partner-discount-sdk
3 weeks ago
CdataStrategy.php
3 weeks ago
CdataStrategyAlways.php
3 weeks ago
CdataStrategyFactory.php
3 weeks ago
CdataStrategyIllegalCharacters.php
3 weeks ago
CdataStrategyIllegalCharactersHtmlEntities.php
3 weeks ago
CdataStrategyNever.php
3 weeks ago
XMLWriter.php
3 weeks ago
chunk.php
3 weeks ago
config.php
3 years ago
download.php
3 weeks ago
handler.php
3 weeks ago
helper.php
3 weeks ago
input.php
3 weeks ago
installer.php
3 weeks ago
session.php
10 years ago
wpallimport.php
3 weeks ago
zip.php
4 years ago
handler.php
142 lines
| 1 | <?php |
| 2 | |
| 3 | // phpcs:ignoreFile WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound,WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound,WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound -- legitimate plugin prefixes (pmxe/PMXE/wpae/Wpae/wp_all_export/wpallexport/XmlExport/CdataStrategy/VariableProductTitle/Soflyy/GF_Export); Plugin Check does not honor phpcs.xml prefix declaration |
| 4 | class PMXE_Handler extends PMXE_Session |
| 5 | { |
| 6 | /** cookie name */ |
| 7 | private $_cookie; |
| 8 | |
| 9 | /** session due to expire timestamp */ |
| 10 | private $_session_expiring; |
| 11 | |
| 12 | /** session expiration timestamp */ |
| 13 | private $_session_expiration; |
| 14 | |
| 15 | /** Bool based on whether a cookie exists **/ |
| 16 | private $_has_cookie = false; |
| 17 | |
| 18 | /** |
| 19 | * Constructor for the session class. |
| 20 | * |
| 21 | * @access public |
| 22 | * @return void |
| 23 | */ |
| 24 | public function __construct() |
| 25 | { |
| 26 | |
| 27 | $this->set_session_expiration(); |
| 28 | |
| 29 | $this->_import_id = $this->generate_import_id(); |
| 30 | |
| 31 | $this->_data = $this->get_session_data(); |
| 32 | |
| 33 | } |
| 34 | |
| 35 | /** |
| 36 | * Return true if the current user has an active session, i.e. a cookie to retrieve values |
| 37 | * @return boolean |
| 38 | */ |
| 39 | public function has_session() |
| 40 | { |
| 41 | return ( $this->_cookie !== null && isset( $_COOKIE[ $this->_cookie ] ) ) || $this->_has_cookie || is_user_logged_in(); |
| 42 | } |
| 43 | |
| 44 | /** |
| 45 | * set_session_expiration function. |
| 46 | * |
| 47 | * @access public |
| 48 | * @return void |
| 49 | */ |
| 50 | public function set_session_expiration() |
| 51 | { |
| 52 | $this->_session_expiring = time() + intval( apply_filters( 'wpallexport_session_expiring', 60 * 60 * 47 ) ); // 47 Hours |
| 53 | $this->_session_expiration = time() + intval( apply_filters( 'wpallexport_session_expiration', 60 * 60 * 48 ) ); // 48 Hours |
| 54 | } |
| 55 | |
| 56 | public function generate_import_id() |
| 57 | { |
| 58 | $input = new PMXE_Input(); |
| 59 | $import_id = $input->get('id', 'new'); |
| 60 | |
| 61 | return $import_id; |
| 62 | } |
| 63 | |
| 64 | /** |
| 65 | * get_session_data function. |
| 66 | * |
| 67 | * @access public |
| 68 | * @return array |
| 69 | */ |
| 70 | public function get_session_data() |
| 71 | { |
| 72 | global $wpdb; |
| 73 | |
| 74 | // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching -- export-session lookup on options table; cache bypass intentional to read fresh per-import session state |
| 75 | $session = $wpdb->get_row( $wpdb->prepare("SELECT option_name, option_value FROM $wpdb->options WHERE option_name = %s", '_wpallexport_session_' . $this->_import_id . '_'), ARRAY_A ); |
| 76 | |
| 77 | return empty($session) ? array() : maybe_unserialize($session['option_value']); |
| 78 | } |
| 79 | |
| 80 | /** |
| 81 | * get_session_data function. |
| 82 | * |
| 83 | * @access public |
| 84 | * @return array |
| 85 | */ |
| 86 | public function get_clear_session_data() |
| 87 | { |
| 88 | $this->_data = $this->get_session_data(); |
| 89 | $clear_data = array(); |
| 90 | foreach ($this->_data as $key => $value) { |
| 91 | $ckey = sanitize_key( $key ); |
| 92 | $clear_data[ $ckey ] = maybe_unserialize( $value ); |
| 93 | } |
| 94 | |
| 95 | return $clear_data; |
| 96 | } |
| 97 | |
| 98 | /** |
| 99 | * save_data function. |
| 100 | * |
| 101 | * @access public |
| 102 | * @return void |
| 103 | */ |
| 104 | public function save_data() |
| 105 | { |
| 106 | // Dirty if something changed - prevents saving nothing new |
| 107 | if ( $this->_dirty && $this->has_session() ) |
| 108 | { |
| 109 | $session_option = '_wpallexport_session_' . $this->_import_id . '_'; |
| 110 | $session_expiry_option = '_wpallexport_session_expires_' . $this->_import_id . '_'; |
| 111 | |
| 112 | global $wpdb; |
| 113 | |
| 114 | // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching -- export-session lookup on options table; cache bypass intentional to read fresh per-import session state |
| 115 | $session = $wpdb->get_row( $wpdb->prepare("SELECT option_name, option_value FROM $wpdb->options WHERE option_name = %s", $session_option), ARRAY_A ); |
| 116 | |
| 117 | if ( empty($session) ) |
| 118 | { |
| 119 | // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching -- export-session write on options table with autoload=no; bypasses options API to avoid object-cache pollution for short-lived per-import keys |
| 120 | $wpdb->query($wpdb->prepare("INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, 'no')", $session_option, serialize($this->_data))); |
| 121 | // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching -- export-session write on options table with autoload=no; bypasses options API to avoid object-cache pollution for short-lived per-import keys |
| 122 | $wpdb->query($wpdb->prepare("INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, 'no')", $session_expiry_option, $this->_session_expiration)); |
| 123 | // add_option( $session_option, $this->_data, '', 'no' ); |
| 124 | // add_option( $session_expiry_option, $this->_session_expiration, '', 'no' ); |
| 125 | } else { |
| 126 | // update_option( $session_option, $this->_data ); |
| 127 | // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching -- export-session update on options table; bypasses options API to avoid object-cache pollution for short-lived per-import keys |
| 128 | $wpdb->query($wpdb->prepare("UPDATE `$wpdb->options` SET `option_value` = %s WHERE `option_name` = %s", serialize($this->_data), $session_option)); |
| 129 | } |
| 130 | } |
| 131 | } |
| 132 | |
| 133 | public function clean_session( $import_id = 'new' ) |
| 134 | { |
| 135 | global $wpdb; |
| 136 | |
| 137 | // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching -- export-session cleanup on options table; bypasses options API to avoid stale autoload cache for short-lived per-import keys |
| 138 | $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->options WHERE option_name = %s", '_wpallexport_session_' . $import_id . '_') ); |
| 139 | // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching -- export-session cleanup on options table; bypasses options API to avoid stale autoload cache for short-lived per-import keys |
| 140 | $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->options WHERE option_name = %s", '_wpallexport_session_expires_' . $import_id . '_') ); |
| 141 | } |
| 142 | } |