File "base.php"
Full Path: /home/aiclgcwq/photonindustriespvt.com/wp-content/plugins/agile-store-locator/includes/admin/base.php
File size: 10.17 KB
MIME-type: text/x-php
Charset: utf-8
<?php
namespace AgileStoreLocator\Admin;
if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly.
}
/**
* The base class for the admin-specific functionality of the plugin.
*
* @link https://agilestorelocator.com
* @since 1.4.3
*
* @package AgileStoreLocator
* @subpackage AgileStoreLocator/Admin/Base
*/
class Base {
/**
* [$lang global lang attribute]
* @var string
*/
protected $lang = '';
/**
* [$max_img_width width of the logo]
* @var integer
*/
protected $max_img_width = 450;
/**
* [$max_img_height height of the logo]
* @var integer
*/
protected $max_img_height = 450;
/**
* [$max_ico_width width of the icon]
* @var integer
*/
protected $max_ico_width = 75;
/**
* [$max_ico_height height of the icon]
* @var integer
*/
protected $max_ico_height = 75;
/**
* [$max_image_size max upload size]
* @var integer
*/
protected $max_image_size = 5000000;
/**
* [$sub_upload_directory sub-directory upload]
* @var [type]
*/
public $sub_upload_directory;
/**
* [$as_object To return the data as public]
* @var [type]
*/
public $as_object;
/**
* [__construct]
*/
public function __construct() {
// lang query parameter, called by ServerCall AJAX method
$this->lang = (isset($_REQUEST['asl-lang']) && $_REQUEST['asl-lang'])? esc_sql(sanitize_text_field($_REQUEST['asl-lang'])): '';
// must be a valid lang code
if(strlen($this->lang) >= 13 || $this->lang == 'en_US') {
$this->lang = '';
}
}
/**
* [send_response This method is used to return the results either as JSON or as object, Used in the asl-wc since version 4.8.33]
* @param [type] $response [description]
* @return [type] [description]
*/
public function send_response($response) {
// No error during JSON
error_reporting(0);
// this bit will return as object instead of JSON
if(isset($this->as_object) && $this->as_object) {
return $response;
}
echo wp_send_json($response);die;
}
/**
* [clean_input Clean the Input field]
* @param [type] $data [description]
* @return [type] [description]
*/
protected function clean_input($data) {
return sanitize_text_field($data);
}
/**
* [clean_input_html Filter the HTML field for XSS]
* @param [type] $data [description]
* @param boolean $html [description]
* @return [type] [description]
*/
protected function clean_input_html($data) {
// Define the allowed HTML tags and attributes
$allowed_tags = array(
'a' => array(
'href' => array(),
'title' => array(),
'__target' => array('value' => '_blank')
),
'strong' => array(),
'em' => array(),
'p' => array(),
'br' => array(),
'b' => array(),
'h1' => array(),
'h2' => array(),
'ul' => array(),
'ol' => array(),
'li' => array(),
'u' => array(),
'span' => array(
'style' => array()
),
);
// Use wp_kses() to sanitize any HTML in the value and allow only the specified tags and attributes
return wp_kses($data, $allowed_tags);
}
/**
* [clean_html_array Clean the array from XSS via HTML clean]
* @param [type] $input_array [description]
* @return [type] [description]
*/
protected function clean_html_array($input_array) {
// Loop through each element in the input array
foreach($input_array as $key => $value) {
$input_array[$key] = $this->clean_input_html($value);
}
// Return the sanitized input array
return $input_array;
}
/**
* [clean_input_array Clean an array from XXS]
* @param [type] $input_array [description]
* @return [type] [description]
*/
protected function clean_input_array($input_array) {
// Loop through each element in the input array
foreach($input_array as $key => $value) {
if($key == 'website' || strpos($key, '_url') !== false) {
$input_array[$key] = esc_url($value);
}
else {
// Sanitize the value using WordPress' built-in sanitize_text_field() function
//$input_array[$key] = sanitize_text_field($value);
$input_array[$key] = sanitize_text_field($value);
}
}
// Return the sanitized input array
return $input_array;
}
/**
* [fixURL Add https:// to the URL]
* @param [type] $url [description]
* @param string $scheme [description]
* @return [type] [description]
*/
protected function fixURL($url, $scheme = 'http://') {
if(!$url)
return '';
return parse_url($url, PHP_URL_SCHEME) === null ? $scheme . $url : $url;
}
/**
* [_get_custom_fields Method to Get the Custom Fields]
* @return [type] [description]
*/
protected function _get_custom_fields() {
global $wpdb;
// Fields
$fields = $wpdb->get_results("SELECT content FROM ".ASL_PREFIX."settings WHERE `type` = 'fields'");
