localize_script(
96 'cookiebot-account-js',
97 'cookiebot_account',
98 array(
99 'ajax_url' => admin_url( 'admin-ajax.php' ),
100 'nonce' => wp_create_nonce( 'cookiebot-account' ),
101 'debug' => true,
102 )
103 );
104 }
105 }
106
107 public function ajax_store_cbid() {
108 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
109 wp_send_json_error( 'Unauthorized', 401 );
110 }
111
112 $cbid = isset( $_POST['cbid'] ) ? sanitize_text_field( wp_unslash( $_POST['cbid'] ) ) : '';
113
114 if ( empty( $cbid ) ) {
115 wp_send_json_error( 'CBID is required', 400 );
116 }
117
118 // Store with consistent name
119 update_option( 'cookiebot-cbid', $cbid );
120
121 wp_send_json_success();
122 }
123
124 public function ajax_update_scan_id() {
125 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
126 wp_send_json_error( 'Unauthorized', 401 );
127 }
128
129 $scan_id = isset( $_POST['scan_id'] ) ? sanitize_text_field( wp_unslash( $_POST['scan_id'] ) ) : '';
130
131 if ( empty( $scan_id ) ) {
132 wp_send_json_error( 'Scan ID is required', 400 );
133 }
134
135 update_option( 'cookiebot-scan-id', $scan_id );
136 wp_send_json_success();
137 }
138
139 public function ajax_post_user_data() {
140 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
141 wp_send_json_error( 'Unauthorized', 401 );
142 return;
143 }
144
145 // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- JSON payload validated by json_decode() below.
146 $raw_data = isset( $_POST['data'] ) ? wp_unslash( $_POST['data'] ) : '';
147
148 if ( empty( $raw_data ) ) {
149 wp_send_json_error( 'No data provided', 400 );
150 return;
151 }
152
153 $data = json_decode( $raw_data, true );
154 if ( json_last_error() !== JSON_ERROR_NONE ) {
155 wp_send_json_error( 'Invalid user data format', 400 );
156 return;
157 }
158 update_option( 'cookiebot-user-data', $data );
159
160 wp_send_json_success( array( 'message' => 'User data stored successfully' ) );
161 }
162
163 public function ajax_get_user_data() {
164 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
165 wp_send_json_error( 'Unauthorized', 401 );
166 return;
167 }
168
169 $user_data = get_option( 'cookiebot-user-data' );
170 wp_send_json_success( $user_data );
171 }
172
173 public function ajax_store_scan_details() {
174 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
175 wp_send_json_error( 'Unauthorized', 401 );
176 return;
177 }
178
179 $scan_id = isset( $_POST['scan_id'] ) ? sanitize_text_field( wp_unslash( $_POST['scan_id'] ) ) : '';
180 $scan_status = isset( $_POST['scan_status'] ) ? sanitize_text_field( wp_unslash( $_POST['scan_status'] ) ) : '';
181
182 update_option( 'cookiebot-scan-id', $scan_id );
183 update_option( 'cookiebot-scan-status', $scan_status );
184
185 wp_send_json_success( array( 'message' => 'Scan details stored successfully' ) );
186 }
187
188 public function ajax_set_banner_enabled() {
189 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
190 wp_send_json_error( 'Unauthorized', 401 );
191 return;
192 }
193
194 $value = isset( $_POST['value'] ) ? sanitize_text_field( wp_unslash( $_POST['value'] ) ) : '';
195
196 // Save option value
197 update_option( 'cookiebot-banner-enabled', $value );
198 wp_send_json_success();
199 }
200
201 public function ajax_set_auto_blocking_mode() {
202 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
203 wp_send_json_error( 'Unauthorized', 401 );
204 return;
205 }
206
207 $value = isset( $_POST['value'] ) ? sanitize_text_field( wp_unslash( $_POST['value'] ) ) : '';
208
209 // Save option value
210 update_option( 'cookiebot-uc-auto-blocking-mode', $value );
211 wp_send_json_success();
212 }
213
214 public function ajax_delete_auth_token() {
215 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
216 wp_send_json_error( 'Unauthorized', 401 );
217 return;
218 }
219 delete_option( 'cookiebot-auth-token' );
220 wp_send_json_success();
221 }
222
223 public function ajax_set_gcm_enabled() {
224 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
225 wp_send_json_error( 'Unauthorized', 401 );
226 return;
227 }
228
229 $value = isset( $_POST['value'] ) ? sanitize_text_field( wp_unslash( $_POST['value'] ) ) : '';
230
231 // Save option value
