PluginProbe ʕ •ᴥ•ʔ
Superb Addons: Blocks, Patterns, Pre-built Pages, Sliders, Popups, Free Forms, Animations & More / 4.0.0
Superb Addons: Blocks, Patterns, Pre-built Pages, Sliders, Popups, Free Forms, Animations & More v4.0.0
4.0.7 4.0.6 4.0.5 4.0.4 4.0.3 4.0.2 4.0.1 4.0.0 trunk 1.0.0 2.0.0 2.0.1 2.0.2 2.0.3 3.0 3.0.1 3.0.2 3.0.5 3.0.6 3.0.7 3.0.8 3.0.9 3.1.0 3.1.2 3.1.3 3.2.0 3.2.1 3.2.2 3.2.4 3.2.5 3.2.7 3.2.8 3.2.9 3.3.0 3.3.1 3.3.2 3.4.0 3.4.1 3.4.2 3.4.5 3.4.6 3.5.0 3.5.1 3.5.2 3.5.3 3.5.4 3.5.6 3.5.7 3.5.8 3.5.9 3.6.0 3.6.1 3.6.2 3.7.0 3.7.1
superb-blocks / src / gutenberg / form / class-form-settings.php
superb-blocks / src / gutenberg / form Last commit date
class-form-access-control.php 2 months ago class-form-captcha-handler.php 2 months ago class-form-controller.php 2 months ago class-form-email-config-check.php 2 months ago class-form-email-handler.php 2 months ago class-form-encryption.php 2 months ago class-form-exporter.php 2 months ago class-form-field-validator.php 2 months ago class-form-file-handler.php 2 months ago class-form-google-auth.php 2 months ago class-form-integration-handler.php 2 months ago class-form-math-parser.php 2 months ago class-form-permissions.php 2 months ago class-form-registry.php 2 months ago class-form-settings.php 2 months ago class-form-submission-cpt.php 2 months ago class-form-submission-handler.php 2 months ago
class-form-settings.php
238 lines
1 <?php
2
3 namespace SuperbAddons\Gutenberg\Form;
4
5 defined('ABSPATH') || exit();
6
7 class FormSettings
8 {
9 const OPTION_HCAPTCHA_SITE_KEY = 'superbaddons_form_hcaptcha_site_key';
10 const OPTION_HCAPTCHA_SECRET_KEY = 'superbaddons_form_hcaptcha_secret_key';
11 const OPTION_RECAPTCHA_SITE_KEY = 'superbaddons_form_recaptcha_site_key';
12 const OPTION_RECAPTCHA_SECRET_KEY = 'superbaddons_form_recaptcha_secret_key';
13 const OPTION_TURNSTILE_SITE_KEY = 'superbaddons_form_turnstile_site_key';
14 const OPTION_TURNSTILE_SECRET_KEY = 'superbaddons_form_turnstile_secret_key';
15 const OPTION_MAILCHIMP_API_KEY = 'superbaddons_form_mailchimp_api_key';
16 const OPTION_BREVO_API_KEY = 'superbaddons_form_brevo_api_key';
17 const OPTION_GOOGLE_SHEETS_CLIENT_EMAIL = 'superbaddons_form_google_sheets_client_email';
18 const OPTION_GOOGLE_SHEETS_PRIVATE_KEY = 'superbaddons_form_google_sheets_private_key';
19
20 /**
21 * Check if an option key holds a secret that should be encrypted at rest.
22 * Site keys are intentionally excluded — they are public (exposed in frontend HTML).
23 */
24 private static function IsSensitiveKey($key)
25 {
26 static $sensitive = null;
27 if ($sensitive === null) {
28 $sensitive = array(
29 self::OPTION_HCAPTCHA_SECRET_KEY,
30 self::OPTION_RECAPTCHA_SECRET_KEY,
31 self::OPTION_TURNSTILE_SECRET_KEY,
32 self::OPTION_MAILCHIMP_API_KEY,
33 self::OPTION_BREVO_API_KEY,
34 self::OPTION_GOOGLE_SHEETS_PRIVATE_KEY,
35 );
36 }
37 return in_array($key, $sensitive, true);
38 }
39
40 public static function Get($key, $default = '')
41 {
42 $value = get_option($key, $default);
43 if (!is_string($value)) {
44 return $default;
45 }
46 if ($value !== '' && self::IsSensitiveKey($key)) {
47 $decrypted = FormEncryption::Decrypt($value);
48 // Decrypt returns false on HMAC/decryption failure.
49 return $decrypted !== false ? $decrypted : $default;
50 }
51 return $value;
52 }
53
54 public static function Set($key, $value)
55 {
56 // Private keys contain newlines required by PEM format; sanitize_text_field would strip them.
57 $value = ($key === self::OPTION_GOOGLE_SHEETS_PRIVATE_KEY)
58 ? sanitize_textarea_field($value)
59 : sanitize_text_field($value);
60 if ($value !== '' && self::IsSensitiveKey($key)) {
61 $value = FormEncryption::Encrypt($value);
62 }
63 update_option($key, $value);
64 }
65
66 /**
67 * Check whether a setting has a non-empty value stored.
68 */
69 public static function HasValue($key)
70 {
71 $value = get_option($key, '');
72 return is_string($value) && $value !== '';
73 }
74
75 /**
76 * Return a masked representation of a stored secret (e.g. "••••••••abcd").
77 * Returns empty string if no value is stored.
