PluginProbe ʕ •ᴥ•ʔ
Presto Player / 4.1.1
Presto Player v4.1.1
4.3.0 4.2.4 4.2.3 4.2.2 4.2.0 4.2.1 trunk 1.10.0 1.10.1 1.10.2 1.11.0 1.12.0 1.13.0 1.14.0 1.14.1 1.5.10 1.5.11 1.5.12 1.5.13 1.5.14 1.5.15 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.10 1.6.11 1.6.12 1.6.13 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9 1.7.0 1.7.1 1.7.2 1.8.0 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.9.0 1.9.1 1.9.10 1.9.11 1.9.12 1.9.13 1.9.14 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.0.0 2.0.1 2.0.10 2.0.11 2.0.12 2.0.13 2.0.14 2.0.15 2.0.16 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.0.8 2.0.9 2.1.0 2.2.0 2.2.1 2.2.2 2.2.3 2.2.3-beta1 2.3.0 2.3.1 2.3.2 2.3.3 3.0.0 3.0.0-beta1 3.0.1 3.0.2 3.0.3 3.0.4 3.0.5 3.0.6 3.0.7 3.0.8 3.1.0 3.1.1 3.1.2 3.1.3 4.0.0 4.0.1 4.0.2 4.0.3 4.0.4 4.0.5 4.0.6 4.0.7 4.0.8 4.1.0 4.1.1 4.1.2 4.1.3 4.1.4
presto-player / inc / Files.php
presto-player / inc Last commit date
Blocks 6 months ago Contracts 1 year ago Database 4 months ago Integrations 3 months ago Libraries 3 months ago Models 3 months ago Seeds 1 year ago Services 3 months ago Support 4 months ago config 4 months ago lib 4 months ago Activator.php 1 year ago Attachment.php 4 months ago Controller.php 1 year ago Core.php 1 year ago Deactivator.php 1 year ago Factory.php 3 months ago Files.php 1 year ago Playlist.php 1 year ago Plugin.php 9 months ago Requirements.php 1 year ago support.php 1 year ago
Files.php
293 lines
1 <?php
2
3 namespace PrestoPlayer;
4
5 use PrestoPlayer\Attachment;
6
7 class Files {
8
9 /**
10 * Allowed ip addresses to private folder
11 *
12 * @var array
13 */
14 protected $allowed_ips = array();
15
16 /**
17 * Privat folder name
18 *
19 * @var string
20 */
21 protected $private_folder = 'presto-player-private';
22
23 /**
24 * Store allowed ips and let user filter private folder
25 */
26 public function __construct() {
27 $this->allowed_ips = include PRESTO_PLAYER_PLUGIN_DIR . '/inc/Libraries/BunnyCDNIPs.php';
28 $this->private_folder = apply_filters( 'presto_player_private_foldername', $this->private_folder );
29 }
30
31 public function getAllowedIPs() {
32 return $this->allowed_ips;
33 }
34
35 /**
36 * Register actions and filters
37 *
38 * @return void
39 */
40 public function register() {
41 add_filter( 'upload_dir', array( $this, 'mediaUploadFolder' ) );
42 add_filter( 'wp_prepare_attachment_for_js', array( $this, 'galleryLabel' ) );
43 add_filter( 'wp_generate_attachment_metadata', array( $this, 'privateMeta' ), 10, 2 );
44 add_action( 'ajax_query_attachments_args', array( $this, 'hidePrivate' ) );
45
46 return $this;
47 }
48
49 /**
50 * Gets a public or private type
51 *
52 * @return string
53 */
54 public function getVideoType() {
55 $query = array();
56 $url = wp_get_raw_referer();
57 $parts = parse_url( $url );
58 isset( $parts['query'] ) ? parse_str( $parts['query'], $query ) : '';
59 return isset( $query['presto_video_type'] ) ? $query['presto_video_type'] : '';
60 }
61
62 /**
63 * Hides external attachment items from ajax query
64 *
65 * @param array $query
66 * @return array
67 */
68 public function hideAjaxExternalVideos( $query ) {
69 $query['meta_query'] = array(
70 'relation' => 'OR',
71 array(
72 'key' => 'presto_external_id',
73 'compare' => 'NOT EXISTS', // works!
74 ),
75 );
76
77 return $query;
78 }
79
80 /**
81 * Hide external videos on attachment page
82 *
83 * @param \WP_Query $query
84 * @return void
85 */
86 public function hideExternalVideos( $query ) {
87 global $pagenow;
88
89 // disable on uploads page
90 if ( $pagenow !== 'upload.php' ) {
91 return;
92 }
93
94 // allow filter to fetch
95 if ( apply_filters( 'presto_player_get_external_attachments', false ) ) {
96 return;
97 }
98
99 $query->set(
100 'meta_query',
101 array(
102 'relation' => 'OR',
103 array(
104 'key' => 'presto_external_id',
105 'compare' => 'NOT EXISTS', // works!
106 'value' => '', // This is ignored, but is necessary...
