class-ga-controller-core.php
48 lines
| 1 | <?php |
| 2 | /** |
| 3 | * GoogleAnalytics Controller Core. |
| 4 | * |
| 5 | * @package GoogleAnalytics |
| 6 | */ |
| 7 | |
| 8 | /** |
| 9 | * Core Controller. |
| 10 | */ |
| 11 | class Ga_Controller_Core { |
| 12 | |
| 13 | const GA_NONCE_FIELD_NAME = '_gawpnonce'; |
| 14 | const ACTION_PARAM_NAME = 'ga_action'; |
| 15 | |
| 16 | /** |
| 17 | * Runs particular action. |
| 18 | */ |
| 19 | public function handle_actions() { |
| 20 | // Nonce verification happens in verify_nonce function. |
| 21 | $action = false === empty( $_REQUEST[ self::ACTION_PARAM_NAME ] ) ? sanitize_text_field( wp_unslash( $_REQUEST[ self::ACTION_PARAM_NAME ] ) ) : null; // phpcs:ignore |
| 22 | |
| 23 | if ( $action ) { |
| 24 | $class = get_class( $this ); |
| 25 | if ( is_callable( |
| 26 | array( |
| 27 | $class, |
| 28 | $action, |
| 29 | ) |
| 30 | ) ) { |
| 31 | call_user_func( $class . '::' . $action ); |
| 32 | } |
| 33 | } |
| 34 | } |
| 35 | |
| 36 | /** |
| 37 | * Verifies nonce for given action. |
| 38 | * |
| 39 | * @param string $action Action. |
| 40 | * @return bool |
| 41 | */ |
| 42 | public static function verify_nonce( $action ) { |
| 43 | $nonce = filter_input( INPUT_POST, self::GA_NONCE_FIELD_NAME, FILTER_SANITIZE_STRING ); |
| 44 | |
| 45 | return false !== wp_verify_nonce( $nonce, $action ); |
| 46 | } |
| 47 | } |
| 48 |