Changeset 2113409

custom-404-pro/trunk/README.md

r2087394	r2113409
5	5	Override the default 404 page with any page from the Admin Panel or a Custom URL.
6	6
7		UPDATE: In version 3.2.2 and above, we've added the ability to migrate your old logs to the new logging system. It's highly recommended as you'll get immense performance benefits in the WP Dashboard. Once you've migrated your logs to the new system, you should use the Reset tab and make sure that they're completely gone from your WP Install.
	7	UPDATE [June 26, 2019]: This plugin is currently taken off the [WordPress plugin repository](https://wordpress.org/plugins/custom-404-pro/) due to a few security loopholes. I am currently working on the highest priority to fix them and work with the WordPress Plugin team to get it back up. I apologize for any inconvenience caused to all of you and I appreciate your understanding in this matter. Thanks!
8	8
9	9	As always, if you do like the plugin, please take a minute and give it a rating. Thanks!

custom-404-pro/trunk/admin/AdminClass.php

-                      r2112484
+                      r2113409
     public function create_menu() {
+        add_menu_page( 'Custom 404 Pro', 'Custom 404 Pro', 'manage_options', 'c4p-main', array( $this, 'page_logs' ), 'dashicons-chart-bar' );
+        add_submenu_page( 'c4p-main', 'Logs', 'Logs', 'manage_options', 'c4p-main', array( $this, 'page_logs' ) );
+        add_submenu_page( 'c4p-main', 'Settings', 'Settings', 'manage_options', 'c4p-settings', array( $this, 'page_settings' ) );
+        add_submenu_page( 'c4p-main', 'Migrate', 'Migrate', 'manage_options', 'c4p-migrate', array( $this, 'page_migrate' ) );
+        add_submenu_page( 'c4p-main', 'Reset', 'Reset', 'manage_options', 'c4p-reset', array( $this, 'page_reset' ) );
+        add_submenu_page( 'c4p-main', 'About', 'About', 'manage_options', 'c4p-about', array( $this, 'page_about' ) );
+        if(current_user_can('administrator')) {
+            add_menu_page( 'Custom 404 Pro', 'Custom 404 Pro', 'manage_options', 'c4p-main', array( $this, 'page_logs' ), 'dashicons-chart-bar' );
+            add_submenu_page( 'c4p-main', 'Logs', 'Logs', 'manage_options', 'c4p-main', array( $this, 'page_logs' ) );
+            add_submenu_page( 'c4p-main', 'Settings', 'Settings', 'manage_options', 'c4p-settings', array( $this, 'page_settings' ) );
+            add_submenu_page( 'c4p-main', 'Migrate', 'Migrate', 'manage_options', 'c4p-migrate', array( $this, 'page_migrate' ) );
+            add_submenu_page( 'c4p-main', 'Reset', 'Reset', 'manage_options', 'c4p-reset', array( $this, 'page_reset' ) );
+            add_submenu_page( 'c4p-main', 'About', 'About', 'manage_options', 'c4p-about', array( $this, 'page_about' ) );
+        }
+    }
 …
     public function enqueue_styles() {
+        if ( array_key_exists( 'page', $_REQUEST ) ) {
+            $request = esc_html($_REQUEST['page']);
+            if ( $request === 'c4p-settings' || $request === 'c4p-main' || $request === 'c4p-about' ) {
+                wp_enqueue_style( 'custom-404-pro-admin-css', plugin_dir_url( __FILE__ ) . 'css/custom-404-pro-admin.css', array(), '3.2.0' );
+        if(current_user_can('administrator')) {
+            if ( array_key_exists( 'page', $_REQUEST ) ) {
+                $request = sanitize_text_field($_REQUEST['page']);
+                if ( $request === 'c4p-settings' || $request === 'c4p-main' || $request === 'c4p-about' ) {
+                    wp_enqueue_style( 'custom-404-pro-admin-css', plugin_dir_url( __FILE__ ) . 'css/custom-404-pro-admin.css', array(), '3.2.0' );
+                }
+            }
+        }
 …
     public function enqueue_scripts() {
+        if ( array_key_exists( 'page', $_REQUEST ) ) {
+            $request = esc_html($_REQUEST['page']);
+            if ( $request === 'c4p-settings' || $request === 'c4p-main' ) {
+                wp_enqueue_script( 'custom-404-pro-admin-js', plugin_dir_url( __FILE__ ) . 'js/custom-404-pro-admin.js', array( 'jquery' ), '3.2.0', false );
+        if(current_user_can('administrator')) {
+            if ( array_key_exists( 'page', $_REQUEST ) ) {
+                $request = sanitize_text_field($_REQUEST['page']);
+                if ( $request === 'c4p-settings' || $request === 'c4p-main' ) {
+                    wp_enqueue_script( 'custom-404-pro-admin-js', plugin_dir_url( __FILE__ ) . 'js/custom-404-pro-admin.js', array( 'jquery' ), '3.2.0', false );
+                }
+            }
+        }
 …
         $messageType = 'success';
         $html        = '';
+        if ( array_key_exists( 'c4pmessage', $_REQUEST ) ) {
+            $message = urldecode( esc_html($_REQUEST['c4pmessage']) );
+            if ( array_key_exists( 'c4pmessageType', $_REQUEST ) ) {
+                $messageType = esc_html($_REQUEST['c4pmessageType']);
+            }
+            $html .= '<div class="notice notice-' . $messageType . ' is-dismissible">';
+            $html .= '<p>' . $message . '</p>';
+            $html .= '</div>';
+            echo $html;
+        if(current_user_can('administrator')) {
+            if ( array_key_exists( 'c4pmessage', $_REQUEST ) ) {
+                $message = urldecode( sanitize_text_field($_REQUEST['c4pmessage']) );
+                if ( array_key_exists( 'c4pmessageType', $_REQUEST ) ) {
+                    $messageType = sanitize_text_field($_REQUEST['c4pmessageType']);
+                }
+                $html .= '<div class="notice notice-' . $messageType . ' is-dismissible">';
+                $html .= '<p>' . $message . '</p>';
+                $html .= '</div>';
+                echo $html;
+            }
+        }
+    }
 …
     public function form_settings_global_redirect() {
         global $wpdb;
