Addons.php
3 years ago
Admin.php
3 years ago
Ajax.php
3 years ago
Announcements.php
3 years ago
Assets.php
3 years ago
Backend_Page_Trait.php
3 years ago
Course.php
3 years ago
Course_Embed.php
3 years ago
Course_Filter.php
3 years ago
Course_List.php
3 years ago
Course_Settings_Tabs.php
3 years ago
Course_Widget.php
4 years ago
Custom_Validation.php
4 years ago
Dashboard.php
3 years ago
FormHandler.php
4 years ago
Frontend.php
3 years ago
Gutenberg.php
3 years ago
Input.php
3 years ago
Instructor.php
4 years ago
Instructors_List.php
3 years ago
Lesson.php
3 years ago
Options_V2.php
3 years ago
Post_types.php
3 years ago
Private_Course_Access.php
4 years ago
Q_and_A.php
3 years ago
Question_Answers_List.php
4 years ago
Quiz.php
3 years ago
Quiz_Attempts_List.php
3 years ago
RestAPI.php
4 years ago
Reviews.php
3 years ago
Rewrite_Rules.php
4 years ago
Shortcode.php
4 years ago
Student.php
4 years ago
Students_List.php
4 years ago
Taxonomies.php
4 years ago
Template.php
3 years ago
Theme_Compatibility.php
5 years ago
Tools.php
3 years ago
Tools_V2.php
4 years ago
Tutor.php
3 years ago
TutorEDD.php
4 years ago
Tutor_Base.php
5 years ago
Tutor_List_Table.php
3 years ago
Tutor_Setup.php
3 years ago
Upgrader.php
4 years ago
User.php
4 years ago
Utils.php
3 years ago
Video_Stream.php
4 years ago
Withdraw.php
3 years ago
Withdraw_Requests_List.php
3 years ago
WooCommerce.php
3 years ago
Input.php
208 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Input class |
| 4 | * |
| 5 | * @author: themeum |
| 6 | * @link: https://themeum.com |
| 7 | * @package Tutor |
| 8 | * @since 2.0.2 |
| 9 | */ |
| 10 | |
| 11 | namespace TUTOR; |
| 12 | |
| 13 | if ( ! defined( 'ABSPATH' ) ) { |
| 14 | exit; |
| 15 | } |
| 16 | /** |
| 17 | * Input class for handling GET and POST request |
| 18 | * |
| 19 | * @since 2.0.2 |
| 20 | */ |
| 21 | class Input { |
| 22 | |
| 23 | const TYPE_STRING = 'string'; |
| 24 | const TYPE_INT = 'int'; |
| 25 | const TYPE_NUMERIC = 'numeric'; |
| 26 | const TYPE_BOOL = 'bool'; |
| 27 | const TYPE_ARRAY = 'array'; |
| 28 | const TYPE_TEXTAREA = 'textarea'; |
| 29 | const TYPE_KSES_POST = 'kses-post'; |
| 30 | |
| 31 | private const GET_REQUEST = 'get'; |
| 32 | private const POST_REQUEST = 'post'; |
| 33 | |
| 34 | /** |
| 35 | * Common data sanitizer method |
| 36 | * |
| 37 | * @param string $value input value. |
| 38 | * @param string $default default value if input key is not exit. |
| 39 | * @param string $type Default is Input::TYPE_STRING. |
| 40 | * @param boolean $trim remove blank splace from start and end. |
| 41 | * @param string $request_method request method get or post. |
| 42 | * @return mixed |
| 43 | */ |
| 44 | private static function data_sanitizer( $value, $default = null, $type = self::TYPE_STRING, $trim = true, $request_method = null ) { |
| 45 | $is_input_request = in_array( $request_method, array( self::GET_REQUEST, self::POST_REQUEST ), true ); |
| 46 | $key = null; |
| 47 | |
| 48 | if ( $is_input_request ) { |
| 49 | $key = $value; |
| 50 | if ( self::GET_REQUEST === $request_method && ! isset( $_GET[ $key ] ) ) { //phpcs:ignore WordPress.Security.NonceVerification |
| 51 | if ( self::TYPE_ARRAY === $type ) { |
| 52 | return is_array( $default ) ? $default : array(); |
| 53 | } else { |
| 54 | return $default; |
| 55 | } |
| 56 | } |
| 57 | if ( self::POST_REQUEST === $request_method && ! isset( $_POST[ $key ] ) ) { //phpcs:ignore WordPress.Security.NonceVerification |
| 58 | if ( self::TYPE_ARRAY === $type ) { |
| 59 | return is_array( $default ) ? $default : array(); |
| 60 | } else { |
| 61 | return $default; |
| 62 | } |
| 63 | } |
| 64 | } |
| 65 | |
| 66 | $sanitized_value = null; |
| 67 | |
| 68 | switch ( $type ) { |
| 69 | case self::TYPE_INT: |
| 70 | //phpcs:ignore WordPress.Security.NonceVerification |
| 71 | $sanitized_value = (int) sanitize_text_field( wp_unslash( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) ); |
| 72 | break; |
| 73 | |
| 74 | case self::TYPE_NUMERIC: |
| 75 | //phpcs:ignore WordPress.Security.NonceVerification |
| 76 | $input = sanitize_text_field( wp_unslash( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) ); |
| 77 | $sanitized_value = is_numeric( $input ) ? $input + 0 : 0; |
| 78 | break; |
| 79 | |
| 80 | case self::TYPE_BOOL: |
| 81 | //phpcs:ignore WordPress.Security.NonceVerification |
| 82 | $sanitized_value = in_array( strtolower( sanitize_text_field( wp_unslash( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) ) ), array( '1', 'true', 'on' ), true ); |
| 83 | break; |
| 84 | |
| 85 | case self::TYPE_STRING: |
| 86 | //phpcs:ignore WordPress.Security.NonceVerification |
