Server IP : 85.214.239.14 / Your IP : 18.221.217.100 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /proc/3/task/3/root/var/www/wordpress/wp-content/plugins/cookie-notice/includes/ |
Upload File : |
<?php // exit if accessed directly if ( ! defined( 'ABSPATH' ) ) exit; /** * Cookie_Notice_Welcome_API class. * * @class Cookie_Notice_Welcome_API */ class Cookie_Notice_Welcome_API { /** * Constructor. * * @return void */ public function __construct() { // actions add_action( 'init', [ $this, 'check_cron' ] ); add_action( 'cookie_notice_get_app_analytics', [ $this, 'get_app_analytics' ] ); add_action( 'cookie_notice_get_app_config', [ $this, 'get_app_config' ] ); add_action( 'wp_ajax_cn_api_request', [ $this, 'api_request' ] ); } /** * Ajax API request. * * @return void */ public function api_request() { // check capabilities if ( ! current_user_can( apply_filters( 'cn_manage_cookie_notice_cap', 'manage_options' ) ) ) wp_die( __( 'You do not have permission to access this page.', 'cookie-notice' ) ); // check main nonce if ( ! check_ajax_referer( 'cookie-notice-welcome', 'nonce' ) ) wp_die( __( 'You do not have permission to access this page.', 'cookie-notice' ) ); // get request $request = isset( $_POST['request'] ) ? sanitize_key( $_POST['request'] ) : ''; // no valid request? if ( ! in_array( $request, [ 'register', 'login', 'configure', 'select_plan', 'payment', 'get_bt_init_token', 'use_license' ], true ) ) wp_die( __( 'You do not have permission to access this page.', 'cookie-notice' ) ); $special_actions = [ 'register', 'login', 'configure', 'payment' ]; // payment nonce if ( $request === 'payment' ) $nonce = isset( $_POST['cn_payment_nonce'] ) ? sanitize_key( $_POST['cn_payment_nonce'] ) : ''; // special nonce elseif ( in_array( $request, $special_actions, true ) ) $nonce = isset( $_POST['cn_nonce'] ) ? sanitize_key( $_POST['cn_nonce'] ) : ''; // check additional nonce if ( in_array( $request, $special_actions, true ) && ! wp_verify_nonce( $nonce, 'cn_api_' . $request ) ) wp_die( __( 'You do not have permission to access this page.', 'cookie-notice' ) ); $errors = []; $response = false; // get main instance $cn = Cookie_Notice(); // get site language $locale = get_locale(); $locale_code = explode( '_', $locale ); // check network $network = $cn->is_network_admin(); // get app token data if ( $network ) $data_token = get_site_transient( 'cookie_notice_app_token' ); else $data_token = get_transient( 'cookie_notice_app_token' ); $admin_email = ! empty( $data_token->email ) ? $data_token->email : ''; $app_id = $cn->options['general']['app_id']; $params = []; switch ( $request ) { case 'use_license': $subscriptionID = isset( $_POST['subscriptionID'] ) ? (int) $_POST['subscriptionID'] : 0; $result = $this->request( 'assign_subscription', [ 'AppID' => $app_id, 'subscriptionID' => $subscriptionID ] ); // errors? if ( ! empty( $result->message ) ) { $response = [ 'error' => $result->message ]; break; } else $response = $result; break; case 'get_bt_init_token': $result = $this->request( 'get_token' ); // is token available? if ( ! empty( $result->token ) ) $response = [ 'token' => $result->token ]; break; case 'payment': $error = [ 'error' => esc_html__( 'Unexpected error occurred. Please try again later.', 'cookie-notice' ) ]; // empty data? if ( empty( $_POST['payment_nonce'] ) || empty( $_POST['plan'] ) || empty( $_POST['method'] ) ) { $response = $error; break; } // validate plan and payment method $available_plans = [ 'compliance_monthly_notrial', 'compliance_monthly_5', 'compliance_monthly_10', 'compliance_monthly_20', 'compliance_yearly_notrial', 'compliance_yearly_5', 'compliance_yearly_10', 'compliance_yearly_20' ]; $available_payment_methods = [ 'credit_card', 'paypal' ]; $plan = sanitize_key( $_POST['plan'] ); if ( ! in_array( $_POST['plan'], $available_plans, true ) ) $plan = false; $method = sanitize_key( $_POST['method'] ); if ( ! in_array( $_POST['method'], $available_payment_methods, true ) ) $method = false; // valid plan and payment method? if ( empty( $plan ) || empty( $method ) ) { $response = [ 'error' => esc_html__( 'Empty plan or payment method data.', 'cookie-notice' ) ]; break; } $result = $this->request( 'get_customer', [ 'AppID' => $app_id, 'PlanId' => $plan ] ); // user found? if ( ! empty( $result->id ) ) { $customer = $result; // create user } else { $result = $this->request( 'create_customer', [ 'AppID' => $app_id, 'AdminID' => $admin_email, // remove later - AdminID from API response 'PlanId' => $plan, 'paymentMethodNonce' => sanitize_key( $_POST['payment_nonce'] ) ] ); if ( ! empty( $result->success ) ) $customer = $result->customer; else $customer = $result; } // user created/received? if ( empty( $customer->id ) ) { $response = [ 'error' => esc_html__( 'Unable to create customer data.', 