+        $mode = $_POST['mode'];
+        $page = $_POST['mode_page'];
+        $url  = $_POST['mode_url'];
+        self::update_mode( $mode, $page, $url );
+        $message = urlencode( 'Saved!' );
+        wp_redirect( admin_url( 'admin.php?page=c4p-settings&tab=global-redirect&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+        if(wp_verify_nonce($_POST['form-settings-global-redirect'], 'form-settings-global-redirect') && check_admin_referer("form-settings-global-redirect", "form-settings-global-redirect") && current_user_can('administrator')) {
+            $mode = sanitize_text_field($_POST['mode']);
+            $page = sanitize_text_field($_POST['mode_page']);
+            $url  = sanitize_text_field($_POST['mode_url']);
+            self::update_mode( $mode, $page, $url );
+            $message = urlencode( 'Saved!' );
+            wp_redirect( admin_url( 'admin.php?page=c4p-settings&tab=global-redirect&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+        }
+    }
     public function form_settings_general() {
         global $wpdb;
+        if ( isset( $_POST['send_email'] ) && $_POST['send_email'] === 'on' ) {
+            $field_send_email = true;
+        } else {
+            $field_send_email = false;
+        }
+        if ( isset( $_POST['logging_enabled'] ) && $_POST['logging_enabled'] === 'enabled' ) {
+            $field_logging_enabled = true;
+        } else {
+            $field_logging_enabled = false;
+        }
+        if ( isset( $_POST['log_ip'] ) && $_POST['log_ip'] === 'on' ) {
+            $field_log_ip = true;
+        } else {
+            $field_log_ip = false;
+        }
+        $field_redirect_error_code = $_POST['redirect_error_code'];
+        $this->helpers->update_option( 'send_email', $field_send_email );
+        $this->helpers->update_option( 'logging_enabled', $field_logging_enabled );
+        $this->helpers->update_option( 'redirect_error_code', $field_redirect_error_code );
+        // New options
+        $this->helpers->upsert_option( 'log_ip', $field_log_ip );
+        $message = urlencode( 'Saved!' );
+        wp_redirect( admin_url( 'admin.php?page=c4p-settings&tab=general&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+        if(wp_verify_nonce($_POST['form-settings-general'], 'form-settings-general') && check_admin_referer("form-settings-general", "form-settings-general") && current_user_can('administrator')) {
+            $send_email = sanitize_text_field($_POST['send_email']);
+            $logging_enabled = sanitize_text_field($_POST['logging_enabled']);
+            $log_ip = sanitize_text_field($_POST['log_ip']);
+            $field_redirect_error_code = sanitize_text_field($_POST['redirect_error_code']);
+            if ( isset( $send_email ) && $send_email === 'on' ) {
+                $field_send_email = true;
+            } else {
+                $field_send_email = false;
+            }
+            if ( isset( $logging_enabled ) && $logging_enabled === 'enabled' ) {
+                $field_logging_enabled = true;
+            } else {
+                $field_logging_enabled = false;
+            }
+            if ( isset( $log_ip ) && $log_ip === 'on' ) {
+                $field_log_ip = true;
+            } else {
+                $field_log_ip = false;
+            }
+            $this->helpers->update_option( 'send_email', $field_send_email );
+            $this->helpers->update_option( 'logging_enabled', $field_logging_enabled );
+            $this->helpers->update_option( 'redirect_error_code', $field_redirect_error_code );
+            // New options
+            $this->helpers->upsert_option( 'log_ip', $field_log_ip );
+            $message = urlencode( 'Saved!' );
+            wp_redirect( admin_url( 'admin.php?page=c4p-settings&tab=general&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+        }
+    }
     public function custom_404_pro_admin_init() {
         global $wpdb;
+        if ( array_key_exists( 'action', $_REQUEST ) ) {
+            $action = esc_html($_REQUEST['action']);
+            if ( $action === 'c4p-logs--delete' ) {
+                if ( array_key_exists( 'path', $_REQUEST ) ) {
+                    $this->helpers->delete_logs( esc_html($_REQUEST['path']) );
+                    $message = urlencode( 'Log(s) successfully deleted!' );
+        if(current_user_can('administrator')) {
+            if ( array_key_exists( 'action', $_REQUEST ) ) {
+                $action = sanitize_text_field($_REQUEST['action']);
+                if ( $action === 'c4p-logs--delete' ) {
+                    if ( array_key_exists( 'path', $_REQUEST ) ) {
+                        $this->helpers->delete_logs( sanitize_text_field($_REQUEST['path']) );
+                        $message = urlencode( 'Log(s) successfully deleted!' );
+                        wp_redirect( admin_url( 'admin.php?page=c4p-main&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+                    } else {
+                        $message = urlencode( 'Please select a few logs to delete and try again.' );
+                        wp_redirect( admin_url( 'admin.php?page=c4p-main&c4pmessage=' . $message . '&c4pmessageType=warning' ) );
+                    }
+                } elseif ( $action === 'c4p-logs--delete-all' ) {
+                    $this->helpers->delete_logs( 'all' );
+                    $message = urlencode( 'All Logs successfully deleted!' );
                     wp_redirect( admin_url( 'admin.php?page=c4p-main&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+                } elseif ( $action === 'c4p-logs--export-csv' ) {
+                    $this->helpers->export_logs_csv();
+                }
+            }
+        }
+    }
