Blocks
3 months ago
Contracts
1 year ago
Database
1 month ago
Integrations
3 months ago
Libraries
3 months ago
Models
1 month ago
Seeds
1 year ago
Services
1 month ago
Support
1 month ago
config
1 month ago
lib
1 month ago
Activator.php
1 month ago
Attachment.php
4 months ago
Controller.php
1 year ago
Core.php
1 year ago
Deactivator.php
2 months ago
Factory.php
3 months ago
Files.php
1 year ago
Playlist.php
1 year ago
Plugin.php
1 month ago
Requirements.php
1 year ago
support.php
1 year ago
Files.php
293 lines
| 1 | <?php |
| 2 | |
| 3 | namespace PrestoPlayer; |
| 4 | |
| 5 | use PrestoPlayer\Attachment; |
| 6 | |
| 7 | class Files { |
| 8 | |
| 9 | /** |
| 10 | * Allowed ip addresses to private folder |
| 11 | * |
| 12 | * @var array |
| 13 | */ |
| 14 | protected $allowed_ips = array(); |
| 15 | |
| 16 | /** |
| 17 | * Privat folder name |
| 18 | * |
| 19 | * @var string |
| 20 | */ |
| 21 | protected $private_folder = 'presto-player-private'; |
| 22 | |
| 23 | /** |
| 24 | * Store allowed ips and let user filter private folder |
| 25 | */ |
| 26 | public function __construct() { |
| 27 | $this->allowed_ips = include PRESTO_PLAYER_PLUGIN_DIR . '/inc/Libraries/BunnyCDNIPs.php'; |
| 28 | $this->private_folder = apply_filters( 'presto_player_private_foldername', $this->private_folder ); |
| 29 | } |
| 30 | |
| 31 | public function getAllowedIPs() { |
| 32 | return $this->allowed_ips; |
| 33 | } |
| 34 | |
| 35 | /** |
| 36 | * Register actions and filters |
| 37 | * |
| 38 | * @return void |
| 39 | */ |
| 40 | public function register() { |
| 41 | add_filter( 'upload_dir', array( $this, 'mediaUploadFolder' ) ); |
| 42 | add_filter( 'wp_prepare_attachment_for_js', array( $this, 'galleryLabel' ) ); |
| 43 | add_filter( 'wp_generate_attachment_metadata', array( $this, 'privateMeta' ), 10, 2 ); |
| 44 | add_action( 'ajax_query_attachments_args', array( $this, 'hidePrivate' ) ); |
| 45 | |
| 46 | return $this; |
| 47 | } |
| 48 | |
| 49 | /** |
| 50 | * Gets a public or private type |
| 51 | * |
| 52 | * @return string |
| 53 | */ |
| 54 | public function getVideoType() { |
| 55 | $query = array(); |
| 56 | $url = wp_get_raw_referer(); |
| 57 | $parts = parse_url( $url ); |
| 58 | isset( $parts['query'] ) ? parse_str( $parts['query'], $query ) : ''; |
| 59 | return isset( $query['presto_video_type'] ) ? $query['presto_video_type'] : ''; |
| 60 | } |
| 61 | |
| 62 | /** |
| 63 | * Hides external attachment items from ajax query |
| 64 | * |
| 65 | * @param array $query |
| 66 | * @return array |
| 67 | */ |
| 68 | public function hideAjaxExternalVideos( $query ) { |
| 69 | $query['meta_query'] = array( |
| 70 | 'relation' => 'OR', |
| 71 | array( |
| 72 | 'key' => 'presto_external_id', |
| 73 | 'compare' => 'NOT EXISTS', // works! |
| 74 | ), |
| 75 | ); |
| 76 | |
| 77 | return $query; |
| 78 | } |
| 79 | |
| 80 | /** |
| 81 | * Hide external videos on attachment page |
| 82 | * |
| 83 | * @param \WP_Query $query |
| 84 | * @return void |
| 85 | */ |
| 86 | public function hideExternalVideos( $query ) { |
| 87 | global $pagenow; |
| 88 | |
| 89 | // disable on uploads page |
| 90 | if ( $pagenow !== 'upload.php' ) { |
