PluginProbe ʕ •ᴥ•ʔ
Superb Addons: Blocks, Patterns, Pre-built Pages, Sliders, Popups, Free Forms, Animations & More / 4.0.7
Superb Addons: Blocks, Patterns, Pre-built Pages, Sliders, Popups, Free Forms, Animations & More v4.0.7
4.0.7 4.0.6 4.0.5 4.0.4 4.0.3 4.0.2 4.0.1 4.0.0 trunk 1.0.0 2.0.0 2.0.1 2.0.2 2.0.3 3.0 3.0.1 3.0.2 3.0.5 3.0.6 3.0.7 3.0.8 3.0.9 3.1.0 3.1.2 3.1.3 3.2.0 3.2.1 3.2.2 3.2.4 3.2.5 3.2.7 3.2.8 3.2.9 3.3.0 3.3.1 3.3.2 3.4.0 3.4.1 3.4.2 3.4.5 3.4.6 3.5.0 3.5.1 3.5.2 3.5.3 3.5.4 3.5.6 3.5.7 3.5.8 3.5.9 3.6.0 3.6.1 3.6.2 3.7.0 3.7.1
superb-blocks / src / gutenberg / form / class-form-settings.php
superb-blocks / src / gutenberg / form Last commit date
class-form-access-control.php 4 days ago class-form-captcha-handler.php 4 days ago class-form-controller.php 4 days ago class-form-email-config-check.php 4 days ago class-form-email-handler.php 4 days ago class-form-encryption.php 4 days ago class-form-exporter.php 4 days ago class-form-field-validator.php 4 days ago class-form-file-handler.php 4 days ago class-form-google-auth.php 4 days ago class-form-integration-handler.php 4 days ago class-form-math-parser.php 4 days ago class-form-permissions.php 4 days ago class-form-registry.php 4 days ago class-form-settings.php 4 days ago class-form-submission-cpt.php 4 days ago class-form-submission-handler.php 4 days ago
class-form-settings.php
241 lines
1 <?php
2
3 namespace SuperbAddons\Gutenberg\Form;
4
5 defined('ABSPATH') || exit();
6
7 class FormSettings
8 {
9 const OPTION_HCAPTCHA_SITE_KEY = 'superbaddons_form_hcaptcha_site_key';
10 const OPTION_HCAPTCHA_SECRET_KEY = 'superbaddons_form_hcaptcha_secret_key';
11 const OPTION_RECAPTCHA_SITE_KEY = 'superbaddons_form_recaptcha_site_key';
12 const OPTION_RECAPTCHA_SECRET_KEY = 'superbaddons_form_recaptcha_secret_key';
13 const OPTION_TURNSTILE_SITE_KEY = 'superbaddons_form_turnstile_site_key';
14 const OPTION_TURNSTILE_SECRET_KEY = 'superbaddons_form_turnstile_secret_key';
15 const OPTION_MAILCHIMP_API_KEY = 'superbaddons_form_mailchimp_api_key';
16 const OPTION_BREVO_API_KEY = 'superbaddons_form_brevo_api_key';
17 const OPTION_GOOGLE_SHEETS_CLIENT_EMAIL = 'superbaddons_form_google_sheets_client_email';
18 const OPTION_GOOGLE_SHEETS_PRIVATE_KEY = 'superbaddons_form_google_sheets_private_key';
19
20 /**
21 * Check if an option key holds a secret that should be encrypted at rest.
22 * Site keys are intentionally excluded — they are public (exposed in frontend HTML).
23 */
24 private static function IsSensitiveKey($key)
25 {
26 static $sensitive = null;
27 if ($sensitive === null) {
28 $sensitive = array(
29 self::OPTION_HCAPTCHA_SECRET_KEY,
30 self::OPTION_RECAPTCHA_SECRET_KEY,
31 self::OPTION_TURNSTILE_SECRET_KEY,
32 self::OPTION_MAILCHIMP_API_KEY,
33 self::OPTION_BREVO_API_KEY,
34 self::OPTION_GOOGLE_SHEETS_PRIVATE_KEY,
35 );
36 }
37 return in_array($key, $sensitive, true);
38 }
39
40 public static function Get($key, $default = '')
41 {
42 $value = get_option($key, $default);
43 if (!is_string($value)) {
44 return $default;
45 }
46 if ($value !== '' && self::IsSensitiveKey($key)) {
47 $decrypted = FormEncryption::Decrypt($value);
48 // Decrypt returns false on HMAC/decryption failure.
49 return $decrypted !== false ? $decrypted : $default;
50 }
51 return $value;
52 }
53
54 public static function Set($key, $value)
55 {
56 // Private keys contain newlines required by PEM format; sanitize_text_field would strip them.
57 $value = ($key === self::OPTION_GOOGLE_SHEETS_PRIVATE_KEY)
58 ? sanitize_textarea_field($value)
59 : sanitize_text_field($value);
60 if ($value !== '' && self::IsSensitiveKey($key)) {
61 $value = FormEncryption::Encrypt($value);
62 }
63 // Secrets are only read in admin/REST and on form submission, never on front-end page
64 // loads, so keep them out of the autoloaded options set. Pass null for ordinary settings
65 // to preserve WordPress's default autoload behavior.
66 update_option($key, $value, self::IsSensitiveKey($key) ? false : null);
67 }
68
69 /**
70 * Check whether a setting has a non-empty value stored.
71 */
72 public static function HasValue($key)
73 {
74 $value = get_option($key, '');
75 return is_string($value) && $value !== '';
76 }
77
78 /**
79 * Return a masked representation of a stored secret (e.g. "••••••••abcd").
80 * Returns empty string if no value is stored.