+    public function custom_404_pro_redirect() {
+        global $wpdb;
+        if(current_user_can('administrator')) {
+            if ( is_404() ) {
+                $sql                     = 'SELECT * FROM ' . $this->helpers->table_options;
+                $sql_result              = $wpdb->get_results( $sql );
+                $row_mode                = $sql_result[0];
+                $row_mode_page           = $sql_result[1];
+                $row_mode_url            = $sql_result[2];
+                $row_send_email          = $sql_result[3];
+                $row_logging_enabled     = $sql_result[4];
+                $row_redirect_error_code = $sql_result[5];
+                if ( $row_logging_enabled->value ) {
+                    self::custom_404_pro_log( $row_send_email->value );
+                }
+                if ( $row_mode->value === 'page' ) {
+                    $page = get_post( $row_mode_page->value );
+                    wp_redirect( $page->guid, $row_redirect_error_code->value );
+                } elseif ( $row_mode->value === 'url' ) {
+                    wp_redirect( $row_mode_url->value, $row_redirect_error_code->value );
+                }
+            }
+        }
+    }
+    private function custom_404_pro_log( $is_email ) {
+        global $wpdb;
+        if(current_user_can('administrator')) {
+            if ( ! $this->helpers->is_option( 'log_ip' ) ) {
+                $this->helpers->insert_option( 'log_ip', true );
+            }
+            if ( empty( $this->helpers->get_option( 'log_ip' ) ) ) {
+                $ip = 'N/A';
+            } else {
+                if ( ! empty( $_SERVER['HTTP_CLIENT_IP'] ) ) {
+                    $ip = $_SERVER['HTTP_CLIENT_IP'];
+                } elseif ( ! empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
+                    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
                 } else {
+                    $message = urlencode( 'Please select a few logs to delete and try again.' );
+                    wp_redirect( admin_url( 'admin.php?page=c4p-main&c4pmessage=' . $message . '&c4pmessageType=warning' ) );
+                }
+            } elseif ( $action === 'c4p-logs--delete-all' ) {
+                $this->helpers->delete_logs( 'all' );
+                $message = urlencode( 'All Logs successfully deleted!' );
+                wp_redirect( admin_url( 'admin.php?page=c4p-main&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+            } elseif ( $action === 'c4p-logs--export-csv' ) {
+                $this->helpers->export_logs_csv();
+            }
+        }
+    }
+    public function custom_404_pro_redirect() {
+        global $wpdb;
+        if ( is_404() ) {
+            $sql                     = 'SELECT * FROM ' . $this->helpers->table_options;
+            $sql_result              = $wpdb->get_results( $sql );
+            $row_mode                = $sql_result[0];
+            $row_mode_page           = $sql_result[1];
+            $row_mode_url            = $sql_result[2];
+            $row_send_email          = $sql_result[3];
+            $row_logging_enabled     = $sql_result[4];
+            $row_redirect_error_code = $sql_result[5];
+            if ( $row_logging_enabled->value ) {
+                self::custom_404_pro_log( $row_send_email->value );
+            }
+            if ( $row_mode->value === 'page' ) {
+                $page = get_post( $row_mode_page->value );
+                wp_redirect( $page->guid, $row_redirect_error_code->value );
+            } elseif ( $row_mode->value === 'url' ) {
+                wp_redirect( $row_mode_url->value, $row_redirect_error_code->value );
+            }
+        }
+    }
+    private function custom_404_pro_log( $is_email ) {
+        global $wpdb;
+        if ( ! $this->helpers->is_option( 'log_ip' ) ) {
+            $this->helpers->insert_option( 'log_ip', true );
+        }
+        if ( empty( $this->helpers->get_option( 'log_ip' ) ) ) {
+            $ip = 'N/A';
+        } else {
+            if ( ! empty( $_SERVER['HTTP_CLIENT_IP'] ) ) {
+                $ip = $_SERVER['HTTP_CLIENT_IP'];
+            } elseif ( ! empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
+                $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+            } else {
+                $ip = $_SERVER['REMOTE_ADDR'];
+            }
+        }
+        $path    = $_SERVER['REQUEST_URI'];
+        $referer = '';
+        if ( array_key_exists( 'HTTP_REFERER', $_SERVER ) ) {
+            $referer = $_SERVER['HTTP_REFERER'];
+        }
+        $user_agent = $_SERVER['HTTP_USER_AGENT'];
+        $sql_save   = 'INSERT INTO ' . $this->helpers->table_logs . " (ip, path, referer, user_agent) VALUES ('$ip', '$path', '$referer', '$user_agent')";
+        $wpdb->query( $sql_save );
+        if ( ! empty( $is_email ) ) {
+            self::custom_404_pro_send_mail( $ip, $path, $referer, $user_agent );
+                    $ip = $_SERVER['REMOTE_ADDR'];
+                }
+            }
+            $path    = $_SERVER['REQUEST_URI'];
+            $referer = '';
+            if ( array_key_exists( 'HTTP_REFERER', $_SERVER ) ) {
+                $referer = $_SERVER['HTTP_REFERER'];
+            }
+            $user_agent = $_SERVER['HTTP_USER_AGENT'];
+            $sql_save   = 'INSERT INTO ' . $this->helpers->table_logs . " (ip, path, referer, user_agent) VALUES ('$ip', '$path', '$referer', '$user_agent')";
+            $wpdb->query( $sql_save );
+            if ( ! empty( $is_email ) ) {
+                self::custom_404_pro_send_mail( $ip, $path, $referer, $user_agent );
+            }
+        }
+    }
     private function custom_404_pro_send_mail( $ip, $path, $referer, $user_agent ) {