232 update_option( 'cookiebot-gcm', $value );
233 wp_send_json_success();
234 }
235
236 public function ajax_get_cbid() {
237 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
238 wp_send_json_error( 'Unauthorized', 401 );
239 return;
240 }
241
242 $cbid_req = get_option( 'cookiebot-cbid' );
243 if ( $cbid_req ) {
244 wp_send_json_success( $cbid_req );
245 } else {
246 wp_send_json_error( 'No CBID found', 404 );
247 }
248 }
249
250 public function ajax_get_auth_token() {
251 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
252 wp_send_json_error( 'Unauthorized', 401 );
253 return;
254 }
255
256 $auth_token = get_option( 'cookiebot-auth-token' );
257 wp_send_json_success( $auth_token );
258 }
259
260 public function ajax_process_auth_code() {
261 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
262 wp_send_json_error( 'Unauthorized', 401 );
263 return;
264 }
265
266 $code = isset( $_POST['code'] ) ? sanitize_text_field( wp_unslash( $_POST['code'] ) ) : '';
267
268 if ( empty( $code ) ) {
269 wp_send_json_error( 'No code provided', 400 );
270 return;
271 }
272
273 // Use POST request with code as query parameter
274 // phpcs:ignore
275 $api_url = 'https://api.ea.prod.usercentrics.cloud/v1/auth/auth0/exchange?code=' . urlencode( $code );
276
277 $response = wp_remote_post(
278 $api_url,
279 array(
280 'timeout' => 45,
281 'headers' => array(
282 'Content-Type' => 'application/json',
283 'Accept' => 'application/json',
284 ),
285 'body' => '',
286 )
287 );
288
289 if ( is_wp_error( $response ) ) {
290 $error_message = $response->get_error_message();
291 wp_send_json_error( 'Error: ' . $error_message, 500 );
292 return;
293 }
294
295 $status = wp_remote_retrieve_response_code( $response );
296 $body = wp_remote_retrieve_body( $response );
297
298 $data = json_decode( $body, true );
299 $token = $data['token'];
300
301 update_option( 'cookiebot-auth-token', $token );
302 }
303
304 public function ajax_dismiss_banner() {
305 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
306 wp_send_json_error( 'Unauthorized', 401 );
307 return;
308 }
309
310 // Store the dismissed state as a site option
311 update_option( 'cookiebot_banner_live_dismissed', true );
312
313 wp_send_json_success( array( 'message' => 'Banner dismissed successfully' ) );
314 }
315
316 public function ajax_get_scan_details() {
317 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
318 wp_send_json_error( 'Unauthorized', 401 );
319 return;
320 }
321
322 $scan_id = get_option( 'cookiebot-scan-id' );
323 $scan_status = get_option( 'cookiebot-scan-status', '' );
324
325 if ( $scan_id ) {
326 wp_send_json_success(
327 array(
328 'scan_id' => $scan_id,
329 'scan_status' => $scan_status,
330 )
331 );
332 } else {
333 wp_send_json_error( 'No scan details found', 404 );
334 }
335 }
336
337 public function ajax_store_configuration() {
338 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
339 wp_send_json_error( 'Unauthorized', 401 );
340 return;
341 }
342
343 // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- JSON payload validated by json_decode() below.
344 $configuration = isset( $_POST['configuration'] ) ? wp_unslash( $_POST['configuration'] ) : '';
345
346 if ( empty( $configuration ) ) {
347 wp_send_json_error( 'Configuration data is required', 400 );
348 return;
349 }
350
351 $data = json_decode( $configuration, true );
352 if ( json_last_error() !== JSON_ERROR_NONE ) {
353 wp_send_json_error( 'Invalid configuration data format', 400 );
354 return;
355 }
356
357 update_option( 'cookiebot-configuration', $data );
358 wp_send_json_success( array( 'message' => 'Configuration stored successfully' ) );
359 }
360
361 public function ajax_store_onboarding_status() {
362 if ( ! check_ajax_referer( 'cookiebot-account', 'nonce', false ) || ! current_user_can( 'manage_options' ) ) {
363 wp_send_json_error( 'Unauthorized', 401 );
364 return;
365 }
366
367 $onboarded = isset( $_POST['onboarded'] ) ? (bool) $_POST['onboarded'] : false;
368 update_option( 'cookiebot-uc-onboarded-via-signup', $onboarded );
369
370 wp_send_json_success( array( 'message' => 'Onboarding status stored successfully' ) );
371 }
372 }
373