'cookie-notice' ) ]; break; } // selected payment method $payment_method = false; // get payment identifier (email or 4 digits) $identifier = isset( $_POST['cn_payment_identifier'] ) ? sanitize_text_field( $_POST['cn_payment_identifier'] ) : ''; // customer available payment methods $payment_methods = ! empty( $customer->paymentMethods ) ? $customer->paymentMethods : []; // try to find payment method if ( ! empty( $payment_methods ) && is_array( $payment_methods ) ) { foreach ( $payment_methods as $pm ) { // paypal if ( isset( $pm->email ) && $pm->email === $identifier ) $payment_method = $pm; // credit card elseif ( isset( $pm->last4 ) && $pm->last4 === $identifier ) $payment_method = $pm; } } // if payment method was not identified, create it if ( ! $payment_method ) { $result = $this->request( 'create_payment_method', [ 'AppID' => $app_id, 'paymentMethodNonce' => sanitize_key( $_POST['payment_nonce'] ) ] ); // payment method created successfully? if ( ! empty( $result->success ) ) { $payment_method = $result->paymentMethod; } else { $response = [ 'error' => esc_html__( 'Unable to create payment mehotd.', 'cookie-notice' ) ]; break; } } if ( ! isset( $payment_method->token ) ) { $response = [ 'error' => esc_html__( 'No payment method token.', 'cookie-notice' ) ]; break; } // @todo: check if subscription exists $subscription = $this->request( 'create_subscription', [ 'AppID' => $app_id, 'PlanId' => $plan, 'paymentMethodToken' => $payment_method->token ] ); // subscription assigned? if ( ! empty( $subscription->error ) ) { $response = $subscription->error; break; } $status_data = $cn->defaults['data']; // update app status if ( $network ) { $status_data = get_site_option( 'cookie_notice_status', $status_data ); $status_data['subscription'] = 'pro'; // get activation timestamp $timestamp = $cn->get_cc_activation_datetime(); // update activation timestamp only for new cookie compliance activations $status_data['activation_datetime'] = $timestamp === 0 ? time() : $timestamp; update_site_option( 'cookie_notice_status', $status_data ); } else { $status_data = get_option( 'cookie_notice_status', $status_data ); $status_data['subscription'] = 'pro'; // get activation timestamp $timestamp = $cn->get_cc_activation_datetime(); // update activation timestamp only for new cookie compliance activations $status_data['activation_datetime'] = $timestamp === 0 ? time() : $timestamp; update_option( 'cookie_notice_status', $status_data ); } $response = $app_id; break; case 'register': // check terms $terms = isset( $_POST['terms'] ); // no terms? if ( ! $terms ) { $response = [ 'error' => esc_html__( 'Please accept the Terms of Service to proceed.', 'cookie-notice' ) ]; break; } // check email $email = isset( $_POST['email'] ) ? is_email( $_POST['email'] ) : false; // empty email? if ( ! $email ) { $response = [ 'error' => esc_html__( 'Email is not allowed to be empty.', 'cookie-notice' ) ]; break; } // check passwords $pass = ! empty( $_POST['pass'] ) ? stripslashes( $_POST['pass'] ) : ''; $pass2 = ! empty( $_POST['pass2'] ) ? stripslashes( $_POST['pass2'] ) : ''; // empty password? if ( ! $pass || ! is_string( $pass ) ) { $response = [ 'error' => esc_html__( 'Password is not allowed to be empty.', 'cookie-notice' ) ]; break; } // invalid password? if ( preg_match( '/^(?=.*[A-Z])(?=.*\d)[\w !"#$%&\'()*\+,\-.\/:;<=>?@\[\]^\`\{\|\}\~\\\\]{8,}$/', $pass ) !== 1 ) { $response = [ 'error' => esc_html__( 'The password contains illegal characters or does not meet the conditions.', 'cookie-notice' ) ]; break; } // no match? if ( $pass !== $pass2 ) { $response = [ 'error' => esc_html__( 'Passwords do not match.', 'cookie-notice' ) ]; break; } $params = [ 'AdminID' => $email, 'Password' => $pass, 'Language' => ! empty( $_POST['language'] ) ? sanitize_key( $_POST['language'] ) : 'en' ]; $response = $this->request( 'register', $params ); // errors? if ( ! empty( $response->error ) ) break; // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } // ok, so log in now $params = [ 'AdminID' => $email, 'Password' => $pass ]; $response = $this->request( 'login', $params ); // errors? if ( ! empty( $response->error ) ) break; // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } // token in response? if ( empty( $response->data->token ) ) { $response = [ 'error' => esc_html__( 'Unexpected error occurred. Please try again later.', 'cookie-notice' ) ]; break; } // set token if ( $network ) set_site_transient( 'cookie_notice_app_token', $response->data, DAY_IN_SECONDS ); else set_transient( 'cookie_notice_app_token', $response->data, DAY_IN_SECONDS ); // multisite? if ( is_multisite() ) { switch_to_blog( 1 ); $site_title = get_bloginfo( 'name' ); $site_url = network_site_url(); $site_description = get_bloginfo( 'description' ); restore_current_blog(); } else { $site_title = get_bloginfo( 'name' ); $site_url = get_home_url(); $site_description = get_bloginfo( 'description' ); } // create new app, no need to check existing $params = [ 'DomainName' => $site_title, 'DomainUrl' => $site_url ]; if ( ! empty( $site_description ) ) $params['DomainDescription'] = $site_description; $response = $this->request( 'app_create', $params ); // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } // data in response? if ( empty( $response->data->AppID ) || empty( $response->data->SecretKey ) ) { $response = [ 'error' => esc_html__( 'Unexpected error occurred. Please try again later.', 'cookie-notice' ) ]; break; } else { $app_id = $response->data->AppID; $secret_key = $response->data->SecretKey; } // update options: app id and secret key $cn->options['general'] = wp_parse_args( [ 'app_id' => $app_id, 'app_key' => $secret_key ], $cn->options['general'] ); if ( $network ) { $cn->options['general']['global_override'] = true; update_site_option( 'cookie_notice_options', $cn->options['general'] ); // get options $app_config = get_site_transient( 'cookie_notice_app_quick_config' ); } else { update_option( 'cookie_notice_options', $cn->options['general'] ); // get options $app_config = get_transient( 'cookie_notice_app_quick_config' ); } // create quick config $params = ! empty( $app_config ) && is_array( $app_config ) ? $app_config : []; // cast to objects if ( $params ) { $new_params = []; foreach ( $params as $key => $array ) { $object = new stdClass(); foreach ( $array as $subkey => $value ) { $new_params[$key] = $object; $new_params[$key]->{$subkey} = $value; } } $params = $new_params; } $params['AppID'] = $app_id; // @todo When mutliple default languages are supported $params['DefaultLanguage'] = 'en'; if ( ! array_key_exists( 'text', $params ) ) $params['text'] = new stdClass(); // add privacy policy url $params['text']->privacyPolicyUrl = get_privacy_policy_url(); // add translations if needed if ( $locale_code[0] !== 'en' ) $params['Languages'] = [ $locale_code[0] ]; $response = $this->request( 'quick_config', $params ); $status_data = $cn->defaults['data']; if ( $response->status === 200 ) { // notify publish app $params = [ 'AppID' => $app_id ]; $response = $this->request( 'notify_app', $params ); if ( $response->status === 200 ) { $response = true; $status_data['status'] = 'active'; $status_data['activation_datetime'] = time(); // update app status if ( $network ) update_site_option( 'cookie_notice_status', $status_data ); else update_option( 'cookie_notice_status', $status_data ); } else { $status_data['status'] = 'pending'; // update app status if ( $network ) update_site_option( 'cookie_notice_status', $status_data ); else update_option( 'cookie_notice_status', $status_data ); // errors? if ( ! empty( $response->error ) ) break; // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } } } else { $status_data['status'] = 'pending'; // update app status if ( $network ) update_site_option( 'cookie_notice_status', $status_data ); else update_option( 'cookie_notice_status', $status_data ); // errors? if ( ! empty( $response->error ) ) { $response->error = $response->error; break; } // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } } break; case 'login': // check email $email = isset( $_POST['email'] ) ? is_email( $_POST['email'] ) : false; // invalid email? if ( ! $email ) { $response = [ 'error' => esc_html__( 'Email is not allowed to be empty.', 'cookie-notice' ) ]; break; } // check password $pass = ! empty( $_POST['pass'] ) ? preg_replace( '/[^\w !"#$%&\'()*\+,\-.\/:;<=>?@\[\]^\`\{\|\}\~\\\\]/', '', $_POST['pass'] ) : ''; // empty password? if ( ! $pass ) { $response = [ 'error' => esc_html__( 'Password is not allowed to be empty.', 'cookie-notice' ) ]; break; } $params = [ 'AdminID' => $email, 'Password' => $pass ]; $response = $this->request( $request, $params ); // errors? if ( ! empty( $response->error ) ) break; // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } // token in response? if ( empty( $response->data->token ) ) { $response = [ 'error' => esc_html__( 'Unexpected error occurred. Please try again later.', 'cookie-notice' ) ]; break; } // set token if ( $network ) set_site_transient( 'cookie_notice_app_token', $response->data, DAY_IN_SECONDS ); else set_transient( 'cookie_notice_app_token', $response->data, DAY_IN_SECONDS ); // get apps and check if one for the current domain already exists $response = $this->request( 'list_apps', [] ); // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } $apps_list = []; $app_exists = false; // multisite? if ( is_multisite() ) { switch_to_blog( 1 ); $site_title = get_bloginfo( 'name' ); $site_url = network_site_url(); $site_description = get_bloginfo( 'description' ); restore_current_blog(); } else { $site_title = get_bloginfo( 'name' ); $site_url = get_home_url(); $site_description = get_bloginfo( 'description' ); } // apps added, check if current one exists if ( ! empty( $response->data ) ) { $apps_list = (array) $response->data; foreach ( $apps_list as $index => $app ) { $site_without_http = trim( str_replace( [ 'http://', 'https://' ], '', $site_url ), '/' ); if ( $app->DomainUrl === $site_without_http ) { $app_exists = $app; continue; } } } // if no app, create one if ( ! $app_exists ) { // create new app $params = [ 'DomainName' => $site_title, 'DomainUrl' => $site_url, ]; if ( ! empty( $site_description ) ) $params['DomainDescription'] = $site_description; $response = $this->request( 'app_create', $params ); // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } $app_exists = $response->data; } // check if we have the valid app data if ( empty( $app_exists->AppID ) || empty( $app_exists->SecretKey ) ) { $response = [ 'error' => esc_html__( 'Unexpected error occurred. Please try again later.', 'cookie-notice' ) ]; break; } // get subscriptions $subscriptions = []; $params = [ 'AppID' => $app_exists->AppID ]; $response = $this->request( 'get_subscriptions', $params ); // errors? if ( ! empty( $response->error ) ) { $response->error = $response->error; break; } else $subscriptions = map_deep( (array) $response->data, 'sanitize_text_field' ); // set subscriptions data if ( $network ) set_site_transient( 'cookie_notice_app_subscriptions', $subscriptions, DAY_IN_SECONDS ); else set_transient( 'cookie_notice_app_subscriptions', $subscriptions, DAY_IN_SECONDS ); // update options: app ID and secret key $cn->options['general'] = wp_parse_args( [ 'app_id' => $app_exists->AppID, 'app_key' => $app_exists->SecretKey ], $cn->options['general'] ); if ( $network ) { $cn->options['general']['global_override'] = true; update_site_option( 'cookie_notice_options', $cn->options['general'] ); } else { update_option( 'cookie_notice_options', $cn->options['general'] ); } // create quick config $params = [ 'AppID' => $app_exists->AppID, 'DefaultLanguage' => 'en', 'text' => new stdClass() ]; // add privacy policy url $params['text']->privacyPolicyUrl = get_privacy_policy_url(); // add translations if needed if ( $locale_code[0] !== 'en' ) $params['Languages'] = [ $locale_code[0] ]; $response = $this->request( 'quick_config', $params ); $status_data = $cn->defaults['data']; if ( $response->status === 200 ) { // @todo notify publish app $params = [ 'AppID' => $app_exists->AppID ]; $response = $this->request( 'notify_app', $params ); if ( $response->status === 200 ) { $response = true; $status_data['status'] = 'active'; // get activation timestamp $timestamp = $cn->get_cc_activation_datetime(); // update activation timestamp only for new cookie compliance activations $status_data['activation_datetime'] = $timestamp === 0 ? time() : $timestamp; // update app status if ( $network ) update_site_option( 'cookie_notice_status', $status_data ); else update_option( 'cookie_notice_status', $status_data ); } else { $status_data['status'] = 'pending'; // update app status if ( $network ) update_site_option( 'cookie_notice_status', $status_data ); else update_option( 'cookie_notice_status', $status_data ); // errors? if ( ! empty( $response->error ) ) break; // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } } } else { $status_data['status'] = 'pending'; // update app status if ( $network ) update_site_option( 'cookie_notice_status', $status_data ); else update_option( 'cookie_notice_status', $status_data ); // errors? if ( ! empty( $response->error ) ) { $response->error = $response->error; break; } // errors? if ( ! empty( $response->message ) ) { $response->error = $response->message; break; } } // all ok, return subscriptions $response = (object) []; $response->subscriptions = $subscriptions; break; case 'configure': $fields = [ 'cn_position', 'cn_color_primary', 'cn_color_background', 'cn_color_border', 'cn_color_text', 'cn_color_heading', 'cn_color_button_text', 'cn_laws', 'cn_naming', 'cn_privacy_paper', 'cn_privacy_contact' ]; $options = []; // loop through potential config form fields foreach ( $fields as $field ) { switch ( $field ) { case 'cn_position': // sanitize position $position = isset( $_POST[$field] ) ? sanitize_key( $_POST[$field] ) : ''; // valid position? if ( in_array( $position, [ 'bottom', 'top', 'left', 'right', 'center' ], true ) ) $options['design']['position'] = $position; else $options['design']['position'] = 'bottom'; break; case 'cn_color_primary': // sanitize color $color = isset( $_POST[$field] ) ? sanitize_hex_color( $_POST[$field] ) : ''; // valid color? if ( empty( $color ) ) $options['design']['primaryColor'] = '#20c19e'; else $options['design']['primaryColor'] = $color; break; case 'cn_color_background': // sanitize color $color = isset( $_POST[$field] ) ? sanitize_hex_color( $_POST[$field] ) : ''; // valid color? if ( empty( $color ) ) $options['design']['bannerColor'] = '#ffffff'; else $options['design']['bannerColor'] = $color; break; case 'cn_color_border': // sanitize color $color = isset( $_POST[$field] ) ? sanitize_hex_color( $_POST[$field] ) : ''; // valid color? if ( empty( $color ) ) $options['design']['borderColor'] = '#5e6a74'; else $options['design']['borderColor'] = $color; break; case 'cn_color_text': // sanitize color $color = isset( $_POST[$field] ) ? sanitize_hex_color( $_POST[$field] ) : ''; // valid color? if ( empty( $color ) ) $options['design']['textColor'] = '#434f58'; else $options['design']['textColor'] = $color; break; case 'cn_color_heading': // sanitize color $color = isset( $_POST[$field] ) ? sanitize_hex_color( $_POST[$field] ) : ''; // valid color? if ( empty( $color ) ) $options['design']['headingColor'] = '#434f58'; else $options['design']['headingColor'] = $color; break; case 'cn_color_button_text': // sanitize color $color = isset( $_POST[$field] ) ? sanitize_hex_color( $_POST[$field] ) : ''; // valid color? if ( empty( $color ) ) $options['design']['btnTextColor'] = '#ffffff'; else $options['design']['btnTextColor'] = $color; break; case 'cn_laws': $new_options = []; // any data? if ( ! empty( $_POST[$field] ) && is_array( $_POST[$field] ) ) { $options['laws'] = array_map( 'sanitize_text_field', $_POST[$field] ); foreach ( $options['laws'] as $law ) { if ( in_array( $law, [ 'gdpr', 'ccpa' ], true ) ) $new_options[$law] = true; } } $options['laws'] = $new_options; // GDPR if ( array_key_exists( 'gdpr', $options['laws'] ) ) $options['config']['privacyPolicyLink'] = true; else $options['config']['privacyPolicyLink'] = false; // CCPA if ( array_key_exists( 'ccpa', $options['laws'] ) ) $options['config']['dontSellLink'] = true; else $options['config']['dontSellLink'] = false; break; case 'cn_naming': $naming = isset( $_POST[$field] ) ? (int) $_POST[$field] : 1; $naming = in_array( $naming, [ 1, 2, 3 ] ) ? $naming : 1; // english only for now $level_names = [ 1 => [ 1 => 'Silver', 2 => 'Gold', 3 => 'Platinum' ], 2 => [ 1 => 'Private', 2 => 'Balanced', 3 => 'Personalized' ], 3 => [ 1 => 'Reject All', 2 => 'Accept Some', 3 => 'Accept All' ] ]; $options['text'] = [ 'levelNameText_1' => $level_names[$naming][1], 'levelNameText_2' => $level_names[$naming][2], 'levelNameText_3' => $level_names[$naming][3] ]; break; case 'cn_privacy_paper': $options['config']['privacyPaper'] = false; // isset( $_POST[$field] ); break; case 'cn_privacy_contact': $options['config']['privacyContact'] = false; // isset( $_POST[$field] ); break; } } // set options if ( $network ) set_site_transient( 'cookie_notice_app_quick_config', $options, DAY_IN_SECONDS ); else set_transient( 'cookie_notice_app_quick_config', $options, DAY_IN_SECONDS ); break; case 'select_plan': break; } echo wp_json_encode( $response ); exit; } /** * API request. * * @param string $request The requested action. * @param array $params Parameters for the API action. * @return string|array */ private function request( $request = '', $params = [] ) { // get main instance $cn = Cookie_Notice(); // request arguments $api_args = [ 'timeout' => 60, 'sslverify' => false, 'headers' => [ 'x-api-key' => $cn->get_api_key() ] ]; // request parameters $api_params = []; // whether data should be send in json $json = false; // whether application id is required $require_app_id = false; // is it network admin area $network = $cn->is_network_admin(); // get app token data if ( $network ) $data_token = get_site_transient( 'cookie_notice_app_token' ); else $data_token = get_transient( 'cookie_notice_app_token' ); // check api token $api_token = ! empty( $data_token->token ) ? $data_token->token : ''; switch ( $request ) { case 'register': $api_url = $cn->get_url( 'account_api', '/api/account/account/registration' ); $api_args['method'] = 'POST'; break; case 'login': $api_url = $cn->get_url( 'account_api', '/api/account/account/login' ); $api_args['method'] = 'POST'; break; case 'list_apps': $api_url = $cn->get_url( 'account_api', '/api/account/app/list' ); $api_args['method'] = 'GET'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token ] ); break; case 'app_create': $api_url = $cn->get_url( 'account_api', '/api/account/app/add' ); $api_args['method'] = 'POST'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token ] ); break; case 'get_analytics': $require_app_id = true; $api_url = $cn->get_url( 'transactional_api', '/api/transactional/analytics/analytics-data' ); $api_args['method'] = 'GET'; $diff_data = $cn->settings->get_analytics_app_data(); if ( ! empty( $diff_data ) ) { $app_data = [ 'app-id' => $diff_data['id'], 'app-secret-key' => $diff_data['key'] ]; } else { $app_data = [ 'app-id' => $cn->options['general']['app_id'], 