+        $admin_email = get_option( 'admin_email' );
+        if ( is_multisite() ) {
+            global $blog_id;
+            $current_blog_details = get_blog_details( array( 'blog_id' => $blog_id ) );
+            $current_site_name    = $current_blog_details->blogname;
+        } else {
+            $current_site_name = get_bloginfo( 'name' );
+        }
+        $headers[] = 'From: Site Admin <' . $admin_email . '>' . "\r\n";
+        $headers[] = 'Content-Type: text/html; charset=UTF-8';
+        $message   = '<p>Here are the 404 Log Details:</p>';
+        $message  .= '<table>';
+        $message  .= '<tr>';
+        $message  .= '<th>Site</th>';
+        $message  .= '<td>' . $current_site_name . '</td>';
+        $message  .= '</tr>';
+        $message  .= '<tr>';
+        $message  .= '<th>User IP</th>';
+        $message  .= '<td>' . $ip . '</td>';
+        $message  .= '</tr>';
+        $message  .= '<tr>';
+        $message  .= '<th>404 Path</th>';
+        $message  .= '<td>' . $path . '</td>';
+        $message  .= '</tr>';
+        $message  .= '<tr>';
+        $message  .= '<th>Referer</th>';
+        $message  .= '<td>' . $referer . '</td>';
+        $message  .= '</tr>';
+        $message  .= '<tr>';
+        $message  .= '<th>User Agent</th>';
+        $message  .= '<td>' . $user_agent . '</td>';
+        $message  .= '</tr>';
+        $message  .= '</table>';
+        $is_sent   = wp_mail(
+            $admin_email,
+            '404 Error on Site',
+            $message,
+            $headers
+        );
+        if(current_user_can('administrator')) {
+            $admin_email = get_option( 'admin_email' );
+            if ( is_multisite() ) {
+                global $blog_id;
+                $current_blog_details = get_blog_details( array( 'blog_id' => $blog_id ) );
+                $current_site_name    = $current_blog_details->blogname;
+            } else {
+                $current_site_name = get_bloginfo( 'name' );
+            }
+            $headers[] = 'From: Site Admin <' . $admin_email . '>' . "\r\n";
+            $headers[] = 'Content-Type: text/html; charset=UTF-8';
+            $message   = '<p>Here are the 404 Log Details:</p>';
+            $message  .= '<table>';
+            $message  .= '<tr>';
+            $message  .= '<th>Site</th>';
+            $message  .= '<td>' . $current_site_name . '</td>';
+            $message  .= '</tr>';
+            $message  .= '<tr>';
+            $message  .= '<th>User IP</th>';
+            $message  .= '<td>' . $ip . '</td>';
+            $message  .= '</tr>';
+            $message  .= '<tr>';
+            $message  .= '<th>404 Path</th>';
+            $message  .= '<td>' . $path . '</td>';
+            $message  .= '</tr>';
+            $message  .= '<tr>';
+            $message  .= '<th>Referer</th>';
+            $message  .= '<td>' . $referer . '</td>';
+            $message  .= '</tr>';
+            $message  .= '<tr>';
+            $message  .= '<th>User Agent</th>';
+            $message  .= '<td>' . $user_agent . '</td>';
+            $message  .= '</tr>';
+            $message  .= '</table>';
+            $is_sent   = wp_mail(
+                $admin_email,
+                '404 Error on Site',
+                $message,
+                $headers
+            );
+        }
+    }
     private function update_mode( $mode, $page, $url ) {
         global $wpdb;
+        $mode_val      = '';
+        $mode_page_val = '';
+        $mode_url_val  = '';
+        switch ( $mode ) {
+            case 'page':
+                $mode_val      = 'page';
+                $mode_page_val = $page;
+                $mode_url_val  = '';
+                break;
+            case 'url':
+                $mode_val      = 'url';
+                $mode_page_val = '';
+                $mode_url_val  = $url;
+                break;
+            case '':
+                $mode_val      = '';
+                $mode_page_val = '';
+                $mode_url_val  = '';
+                break;
+        }
+        $this->helpers->update_option( 'mode', $mode_val );
+        $this->helpers->update_option( 'mode_page', $mode_page_val );
+        $this->helpers->update_option( 'mode_url', $mode_url_val );
+        if(current_user_can('administrator')) {
+            $mode_val      = '';
+            $mode_page_val = '';
+            $mode_url_val  = '';
+            switch ( $mode ) {
+                case 'page':
+                    $mode_val      = 'page';
+                    $mode_page_val = $page;
+                    $mode_url_val  = '';
+                    break;
+                case 'url':
+                    $mode_val      = 'url';
+                    $mode_page_val = '';
+                    $mode_url_val  = $url;
+                    break;
+                case '':
+                    $mode_val      = '';
+                    $mode_page_val = '';
+                    $mode_url_val  = '';
+                    break;
+            }
+            $this->helpers->update_option( 'mode', $mode_val );
+            $this->helpers->update_option( 'mode_page', $mode_page_val );
+            $this->helpers->update_option( 'mode_url', $mode_url_val );
+        }
+    }
 …
         global $wpdb;
         $logsData = [];
+        $old_logs = get_posts(
+            [
+                'numberposts' => 500,
+                'post_status' => 'publish',
+                'post_type'   => 'c4p_log',
+            ]
+        );
+        foreach ( $old_logs as $log ) {
+            $temp             = new stdClass();
+            $temp->id         = $log->ID;
+            $temp->ip         = get_post_meta( $log->ID, 'c4p_log_ip', true );
+            $temp->path       = get_post_meta( $log->ID, 'c4p_log_404_path', true );