81 */
82 public static function GetMasked($key, $visible = 4)
83 {
84 $value = self::Get($key);
85 if ($value === '') {
86 return '';
87 }
88 $len = strlen($value);
89 if ($len <= $visible) {
90 return str_repeat("\xE2\x80\xA2", $len);
91 }
92 return str_repeat("\xE2\x80\xA2", $len - $visible) . substr($value, -$visible);
93 }
94
95 /**
96 * Remove a stored setting entirely.
97 */
98 public static function Remove($key)
99 {
100 delete_option($key);
101 }
102
103 // ---- Webhook Secrets (per-form, individually encrypted) ----
104
105 const OPTION_WEBHOOK_SECRETS = 'superbaddons_form_webhook_secrets';
106
107 /**
108 * Get the decrypted webhook secret for a form.
109 *
110 * @param string $form_id
111 * @return string Secret or empty string.
112 */
113 public static function GetWebhookSecret($form_id)
114 {
115 $secrets = get_option(self::OPTION_WEBHOOK_SECRETS, array());
116 if (!is_array($secrets) || !isset($secrets[$form_id]) || $secrets[$form_id] === '') {
117 return '';
118 }
119 $decrypted = FormEncryption::Decrypt($secrets[$form_id]);
120 return $decrypted !== false ? $decrypted : '';
121 }
122
123 /**
124 * Store an encrypted webhook secret for a form.
125 *
126 * @param string $form_id
127 * @param string $secret Plaintext secret.
128 */
129 public static function SetWebhookSecret($form_id, $secret)
130 {
131 $secrets = get_option(self::OPTION_WEBHOOK_SECRETS, array());
132 if (!is_array($secrets)) {
133 $secrets = array();
134 }
135 $secret = sanitize_text_field($secret);
136 if ($secret === '') {
137 unset($secrets[$form_id]);
138 } else {
139 $secrets[$form_id] = FormEncryption::Encrypt($secret);
140 }
141 update_option(self::OPTION_WEBHOOK_SECRETS, $secrets, false);
142 }
143
144 /**
145 * Check whether a form has a webhook secret configured.
146 *
147 * @param string $form_id
148 * @return bool
149 */
150 public static function HasWebhookSecret($form_id)
151 {
152 $secrets = get_option(self::OPTION_WEBHOOK_SECRETS, array());
153 return is_array($secrets) && isset($secrets[$form_id]) && $secrets[$form_id] !== '';
154 }
155
156 /**
157 * Remove the webhook secret for a form.
158 *
159 * @param string $form_id
160 */
161 public static function RemoveWebhookSecret($form_id)
162 {
163 $secrets = get_option(self::OPTION_WEBHOOK_SECRETS, array());
164 if (is_array($secrets) && isset($secrets[$form_id])) {
165 unset($secrets[$form_id]);
166 update_option(self::OPTION_WEBHOOK_SECRETS, $secrets, false);
167 }
168 }
169
170 public static function GetCaptchaConfig()
171 {
172 return array(
173 'hcaptchaSiteKey' => self::Get(self::OPTION_HCAPTCHA_SITE_KEY),
174 'recaptchaSiteKey' => self::Get(self::OPTION_RECAPTCHA_SITE_KEY),
175 'turnstileSiteKey' => self::Get(self::OPTION_TURNSTILE_SITE_KEY),
176 );
177 }
178
179 /**
180 * Count forms using a specific CAPTCHA provider.
181 *
182 * @param string $captcha_type e.g. 'hcaptcha', 'recaptcha_v2', 'recaptcha_v3', 'turnstile'
183 * @return int
184 */
185 public static function CountFormsUsingCaptcha($captcha_type)
186 {
187 $registry = FormRegistry::GetAll();
188 $count = 0;
189 foreach (array_keys($registry) as $form_id) {
190 $config = get_option(FormRegistry::CONFIG_PREFIX . sanitize_key($form_id), array());
191 if (is_array($config) && isset($config['captchaType']) && $config['captchaType'] === $captcha_type) {
192 $count++;
193 }
194 }
195 return $count;
196 }
197
198 /**
199 * Count forms using a specific CAPTCHA provider group (combines reCAPTCHA v2 and v3).
200 *
201 * @param string $provider 'hcaptcha', 'recaptcha', or 'turnstile'
202 * @return int
203 */
204 public static function CountFormsUsingCaptchaProvider($provider)
205 {
206 $registry = FormRegistry::GetAll();
207 $count = 0;
208 $match_types = array($provider);
209 if ($provider === 'recaptcha') {
210 $match_types = array('recaptcha_v2', 'recaptcha_v3');
211 }
212 foreach (array_keys($registry) as $form_id) {
213 $config = get_option(FormRegistry::CONFIG_PREFIX . sanitize_key($form_id), array());
214 if (is_array($config) && isset($config['captchaType']) && in_array($config['captchaType'], $match_types, true)) {
215 $count++;
216 }
217 }
218 return $count;
219 }
220
221 /**
222 * Count forms using a specific integration (Mailchimp or Brevo).
223 *
224 * @param string $integration 'mailchimp' or 'brevo'
225 * @return int
226 */
227 public static function CountFormsUsingIntegration($integration)
228 {
229 $registry = FormRegistry::GetAll();
230 $count = 0;
231 $attr_key = $integration === 'mailchimp' ? 'mailchimpEnabled' : 'brevoEnabled';
232 foreach (array_keys($registry) as $form_id) {
233 $config = get_option(FormRegistry::CONFIG_PREFIX . sanitize_key($form_id), array());
234 if (is_array($config) && !empty($config[$attr_key])) {
235 $count++;
236 }
237 }
238 return $count;
239 }
240 }
241