'app-secret-key' => $cn->options['general']['app_key'] ]; } $api_args['headers'] = array_merge( $api_args['headers'], $app_data ); break; case 'get_consent_logs_by_date': $require_app_id = true; $api_url = $cn->get_url( 'transactional_api', '/api/transactional/analytics/consent-logs' ); $api_args['method'] = 'POST'; break; case 'get_config': $require_app_id = true; $api_url = $cn->get_url( 'designer_api', '/api/designer/user-design-live' ); $api_args['method'] = 'GET'; break; case 'quick_config': $require_app_id = true; $json = true; $api_url = $cn->get_url( 'designer_api', '/api/designer/user-design/quick' ); $api_args['method'] = 'POST'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token, 'Content-Type' => 'application/json; charset=utf-8' ] ); break; case 'notify_app': $require_app_id = true; $json = true; $api_url = $cn->get_url( 'account_api', '/api/account/app/notifyAppPublished' ); $api_args['method'] = 'POST'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token, 'Content-Type' => 'application/json; charset=utf-8' ] ); break; // braintree init token case 'get_token': $api_url = $cn->get_url( 'account_api', '/api/account/braintree' ); $api_args['method'] = 'GET'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token ] ); break; // braintree get customer case 'get_customer': $require_app_id = true; $json = true; $api_url = $cn->get_url( 'account_api', '/api/account/braintree/findcustomer' ); $api_args['method'] = 'POST'; $api_args['data_format'] = 'body'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token, 'Content-Type' => 'application/json; charset=utf-8' ] ); break; // braintree create customer in vault case 'create_customer': $require_app_id = true; $json = true; $api_url = $cn->get_url( 'account_api', '/api/account/braintree/createcustomer' ); $api_args['method'] = 'POST'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token, 'Content-Type' => 'application/json; charset=utf-8' ] ); break; // braintree get subscriptions case 'get_subscriptions': $require_app_id = true; $json = true; $api_url = $cn->get_url( 'account_api', '/api/account/braintree/subscriptionlists' ); $api_args['method'] = 'POST'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token, 'Content-Type' => 'application/json; charset=utf-8' ] ); break; // braintree create subscription case 'create_subscription': $require_app_id = true; $json = true; $api_url = $cn->get_url( 'account_api', '/api/account/braintree/createsubscription' ); $api_args['method'] = 'POST'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token, 'Content-Type' => 'application/json; charset=utf-8' ] ); break; // braintree assign subscription case 'assign_subscription': $require_app_id = true; $json = true; $api_url = $cn->get_url( 'account_api', '/api/account/braintree/assignsubscription' ); $api_args['method'] = 'POST'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token, 'Content-Type' => 'application/json; charset=utf-8' ] ); break; // braintree create payment method case 'create_payment_method': $require_app_id = true; $json = true; $api_url = $cn->get_url( 'account_api', '/api/account/braintree/createpaymentmethod' ); $api_args['method'] = 'POST'; $api_args['headers'] = array_merge( $api_args['headers'], [ 'Authorization' => 'Bearer ' . $api_token, 'Content-Type' => 'application/json; charset=utf-8' ] ); break; } // check if app id is required to avoid unneeded requests if ( $require_app_id ) { $empty_app_id = false; // check app id if ( array_key_exists( 'AppID', $params ) && is_string( $params['AppID'] ) ) { $app_id = trim( $params['AppID'] ); // empty app id? if ( $app_id === '' ) $empty_app_id = true; } else $empty_app_id = true; if ( $empty_app_id ) return [ 'error' => esc_html__( '"AppID" is not allowed to be empty.', 'cookie-notice' ) ]; } if ( ! empty( $params ) && is_array( $params ) ) { foreach ( $params as $key => $param ) { if ( is_object( $param ) ) $api_params[$key] = $param; elseif ( is_array( $param ) ) $api_params[$key] = array_map( 'sanitize_text_field', $param ); elseif ( $key === 'Password' && ( $request === 'register' || $request === 'login' ) ) $api_params[$key] = preg_replace( '/[^\w !"#$%&\'()*\+,\-.\/:;<=>?@\[\]^\`\{\|\}\~\\\\]/', '', $param ); else $api_params[$key] = sanitize_text_field( $param ); } if ( $json ) $api_args['body'] = wp_json_encode( $api_params ); else $api_args['body'] = $api_params; } $response = wp_remote_request( $api_url, $api_args ); if ( is_wp_error( $response ) ) $result = [ 'error' => $response->get_error_message() ]; else { $content_type = wp_remote_retrieve_header( $response, 'Content-Type' ); // html response, means error if ( $content_type == 'text/html' ) $result = [ 'error' => esc_html__( 'Unexpected error occurred. Please try again later.', 'cookie-notice' ) ]; else { $result = wp_remote_retrieve_body( $response ); // detect json or array $result = is_array( $result ) ? $result : json_decode( $result ); } } return $result; } /** * Check whether WP Cron needs to add new task. * * @return void */ public function check_cron() { // get main instance $cn = Cookie_Notice(); if ( is_multisite() && $cn->is_plugin_network_active() && $cn->network_options['global_override'] ) { $app_id = $cn->network_options['app_id']; $app_key = $cn->network_options['app_key']; } else { $app_id = $cn->options['general']['app_id']; $app_key = $cn->options['general']['app_key']; } // compliance active only if ( $app_id !