PluginProbe ʕ •ᴥ•ʔ
WP All Export – Drag & Drop Export to Any Custom CSV, XML & Excel / trunk
WP All Export – Drag & Drop Export to Any Custom CSV, XML & Excel vtrunk
trunk 0.9.0 0.9.1 1.0.0 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9 1.1.0 1.1.1 1.1.2 1.1.3 1.1.4 1.1.5 1.2.0 1.2.1 1.2.10 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.2.8 1.2.9 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.10 1.4.11 1.4.12 1.4.13 1.4.14 1.4.15 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5.0
wp-all-export / actions / wp_ajax_wpae_preview.php
wp-all-export / actions Last commit date
admin_head.php 1 month ago admin_init.php 1 month ago admin_menu.php 1 month ago admin_notices.php 1 month ago init.php 1 month ago pmxe_after_export.php 1 month ago pmxe_before_export.php 1 month ago pmxe_exported_post.php 1 month ago wp_ajax_dismiss_export_warnings.php 1 month ago wp_ajax_dismiss_review_modal.php 1 month ago wp_ajax_dismiss_warnings.php 1 month ago wp_ajax_generate_zapier_api_key.php 1 month ago wp_ajax_redirect_after_addon_installed.php 1 month ago wp_ajax_save_scheduling.php 1 month ago wp_ajax_scheduling_dialog_content.php 1 month ago wp_ajax_scheduling_subscribe_dialog_content.php 1 month ago wp_ajax_send_feedback.php 1 month ago wp_ajax_wpae_available_rules.php 1 month ago wp_ajax_wpae_filtering.php 1 month ago wp_ajax_wpae_filtering_count.php 1 month ago wp_ajax_wpae_get_scheduling_connection_icon.php 1 month ago wp_ajax_wpae_preview.php 1 month ago wp_ajax_wpae_upgrade_notice.php 1 month ago wp_ajax_wpallexport.php 1 month ago wp_loaded.php 1 month ago wpmu_new_blog.php 1 month ago
wp_ajax_wpae_preview.php
477 lines
1 <?php
2
3 // phpcs:ignoreFile WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound,WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound,WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound -- legitimate plugin prefixes (pmxe/PMXE/wpae/Wpae/wp_all_export/wpallexport/XmlExport/CdataStrategy/VariableProductTitle/Soflyy/GF_Export); Plugin Check does not honor phpcs.xml prefix declaration
4 defined( 'ABSPATH' ) || exit;
5
6 /**
7 * AJAX action for preview export row
8 */
9
10 function pmxe_wp_ajax_wpae_preview(){
11
12 if ( ! check_ajax_referer( 'wp_all_export_secure', 'security', false )){
13 exit( json_encode(array('html' => __('Security check', 'wp-all-export'))) );
14 }
15
16 if ( ! current_user_can( PMXE_Plugin::$capabilities ) ){
17 exit( json_encode(array('html' => __('Security check', 'wp-all-export'))) );
18 }
19
20 XmlExportEngine::$is_preview = true;
21
22 $custom_xml_valid = true;
23
24 ob_start();
25
26 $values = array();
27
28 // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.InputNotValidated,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- structured payload parsed via parse_str; values keep their escape backslashes for the downstream stripslashes loop on cc_options
29 parse_str(isset($_POST['data']) ? (string) $_POST['data'] : '', $values);
30
31 if(is_array($values['cc_options'])) {
32
33 foreach ($values['cc_options'] as &$value) {
34 $value = stripslashes($value);
35 }
36 }
37
38 $export_id = isset( $_GET['id'] ) ? absint( $_GET['id'] ) : 0;
39
