PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 3.18.0
GiveWP – Donation Plugin and Fundraising Platform v3.18.0
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / src / Helpers / Utils.php
give / src / Helpers Last commit date
Form 2 years ago Frontend 2 years ago Gateways 4 years ago ArrayDataSet.php 4 years ago Call.php 3 years ago Date.php 4 years ago EnqueueScript.php 4 years ago Hooks.php 4 years ago Html.php 4 years ago IntlTelInput.php 2 years ago Language.php 2 years ago Table.php 4 years ago Utils.php 1 year ago
Utils.php
207 lines
1 <?php
2
3 namespace Give\Helpers;
4
5 /**
6 * Class Utils
7 *
8 * @package Give\Helpers
9 */
10 class Utils
11 {
12 /**
13 * Extract query param from URL
14 *
15 * @since 2.7.0
16 *
17 * @param string $url
18 * @param string $queryParamName
19 * @param mixed $default
20 *
21 * @return string
22 */
23 public static function getQueryParamFromURL($url, $queryParamName, $default = '')
24 {
25 $queryArgs = wp_parse_args(parse_url($url, PHP_URL_QUERY));
26
27 return isset($queryArgs[$queryParamName]) ? give_clean($queryArgs[$queryParamName]) : $default;
28 }
29
30 /**
31 * This function will change request url with other url.
32 *
33 * @since 2.7.0
34 *
35 * @param string $location Requested URL.
36 * @param string $url URL.
37 * @param array $removeArgs Remove extra query params.
38 * @param array $addArgs add extra query params.
39 *
40 * @return string
41 */
42 public static function switchRequestedURL($location, $url, $addArgs = [], $removeArgs = [])
43 {
44 $queryString = [];
45
46 if ($index = strpos($location, '?')) {
47 $queryString = wp_parse_args(substr($location, strpos($location, '?') + 1));
48 }
49
50 if ($index = strpos($url, '?')) {
51 $queryString = array_merge($queryString, wp_parse_args(substr($url, strpos($url, '?') + 1)));
52 }
53
54 $url = add_query_arg(
55 $queryString,
56 $url
57 );
58
59 if ($removeArgs) {
60 foreach ($removeArgs as $name) {
61 $url = add_query_arg([$name => false], $url);
62 }
63 }
64
65 if ($addArgs) {
66 foreach ($addArgs as $name => $value) {
67 $url = add_query_arg([$name => $value], $url);
68 }
69 }
70
71 return esc_url_raw($url);
72 }
73
74 /**
75 * Remove giveDonationAction from URL.
76 *
77 * @since 2.7.0
78 *
79 * @param $url
80 *
81 * @return string
82 */
83 public static function removeDonationAction($url)
84 {
85 return esc_url_raw( add_query_arg(['giveDonationAction' => false], $url) );
86 }
87
88 /**
89 * Determines whether a plugin is active.
90 *
91 * Only plugins installed in the plugins/ folder can be active.
92 *
93 * Plugins in the mu-plugins/ folder can't be "activated," so this function will
94 * return false for those plugins.
95 *
96 * For more information on this and similar theme functions, check out
97 * the {@link https://developer.wordpress.org/themes/basics/conditional-tags/
98 * Conditional Tags} article in the Theme Developer Handbook.
99 *
100 * @since 2.7.0
101 *
102 * @param string $plugin Path to the plugin file relative to the plugins directory.
103 *
104 * @return bool True, if in the active plugins list. False, not in the list.
105 */
106 public static function isPluginActive($plugin)
107 {
108 if ( ! function_exists('is_plugin_active')) {
109 include_once ABSPATH . 'wp-admin/includes/plugin.php';
110 }
111
112 return is_plugin_active($plugin);
113 }
114
115 /**
116 * @since 3.17.2
117 */
118 public static function removeBackslashes($data)
119 {
120 /**
121 * The stripslashes_deep() method removes only the first backslash occurrence from
122 * a given string, so we are using the ltrim() method to make sure we are removing
123 * all other occurrences. We need to remove these backslashes from the beginner of
124 * the input because attackers can use them to bypass the is_serialized() check.
125 */
126 $data = stripslashes_deep($data);
127 $data = is_string($data) ? ltrim($data, '\\') : $data;
128
129 return $data;
130 }
131
132 /**
133 * The regular expression attempts to capture the basic structure of a serialized array
134 * or object. This is more robust than the is_serialized() function but still not perfect.
135 *
136 * @since 3.17.2
137 */
138 public static function containsSerializedDataRegex($data): bool
139 {
140 if ( ! is_string($data)) {
141 return false;
142 }
143
144 $pattern = '/(a:\d+:\{.*\})|(O:\d+:"[^"]+":\{.*\})/';
145
146 return preg_match($pattern, $data) === 1;
147 }
148
149 /**
150 * @since 3.17.2
151 */
152 public static function isSerialized($data): bool
153 {
154 $data = self::removeBackslashes($data);
155
156 if (is_serialized($data) || self::containsSerializedDataRegex($data)) {
157 return true;
158 }
159
160 return false;
161 }
162
163 /**
164 * @since 3.17.2
165 */
166 public static function safeUnserialize($data)
167 {
168 $data = self::removeBackslashes($data);
169
170 /**
171 * We are setting the allowed_classes to false as a default to
172 * prevent the injection of objects that can run unwished code.
173 *
174 * From PHP docs:
175 * allowed_classes - Either an array of class names which should be accepted, false to accept no classes, or
176 * true to accept all classes. If this option is defined and unserialize() encounters an object of a class
177 * that isn't to be accepted, then the object will be instantiated as __PHP_Incomplete_Class instead. Omitting
178 * this option is the same as defining it as true: PHP will attempt to instantiate objects of any class.
179 */
180 $unserializedData = @unserialize(trim($data), ['allowed_classes' => false]);
181
182 /*
183 * In case the passed string is not unserializeable, false is returned.
184 *
185 * @see https://www.php.net/manual/en/function.unserialize.php
186 */
187
188 return ! $unserializedData && ! self::containsSerializedDataRegex($data) ? $data : $unserializedData;
189 }
190
191 /**
192 * Avoid insecure usage of `unserialize` when the data could be submitted by the user.
193 *
194 * @since 3.16.1
195 *
196 * @param string $data Data that might be unserialized.
197 *
198 * @return mixed Unserialized data can be any type.
199 */
200 public static function maybeSafeUnserialize($data)
201 {
202 return self::isSerialized($data)
203 ? self::safeUnserialize($data)
204 : $data;
205 }
206 }
207