== '' && $app_key !== '' ) { if ( $cn->get_status() === 'active' ) $recurrence = 'daily'; else $recurrence = 'hourly'; // set schedule if needed if ( ! wp_next_scheduled( 'cookie_notice_get_app_analytics' ) ) wp_schedule_event( time(), 'hourly', 'cookie_notice_get_app_analytics' ); // set schedule if needed if ( ! wp_next_scheduled( 'cookie_notice_get_app_config' ) ) wp_schedule_event( time(), $recurrence, 'cookie_notice_get_app_config' ); } else { // remove schedule if needed if ( wp_next_scheduled( 'cookie_notice_get_app_analytics' ) ) wp_clear_scheduled_hook( 'cookie_notice_get_app_analytics' ); // remove schedule if needed if ( wp_next_scheduled( 'cookie_notice_get_app_config' ) ) wp_clear_scheduled_hook( 'cookie_notice_get_app_config' ); } } /** * Get consent logs. * * @param string $date * @return string|array */ public function get_consent_logs_by_date( $date ) { // get main instance $cn = Cookie_Notice(); // get consent logs for specific date $result = $this->request( 'get_consent_logs_by_date', [ 'AppID' => $cn->options['general']['app_id'], 'AppSecretKey' => $cn->options['general']['app_key'], 'Date' => $date ] ); // message? if ( ! empty( $result->message ) ) $result = $result->message; // error? elseif ( ! empty( $result->error ) ) $result = $result->error; // valid data? elseif ( ! empty( $result->data ) ) $result = $result->data; else $result = []; return $result; } /** * Get app analytics. * * @param string $app_id * @param bool $force_update * @param bool $force_action * @return void */ public function get_app_analytics( $app_id = '', $force_update = false, $force_action = true ) { // get main instance $cn = Cookie_Notice(); $allow_one_cron_per_hour = false; if ( is_multisite() && $cn->is_plugin_network_active() && $cn->network_options['global_override'] ) { if ( empty( $app_id ) ) $app_id = $cn->network_options['app_id']; $network = true; $allow_one_cron_per_hour = true; } else { if ( empty( $app_id ) ) $app_id = $cn->options['general']['app_id']; $network = false; } // in global override mode allow only one cron per hour if ( $allow_one_cron_per_hour && ! $force_update ) { $analytics = get_site_option( 'cookie_notice_app_analytics', [] ); // analytics data? if ( ! empty( $analytics ) ) { $updated = strtotime( $analytics['lastUpdated'] ); // last updated less than an hour? if ( $updated !== false && current_time( 'timestamp', true ) - $updated < 3600 ) return; } } $response = $this->request( 'get_analytics', [ 'AppID' => $app_id ] ); // get analytics if ( ! empty( $response->data ) ) { $result = map_deep( (array) $response->data, 'sanitize_text_field' ); // add time updated $result['lastUpdated'] = date( 'Y-m-d H:i:s', current_time( 'timestamp', true ) ); // get default status data $status_data = $cn->defaults['data']; // update status $status_data['status'] = $cn->get_status(); // update subscription $status_data['subscription'] = $cn->get_subscription(); // update activation timestamp $status_data['activation_datetime'] = $cn->get_cc_activation_datetime(); if ( $status_data['status'] === 'active' && $status_data['subscription'] === 'basic' ) { $threshold = ! empty( $result['cycleUsage']->threshold ) ? (int) $result['cycleUsage']->threshold : 0; $visits = ! empty( $result['cycleUsage']->visits ) ? (int) $result['cycleUsage']->visits : 0; if ( $visits >= $threshold && $threshold > 0 ) $status_data['threshold_exceeded'] = true; } if ( $network ) { update_site_option( 'cookie_notice_app_analytics', $result ); update_site_option( 'cookie_notice_status', $status_data ); } else { update_option( 'cookie_notice_app_analytics', $result, false ); update_option( 'cookie_notice_status', $status_data, false ); } // update status data $cn->set_status_data(); if ( $force_action ) do_action( 'cn_configuration_updated', 'analytics' ); } } /** * Get app config. * * @param string $app_id * @param bool $force_update * @param bool $force_action * @return void|array */ public function get_app_config( $app_id = '', $force_update = false, $force_action = true ) { // get main instance $cn = Cookie_Notice(); $allow_one_cron_per_hour = false; if ( is_multisite() && $cn->is_plugin_network_active() && $cn->network_options['global_override'] ) { if ( empty( $app_id ) ) $app_id = $cn->network_options['app_id']; $network = true; $allow_one_cron_per_hour = true; } else { if ( empty( $app_id ) ) $app_id = $cn->options['general']['app_id']; $network = false; } // in global override mode allow only one cron per hour if ( $allow_one_cron_per_hour && ! $force_update ) { $blocking = get_site_option( 'cookie_notice_app_blocking', [] ); // analytics data? if ( ! empty( $blocking ) ) { $updated = strtotime( $blocking['lastUpdated'] ); // last updated less than an hour? if ( $updated !