+            $temp->referer    = get_post_meta( $log->ID, 'c4p_log_referer', true );
+            $temp->user_agent = get_post_meta( $log->ID, 'c4p_log_user_agent', true );
+            array_push( $logsData, $temp );
+        }
+        $this->helpers->create_logs( $logsData, true );
+        $message = urlencode( 'Older log(s) before 3.0.0 have been migrated successfully. You might need to repeat this process if there are some left.' );
+        wp_redirect( admin_url( 'admin.php?page=c4p-migrate&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+        if(wp_verify_nonce($_POST['form-migrate'], 'form-migrate') && check_admin_referer("form-migrate", "form-migrate") && current_user_can('administrator')) {
+            $old_logs = get_posts(
+                [
+                    'numberposts' => 500,
+                    'post_status' => 'publish',
+                    'post_type'   => 'c4p_log',
+                ]
+            );
+            foreach ( $old_logs as $log ) {
+                $temp             = new stdClass();
+                $temp->id         = $log->ID;
+                $temp->ip         = get_post_meta( $log->ID, 'c4p_log_ip', true );
+                $temp->path       = get_post_meta( $log->ID, 'c4p_log_404_path', true );
+                $temp->referer    = get_post_meta( $log->ID, 'c4p_log_referer', true );
+                $temp->user_agent = get_post_meta( $log->ID, 'c4p_log_user_agent', true );
+                array_push( $logsData, $temp );
+            }
+            $this->helpers->create_logs( $logsData, true );
+            $message = urlencode( 'Older log(s) before 3.0.0 have been migrated successfully. You might need to repeat this process if there are some left.' );
+            wp_redirect( admin_url( 'admin.php?page=c4p-migrate&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+        }
+    }
     public function form_reset() {
         global $wpdb;
+        $table_wp_posts              = $wpdb->prefix . 'wp_posts';
+        $table_wp_postmeta           = $wpdb->prefix . 'wp_postmeta';
+        $table_wp_term_relationships = $wpdb->prefix . 'wp_term_relationships';
+        $sql1                        = 'DELETE FROM ' . $table_wp_posts . " WHERE post_type='c4p_log'";
+        $sql2                        = 'DELETE FROM ' . $table_wp_postmeta . ' WHERE post_id NOT IN (SELECT id FROM wp_posts)';
+        $sql3                        = 'DELETE FROM ' . $table_wp_term_relationships . ' WHERE object_id NOT IN (SELECT id FROM wp_posts)';
+        $wpdb->query( $sql1 );
+        $wpdb->query( $sql2 );
+        $wpdb->query( $sql3 );
+        $message = urlencode( 'Older logs before 3.0.0 have been deleted successfully!' );
+        wp_redirect( admin_url( 'admin.php?page=c4p-reset&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+        if(wp_verify_nonce($_POST['form-reset'], 'form-reset') && check_admin_referer("form-reset", "form-reset") && current_user_can('administrator')) {
+            $table_wp_posts              = $wpdb->prefix . 'wp_posts';
+            $table_wp_postmeta           = $wpdb->prefix . 'wp_postmeta';
+            $table_wp_term_relationships = $wpdb->prefix . 'wp_term_relationships';
+            $sql1                        = 'DELETE FROM ' . $table_wp_posts . " WHERE post_type='c4p_log'";
+            $sql2                        = 'DELETE FROM ' . $table_wp_postmeta . ' WHERE post_id NOT IN (SELECT id FROM wp_posts)';
+            $sql3                        = 'DELETE FROM ' . $table_wp_term_relationships . ' WHERE object_id NOT IN (SELECT id FROM wp_posts)';
+            $wpdb->query( $sql1 );
+            $wpdb->query( $sql2 );
+            $wpdb->query( $sql3 );
+            $message = urlencode( 'Older logs before 3.0.0 have been deleted successfully!' );
+            wp_redirect( admin_url( 'admin.php?page=c4p-reset&c4pmessage=' . $message . '&c4pmessageType=success' ) );
+        }
+    }
     public function custom_404_pro_upgrader( $upgrader_object, $options ) {
         global $wpdb;
+        if ( $options['action'] === 'update' && $options['type'] === 'plugin' ) {
+            if ( ! empty( get_option( 'c4p_mode' ) ) ) {
+                $mode = get_option( 'c4p_mode' );
+                $page = get_option( 'c4p_selected_page' );
+                $url  = get_option( 'c4p_selected_url' );
+                self::update_mode( $mode, $page, $url );
+                delete_option( 'c4p_mode' );
+                delete_option( 'c4p_selected_page' );
+                delete_option( 'c4p_selected_url' );
+            }
+            // When new features are requested by customers, they usually get a new option.
+            // This is where we add new option keys when customers upgrade the plugin.
+            $this->helpers->upsert_option( 'log_ip', true );
+        if(current_user_can('administrator')) {
+            if ( $options['action'] === 'update' && $options['type'] === 'plugin' ) {
+                if ( ! empty( get_option( 'c4p_mode' ) ) ) {
+                    $mode = get_option( 'c4p_mode' );
+                    $page = get_option( 'c4p_selected_page' );
+                    $url  = get_option( 'c4p_selected_url' );
+                    self::update_mode( $mode, $page, $url );
+                    delete_option( 'c4p_mode' );
+                    delete_option( 'c4p_selected_page' );
+                    delete_option( 'c4p_selected_url' );
+                }
+                // When new features are requested by customers, they usually get a new option.
+                // This is where we add new option keys when customers upgrade the plugin.
+                $this->helpers->upsert_option( 'log_ip', true );
+            }
+        }
         // TODO: Migrate old logs