$fields = ($fields && isset($fields[0]))? json_decode($fields[0]->content, true): [];
if(!empty($fields)) {
// Filter the JSON for XSS
$filter_fields = [];
foreach($fields as $field_key => $field) {
$field_key = strip_tags($field_key);
$field['type'] = strip_tags($field['type']);
$field['name'] = strip_tags($field['name']);
$field['label'] = strip_tags($field['label']);
$filter_fields[$field_key] = $field;
}
$fields = $filter_fields;
}
return $fields;
}
/**
* [uploadDirectory Set the upload directory for our plugin in uploads folder]
* @param [type] $directory [description]
*/
public function uploadDirectory($dir) {
$plugin_directory = 'agile-store-locator';
/*$dirs['subdir'] = '/'.$plugin_directory;
$dirs['path'] = $dir['basedir'] . '/'.$plugin_directory;
$dirs['url'] = $dir['baseurl'] . '/'.$plugin_directory;*/
return array(
'path' => ASL_UPLOAD_DIR.$this->sub_upload_directory.'/',
'url' => ASL_UPLOAD_URL.$this->sub_upload_directory.'/',
'subdir' => '/'.$plugin_directory.'/'.$this->sub_upload_directory.'/',
) + $dir;
//return $dir;
}
/**
* [_file_uploader description]
* @param [type] $source_file [description]
* @return [type] [description]
*/
protected function _file_uploader($source, $folder) {
if (!function_exists('media_handle_upload')) {
require_once(ABSPATH . 'wp-admin/includes/image.php');
require_once(ABSPATH . 'wp-admin/includes/file.php');
require_once(ABSPATH . 'wp-admin/includes/media.php');
}
// Make sure the upload Directories does exist
\AgileStoreLocator\Helper::create_upload_dirs();
// File Name Generation
$file_extension = pathinfo($source["name"], PATHINFO_EXTENSION);
$real_file_name = substr(strtolower($source["name"]), 0, strpos(strtolower($source["name"]), '.'));
$real_file_name = substr($real_file_name, 0, 15);
$new_file_name = $real_file_name.'-'.uniqid();
// Add File Extension
$new_file_name .= '.'.$file_extension;
// When the file is an Image
$is_image = ($folder == 'icon' || $folder == 'svg' || $folder == 'Logo')? true: false;
// For the images only
if($is_image) {
// Get the Size of the Image //
$image_file = $source['tmp_name'];
list($width, $height) = getimagesize($image_file);
// Too Big Size
if ($source["size"] > $this->max_image_size) {
return array('error' => esc_attr__("Sorry, your file is too large.",'asl_locator'));
}
// Supported Extensions
$supported_extensions = array('jpg','png','gif','jpeg');
if($folder == 'svg' || $folder == 'icon')
$supported_extensions[] = 'svg';
// Not a Supported File Format
if(!in_array(strtolower($file_extension), $supported_extensions)) {
return array('error' => esc_attr__("Sorry, only JPG, JPEG, PNG & GIF files are allowed.",'asl_locator'));
}
$img_max_width = ($folder == 'Logo')? $this->max_img_width: $this->max_ico_width;
$img_max_height = ($folder == 'Logo')? $this->max_img_height: $this->max_ico_height;
// Width or Height Issue
if($width > $img_max_width || $height > $img_max_height) {
return array('error' => esc_attr__("Max image dimensions width and height is {$img_max_width} x {$img_max_height} px. Given image size is {$width} x {$height} px for {$folder}",'asl_locator'));
}
}
// For a KML File
else if($folder == 'kml') {
// Support KML MIMES
$supported_mime = array('application/vnd.google-earth.kmz', 'application/vnd.google-earth.kml+xml');
// $supported_mime = array('text/plain', 'text/kml', 'text/comma-separated-values');
// Only CSV file is allowed
if(strtolower($file_extension) != 'kml') {
return array('error' => esc_attr__("Sorry, only KML files are allowed to import",'asl_locator'));
}
}
else {
return array('error' => esc_attr__("Error! unkown file is uploaded.",'asl_locator'));
}
// Setup the sub-directory for the upload
$this->sub_upload_directory = $folder;
// Change the Sourcer File name
$source['name'] = $new_file_name;
// Upload Param
$upload_overrides = array('test_form' => false);
// Add filter to change directory
add_filter( 'upload_dir', array( $this, 'uploadDirectory' ));
// Move the File
$movefile = wp_handle_upload( $source, $upload_overrides );
// Add the saved file name
if(isset($movefile['url'])) {
$new_file_path = $movefile['url'];
$new_file_path = explode('/', $new_file_path);
$new_file_name = $new_file_path[count($new_file_path) - 1];
}
// Remove that Filter
remove_filter( 'upload_dir', array( $this, 'uploadDirectory' ));
// Validate the Moved File
if ( $movefile && ! isset( $movefile['error'] ) ) {
return ['success' => true, 'file_name' => $new_file_name, 'data' => $movefile];
}
else {
return array('error' => $movefile['error']);
}
}
}