PluginProbe ʕ •ᴥ•ʔ
WP STAGING – WordPress Backup, Restore, Migration & Clone / 3.5.0
WP STAGING – WordPress Backup, Restore, Migration & Clone v3.5.0
4.9.1 4.9.0 4.8.1 trunk 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.0.5 3.0.6 3.1.0 3.1.1 3.1.2 3.1.3 3.1.4 3.10.0 3.2.0 3.3.1 3.3.2 3.3.3 3.4.1 3.4.3 3.5.0 3.6.0 3.7.1 3.8.0 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.8.6 3.8.7 3.9.0 3.9.1 3.9.2 3.9.3 3.9.4 4.0.0 4.1.0 4.1.1 4.1.2 4.1.3 4.1.4 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.0 4.7.0 4.7.1 4.7.2 4.7.3 4.8.0
wp-staging / Frontend / Frontend.php
wp-staging / Frontend Last commit date
views 2 years ago Frontend.php 2 years ago FrontendServiceProvider.php 2 years ago LoginAfterRestore.php 2 years ago LoginForm.php 2 years ago LoginNotice.php 5 years ago
Frontend.php
225 lines
1 <?php
2
3 namespace WPStaging\Frontend;
4
5 use WPStaging\Core\WPStaging;
6 use WPStaging\Framework\Rest\Rest;
7 use WPStaging\Framework\SiteInfo;
8
9 /**
10 * Class Frontend
11 * @package WPStaging\Frontend
12 */
13 class Frontend
14 {
15
16 /**
17 * @var object
18 */
19 private $settings;
20
21 /**
22 * @var bool
23 */
24 private $accessDenied = false;
25
26 /** @var LoginForm */
27 private $loginForm;
28
29 public function __construct()
30 {
31 $this->defineHooks();
32
33 $this->settings = json_decode(json_encode(get_option("wpstg_settings", [])));
34
35 $this->loginForm = WPStaging::make(LoginForm::class);
36 }
37
38 /**
39 * Change admin_bar site_name
40 *
41 * @return void
42 * @global object $wp_admin_bar
43 */
44 public function changeSiteName()
45 {
46 global $wp_admin_bar;
47 $siteTitle = apply_filters('wpstg_staging_site_title', 'STAGING');
48 if ($this->isStagingSite()) {
49 // Main Title
50 $wp_admin_bar->add_menu(
51 [
52 'id' => 'site-name',
53 'title' => is_admin() ? ($siteTitle . ' - ' . get_bloginfo('name')) : ($siteTitle . ' - ' . get_bloginfo('name') . ' Dashboard'),
54 'href' => is_admin() ? home_url('/') : admin_url(),
55 ]
56 );
57 }
58 }
59
60 /**
61 * Check permissions for the page to decide whether to disable the page
62 * @return void
63 */
64 public function checkPermissions()
65 {
66 $this->resetPermaLinks();
67
68 if ($this->showLoginForm()) {
69 if ($this->accessDenied) {
70 wp_logout();
71 $this->loginForm->setError(__('Access Denied', 'wp-staging'));
72 }
73
74 $overrides = [
75 'label_username' => __('Username or Email Address', 'wp-staging'),
76 ];
77 $this->loginForm->renderForm($this->loginForm->getDefaultArguments($overrides));
78 die();
79 }
80 }
81
82 /**
83 * Define Hooks
84 * @return void
85 */
86 private function defineHooks()
87 {
88 add_action("init", [$this, "checkPermissions"]);
89 add_filter("wp_before_admin_bar_render", [$this, "changeSiteName"]);
90 }
91
92 /**
93 * Show a login form if user is not authorized
94 * @return bool
95 */
96 private function showLoginForm(): bool
97 {
98 $this->accessDenied = false;
99
100 // Don't show login form if from wp-cli
101 if ('cli' === PHP_SAPI && defined('WP_CLI')) {
102 return false;
103 }
104
105 // Don't show login form if showLoginForm filter is set to false. Used by Real Cookie Banner plugin
106 if (apply_filters('wpstg.frontend.showLoginForm', false)) {
107 return false;
108 }
109
110 // Don't show login form for rest requests
111
112 /** @var Rest $rest */
113 $rest = WPStaging::make(Rest::class);
114 if ($rest->isRestUrl()) {
115 return false;
116 }
117
118 if ($this->isLoginPage() || is_admin()) {
119 return false;
120 }
121
122 if (! $this->isStagingSite()) {
123 return false;
124 }
125
126 // Allow access for administrator
127 if (current_user_can('manage_options')) {
128 return false;
129 }
130
131 // Simple check (free version only)
132 if (!defined('WPSTGPRO_VERSION')) {
133 return (!isset($this->settings->disableAdminLogin) || $this->settings->disableAdminLogin !== '1');
134 }
135
136 // Allow access for wp staging user role "all"
137 if (!empty($this->settings->userRoles) && in_array('all', $this->settings->userRoles)) {
138 return false;
139 }
140
141 if (!is_user_logged_in()) {
142 return true;
143 }
144
145 // Allow access for administrators if no user roles are defined
146 if (!isset($this->settings->userRoles) || !is_array($this->settings->userRoles)) {
147 $this->accessDenied = true;
148 return true;
149 }
150
151 $currentUser = wp_get_current_user();
152
153 if (defined('WPSTGPRO_VERSION') && !empty($this->settings->usersWithStagingAccess)) {
154 $usersWithStagingAccess = explode(',', $this->settings->usersWithStagingAccess);
155
156 // check against usernames
157 if (in_array($currentUser->user_login, $usersWithStagingAccess, true)) {
158 return false;
159 }
160
161 // check against emails
162 if (in_array($currentUser->user_email, $usersWithStagingAccess, true)) {
163 return false;
164 }
165 }
166
167 // Require login form if user is not in specific user role
168 $activeUserRoles = $currentUser->roles;
169
170 $result = isset($this->settings->userRoles) && is_array($this->settings->userRoles) ?
171 array_intersect($activeUserRoles, $this->settings->userRoles) :
172 [];
173
174 if (empty($result) && !$this->isLoginPage() && !is_admin()) {
175 $this->accessDenied = true;
176 return true;
177 }
178
179 // Don't show login form if no other rule apply
180 return false;
181 }
182
183 /**
184 * Check if it is a staging site
185 * @return bool
186 */
187 private function isStagingSite(): bool
188 {
189 return (new SiteInfo())->isStagingSite();
190 }
191
192 /**
193 * Check if it is the login page
194 * @return bool
195 */
196 private function isLoginPage(): bool
197 {
198 return ($GLOBALS["pagenow"] === "wp-login.php");
199 }
200
201 /**
202 * Reset permalink structure of the clone to default; index.php?p=123
203 */
204 private function resetPermaLinks()
205 {
206 // Do nothing
207 if (!$this->isStagingSite() || get_option("wpstg_rmpermalinks_executed") === "true") {
208 return;
209 }
210
211 // Do nothing
212 if (defined('WPSTGPRO_VERSION') && isset($this->settings->keepPermalinks) && $this->settings->keepPermalinks === "1") {
213 return;
214 }
215
216 // $wp_rewrite is not available before the init hook. So we need to use the global variable
217 global $wp_rewrite;
218 $wp_rewrite->set_permalink_structure(null);
219
220 flush_rewrite_rules();
221
222 update_option("wpstg_rmpermalinks_executed", "true");
223 }
224 }
225