40 $exportOptions = $values + (PMXE_Plugin::$session->has_session() ? PMXE_Plugin::$session->get_clear_session_data() : array()) + PMXE_Plugin::get_default_import_options();
41
42 // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- XML template payload validated/parsed downstream; stripcslashes() is the intended decoder for this field and pairs with the form-side encoding
43 $exportOptions['custom_xml_template'] = (isset($_POST['custom_xml'])) ? stripcslashes( (string) $_POST['custom_xml'] ) : '';
44 $exportOptions['custom_xml_template'] = str_replace('<ID>','<id>', $exportOptions['custom_xml_template'] );
45 $exportOptions['custom_xml_template'] = str_replace('</ID>','</id>', $exportOptions['custom_xml_template'] );
46
47 if ( ! empty($exportOptions['custom_xml_template'])) {
48 $custom_xml_template_line_count = substr_count($exportOptions['custom_xml_template'], "\n");
49 }
50
51 if(empty($exportOptions['cpt'])) {
52 $postTypes = [];
53 $exportqueryPostType = [];
54
55 if ( isset( $exportOptions['exportquery'] ) && ! empty( $exportOptions['exportquery']->query['post_type'] ) ) {
56 $exportqueryPostType = [ $exportOptions['exportquery']->query['post_type'] ];
57 }
58
59 if ( empty( $postTypes ) ) {
60 $postTypes = $exportqueryPostType;
61 }
62
63 $exportOptions['cpt'] = $postTypes;
64 }
65
66 $errors = new WP_Error();
67
68 $engine = new XmlExportEngine($exportOptions, $errors);
69
70 XmlExportEngine::$exportOptions = $exportOptions;
71 XmlExportEngine::$is_user_export = $exportOptions['is_user_export'];
72 XmlExportEngine::$is_comment_export = $exportOptions['is_comment_export'];
73 XmlExportEngine::$is_taxonomy_export = $exportOptions['is_taxonomy_export'];
74 XmlExportEngine::$exportID = $export_id;
75
76 if ( class_exists('SitePress') && ! empty(XmlExportEngine::$exportOptions['wpml_lang'])){
77 do_action( 'wpml_switch_language', XmlExportEngine::$exportOptions['wpml_lang'] );
78 }
79
80 if (XmlExportEngine::$exportOptions['export_to'] == XmlExportEngine::EXPORT_TYPE_XML && in_array(XmlExportEngine::$exportOptions['xml_template_type'], array('custom', 'XmlGoogleMerchants')) ){
81
82 if ( empty(XmlExportEngine::$exportOptions['custom_xml_template']) )
83 {
84 $errors->add('form-validation', __('XML template is empty.', 'wp-all-export'));
85 }
86
87 if ( ! empty(XmlExportEngine::$exportOptions['custom_xml_template'])){
88
89 $engine->init_additional_data();
90
91 $engine->init_available_data();
92
93 $result = $engine->parse_custom_xml_template();
94 $line_numbers = $result['line_numbers'];
95 if ( ! $errors->get_error_codes()) {
96 XmlExportEngine::$exportOptions = array_merge(XmlExportEngine::$exportOptions, $result);
97 }
98
99 $originalXmlTemplate = $exportOptions['custom_xml_template'];
100 libxml_use_internal_errors(true);
101 libxml_clear_errors();
102
103 //Add root se we make sure there is a root tag
104 $result['original_post_loop'] = '<root>'.$result['original_post_loop'].'</root>';
105
106 $custom_xml_template = simplexml_load_string($result['original_post_loop']);
107
108 if ($custom_xml_template === false) {
109 $custom_xml_template_errors = libxml_get_errors();
110 libxml_clear_errors();
111 $custom_xml_valid = false;
112 // Remove one line because we added root
113 $line_difference = $custom_xml_template_line_count - $line_numbers - 1;