custom-404-pro/trunk/admin/Helpers.php

-                      r2074974
+                      r2113409
     public function initialize_table_options() {
         global $wpdb;
+        $count = count( $this->options_defaults );
+        $sql   = 'INSERT INTO ' . $this->table_options . ' (name, value) VALUES ';
+        foreach ( $this->options_defaults as $key => $option ) {
+            if ( $key !== ( $count - 1 ) ) {
+                $sql .= "('" . $option->name . "', '" . $option->value . "'),";
+            } else {
+                $sql .= "('" . $option->name . "', '" . $option->value . "')";
+            }
+        }
+        $wpdb->query( $sql );
+        if(current_user_can('administrator')) {
+            $count = count( $this->options_defaults );
+            $sql   = 'INSERT INTO ' . $this->table_options . ' (name, value) VALUES ';
+            foreach ( $this->options_defaults as $key => $option ) {
+                if ( $key !== ( $count - 1 ) ) {
+                    $sql .= "('" . $option->name . "', '" . $option->value . "'),";
+                } else {
+                    $sql .= "('" . $option->name . "', '" . $option->value . "')";
+                }
+            }
+            $wpdb->query( $sql );
+        }
+    }
     public function is_option( $option_name ) {
         global $wpdb;
+        $query  = 'SELECT * FROM ' . $this->table_options . " WHERE name='" . $option_name . "'";
+        $result = $wpdb->get_results( $query );
+        if ( empty( $result ) ) {
+            return false;
+        } else {
+            return $result[0];
+        }
+        if(current_user_can('administrator')) {
+            $query  = 'SELECT * FROM ' . $this->table_options . " WHERE name='" . $option_name . "'";
+            $result = $wpdb->get_results( $query );
+            if ( empty( $result ) ) {
+                return false;
+            } else {
+                return $result[0];
+            }
+        }
+    }
     public function get_option( $option_name ) {
         global $wpdb;
+        $query  = 'SELECT value FROM ' . $this->table_options . " WHERE name='" . $option_name . "'";
+        $result = $wpdb->get_var( $query );
+        return $result;
+        if(current_user_can('administrator')) {
+            $query  = 'SELECT value FROM ' . $this->table_options . " WHERE name='" . $option_name . "'";
+            $result = $wpdb->get_var( $query );
+            return $result;
+        }
+    }
     public function insert_option( $option_name, $option_value ) {
         global $wpdb;
+        $result = $wpdb->insert(
+            $this->table_options,
+            array(
+                'name'  => $option_name,
+                'value' => $option_value,
+            )
+        );
+        return $result;
+        if(current_user_can('administrator')) {
+            $result = $wpdb->insert(
+                $this->table_options,
+                array(
+                    'name'  => $option_name,
+                    'value' => $option_value,
+                )
+            );
+            return $result;
+        }
+    }
     public function update_option( $option_name, $option_value ) {
         global $wpdb;
+        $result = $wpdb->update(
+            $this->table_options,
+            array( 'value' => $option_value ),
+            array( 'name' => $option_name )
+        );
+        return $result;
+        if(current_user_can('administrator')) {
+            $result = $wpdb->update(
+                $this->table_options,
+                array( 'value' => $option_value ),
+                array( 'name' => $option_name )
+            );
+            return $result;
+        }
+    }
     public function upsert_option( $option_name, $option_value ) {
         global $wpdb;
+        if ( self::is_option( $option_name ) ) {
+            $result = self::update_option( $option_name, $option_value );
+        } else {
+            $result = self::insert_option( $option_name, $option_value );
+        }
+        return $result;
+        if(current_user_can('administrator')) {
+            if ( self::is_option( $option_name ) ) {
+                $result = self::update_option( $option_name, $option_value );
+            } else {
+                $result = self::insert_option( $option_name, $option_value );
+            }
+            return $result;
+        }
+    }
     public function get_logs_columns() {
         global $wpdb;
+        $query  = 'SHOW COLUMNS FROM ' . $this->table_logs;
+        $result = $wpdb->get_results( $query );
+        return $result;
+        if(current_user_can('administrator')) {
+            $query  = 'SHOW COLUMNS FROM ' . $this->table_logs;
+            $result = $wpdb->get_results( $query );
+            return $result;
+        }
+    }
     public function get_old_logs_count() {
         global $wpdb;
+        $query  = 'SELECT COUNT(*) FROM ' . $wpdb->prefix . "posts WHERE post_type='c4p_log'";
+        $result = $wpdb->get_var( $query );
+        return (int) $result;
+        if(current_user_can('administrator')) {
+            $query  = 'SELECT COUNT(*) FROM ' . $wpdb->prefix . "posts WHERE post_type='c4p_log'";
+            $result = $wpdb->get_var( $query );
+            return (int) $result;
+        }
+    }
     public function delete_old_logs( $logIDs ) {
         global $wpdb;
+        foreach ( $logIDs as $id ) {
+            wp_delete_post( $id, true );
+        }
+        if(current_user_can('administrator')) {
+            foreach ( $logIDs as $id ) {
+                wp_delete_post( $id, true );
+            }
+        }
+    }
     public function create_logs( $logsData, $isDeletingOld ) {
         global $wpdb;
+        $count  = count( $logsData );
+        $logIDs = [];
+        $query  = 'INSERT INTO ' . $this->table_logs . ' (ip, path, referer, user_agent) VALUES';
+        foreach ( $logsData as $key => $log ) {
+            if ( ! empty( $log->id ) ) {
+                array_push( $logIDs, $log->id );
+            }
+            $query .= " ('$log->ip', '$log->path', '$log->referer', '$log->user_agent')";
+            if ( $key < $count - 1 ) {
+                $query .= ',';
+            }
+        }
+        $result = $wpdb->query( $query );
+        if ( ! is_wp_error( $result ) ) {
+            if ( ! empty( $isDeletingOld ) && $isDeletingOld ) {
+                self::delete_old_logs( $logIDs );
+            }
+        }
+        return $result;
+        if(current_user_can('administrator')) {
+            $count  = count( $logsData );
+            $logIDs = [];
+            $query  = 'INSERT INTO ' . $this->table_logs . ' (ip, path, referer, user_agent) VALUES';
+            foreach ( $logsData as $key => $log ) {
+                if ( ! empty( $log->id ) ) {
+                    array_push( $logIDs, $log->id );
+                }
+                $query .= " ('$log->ip', '$log->path', '$log->referer', '$log->user_agent')";
+                if ( $key < $count - 1 ) {
+                    $query .= ',';
+                }
+            }
+            $result = $wpdb->query( $query );
+            if ( ! is_wp_error( $result ) ) {
+                if ( ! empty( $isDeletingOld ) && $isDeletingOld ) {
+                    self::delete_old_logs( $logIDs );
+                }
+            }
+            return $result;
+        }
+    }
     public function get_logs() {
         global $wpdb;
+        $query  = 'SELECT * from ' . $this->table_logs;
+        $result = $wpdb->get_results( $query, ARRAY_A );
+        return $result;
+        if(current_user_can('administrator')) {
+            $query  = 'SELECT * from ' . $this->table_logs;
+            $result = $wpdb->get_results( $query, ARRAY_A );
+            return $result;
+        }
+    }
     public function delete_logs( $path ) {
         global $wpdb;
+        if ( $path === 'all' ) {
+            $query = 'TRUNCATE TABLE ' . $this->table_logs;
+        } elseif ( is_array( $path ) ) {
+            $query = 'DELETE FROM ' . $this->table_logs . ' WHERE id in (' . implode( ',', $path ) . ')';
+        } else {
+            $query = 'DELETE FROM ' . $this->table_logs . ' WHERE id=' . $path . '';
+        }
+        $result = $wpdb->query( $query );
+        return $result;
+        if(current_user_can('administrator')) {
+            if ( $path === 'all' ) {
+                $query = 'TRUNCATE TABLE ' . $this->table_logs;
+            } elseif ( is_array( $path ) ) {
+                $query = 'DELETE FROM ' . $this->table_logs . ' WHERE id in (' . implode( ',', $path ) . ')';
+            } else {
+                $query = 'DELETE FROM ' . $this->table_logs . ' WHERE id=' . $path . '';
+            }
+            $result = $wpdb->query( $query );
+            return $result;
+        }
+    }
     public function export_logs_csv() {
+        $filename   = 'logs_' . time() . '.csv';
+        $csv_output = '';
+        $columns    = self::get_logs_columns();
+        if ( count( $columns ) > 0 ) {
+            foreach ( $columns as $column ) {
+                $csv_output .= $column->Field . ', ';
+            }
+        }
+        $csv_output .= "\n";
+        $results     = self::get_logs();
+        if ( count( $results ) > 0 ) {
+            foreach ( $results as $result ) {
+                foreach ( $result as $q ) {
+                    $csv_output .= "\"$q\"" . ', ';
+                }
+                $csv_output .= "\n";
+            }
+        }
+        header( 'Content-Type: application/csv' );
+        header( 'Content-Disposition: attachment; filename=' . $filename );
+        header( 'Pragma: no-cache' );
+        print $csv_output;
+        exit;
+        if(current_user_can('administrator')) {
+            $filename   = 'logs_' . time() . '.csv';
+            $csv_output = '';
+            $columns    = self::get_logs_columns();
+            if ( count( $columns ) > 0 ) {
+                foreach ( $columns as $column ) {
+                    $csv_output .= $column->Field . ', ';
+                }
+            }
+            $csv_output .= "\n";
+            $results     = self::get_logs();
+            if ( count( $results ) > 0 ) {
+                foreach ( $results as $result ) {
+                    foreach ( $result as $q ) {
+                        $csv_output .= "\"$q\"" . ', ';
+                    }
+                    $csv_output .= "\n";
+                }
+            }
+            header( 'Content-Type: application/csv' );
+            header( 'Content-Disposition: attachment; filename=' . $filename );
+            header( 'Pragma: no-cache' );
+            print $csv_output;
+            exit;
+        }
+    }
+}