== false && current_time( 'timestamp', true ) - $updated < 3600 ) return; } } // get config $response = $this->request( 'get_config', [ 'AppID' => $app_id ] ); // get status data $status_data = $cn->defaults['data']; // get config if ( ! empty( $response->data ) ) { // sanitize data $result_raw = map_deep( (array) $response->data, 'sanitize_text_field' ); // set status $status_data['status'] = 'active'; // get activation timestamp $timestamp = $cn->get_cc_activation_datetime(); // update activation timestamp only for new cookie compliance activations $status_data['activation_datetime'] = $timestamp === 0 ? time() : $timestamp; // check subscription if ( ! empty( $result_raw['SubscriptionType'] ) ) $status_data['subscription'] = $cn->check_subscription( strtolower( $result_raw['SubscriptionType'] ) ); if ( $status_data['subscription'] === 'basic' ) { // get analytics data options if ( $network ) $analytics = get_site_option( 'cookie_notice_app_analytics', [] ); else $analytics = get_option( 'cookie_notice_app_analytics', [] ); if ( ! empty( $analytics ) ) { $threshold = ! empty( $analytics['cycleUsage']->threshold ) ? (int) $analytics['cycleUsage']->threshold : 0; $visits = ! empty( $analytics['cycleUsage']->visits ) ? (int) $analytics['cycleUsage']->visits : 0; if ( $visits >= $threshold && $threshold > 0 ) $status_data['threshold_exceeded'] = true; } } // process blocking data $result = [ 'categories' => ! empty( $result_raw['DefaultCategoryJSON'] ) && is_array( $result_raw['DefaultCategoryJSON'] ) ? $result_raw['DefaultCategoryJSON'] : [], 'providers' => ! empty( $result_raw['DefaultProviderJSON'] ) && is_array( $result_raw['DefaultProviderJSON'] ) ? $result_raw['DefaultProviderJSON'] : [], 'patterns' => ! empty( $result_raw['DefaultCookieJSON'] ) && is_array( $result_raw['DefaultCookieJSON'] ) ? $result_raw['DefaultCookieJSON'] : [], 'google_consent_default' => [], 'lastUpdated' => date( 'Y-m-d H:i:s', current_time( 'timestamp', true ) ) ]; if ( ! empty( $result_raw['BannerConfigJSON'] ) && is_object( $result_raw['BannerConfigJSON'] ) ) { $gcm = isset( $result_raw['BannerConfigJSON']->googleConsentMode ) ? (int) $result_raw['BannerConfigJSON']->googleConsentMode : 0; // is google consent mode enabled? if ( $gcm === 1 ) { $result['google_consent_default']['ad_storage'] = isset( $result_raw['BannerConfigJSON']->googleConsentMapAdStorage ) ? (int) $result_raw['BannerConfigJSON']->googleConsentMapAdStorage : 4; $result['google_consent_default']['analytics_storage'] = isset( $result_raw['BannerConfigJSON']->googleConsentMapAnalytics ) ? (int) $result_raw['BannerConfigJSON']->googleConsentMapAnalytics : 3; $result['google_consent_default']['functionality_storage'] = isset( $result_raw['BannerConfigJSON']->googleConsentMapFunctionality ) ? (int) $result_raw['BannerConfigJSON']->googleConsentMapFunctionality : 2; $result['google_consent_default']['personalization_storage'] = isset( $result_raw['BannerConfigJSON']->googleConsentMapPersonalization ) ? (int) $result_raw['BannerConfigJSON']->googleConsentMapPersonalization : 2; $result['google_consent_default']['security_storage'] = isset( $result_raw['BannerConfigJSON']->googleConsentMapSecurity ) ? (int) $result_raw['BannerConfigJSON']->googleConsentMapSecurity : 2; $result['google_consent_default']['ad_personalization'] = isset( $result_raw['BannerConfigJSON']->googleConsentMapAdPersonalization ) ? (int) $result_raw['BannerConfigJSON']->googleConsentMapAdPersonalization : 4; $result['google_consent_default']['ad_user_data'] = isset( $result_raw['BannerConfigJSON']->googleConsentMapAdUserData ) ? (int) $result_raw['BannerConfigJSON']->googleConsentMapAdUserData : 4; } } if ( $network ) update_site_option( 'cookie_notice_app_blocking', $result ); else update_option( 'cookie_notice_app_blocking', $result, false ); } else { if ( ! empty( $response->error ) ) { if ( $response->error == 'App is not puplised yet' ) $status_data['status'] = 'pending'; else $status_data['status'] = ''; } } if ( $network ) update_site_option( 'cookie_notice_status', $status_data ); else update_option( 'cookie_notice_status', $status_data, false ); // update status data $cn->set_status_data(); if ( $force_action ) do_action( 'cn_configuration_updated', 'config' ); return $status_data; } }