114 }
115 $exportOptions['custom_xml_template'] = str_replace("<!-- BEGIN POST LOOP -->", "<!-- BEGIN LOOP -->", $exportOptions['custom_xml_template']);
116 $exportOptions['custom_xml_template'] = str_replace("<!-- END POST LOOP -->", "<!-- END LOOP -->", $exportOptions['custom_xml_template']);
117
118 }
119 }
120
121 if(isset($_GET['show_cdata'])) {
122 XmlExportEngine::$exportOptions['show_cdata_in_preview'] = (bool)$_GET['show_cdata'];
123 } else {
124 XmlExportEngine::$exportOptions['show_cdata_in_preview'] = false;
125 }
126
127 if ( $errors->get_error_codes()) {
128 $msgs = $errors->get_error_messages();
129 if ( ! is_array($msgs)) {
130 $msgs = array($msgs);
131 }
132 foreach ($msgs as $msg): ?>
133 <div class="error"><p><?php echo wp_kses_post($msg); ?></p></div>
134 <?php endforeach;
135 exit( json_encode(array('html' => ob_get_clean())) );
136 }
137
138 if ( 'advanced' == $exportOptions['export_type'] )
139 {
140 if ( XmlExportEngine::$is_user_export ) {
141 // phpcs:ignore Generic.PHP.ForbiddenFunctions.Found -- intentional: executes saved WP_Query argument string
142 $exportQuery = eval('return new WP_User_Query(array(' . $exportOptions['wp_query'] . ', \'offset\' => 0, \'number\' => 10));');
143 }
144 elseif ( XmlExportEngine::$is_comment_export ) {
145 // phpcs:ignore Generic.PHP.ForbiddenFunctions.Found -- intentional: executes saved WP_Query argument string
146 $exportQuery = eval('return new WP_Comment_Query(array(' . $exportOptions['wp_query'] . ', \'offset\' => 0, \'number\' => 10));');
147 }
148 else {
149 remove_all_actions('parse_query');
150 remove_all_actions('pre_get_posts');
151 remove_all_filters('posts_clauses');
152
153 // phpcs:ignore Generic.PHP.ForbiddenFunctions.Found -- intentional: executes saved WP_Query argument string
154 $exportQuery = eval('return new WP_Query(array(' . $exportOptions['wp_query'] . ', \'offset\' => 0, \'posts_per_page\' => 10));');
155 }
156 }
157 else
158 {
159 XmlExportEngine::$post_types = $exportOptions['cpt'];
160
161 if ( in_array('users', $exportOptions['cpt']) or in_array('shop_customer', $exportOptions['cpt']))
162 {
163 add_action('pre_user_query', 'wp_all_export_pre_user_query', 10, 1);
164 $exportQuery = new WP_User_Query( array( 'orderby' => 'ID', 'order' => 'ASC', 'number' => 10 ));
165 remove_action('pre_user_query', 'wp_all_export_pre_user_query');
166 }
167 elseif ( in_array('taxonomies', $exportOptions['cpt']))
168 {
169 add_filter('terms_clauses', 'wp_all_export_terms_clauses', 10, 3);
170 $exportQuery = new WP_Term_Query( array( 'taxonomy' => $exportOptions['taxonomy_to_export'], 'orderby' => 'term_id', 'order' => 'ASC', 'number' => 10, 'hide_empty' => false ));
171 remove_filter('terms_clauses', 'wp_all_export_terms_clauses');
172 }
173 elseif( in_array('comments', $exportOptions['cpt']))
174 {
175 add_action('comments_clauses', 'wp_all_export_comments_clauses', 10, 1);
176
177 global $wp_version;
178
179 if ( version_compare($wp_version, '4.2.0', '>=') )
180 {
181 $exportQuery = new WP_Comment_Query( array( 'orderby' => 'comment_ID', 'order' => 'ASC', 'number' => 10 ));
182 }
183 else
184 {
185 $exportQuery = get_comments( array( 'orderby' => 'comment_ID', 'order' => 'ASC', 'number' => 10 ));
186 }