78 */
79 public static function GetMasked($key, $visible = 4)
80 {
81 $value = self::Get($key);
82 if ($value === '') {
83 return '';
84 }
85 $len = strlen($value);
86 if ($len <= $visible) {
87 return str_repeat("\xE2\x80\xA2", $len);
88 }
89 return str_repeat("\xE2\x80\xA2", $len - $visible) . substr($value, -$visible);
90 }
91
92 /**
93 * Remove a stored setting entirely.
94 */
95 public static function Remove($key)
96 {
97 delete_option($key);
98 }
99
100 // ---- Webhook Secrets (per-form, individually encrypted) ----
101
102 const OPTION_WEBHOOK_SECRETS = 'superbaddons_form_webhook_secrets';
103
104 /**
105 * Get the decrypted webhook secret for a form.
106 *
107 * @param string $form_id
108 * @return string Secret or empty string.
109 */
110 public static function GetWebhookSecret($form_id)
111 {
112 $secrets = get_option(self::OPTION_WEBHOOK_SECRETS, array());
113 if (!is_array($secrets) || !isset($secrets[$form_id]) || $secrets[$form_id] === '') {
114 return '';
115 }
116 $decrypted = FormEncryption::Decrypt($secrets[$form_id]);
117 return $decrypted !== false ? $decrypted : '';
118 }
119
120 /**
121 * Store an encrypted webhook secret for a form.
122 *
123 * @param string $form_id
124 * @param string $secret Plaintext secret.
125 */
126 public static function SetWebhookSecret($form_id, $secret)
127 {
128 $secrets = get_option(self::OPTION_WEBHOOK_SECRETS, array());
129 if (!is_array($secrets)) {
130 $secrets = array();
131 }
132 $secret = sanitize_text_field($secret);
133 if ($secret === '') {
134 unset($secrets[$form_id]);
135 } else {
136 $secrets[$form_id] = FormEncryption::Encrypt($secret);
137 }
138 update_option(self::OPTION_WEBHOOK_SECRETS, $secrets, false);
139 }
140
141 /**
142 * Check whether a form has a webhook secret configured.
143 *
144 * @param string $form_id
145 * @return bool
146 */
147 public static function HasWebhookSecret($form_id)
148 {
149 $secrets = get_option(self::OPTION_WEBHOOK_SECRETS, array());
150 return is_array($secrets) && isset($secrets[$form_id]) && $secrets[$form_id] !== '';
151 }
152
153 /**
154 * Remove the webhook secret for a form.
155 *
156 * @param string $form_id
157 */
158 public static function RemoveWebhookSecret($form_id)
159 {
160 $secrets = get_option(self::OPTION_WEBHOOK_SECRETS, array());
161 if (is_array($secrets) && isset($secrets[$form_id])) {
162 unset($secrets[$form_id]);
163 update_option(self::OPTION_WEBHOOK_SECRETS, $secrets, false);
164 }
165 }
166
167 public static function GetCaptchaConfig()
168 {
169 return array(
170 'hcaptchaSiteKey' => self::Get(self::OPTION_HCAPTCHA_SITE_KEY),
171 'recaptchaSiteKey' => self::Get(self::OPTION_RECAPTCHA_SITE_KEY),
172 'turnstileSiteKey' => self::Get(self::OPTION_TURNSTILE_SITE_KEY),
173 );
174 }
175
176 /**
177 * Count forms using a specific CAPTCHA provider.
178 *
179 * @param string $captcha_type e.g. 'hcaptcha', 'recaptcha_v2', 'recaptcha_v3', 'turnstile'
180 * @return int
181 */
182 public static function CountFormsUsingCaptcha($captcha_type)
183 {
184 $registry = FormRegistry::GetAll();
185 $count = 0;
186 foreach (array_keys($registry) as $form_id) {
187 $config = get_option(FormRegistry::CONFIG_PREFIX . sanitize_key($form_id), array());
188 if (is_array($config) && isset($config['captchaType']) && $config['captchaType'] === $captcha_type) {
189 $count++;
190 }
191 }
192 return $count;
193 }
194
195 /**
196 * Count forms using a specific CAPTCHA provider group (combines reCAPTCHA v2 and v3).
197 *
198 * @param string $provider 'hcaptcha', 'recaptcha', or 'turnstile'
199 * @return int
200 */
201 public static function CountFormsUsingCaptchaProvider($provider)
202 {
203 $registry = FormRegistry::GetAll();
204 $count = 0;
205 $match_types = array($provider);
206 if ($provider === 'recaptcha') {
207 $match_types = array('recaptcha_v2', 'recaptcha_v3');
208 }
209 foreach (array_keys($registry) as $form_id) {
210 $config = get_option(FormRegistry::CONFIG_PREFIX . sanitize_key($form_id), array());
211 if (is_array($config) && isset($config['captchaType']) && in_array($config['captchaType'], $match_types, true)) {
212 $count++;
213 }
214 }
215 return $count;
216 }
217
218 /**
219 * Count forms using a specific integration (Mailchimp or Brevo).
220 *
221 * @param string $integration 'mailchimp' or 'brevo'
222 * @return int
223 */
224 public static function CountFormsUsingIntegration($integration)
225 {
226 $registry = FormRegistry::GetAll();
227 $count = 0;
228 $attr_key = $integration === 'mailchimp' ? 'mailchimpEnabled' : 'brevoEnabled';
229 foreach (array_keys($registry) as $form_id) {
230 $config = get_option(FormRegistry::CONFIG_PREFIX . sanitize_key($form_id), array());
231 if (is_array($config) && !empty($config[$attr_key])) {
232 $count++;
233 }
234 }
235 return $count;
236 }
237 }
238