| 87 | $sanitized_value = sanitize_text_field( wp_unslash( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) ); |
| 88 | break; |
| 89 | case self::TYPE_ARRAY: |
| 90 | if ( ! is_array( $default ) ) { |
| 91 | $sanitized_value = array(); |
| 92 | } else { |
| 93 | $sanitized_value = array_map( |
| 94 | 'sanitize_text_field', |
| 95 | wp_unslash( |
| 96 | is_array( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) //phpcs:ignore |
| 97 | ? ( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) //phpcs:ignore |
| 98 | : $default |
| 99 | ) |
| 100 | ); |
| 101 | } |
| 102 | |
| 103 | break; |
| 104 | |
| 105 | case self::TYPE_TEXTAREA: |
| 106 | //phpcs:ignore WordPress.Security.NonceVerification |
| 107 | $sanitized_value = sanitize_textarea_field( wp_unslash( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) ); |
| 108 | break; |
| 109 | |
| 110 | case self::TYPE_KSES_POST: |
| 111 | //phpcs:ignore WordPress.Security.NonceVerification |
| 112 | $sanitized_value = wp_kses_post( wp_unslash( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) ); |
| 113 | break; |
| 114 | |
| 115 | default: |
| 116 | //phpcs:ignore WordPress.Security.NonceVerification |
| 117 | $sanitized_value = sanitize_text_field( wp_unslash( self::GET_REQUEST === $request_method ? $_GET[ $key ] : ( self::POST_REQUEST === $request_method ? $_POST[ $key ] : $value ) ) ); |
| 118 | break; |
| 119 | } |
| 120 | |
| 121 | if ( $trim ) { |
| 122 | if ( self::TYPE_ARRAY === $type && is_array( $sanitized_value ) ) { |
| 123 | $sanitized_value = array_map( 'trim', $sanitized_value ); |
| 124 | } else { |
| 125 | $sanitized_value = trim( $sanitized_value ); |
| 126 | } |
| 127 | } |
| 128 | |
| 129 | if ( self::TYPE_ARRAY === $type && is_array( $sanitized_value ) ) { |
| 130 | $final_array = array(); |
| 131 | $is_assoc = array_keys( $sanitized_value ) !== range( 0, count( $sanitized_value ) - 1 ); |
| 132 | |
| 133 | foreach ( $sanitized_value as $input_key => $input_value ) { |
| 134 | /** |
| 135 | * Sanitize array key if array is assoc. |
| 136 | * When from form submit like person['name'], person['age'] etc |
| 137 | */ |
| 138 | if ( $is_assoc ) { |
| 139 | $input_key = sanitize_text_field( wp_unslash( $input_key ) ); |
| 140 | } |
| 141 | |
| 142 | if ( is_numeric( $input_value ) ) { |
| 143 | $input_value = $input_value + 0; |
| 144 | } |
| 145 | |
| 146 | $final_array[ $input_key ] = $input_value; |
| 147 | } |
| 148 | |
| 149 | $sanitized_value = $final_array; |
| 150 | |
| 151 | } |
| 152 | |
| 153 | return $sanitized_value; |
| 154 | |
| 155 | } |
| 156 | |
| 157 | /** |
| 158 | * Sanitize value |
| 159 | * |
| 160 | * @param string $value input value. |
| 161 | * @param string $default default value if input key is not exit. |
| 162 | * @param string $type Default is Input::TYPE_STRING. |
| 163 | * @param boolean $trim remove blank splace from start and end. |
| 164 | * @return mixed |
| 165 | */ |
| 166 | public static function sanitize( $value, $default = null, $type = self::TYPE_STRING, $trim = true ) { |
| 167 | return self::data_sanitizer( $value, $default, $type, $trim ); |
| 168 | } |
| 169 | |
| 170 | /** |
| 171 | * Get input value from GET request |
| 172 | * |
| 173 | * @param string $key $_GET request key. |
| 174 | * @param mixed $default default value if input key is not exit. |
| 175 | * @param string $type input type. Default is Input::TYPE_STRING. |
| 176 | * @param boolean $trim remove blank splace from start and end. |
| 177 | * @return mixed |
| 178 | */ |
| 179 | public static function get( $key, $default = null, $type = self::TYPE_STRING, $trim = true ) { |
| 180 | return self::data_sanitizer( $key, $default, $type, $trim, self::GET_REQUEST ); |
| 181 | } |
| 182 | |
| 183 | /** |
| 184 | * Get input value from POST request |
| 185 | * |
| 186 | * @param string $key $_POST request key. |
| 187 | * @param mixed $default default value if input key is not exit. |
| 188 | * @param string $type input type. Default is Input::TYPE_STRING. |
| 189 | * @param boolean $trim remove blank splace from start and end. |
| 190 | * @return mixed |
| 191 | */ |
| 192 | public static function post( $key, $default = null, $type = self::TYPE_STRING, $trim = true ) { |
| 193 | return self::data_sanitizer( $key, $default, $type, $trim, self::POST_REQUEST ); |
| 194 | } |
| 195 | |
| 196 | /** |
| 197 | * Check input has key or not |
| 198 | * |
| 199 | * @param string $key input key name. |
| 200 | * @return boolean |
| 201 | */ |
| 202 | public static function has( $key ) { |
| 203 | //phpcs:ignore |
| 204 | return isset( $_REQUEST[ $key ] ); |
| 205 | } |
| 206 | |
| 207 | } |
| 208 |