187 remove_action('comments_clauses', 'wp_all_export_comments_clauses');
188 } else if(in_array('shop_order', $exportOptions['cpt']) && PMXE_Plugin::hposEnabled()) {
189 $exportQuery = new \Wpae\WordPress\OrderQuery();
190
191 } else {
192
193 if(strpos($exportOptions['cpt'][0], 'custom_') === 0) {
194 $addon = GF_Export_Add_On::get_instance();
195
196 $filter_args = array(
197 'filter_rules_hierarhy' => empty($exportOptions['filter_rules_hierarhy']) ? array() : $exportOptions['filter_rules_hierarhy'],
198 'product_matching_mode' => empty($exportOptions['product_matching_mode']) ? 'strict' : $exportOptions['product_matching_mode'],
199 'taxonomy_to_export' => empty($exportOptions['taxonomy_to_export']) ? '' : $exportOptions['taxonomy_to_export'],
200 'sub_post_type_to_export' => empty($exportOptions['sub_post_type_to_export']) ? '' : $exportOptions['sub_post_type_to_export']
201 );
202
203 $exportQuery = $addon->add_on->get_query(0, 0, $filter_args);
204 } else {
205
206 remove_all_actions('parse_query');
207 remove_all_actions('pre_get_posts');
208 remove_all_filters('posts_clauses');
209
210 add_filter('posts_join', 'wp_all_export_posts_join', 10, 1);
211 add_filter('posts_where', 'wp_all_export_posts_where', 10, 1);
212 $exportQuery = new WP_Query(array('post_type' => $exportOptions['cpt'], 'post_status' => 'any', 'orderby' => 'title', 'order' => 'ASC', 'posts_per_page' => 10));
213
214 remove_filter('posts_where', 'wp_all_export_posts_where');
215 remove_filter('posts_join', 'wp_all_export_posts_join');
216 }
217 }
218 }
219
220 XmlExportEngine::$exportQuery = $exportQuery;
221
222 $engine->init_additional_data();
223
224 ?>
225
226 <div id="post-preview" class="wpallexport-preview">
227
228 <p class="wpallexport-preview-title"><?php echo sprintf("Preview first 10 %s", esc_html(wp_all_export_get_cpt_name($exportOptions['cpt'], 10, $exportOptions))); ?></p>
229
230 <div class="wpallexport-preview-content">
231
232 <?php
233
234 if(!$custom_xml_valid) {
235 $error_msg = '<strong class="error">' . __('Invalid XML', 'wp-all-export') . '</strong><ul class="error">';
236 foreach($custom_xml_template_errors as $error) {
237 $error_msg .= '<li>';
238 $error_msg .= __('Line', 'wp-all-export') . ' ' . ($error->line + $line_difference) . ', ';
239 $error_msg .= __('Column', 'wp-all-export') . ' ' . $error->column . ', ';
240 $error_msg .= __('Code', 'wp-all-export') . ' ' . $error->code . ': ';
241 $error_msg .= '<em>' . trim(esc_html($error->message)) . '</em>';
242 $error_msg .= '</li>';
243 }
244 $error_msg .= '</ul>';
245 echo wp_kses_post($error_msg);
246 exit( json_encode(array('html' => ob_get_clean())) );
247 }
248
249 switch ($exportOptions['export_to']) {
250
251 case 'xml':
252
253 $dom = new DOMDocument('1.0', $exportOptions['encoding']);
254 libxml_use_internal_errors(true);
255 try{
256 $xml = XmlCsvExport::export_xml(true);
257 } catch (WpaeMethodNotFoundException $e) {
258 // Find the line where the function is
259 $errorMessage = '';
260 $functionName = $e->getMessage();
261 $txtParts = explode("\n",$originalXmlTemplate);
262 for ($i=0, $length = count($txtParts);$i<$length;$i++)
263 {
264 $tmp = strstr($txtParts[$i], $functionName);
265 if ($tmp) {