custom-404-pro/trunk/admin/views/logs.php

-                      r2112484
+                      r2113409
     <form id="form_logs" method="GET">
         <!-- For plugins, we also need to ensure that the form posts back to our current page -->
         <input type="hidden" name="page" value="<?php echo esc_html($_REQUEST['page']); ?>" />
+        <input type="hidden" name="page" value="<?php echo sanitize_text_field($_REQUEST['page']); ?>" />
         <!-- Now we can render the completed list table -->
         <p class="search-box">
             <label class="screen-reader-text" for="search_id-search-input">Search</label>
             <input id="search_id-search-input" type="text" name="s" value="<?php if ( array_key_exists( 's', $_GET ) ) { echo esc_html($_GET['s']); } ?>" autocomplete="off" />
+            <input id="search_id-search-input" type="text" name="s" value="<?php if ( array_key_exists( 's', $_GET ) ) { echo sanitize_text_field($_GET['s']); } ?>" autocomplete="off" />
             <input id="search-submit" class="button" type="submit" name="" value="Search" />
         </p>

custom-404-pro/trunk/admin/views/migrate.php

-                      r2112484
+                      r2113409
     <h2>Migrate (Important, read carefully)</h2>
     <?php if ( array_key_exists( 'message', $_GET ) ) : ?>
         <?php if ( esc_html($_GET['message']) === 'updated' ) : ?>
+        <?php if ( sanitize_text_field($_GET['message']) === 'updated' ) : ?>
         <div class="updated">
             <p>Old logs (prior to version 3.0.0) deleted successfully!</p>
 …
             <input type="hidden" name="action" value="form-migrate"/>
             <input type="submit" name="submit" id="submit" class="button button-primary" value="Migrate">
+            <?php wp_nonce_field("form-migrate", "form-migrate"); ?>
         </p>
     </form>

custom-404-pro/trunk/admin/views/reset.php

-                      r2112484
+                      r2113409
     <h2>Reset (Important, read carefully)</h2>
     <?php if ( array_key_exists( 'message', $_GET ) ) : ?>
         <?php if ( esc_html($_GET['message']) === 'updated' ) : ?>
+        <?php if ( sanitize_text_field($_GET['message']) === 'updated' ) : ?>
         <div class="updated">
             <p>Old logs (prior to version 3.0.0) deleted successfully!</p>
 …
             <input type="hidden" name="action" value="form-reset"/>
             <input type="submit" name="submit" id="submit" class="button button-primary" value="Reset">
+            <?php wp_nonce_field("form-reset", "form-reset"); ?>
         </p>
     </form>

custom-404-pro/trunk/admin/views/settings-general.php

-                      r2074974
+                      r2113409
 ?>
 <div class="wrap">
     <form method="post" action="<?php echo get_admin_url() . 'admin-post.php'; ?>">
+    <form method="post" action="<?php echo get_admin_url() . 'admin-post.php'; ?>">
         <table class="form-table">
             <tbody>
 …
             <input type="hidden" name="action" value="form-settings-general"/>
             <input type="submit" name="submit" id="submit" class="button button-primary" value="Save Changes">
+            <?php wp_nonce_field("form-settings-general", "form-settings-general"); ?>
         </p>
     </form>

custom-404-pro/trunk/admin/views/settings-global-redirect.php

r2074974	r2113409
72	72	<input type="hidden" name="action" value="form-settings-global-redirect"/>
73	73	<input type="submit" name="submit" id="submit" class="button button-primary" value="Save Changes">
	74	<?php wp_nonce_field("form-settings-global-redirect", "form-settings-global-redirect"); ?>
74	75	</p>
75	76	</form>

custom-404-pro/trunk/custom-404-pro.php

r2112484	r2113409
5	5	Plugin URI: https://wordpress.org/plugins/custom-404-pro/
6	6	Description: Override the default 404 page with any page or a custom URL from the Admin Panel.
7		Version: 3.2.9
	7	Version: 3.2.10
8	8	Author: Kunal Nagar
9	9	Author URI: https://kunalnagar.in

