Edit File by line

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in /home/sportsfever/public_html/filemanger/function.php on line 93
/home/sportsfe.../httpdocs/wp-conte.../plugins/content-.../inc
File: class-ps-ajax.php
<?php
[0] Fix | Delete
[1] Fix | Delete
namespace passster;
[2] Fix | Delete
[3] Fix | Delete
use Exception ;
[4] Fix | Delete
class PS_Ajax
[5] Fix | Delete
{
[6] Fix | Delete
/**
[7] Fix | Delete
* Contains instance or null
[8] Fix | Delete
*
[9] Fix | Delete
* @var object|null
[10] Fix | Delete
*/
[11] Fix | Delete
private static $instance = null ;
[12] Fix | Delete
/**
[13] Fix | Delete
* Constructor for PS_Public
[14] Fix | Delete
*/
[15] Fix | Delete
public function __construct()
[16] Fix | Delete
{
[17] Fix | Delete
add_action( 'wp_enqueue_scripts', array( $this, 'add_public_scripts' ) );
[18] Fix | Delete
add_action( 'wp_ajax_validate_input', array( $this, 'validate_input' ) );
[19] Fix | Delete
add_action( 'wp_ajax_nopriv_validate_input', array( $this, 'validate_input' ) );
[20] Fix | Delete
add_action( 'wp_ajax_hash_password', array( $this, 'hash_password' ) );
[21] Fix | Delete
add_action( 'wp_ajax_nopriv_hash_password', array( $this, 'hash_password' ) );
[22] Fix | Delete
}
[23] Fix | Delete
[24] Fix | Delete
/**
[25] Fix | Delete
* Returns instance of PS_Public.
[26] Fix | Delete
*
[27] Fix | Delete
* @return object
[28] Fix | Delete
*/
[29] Fix | Delete
public static function get_instance()
[30] Fix | Delete
{
[31] Fix | Delete
if ( null === self::$instance ) {
[32] Fix | Delete
self::$instance = new self();
[33] Fix | Delete
}
[34] Fix | Delete
return self::$instance;
[35] Fix | Delete
}
[36] Fix | Delete
[37] Fix | Delete
/**
[38] Fix | Delete
* Validate ajax given input.
[39] Fix | Delete
*
[40] Fix | Delete
* @return void
[41] Fix | Delete
* @throws Exception
[42] Fix | Delete
*/
[43] Fix | Delete
public function validate_input()
[44] Fix | Delete
{
[45] Fix | Delete
$options = get_option( 'passster' );
[46] Fix | Delete
// check nonce.
[47] Fix | Delete
[48] Fix | Delete
if ( !wp_verify_nonce( $_POST['nonce'], 'ps-password-nonce' ) ) {
[49] Fix | Delete
$response = array(
[50] Fix | Delete
'error' => 'Security check failed.',
[51] Fix | Delete
);
[52] Fix | Delete
print wp_json_encode( $response );
[53] Fix | Delete
exit;
[54] Fix | Delete
}
[55] Fix | Delete
[56] Fix | Delete
// Default response.
[57] Fix | Delete
$response = array(
[58] Fix | Delete
'error' => $options['error'],
[59] Fix | Delete
'content' => '',
[60] Fix | Delete
);
[61] Fix | Delete
// Check if input exists.
[62] Fix | Delete
[63] Fix | Delete
if ( !empty($_POST['input']) ) {
[64] Fix | Delete
$input = sanitize_text_field( $_POST['input'] );
[65] Fix | Delete
} else {
[66] Fix | Delete
$input = '';
[67] Fix | Delete
}
[68] Fix | Delete
[69] Fix | Delete
// prepare validation.
[70] Fix | Delete
$remove_spaces = apply_filters( 'passster_remove_spaces_from_list', true );
[71] Fix | Delete
$type = sanitize_text_field( $_POST['type'] );
[72] Fix | Delete
$post_id = sanitize_text_field( $_POST['post_id'] );
[73] Fix | Delete
$protection = sanitize_text_field( $_POST['protection'] );
[74] Fix | Delete
// check protection.
[75] Fix | Delete
if ( empty($protection) ) {
[76] Fix | Delete
$protection = false;
[77] Fix | Delete
}
[78] Fix | Delete
// prepare content.
[79] Fix | Delete
$post = get_post( $post_id );
[80] Fix | Delete
$content = apply_filters( 'passster_compatibility_actions', $post->post_content, $post_id );
[81] Fix | Delete
// if it's an ACF Field.
[82] Fix | Delete
[83] Fix | Delete
if ( !empty($_POST['acf']) ) {
[84] Fix | Delete
$acf = esc_html( $_POST['acf'] );
[85] Fix | Delete
$content = \get_field( $acf, $post_id );
[86] Fix | Delete
}
[87] Fix | Delete
[88] Fix | Delete
// Check if redirection.
[89] Fix | Delete
$redirect = '';
[90] Fix | Delete
if ( !empty($_POST['redirect']) ) {
[91] Fix | Delete
$redirect = esc_url( $_POST['redirect'] );
[92] Fix | Delete
}
[93] Fix | Delete
switch ( $type ) {
[94] Fix | Delete
case 'password':
[95] Fix | Delete
// Get password.
[96] Fix | Delete
$password = get_post_meta( $post_id, 'passster_password', true );
[97] Fix | Delete
// Check protection type.
[98] Fix | Delete
switch ( $protection ) {
[99] Fix | Delete
case 'full':
[100] Fix | Delete
[101] Fix | Delete
if ( !empty($password) && $input === $password ) {
[102] Fix | Delete
$validation = $this->validate_full_protection(
[103] Fix | Delete
$input,
[104] Fix | Delete
$post,
[105] Fix | Delete
$content,
[106] Fix | Delete
$redirect
[107] Fix | Delete
);
[108] Fix | Delete
if ( false !== $validation ) {
[109] Fix | Delete
$response = $validation;
[110] Fix | Delete
}
[111] Fix | Delete
}
[112] Fix | Delete
[113] Fix | Delete
break;
[114] Fix | Delete
case 'area':
[115] Fix | Delete
$area_id = esc_html( $_POST['area'] );
[116] Fix | Delete
$password = get_post_meta( $area_id, 'passster_password', true );
[117] Fix | Delete
[118] Fix | Delete
if ( !empty($area_id) && !empty($password) && $input === $password ) {
[119] Fix | Delete
$area = get_post( $area_id );
[120] Fix | Delete
$validation = $this->validate_area_protection( $input, $area, $redirect );
[121] Fix | Delete
if ( false !== $validation ) {
[122] Fix | Delete
$response = $validation;
[123] Fix | Delete
}
[124] Fix | Delete
}
[125] Fix | Delete
[126] Fix | Delete
break;
[127] Fix | Delete
default:
[128] Fix | Delete
$content = apply_filters( 'passster_compatibility_actions', PS_Helper::get_shortcode_content( $content, $input ) );
[129] Fix | Delete
$validation = $this->validate_shortcode_protection(
[130] Fix | Delete
$input,
[131] Fix | Delete
$content,
[132] Fix | Delete
$redirect,
[133] Fix | Delete
$options
[134] Fix | Delete
);
[135] Fix | Delete
if ( false !== $validation ) {
[136] Fix | Delete
$response = $validation;
[137] Fix | Delete
}
[138] Fix | Delete
}
[139] Fix | Delete
print wp_json_encode( $response );
[140] Fix | Delete
exit;
[141] Fix | Delete
}
[142] Fix | Delete
print wp_json_encode( $response );
[143] Fix | Delete
exit;
[144] Fix | Delete
}
[145] Fix | Delete
[146] Fix | Delete
/**
[147] Fix | Delete
* @param $input string given input password.
[148] Fix | Delete
* @param $post object current post object.
[149] Fix | Delete
* @param $content string given content.