266 $errorMessage .= 'Error parsing XML feed: Call to undefined function <em>"'.$functionName.'"</em> on Line '.($i+1);
267 }
268 }
269
270 $error_msg = '<span class="error">'.esc_html($errorMessage).'</span>';
271 echo wp_kses_post($error_msg);
272 exit( json_encode(array('html' => ob_get_clean())) );
273 } catch (WpaeInvalidStringException $e) {
274 // Find the line where the function is
275 $errorMessage = '';
276 $functionName = $e->getMessage();
277 $txtParts = explode("\n",$originalXmlTemplate);
278 for ($i=0, $length = count($txtParts);$i<$length;$i++)
279 {
280 $tmp = strstr($txtParts[$i], $functionName);
281 if ($tmp) {
282 $errorMessage .= 'Error parsing XML feed: Unterminated string on line '.($i+1);
283 }
284 }
285
286 $error_msg = '<span class="error">'.esc_html($errorMessage).'</span>';
287 echo wp_kses_post($error_msg);
288 exit( json_encode(array('html' => ob_get_clean())) );
289 } catch (WpaeTooMuchRecursionException $e) {
290 $errorMessage = __( 'There was a problem parsing the custom XML template', 'wp-all-export' );
291 $error_msg = '<span class="error">'.esc_html($errorMessage).'</span>';
292 echo wp_kses_post($error_msg);
293 exit( json_encode(array('html' => ob_get_clean())) );
294 }
295
296 $xml_errors = false;
297
298 $main_xml_tag = '';
299
300 switch ( XmlExportEngine::$exportOptions['xml_template_type'] ){
301
302 case 'custom':
303 case 'XmlGoogleMerchants':
304
305 require_once PMXE_ROOT_DIR . '/classes/XMLWriter.php';
306
307 $preview_xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" . "\n<Preview>\n" . $xml . "\n</Preview>";
308
309 $preview_xml = str_replace('<![CDATA[', 'CDATABEGIN', $preview_xml);
310 $preview_xml = str_replace(']]>', 'CDATACLOSE', $preview_xml);
311 $preview_xml = str_replace('&amp;', '&', $preview_xml);
312 $preview_xml = str_replace('&', '&amp;', $preview_xml);
313
314 $xml = PMXE_XMLWriter::preprocess_xml( XmlExportEngine::$exportOptions['custom_xml_template_header'] ) . "\n" . $xml . "\n" . PMXE_XMLWriter::preprocess_xml( XmlExportEngine::$exportOptions['custom_xml_template_footer'] );
315
316 $xml = str_replace('<![CDATA[', 'CDATABEGIN', $xml);
317 $xml = str_replace(']]>', 'CDATACLOSE', $xml);
318 $xml = str_replace('&amp;', '&', $xml);
319 $xml = str_replace('&', '&amp;', $xml);
320
321 // Determine XML root element
322 preg_match_all("%<[\w]+[\s|>]{1}%", XmlExportEngine::$exportOptions['custom_xml_template_header'], $matches);
323
324 if ( ! empty($matches[0]) ){
325 $main_xml_tag = preg_replace("%[\s|<|>]%","",array_shift($matches[0]));
326 }
327
328 libxml_clear_errors();
329 $dom->loadXML($xml);
330 $xml_errors = libxml_get_errors();
331 libxml_clear_errors();
332 if (! $xml_errors ){
333 $xpath = new DOMXPath($dom);
334 if (($elements = @$xpath->query('/' . $main_xml_tag)) and $elements->length){
335 pmxe_render_xml_element($elements->item( 0 ), true);
336 }
337 else{
338 $xml_errors = true;
339 }
340 }
341
342 break;
343
344 default:
345
346 libxml_clear_errors();
347 $dom->loadXML($xml);
348 $xml_errors = libxml_get_errors();
349 libxml_clear_errors();
350
351 $xpath = new DOMXPath($dom);
352
353 // Determine XML root element
354 $main_xml_tag = apply_filters('wp_all_export_main_xml_tag', $exportOptions['main_xml_tag'], XmlExportEngine::$exportID);
355 $elements = @$xpath->query('/' . $main_xml_tag);
356 if ($elements->length){
357 pmxe_render_xml_element($elements->item( 0 ), true);
358 $xml_errors = false;
359 }
360 else{
361 $error_msg = '<strong>' . __('Can\'t preview the document.', 'wp-all-export') . '</strong><ul>';
362 $error_msg .= '<li>';
363 $error_msg .= __('You can continue export or try to use &lt;data&gt; tag as root element.', 'wp-all-export');
364 $error_msg .= '</li>';
365 $error_msg .= '</ul>';
366 echo wp_kses_post($error_msg);
367 exit( json_encode(array('html' => ob_get_clean())) );
368 }
369 break;
370
371 }
372
373 if ( $xml_errors ){
374
375 $preview_dom = new DOMDocument('1.0', $exportOptions['encoding']);
376 libxml_clear_errors();
377 $preview_dom->loadXML($preview_xml);
378 $preview_xml_errors = libxml_get_errors();
379 libxml_clear_errors();
380
381 if ($preview_xml_errors){
382 $error_msg = '<strong class="error">' . __('Invalid XML', 'wp-all-export') . '</strong><ul class="error">';
383 foreach($preview_xml_errors as $error) {
384 $error_msg .= '<li>';
385 $error_msg .= __('Line', 'wp-all-export') . ' ' . $error->line . ', ';
386 $error_msg .= __('Column', 'wp-all-export') . ' ' . $error->column . ', ';
387 $error_msg .= __('Code', 'wp-all-export') . ' ' . $error->code . ': ';
388 $error_msg .= '<em>' . trim(esc_html($error->message)) . '</em>';
389 $error_msg .= '</li>';
390 }
391 $error_msg .= '</ul>';
392 echo wp_kses_post($error_msg);
393 exit( json_encode(array('html' => ob_get_clean())) );
394 }
395 else{
396 $xpath = new DOMXPath($preview_dom);
397 if (($elements = @$xpath->query('/Preview')) and $elements->length){
398 pmxe_render_xml_element($elements->item( 0 ), true);
399 }
400 else{
401 $error_msg = '<strong>' . __('Can\'t preview the document. Root element is not detected.', 'wp-all-export') . '</strong><ul>';
402 $error_msg .= '<li>';
403 $error_msg .= __('You can continue export or try to use &lt;data&gt; tag as root element.', 'wp-all-export');
404 $error_msg .= '</li>';
405 $error_msg .= '</ul>';
406 echo wp_kses_post($error_msg);
407 exit( json_encode(array('html' => ob_get_clean())) );
408 }
409 }
410 }
411
412 break;
413
414 case 'csv':
415 ?>
416 <small>
417 <?php
418
419 $csv = XmlCsvExport::export_csv( true );
420
421 if (!empty($csv)){
422 $csv_rows = array_filter(explode("\n", $csv));
423 if ($csv_rows){
424 ?>
425 <table class="pmxe_preview" cellpadding="0" cellspacing="0">
426 <?php
427 foreach ($csv_rows as $rkey => $row) {
428 $cells = str_getcsv($row, $exportOptions['delimiter'], '"', '\\');
429 if ($cells){
430 ?>
431 <tr>
432 <?php
433 foreach ($cells as $key => $value) {
434 ?>
435 <td>
436 <?php if (!$rkey):?><strong><?php endif;?>
437 <?php echo esc_html($value); ?>
438 <?php if (!$rkey):?></strong><?php endif;?>
439 </td>
440 <?php
441 }
442 ?>
443 </tr>
444 <?php
445 }
446 }
447 ?>
448 </table>
449 <?php
450 }
451 }
452 else{
453 esc_html_e('Data not found.', 'wp-all-export');
454 }
455 ?>
456 </small>
457 <?php
458 break;
459
460 default:
461
462 esc_html_e('This format is not supported.', 'wp-all-export');
463
464 break;
465 }
466 wp_reset_postdata();
467 ?>
468
469 </div>
470
471 </div>
472
473 <?php
474
475 exit(json_encode(array('html' => ob_get_clean()))); die;
476 }
477