| 91 | return; |
| 92 | } |
| 93 | |
| 94 | // allow filter to fetch |
| 95 | if ( apply_filters( 'presto_player_get_external_attachments', false ) ) { |
| 96 | return; |
| 97 | } |
| 98 | |
| 99 | $query->set( |
| 100 | 'meta_query', |
| 101 | array( |
| 102 | 'relation' => 'OR', |
| 103 | array( |
| 104 | 'key' => 'presto_external_id', |
| 105 | 'compare' => 'NOT EXISTS', // works! |
| 106 | 'value' => '', // This is ignored, but is necessary... |
| 107 | ), |
| 108 | ) |
| 109 | ); |
| 110 | } |
| 111 | |
| 112 | /** |
| 113 | * Hides private/public items based on video type query |
| 114 | * |
| 115 | * @param array $query |
| 116 | * @return array |
| 117 | */ |
| 118 | public function hidePrivate( $query ) { |
| 119 | $type = $this->getVideoType(); |
| 120 | |
| 121 | switch ( $type ) { |
| 122 | case 'public': // public only, dont show private |
| 123 | $query['meta_query'] = array( |
| 124 | array( |
| 125 | 'relation' => 'AND', |
| 126 | array( |
| 127 | 'key' => 'presto_external_id', |
| 128 | 'compare' => 'NOT EXISTS', // works! |
| 129 | 'value' => '', // This is ignored, but is necessary... |
| 130 | ), |
| 131 | array( |
| 132 | 'relation' => 'OR', |
| 133 | array( |
| 134 | 'key' => 'presto-private-video', |
| 135 | 'compare' => 'NOT EXISTS', // works! |
| 136 | 'value' => '', // This is ignored, but is necessary... |
| 137 | ), |
| 138 | array( |
| 139 | 'key' => 'presto-private-video', |
| 140 | 'value' => false, |
| 141 | ), |
| 142 | ), |
| 143 | ), |
| 144 | ); |
| 145 | break; |
| 146 | case 'private': // private only |
| 147 | $query['meta_query'] = array( |
| 148 | array( |
| 149 | 'relation' => 'AND', |
| 150 | array( |
| 151 | 'key' => 'presto_external_id', |
| 152 | 'compare' => 'NOT EXISTS', // works! |
| 153 | 'value' => '', // This is ignored, but is necessary... |
| 154 | ), |
| 155 | array( |
| 156 | 'key' => 'presto-private-video', |
| 157 | 'value' => true, |
| 158 | ), |
| 159 | ), |
| 160 | ); |
| 161 | break; |
| 162 | } |
| 163 | |
| 164 | return $query; |
| 165 | } |
| 166 | |
| 167 | /** |
| 168 | * Add meta data to attachment so WP knows it's private |
| 169 | * |
| 170 | * @param array $data |
| 171 | * @return void |
| 172 | */ |
| 173 | public function privateMeta( $data, $id ) { |
| 174 | if ( Attachment::isPrivate( $id ) ) { |
| 175 | update_post_meta( $id, 'presto-private-video', true ); |
| 176 | } |
| 177 | |
| 178 | return $data; |
| 179 | } |
| 180 | |
| 181 | |
| 182 | /** |
| 183 | * Change media uploader folder only in case of private files |
| 184 | * |
| 185 | * @param array $data |
| 186 | * @return array |
| 187 | */ |
| 188 | public function mediaUploadFolder( $data ) { |
| 189 | if ( $this->getVideoType() === 'private' ) { |
| 190 | $data['path'] = $data['basedir'] . '/' . $this->private_folder; |
| 191 | $data['url'] = $data['baseurl'] . '/' . $this->private_folder; |
| 192 | $data['subdir'] = $this->private_folder; |
| 193 | } |
| 194 | |
| 195 | return $data; |
| 196 | } |
| 197 | |
| 198 | /** |
| 199 | * If the media is into private folder change response to show |
| 200 | */ |
| 201 | public function galleryLabel( $response ) { |