custom-404-pro/trunk/includes/ActivateClass.php

-                      r2074974
+                      r2113409
     public static function activate() {
         global $wpdb;
+        $helpers                = Helpers::singleton();
+        $is_table_options_query = "SHOW TABLES LIKE '" . $helpers->table_options . "';";
+        $is_table_logs_query    = "SHOW TABLES LIKE '" . $helpers->table_logs . "';";
+        $is_table_options       = $wpdb->query( $is_table_options_query );
+        $is_table_logs          = $wpdb->query( $is_table_logs_query );
+        if ( empty( $is_table_options ) && empty( $is_table_logs ) ) {
+            self::create_tables();
+            self::initialize_options();
+        }
+        if(current_user_can('administrator')) {
+            $helpers                = Helpers::singleton();
+            $is_table_options_query = "SHOW TABLES LIKE '" . $helpers->table_options . "';";
+            $is_table_logs_query    = "SHOW TABLES LIKE '" . $helpers->table_logs . "';";
+            $is_table_options       = $wpdb->query( $is_table_options_query );
+            $is_table_logs          = $wpdb->query( $is_table_logs_query );
+            if ( empty( $is_table_options ) && empty( $is_table_logs ) ) {
+                self::create_tables();
+                self::initialize_options();
+            }
+        }
+    }
     public static function create_tables() {
         global $wpdb;
+        $charset_collate = $wpdb->get_charset_collate();
+        $helpers         = Helpers::singleton();
+        $sql_logs        = "CREATE TABLE $helpers->table_logs (
+            id mediumint(9) NOT NULL AUTO_INCREMENT,
+            ip text,
+            path text,
+            referer text,
+            user_agent text,
+            created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+            updated TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+            PRIMARY KEY (id)
+        ) $charset_collate;";
+        $sql_options     = "CREATE TABLE $helpers->table_options (
+            id mediumint(9) NOT NULL AUTO_INCREMENT,
+            name text,
+            value text,
+            created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+            updated TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+            PRIMARY KEY (id)
+        ) $charset_collate;";
+        include_once ABSPATH . 'wp-admin/includes/upgrade.php';
+        dbDelta( $sql_logs );
+        echo $wpdb->last_error;
+        dbDelta( $sql_options );
+        echo $wpdb->last_error;
+        if(current_user_can('administrator')) {
+            $charset_collate = $wpdb->get_charset_collate();
+            $helpers         = Helpers::singleton();
+            $sql_logs        = "CREATE TABLE $helpers->table_logs (
+                id mediumint(9) NOT NULL AUTO_INCREMENT,
+                ip text,
+                path text,
+                referer text,
+                user_agent text,
+                created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+                updated TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+                PRIMARY KEY (id)
+            ) $charset_collate;";
+            $sql_options     = "CREATE TABLE $helpers->table_options (
+                id mediumint(9) NOT NULL AUTO_INCREMENT,
+                name text,
+                value text,
+                created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+                updated TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+                PRIMARY KEY (id)
+            ) $charset_collate;";
+            include_once ABSPATH . 'wp-admin/includes/upgrade.php';
+            dbDelta( $sql_logs );
+            echo $wpdb->last_error;
+            dbDelta( $sql_options );
+            echo $wpdb->last_error;
+        }
+    }
     public static function initialize_options() {
         global $wpdb;
+        $helpers = Helpers::singleton();
+        $helpers->initialize_table_options();
+        if(current_user_can('administrator')) {
+            $helpers = Helpers::singleton();
+            $helpers->initialize_table_options();
+        }
+    }
+}

custom-404-pro/trunk/includes/PluginClass.php

r2074974	r2113409
16	16	private function define_admin_hooks() {
17	17	// Core action hooks
18		add_action( 'admin_menu', array( $this->plugin_admin, 'create_menu' ) );
	18	add_action( 'admin_menu', array( $this->plugin_admin, 'create_menu' ) );
19	19	add_action( 'admin_enqueue_scripts', array( $this->plugin_admin, 'enqueue_scripts' ) );
20	20	add_action( 'admin_enqueue_scripts', array( $this->plugin_admin, 'enqueue_styles' ) );

custom-404-pro/trunk/includes/UninstallClass.php

-                      r2074974
+                      r2113409
     public static function uninstall() {
         global $wpdb;
+        $table_logs    = $wpdb->prefix . 'custom_404_pro_logs';
+        $sql_logs      = "DROP TABLE IF EXISTS $table_logs";
+        $table_options = $wpdb->prefix . 'custom_404_pro_options';
+        $sql_options   = "DROP TABLE IF EXISTS $table_options";
+        $wpdb->query( $sql_logs );
+        $wpdb->query( $sql_options );
+        if(current_user_can('administrator')) {
+            $table_logs    = $wpdb->prefix . 'custom_404_pro_logs';
+            $sql_logs      = "DROP TABLE IF EXISTS $table_logs";
+            $table_options = $wpdb->prefix . 'custom_404_pro_options';
+            $sql_options   = "DROP TABLE IF EXISTS $table_options";
+            $wpdb->query( $sql_logs );
+            $wpdb->query( $sql_options );
+        }
+    }
+}

custom-404-pro/trunk/readme.txt

-                      r2112484
+                      r2113409
 Requires at least: 3.0.1
 Tested up to: 5.2
 Stable tag: 3.2.9
+Stable tag: 3.2.10
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 …
 == Changelog ==
+= 3.2.10 =
+* More updates and fixes
 = 3.2.9 =

Plugin Directory

Context Navigation

Legend:

custom-404-pro/trunk/README.md

custom-404-pro/trunk/admin/AdminClass.php

custom-404-pro/trunk/admin/Helpers.php

custom-404-pro/trunk/admin/views/logs.php

custom-404-pro/trunk/admin/views/migrate.php

custom-404-pro/trunk/admin/views/reset.php

custom-404-pro/trunk/admin/views/settings-general.php

custom-404-pro/trunk/admin/views/settings-global-redirect.php

custom-404-pro/trunk/custom-404-pro.php

custom-404-pro/trunk/includes/ActivateClass.php

custom-404-pro/trunk/includes/PluginClass.php

custom-404-pro/trunk/includes/UninstallClass.php

custom-404-pro/trunk/readme.txt

Download in other formats: