PluginProbe ʕ •ᴥ•ʔ
WP All Export – Drag & Drop Export to Any Custom CSV, XML & Excel / trunk
WP All Export – Drag & Drop Export to Any Custom CSV, XML & Excel vtrunk
trunk 0.9.0 0.9.1 1.0.0 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9 1.1.0 1.1.1 1.1.2 1.1.3 1.1.4 1.1.5 1.2.0 1.2.1 1.2.10 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.2.8 1.2.9 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.10 1.4.11 1.4.12 1.4.13 1.4.14 1.4.15 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5.0
wp-all-export / actions / wp_loaded.php
wp-all-export / actions Last commit date
admin_head.php 4 weeks ago admin_init.php 4 weeks ago admin_menu.php 4 weeks ago admin_notices.php 4 weeks ago init.php 4 weeks ago pmxe_after_export.php 4 weeks ago pmxe_before_export.php 4 weeks ago pmxe_exported_post.php 4 weeks ago wp_ajax_dismiss_export_warnings.php 4 weeks ago wp_ajax_dismiss_review_modal.php 4 weeks ago wp_ajax_dismiss_warnings.php 4 weeks ago wp_ajax_generate_zapier_api_key.php 4 weeks ago wp_ajax_redirect_after_addon_installed.php 4 weeks ago wp_ajax_save_scheduling.php 4 weeks ago wp_ajax_scheduling_dialog_content.php 4 weeks ago wp_ajax_scheduling_subscribe_dialog_content.php 4 weeks ago wp_ajax_send_feedback.php 4 weeks ago wp_ajax_wpae_available_rules.php 4 weeks ago wp_ajax_wpae_filtering.php 4 weeks ago wp_ajax_wpae_filtering_count.php 4 weeks ago wp_ajax_wpae_get_scheduling_connection_icon.php 4 weeks ago wp_ajax_wpae_preview.php 4 weeks ago wp_ajax_wpae_upgrade_notice.php 4 weeks ago wp_ajax_wpallexport.php 4 weeks ago wp_loaded.php 4 weeks ago wpmu_new_blog.php 4 weeks ago
wp_loaded.php
141 lines
1 <?php
2 // phpcs:ignoreFile WordPress.Security.NonceVerification.Recommended -- access verified either via security_token HMAC (substr(md5($cron_job_key . $export_id), 0, 16)) for export downloads, or via \Wpae\Http\Router auth dispatch for the wpae_public_api branch
3
4 defined( 'ABSPATH' ) || exit;
5
6
7 function pmxe_wp_loaded() {
8
9 // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouraged -- intentional for long-running exports
10 @ini_set("max_input_time", PMXE_Plugin::getInstance()->getOption('max_input_time'));
11
12 if ( ! empty($_GET['action']) && ! empty($_GET['export_id']) && (!empty($_GET['export_hash']) || !empty($_GET['security_token'])))
13 {
14 pmxe_set_max_execution_time();
15
16 if(empty($_GET['export_hash'])) {
17 $securityToken = sanitize_text_field( wp_unslash( $_GET['security_token'] ) );
18 } else {
19 $securityToken = sanitize_text_field( wp_unslash( $_GET['export_hash'] ) );
20 }
21
22 $cron_job_key = PMXE_Plugin::getInstance()->getOption('cron_job_key');
23
24 if ( hash_equals( substr( md5( $cron_job_key . absint( $_GET['export_id'] ) ), 0, 16 ), $securityToken ) )
25 {
26 $export = new PMXE_Export_Record();
27
28 $export->getById( absint( $_GET['export_id'] ) );
29
30 if ( ! $export->isEmpty())
31 {
32 switch ($_GET['action'])
33 {
34 case 'get_data':
35
36 if ( ! empty($export->options['current_filepath']) and @file_exists($export->options['current_filepath']))
37 {
38 $filepath = $export->options['current_filepath'];
39 }
40 else
41 {
42 $is_secure_import = PMXE_Plugin::getInstance()->getOption('secure');
43
44 if ( ! $is_secure_import)
45 {
46 $filepath = get_attached_file($export->attch_id);
47 }
48 else
49 {
50 $filepath = wp_all_export_get_absolute_path($export->options['filepath']);
51 }
52 }
53
54 if ( ! empty($_GET['part']) and is_numeric($_GET['part'])) $filepath = str_replace(basename($filepath), str_replace('.' . $export->options['export_to'], '', basename($filepath)) . '-' . absint( $_GET['part'] ) . '.' . $export->options['export_to'], $filepath);
55
56 break;
57
58 case 'get_bundle':
59
60 $filepath = wp_all_export_get_absolute_path($export->options['bundlepath']);
61
62 break;
63 }
64
65 if (file_exists($filepath))
66 {
67 $uploads = wp_upload_dir();
68 $fileurl = $uploads['baseurl'] . str_replace($uploads['basedir'], '', str_replace(basename($filepath), rawurlencode(basename($filepath)), $filepath));
69
70 if($export['options']['export_to'] == XmlExportEngine::EXPORT_TYPE_XML && $export['options']['xml_template_type'] == XmlExportEngine::EXPORT_TYPE_GOOLE_MERCHANTS) {
71
72 // If we are doing a google merchants export, send the file as a download.
73 header("Content-type: text/plain");
74 header("Content-Disposition: attachment; filename=".basename($filepath));
75 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_readfile -- export plugin reads/writes its own files in uploads dir, WP_Filesystem not viable for streamed CSV/XML output
76 readfile($filepath);
77
78 die;
79 }
80
81 if(apply_filters('wp_all_export_no_cache', false)) {
82
83 // If we are doing a google merchants export, send the file as a download.
84 header("Content-type: " . mime_content_type($filepath));
85 header("Content-Disposition: attachment; filename=" . basename($filepath));
86 header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
87 header("Cache-Control: post-check=0, pre-check=0", false);
88 header("Pragma: no-cache");
89
90 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_readfile -- export plugin reads/writes its own files in uploads dir, WP_Filesystem not viable for streamed CSV/XML output
91 readfile($filepath);
92
93 die;
94 }
95
96 $fileurl = str_replace( "\\", "/", $fileurl );
97
98 wp_safe_redirect($fileurl);
99 }
100 else
101 {
102 wp_send_json(array(
103 'status' => 403,
104 'message' => __('File doesn\'t exist', 'wp-all-export')
105 ));
106 }
107 }
108 }
109 else
110 {
111 wp_send_json(array(
112 'status' => 403,
113 'message' => __('Export hash is not valid.', 'wp-all-export')
114 ));
115 }
116 }
117
118 if(isset($_GET['action']) && $_GET['action'] == 'wpae_public_api') {
119
120 pmxe_set_max_execution_time();
121
122 $router = new \Wpae\Http\Router();
123 $router->route( isset( $_GET['q'] ) ? sanitize_text_field( wp_unslash( $_GET['q'] ) ) : '', false);
124 }
125 }
126
127 if(!function_exists('pmxe_set_max_execution_time')) {
128 function pmxe_set_max_execution_time()
129 {
130 // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouraged -- intentional for long-running exports
131 @ini_set("max_input_time", PMXE_Plugin::getInstance()->getOption('max_input_time'));
132
133 $maxExecutionTime = PMXE_Plugin::getInstance()->getOption('max_execution_time');
134 if ($maxExecutionTime == -1) {
135 $maxExecutionTime = 0;
136 }
137
138 // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouraged -- intentional for long-running exports
139 @ini_set("max_execution_time", $maxExecutionTime);
140 }
141 }