| 202 | if ( strpos( $response['url'], $this->private_folder ) !== false || strpos( $response['url'], 'video-src' ) !== false || strpos( $response['url'], 'presto-player-token' ) !== false ) { |
| 203 | $response['filename'] = __( 'Private: ', 'presto-player' ) . $response['filename']; |
| 204 | } |
| 205 | |
| 206 | return $response; |
| 207 | } |
| 208 | |
| 209 | /** |
| 210 | * Adds the private folder |
| 211 | * |
| 212 | * @return void |
| 213 | */ |
| 214 | public function addPrivateFolder() { |
| 215 | \WP_Filesystem(); |
| 216 | global $wp_filesystem; |
| 217 | |
| 218 | $private_folder = $this->makeFolder( $wp_filesystem, apply_filters( 'presto_player_private_folder_name', $this->private_folder ) ); |
| 219 | $this->setHtaccess( $wp_filesystem, $private_folder ); |
| 220 | |
| 221 | if ( ! empty( $wp_filesystem->errors->errors ) ) { |
| 222 | add_action( 'admin_notices', array( $this, 'errorNotice' ) ); |
| 223 | } |
| 224 | } |
| 225 | |
| 226 | /** |
| 227 | * Show an error notice if we can't create the priate folder |
| 228 | * |
| 229 | * @return void |
| 230 | */ |
| 231 | public function errorNotice() { |
| 232 | $class = 'notice notice-error'; |
| 233 | $message = __( 'Irks! Error when creating a new private folder for private media', 'presto-player' ); |
| 234 | |
| 235 | printf( '<div class="%1$s"><p>%2$s</p></div>', esc_attr( $class ), esc_html( $message ) ); |
| 236 | } |
| 237 | |
| 238 | /** |
| 239 | * Makes our custom folder in the .htaccess directory |
| 240 | * |
| 241 | * @param \WP_Filesystem $wp_filesystem |
| 242 | * @param string $folder_name |
| 243 | * @return void |
| 244 | */ |
| 245 | private function makeFolder( $wp_filesystem, $folder_name ) { |
| 246 | $wp_upload_dir = wp_upload_dir(); |
| 247 | $private_folder = trailingslashit( $wp_upload_dir['basedir'] ) . $folder_name; |
| 248 | $wp_filesystem->mkdir( $private_folder ); |
| 249 | |
| 250 | return $private_folder; |
| 251 | } |
| 252 | |
| 253 | /** |
| 254 | * Sets htaccess rules in the new private folder |
| 255 | * |
| 256 | * @param \WP_Filesystem $wp_filesystem |
| 257 | * @param string $private_folder |
| 258 | * @return void |
| 259 | */ |
| 260 | private function setHtaccess( $wp_filesystem, $private_folder ) { |
| 261 | $file = trailingslashit( $private_folder ) . '.htaccess'; |
| 262 | $wp_filesystem->put_contents( $file, $this->return_htaccess_file_content(), FS_CHMOD_FILE ); |
| 263 | } |
| 264 | |
| 265 | public function makeIPWhiteList() { |
| 266 | $out = ''; |
| 267 | foreach ( $this->allowed_ips as $ip ) { |
| 268 | $out .= "allow from $ip \n"; |
| 269 | } |
| 270 | return $out; |
| 271 | } |
| 272 | |
| 273 | /** |
| 274 | * Htaccess configuration |
| 275 | * |
| 276 | * @return string (heredoc) |
| 277 | */ |
| 278 | private function return_htaccess_file_content() { |
| 279 | $list = $this->makeIPWhitelist(); |
| 280 | return <<<END |
| 281 | # Deny access to everything by default |
| 282 | Order Deny,Allow |
| 283 | deny from all |
| 284 | $list |
| 285 | # Deny access to sub directory |
| 286 | <Files subdirectory/*> |
| 287 | deny from all |
| 288 | $list |
| 289 | </Files> |
| 290 | END; |
| 291 | } |
| 292 | } |
| 293 |