[150] Fix | Delete
* @param $redirect bool redirect or not.
[151] Fix | Delete
*
[152] Fix | Delete
* @return array|false
[153] Fix | Delete
*/
[154] Fix | Delete
public function validate_full_protection(
[155] Fix | Delete
string $input,
[156] Fix | Delete
object $post,
[157] Fix | Delete
string $content,
[158] Fix | Delete
bool $redirect
[159] Fix | Delete
)
[160] Fix | Delete
{
[161] Fix | Delete
// Check that its published.
[162] Fix | Delete
if ( 'publish' !== $post->post_status ) {
[163] Fix | Delete
return false;
[164] Fix | Delete
}
[165] Fix | Delete
$response = array(
[166] Fix | Delete
'success' => true,
[167] Fix | Delete
'content' => $content,
[168] Fix | Delete
);
[169] Fix | Delete
do_action( 'passster_validation_success', $input );
[170] Fix | Delete
if ( $redirect ) {
[171] Fix | Delete
$response = array(
[172] Fix | Delete
'success' => true,
[173] Fix | Delete
'redirect' => true,
[174] Fix | Delete
);
[175] Fix | Delete
}
[176] Fix | Delete
return $response;
[177] Fix | Delete
}
[178] Fix | Delete
[179] Fix | Delete
/**
[180] Fix | Delete
* @param $input string given password.
[181] Fix | Delete
* @param $area object given area.
[182] Fix | Delete
* @param $redirect bool redirect or not.
[183] Fix | Delete
*
[184] Fix | Delete
* @return array|false
[185] Fix | Delete
*/
[186] Fix | Delete
public function validate_area_protection( string $input, object $area, bool $redirect )
[187] Fix | Delete
{
[188] Fix | Delete
// Check that it is an area.
[189] Fix | Delete
if ( 'protected_areas' !== $area->post_type ) {
[190] Fix | Delete
return false;
[191] Fix | Delete
}
[192] Fix | Delete
// Check that its published.
[193] Fix | Delete
if ( 'publish' !== $area->post_status ) {
[194] Fix | Delete
return false;
[195] Fix | Delete
}
[196] Fix | Delete
$content = apply_filters( 'passster_compatibility_actions', $area->post_content, $area->ID );
[197] Fix | Delete
$response = array(
[198] Fix | Delete
'success' => true,
[199] Fix | Delete
'content' => $content,
[200] Fix | Delete
);
[201] Fix | Delete
do_action( 'passster_validation_success', $input );
[202] Fix | Delete
if ( $redirect ) {
[203] Fix | Delete
$response = array(
[204] Fix | Delete
'success' => true,
[205] Fix | Delete
'redirect' => true,
[206] Fix | Delete
);
[207] Fix | Delete
}
[208] Fix | Delete
return $response;
[209] Fix | Delete
}
[210] Fix | Delete
[211] Fix | Delete
/**
[212] Fix | Delete
* @param $input string given password.
[213] Fix | Delete
* @param $content string current content.
[214] Fix | Delete
* @param $redirect bool redirect or not.
[215] Fix | Delete
* @param $options array given options.