107 ),
108 )
109 );
110 }
111
112 /**
113 * Hides private/public items based on video type query
114 *
115 * @param array $query
116 * @return array
117 */
118 public function hidePrivate( $query ) {
119 $type = $this->getVideoType();
120
121 switch ( $type ) {
122 case 'public': // public only, dont show private
123 $query['meta_query'] = array(
124 array(
125 'relation' => 'AND',
126 array(
127 'key' => 'presto_external_id',
128 'compare' => 'NOT EXISTS', // works!
129 'value' => '', // This is ignored, but is necessary...
130 ),
131 array(
132 'relation' => 'OR',
133 array(
134 'key' => 'presto-private-video',
135 'compare' => 'NOT EXISTS', // works!
136 'value' => '', // This is ignored, but is necessary...
137 ),
138 array(
139 'key' => 'presto-private-video',
140 'value' => false,
141 ),
142 ),
143 ),
144 );
145 break;
146 case 'private': // private only
147 $query['meta_query'] = array(
148 array(
149 'relation' => 'AND',
150 array(
151 'key' => 'presto_external_id',
152 'compare' => 'NOT EXISTS', // works!
153 'value' => '', // This is ignored, but is necessary...
154 ),
155 array(
156 'key' => 'presto-private-video',
157 'value' => true,
158 ),
159 ),
160 );
161 break;
162 }
163
164 return $query;
165 }
166
167 /**
168 * Add meta data to attachment so WP knows it's private
169 *
170 * @param array $data
171 * @return void
172 */
173 public function privateMeta( $data, $id ) {
174 if ( Attachment::isPrivate( $id ) ) {
175 update_post_meta( $id, 'presto-private-video', true );
176 }
177
178 return $data;
179 }
180
181
182 /**
183 * Change media uploader folder only in case of private files
184 *
185 * @param array $data
186 * @return array
187 */
188 public function mediaUploadFolder( $data ) {
189 if ( $this->getVideoType() === 'private' ) {
190 $data['path'] = $data['basedir'] . '/' . $this->private_folder;
191 $data['url'] = $data['baseurl'] . '/' . $this->private_folder;
192 $data['subdir'] = $this->private_folder;
193 }
194
195 return $data;
196 }
197
198 /**
199 * If the media is into private folder change response to show
200 */
201 public function galleryLabel( $response ) {
202 if ( strpos( $response['url'], $this->private_folder ) !== false || strpos( $response['url'], 'video-src' ) !== false || strpos( $response['url'], 'presto-player-token' ) !== false ) {
203 $response['filename'] = __( 'Private: ', 'presto-player' ) . $response['filename'];
204 }
205
206 return $response;
207 }
208
209 /**
210 * Adds the private folder
211 *
212 * @return void
213 */
214 public function addPrivateFolder() {
215 \WP_Filesystem();
216 global $wp_filesystem;
217
218 $private_folder = $this->makeFolder( $wp_filesystem, apply_filters( 'presto_player_private_folder_name', $this->private_folder ) );
219 $this->setHtaccess( $wp_filesystem, $private_folder );
220
221 if ( ! empty( $wp_filesystem->errors->errors ) ) {
222 add_action( 'admin_notices', array( $this, 'errorNotice' ) );
223 }
224 }
225
226 /**
227 * Show an error notice if we can't create the priate folder
228 *
229 * @return void
230 */
231 public function errorNotice() {
232 $class = 'notice notice-error';
233 $message = __( 'Irks! Error when creating a new private folder for private media', 'presto-player' );
234
235 printf( '<div class="%1$s"><p>%2$s</p></div>', esc_attr( $class ), esc_html( $message ) );
236 }
237
238 /**
239 * Makes our custom folder in the .htaccess directory
240 *
241 * @param \WP_Filesystem $wp_filesystem
242 * @param string $folder_name
243 * @return void
244 */
245 private function makeFolder( $wp_filesystem, $folder_name ) {
246 $wp_upload_dir = wp_upload_dir();
247 $private_folder = trailingslashit( $wp_upload_dir['basedir'] ) . $folder_name;
248 $wp_filesystem->mkdir( $private_folder );
249
250 return $private_folder;
251 }
252
253 /**
254 * Sets htaccess rules in the new private folder
255 *
256 * @param \WP_Filesystem $wp_filesystem
257 * @param string $private_folder
258 * @return void
259 */
260 private function setHtaccess( $wp_filesystem, $private_folder ) {
261 $file = trailingslashit( $private_folder ) . '.htaccess';
262 $wp_filesystem->put_contents( $file, $this->return_htaccess_file_content(), FS_CHMOD_FILE );
263 }
264
265 public function makeIPWhiteList() {
266 $out = '';
267 foreach ( $this->allowed_ips as $ip ) {
268 $out .= "allow from $ip \n";
269 }
270 return $out;
271 }
272
273 /**
274 * Htaccess configuration
275 *
276 * @return string (heredoc)
277 */
278 private function return_htaccess_file_content() {
279 $list = $this->makeIPWhitelist();
280 return <<<END
281 # Deny access to everything by default
282 Order Deny,Allow
283 deny from all
284 $list
285 # Deny access to sub directory
286 <Files subdirectory/*>
287 deny from all
288 $list
289 </Files>
290 END;
291 }
292 }
293