[216] Fix | Delete
*
[217] Fix | Delete
* @return array|bool[]|false
[218] Fix | Delete
*/
[219] Fix | Delete
public function validate_shortcode_protection(
[220] Fix | Delete
string $input,
[221] Fix | Delete
string $content,
[222] Fix | Delete
bool $redirect,
[223] Fix | Delete
array $options
[224] Fix | Delete
)
[225] Fix | Delete
{
[226] Fix | Delete
[227] Fix | Delete
if ( !empty($content) ) {
[228] Fix | Delete
$response = array(
[229] Fix | Delete
'success' => true,
[230] Fix | Delete
'content' => $content,
[231] Fix | Delete
);
[232] Fix | Delete
do_action( 'passster_validation_success', $input );
[233] Fix | Delete
return $response;
[234] Fix | Delete
} elseif ( 'on' === $options['toggle_ajax'] ) {
[235] Fix | Delete
$response = array(
[236] Fix | Delete
'success' => true,
[237] Fix | Delete
);
[238] Fix | Delete
do_action( 'passster_validation_success', $input );
[239] Fix | Delete
if ( $redirect ) {
[240] Fix | Delete
$response = array(
[241] Fix | Delete
'success' => true,
[242] Fix | Delete
'redirect' => true,
[243] Fix | Delete
);
[244] Fix | Delete
}
[245] Fix | Delete
return $response;
[246] Fix | Delete
}
[247] Fix | Delete
[248] Fix | Delete
return false;
[249] Fix | Delete
}
[250] Fix | Delete
[251] Fix | Delete
/**
[252] Fix | Delete
* Hashing the password to store in a cookie.
[253] Fix | Delete
* @return void
[254] Fix | Delete
*/
[255] Fix | Delete
public function hash_password()
[256] Fix | Delete
{
[257] Fix | Delete
// check nonce.
[258] Fix | Delete
[259] Fix | Delete
if ( !wp_verify_nonce( $_POST['hash_nonce'], 'ps-hash-nonce' ) ) {
[260] Fix | Delete
print wp_json_encode( array(
[261] Fix | Delete
'success' => false,
[262] Fix | Delete
'error' => 'Security check failed.',
[263] Fix | Delete
) );
[264] Fix | Delete
exit;
[265] Fix | Delete
}
[266] Fix | Delete
[267] Fix | Delete
// Check if input exists.
[268] Fix | Delete
[269] Fix | Delete
if ( empty($_POST['password']) ) {
[270] Fix | Delete
print wp_json_encode( array(
[271] Fix | Delete
'success' => false,
[272] Fix | Delete
'error' => 'No password provided.',
[273] Fix | Delete
) );
[274] Fix | Delete
exit;
[275] Fix | Delete
}
[276] Fix | Delete
[277] Fix | Delete
$response = array(
[278] Fix | Delete
'success' => true,
[279] Fix | Delete
'password' => hash_hmac( 'sha256', esc_html( $_POST['password'] ), get_option( 'passster_secure_key' ) ),
[280] Fix | Delete
);
[281] Fix | Delete
print wp_json_encode( $response );
[282] Fix | Delete
exit;
[283] Fix | Delete
}
[284] Fix | Delete
[285] Fix | Delete
/**
[286] Fix | Delete
* Enqueue scripts for shortcode
[287] Fix | Delete
*
[288] Fix | Delete
* @return void
[289] Fix | Delete
*/
[290] Fix | Delete
public function add_public_scripts()
[291] Fix | Delete
{
[292] Fix | Delete
$suffix = ( defined( SCRIPT_DEBUG ) && SCRIPT_DEBUG ? '' : '.min' );
[293] Fix | Delete
$options = get_option( 'passster' );
[294] Fix | Delete
wp_enqueue_style(
[295] Fix | Delete
'passster-public',
[296] Fix | Delete
PASSSTER_URL . '/assets/public/passster-public' . $suffix . '.css',
[297] Fix | Delete
array(),
[298] Fix | Delete
PASSSTER_VERSION,
[299] Fix | Delete
'all'
[300] Fix | Delete
);
[301] Fix | Delete
wp_enqueue_script(
[302] Fix | Delete
'passster-cookie',
[303] Fix | Delete
PASSSTER_URL . '/assets/public/cookie.js',
[304] Fix | Delete
array( 'jquery' ),
[305] Fix | Delete
false,
[306] Fix | Delete
false
[307] Fix | Delete
);
[308] Fix | Delete
wp_enqueue_script(
[309] Fix | Delete
'passster-public',
[310] Fix | Delete
PASSSTER_URL . '/assets/public/passster-public' . $suffix . '.js',
[311] Fix | Delete
array( 'jquery', 'passster-cookie' ),
[312] Fix | Delete
PASSSTER_VERSION,
[313] Fix | Delete
false
[314] Fix | Delete
);
[315] Fix | Delete
$shortcodes = array();
[316] Fix | Delete
[317] Fix | Delete
if ( isset( $options['third_party_shortcodes'] ) && !empty($options['third_party_shortcodes']) ) {
[318] Fix | Delete
$shortcodes_in_options = explode( ',', $options['third_party_shortcodes'] );
[319] Fix | Delete
if ( is_array( $shortcodes_in_options ) ) {
[320] Fix | Delete
foreach ( $shortcodes_in_options as $shortcode ) {
[321] Fix | Delete
$shortcodes[$shortcode] = do_shortcode( str_replace( '{post-id}', get_the_id(), $shortcode ) );
[322] Fix | Delete
}
[323] Fix | Delete
}
[324] Fix | Delete
}
[325] Fix | Delete
[326] Fix | Delete
$args = array(
[327] Fix | Delete
'ajax_url' => admin_url() . 'admin-ajax.php',
[328] Fix | Delete
'nonce' => wp_create_nonce( 'ps-password-nonce' ),
[329] Fix | Delete
'hash_nonce' => wp_create_nonce( 'ps-hash-nonce' ),
[330] Fix | Delete
'logout_nonce' => wp_create_nonce( 'ps-logout-nonce' ),
[331] Fix | Delete
'post_id' => get_the_id(),
[332] Fix | Delete
'shortcodes' => $shortcodes,
[333] Fix | Delete
'permalink' => get_permalink( get_the_id() ),
[334] Fix | Delete
);
[335] Fix | Delete
[336] Fix | Delete
if ( isset( $options['cookie_duration_unit'] ) ) {
[337] Fix | Delete
$args['cookie_duration_unit'] = esc_html( $options['cookie_duration_unit'] );
[338] Fix | Delete
} else {
[339] Fix | Delete
$args['cookie_duration_unit'] = 'days';
[340] Fix | Delete
}
[341] Fix | Delete
[342] Fix | Delete
[343] Fix | Delete
if ( isset( $options['cookie_duration'] ) ) {
[344] Fix | Delete
$args['cookie_duration'] = esc_html( $options['cookie_duration'] );
[345] Fix | Delete
} else {
[346] Fix | Delete
$args['cookie_duration'] = 1;
[347] Fix | Delete
}
[348] Fix | Delete
[349] Fix | Delete
[350] Fix | Delete
if ( isset( $options['disable_cookie'] ) ) {
[351] Fix | Delete
$args['disable_cookie'] = esc_html( $options['disable_cookie'] );
[352] Fix | Delete
} else {
[353] Fix | Delete
$args['disable_cookie'] = false;
[354] Fix | Delete
}
[355] Fix | Delete
[356] Fix | Delete
[357] Fix | Delete
if ( isset( $options['unlock_mode'] ) ) {
[358] Fix | Delete
$args['unlock_mode'] = esc_html( $options['unlock_mode'] );
[359] Fix | Delete
} else {
[360] Fix | Delete
$args['unlock_mode'] = false;
[361] Fix | Delete
}
[362] Fix | Delete
[363] Fix | Delete
wp_localize_script( 'passster-public', 'ps_ajax', $args );
[364] Fix | Delete
// if password type hint used.
[365] Fix | Delete
$password_typing = $options['show_password'];
[366] Fix | Delete
if ( $password_typing ) {
[367] Fix | Delete
wp_enqueue_script(
[368] Fix | Delete
'password-typing',
[369] Fix | Delete
PASSSTER_URL . '/assets/public/password-typing.js',
[370] Fix | Delete
array( 'jquery' ),
[371] Fix | Delete
PASSSTER_VERSION,
[372] Fix | Delete
false
[373] Fix | Delete
);
[374] Fix | Delete
}
[375] Fix | Delete
}
[376] Fix | Delete
[377] Fix | Delete
}
[378] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function