Changeset 3238447
- Timestamp:
- 02/11/2025 09:27:00 AM (13 months ago)
- Location:
- robomaintainer/trunk
- Files:
-
- 3 edited
-
acua-robomaintainer.php (modified) (7 diffs)
-
classes/AcuaRmWordpressClass.php (modified) (2 diffs)
-
pages/settings.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
robomaintainer/trunk/acua-robomaintainer.php
r3190930 r3238447 3 3 Plugin Name: RoboMaintainer 4 4 Description: Automatic updates without breaking anything. 5 Version: 1. 0.05 Version: 1.1.0 6 6 Author: acua technology gmbh 7 7 License: GPLv2 or later … … 175 175 } 176 176 177 if ( isset( $_POST['RM_ACTION'] ) && $_POST['RM_ACTION'] === 'RM_ADDITIONAL_EMAILS' ) { 178 if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['_wpnonce'] ) ), 'RM_ADDITIONAL_EMAILS' ) ) { 179 wp_die( 'Security check failed' ); 180 } 181 $update_data = $rmClass->setPreferences([ 182 'RM_ACTION' => sanitize_text_field('RM_ADDITIONAL_EMAILS'), 183 'additional_emails' => array_map('sanitize_text_field', wp_unslash($_POST['additional_emails'])), 184 ]); 185 } 186 177 187 include 'parts/timezones.php'; 178 188 $isSiteRegistered = $rmClass->isSiteRegistered(); … … 242 252 $folder_name = sanitize_text_field( wp_unslash( $_GET['folderName'] ?? '' ) ); 243 253 $backup_folder_name = sanitize_text_field( wp_unslash( $_GET['backupFolderName'] ?? null ) ); 254 $backup_folder_created = true; 244 255 245 256 if (!$plugin_slug) { … … 250 261 251 262 // Define paths 252 $plugin_dir = ABSPATH . 'wp-content/plugins/' . $folder_name . '/';253 $backup_dir = ABSPATH . 'wp-content/plugins-rm/' . $backup_folder_name . '/';263 $plugin_dir = '../../../wp-content/plugins/' . $folder_name . '/'; 264 $backup_dir = '../../../wp-content/plugins-rm/' . $backup_folder_name . '/'; 254 265 255 266 // Create backup … … 257 268 global $wp_filesystem; 258 269 if (!$wp_filesystem->mkdir($backup_dir, 0755)) { 259 exit("Failed to create backup directory."); 270 $backup_folder_created = false; 271 // exit("Failed to create backup directory."); 260 272 } 261 273 } 262 274 263 275 // Copy all plugins to the backup directory 264 $backup_success = true; 265 $dir_iterator = new RecursiveDirectoryIterator($plugin_dir, RecursiveDirectoryIterator::SKIP_DOTS); 266 $iterator = new RecursiveIteratorIterator($dir_iterator, RecursiveIteratorIterator::SELF_FIRST); 267 foreach ($iterator as $file) { 268 $dest = $backup_dir . $iterator->getSubPathName(); 269 if ($file->isDir()) { 270 global $wp_filesystem; 271 if (!$wp_filesystem->mkdir($dest, 0755) && !is_dir($dest)) { 272 $backup_success = false; 273 break; 274 } 275 } else { 276 if (!$wp_filesystem->copy($file, $dest)) { 277 $backup_success = false; 278 break; 279 } 280 } 281 } 282 283 if (!$backup_success) { 284 exit("Failed to back up the plugins directory."); 285 } 276 if($backup_folder_created) { 277 $backup_success = true; 278 $dir_iterator = new RecursiveDirectoryIterator($plugin_dir, RecursiveDirectoryIterator::SKIP_DOTS); 279 $iterator = new RecursiveIteratorIterator($dir_iterator, RecursiveIteratorIterator::SELF_FIRST); 280 foreach ($iterator as $file) { 281 $dest = $backup_dir . $iterator->getSubPathName(); 282 if ($file->isDir()) { 283 global $wp_filesystem; 284 if (!$wp_filesystem->mkdir($dest, 0755) && !is_dir($dest)) { 285 $backup_success = false; 286 break; 287 } 288 } else { 289 if (!$wp_filesystem->copy($file, $dest)) { 290 $backup_success = false; 291 break; 292 } 293 } 294 } 295 } else { 296 $backup_success = false; 297 } 298 299 // if (!$backup_success) { 300 // exit("Failed to back up the plugins directory."); 301 // } 286 302 287 303 include_once ABSPATH . 'wp-admin/includes/plugin.php'; … … 340 356 341 357 // Define paths 342 $backup_dir = realpath( ABSPATH . 'wp-content/plugins-rm/' . $backup_folder_name);343 $plugin_dir = realpath( ABSPATH . 'wp-content/plugins/' . $folder_name);358 $backup_dir = realpath('../../../wp-content/plugins-rm/' . $backup_folder_name); 359 $plugin_dir = realpath('../../../wp-content/plugins/' . $folder_name); 344 360 345 361 // Validate paths 346 if (!$backup_dir || !is_dir($backup_dir) || strpos($backup_dir, realpath( ABSPATH . 'wp-content/plugins-rm/')) !== 0) {362 if (!$backup_dir || !is_dir($backup_dir) || strpos($backup_dir, realpath('../../../wp-content/plugins-rm/')) !== 0) { 347 363 echo wp_json_encode(array('status' => false, 'message' => "Invalid or non-existent backup folder")); 348 364 exit(); 349 365 } 350 366 351 if (!$plugin_dir || !is_dir($plugin_dir) || strpos($plugin_dir, realpath( ABSPATH . 'wp-content/plugins/')) !== 0) {367 if (!$plugin_dir || !is_dir($plugin_dir) || strpos($plugin_dir, realpath('../../../wp-content/plugins/')) !== 0) { 352 368 echo wp_json_encode(array('status' => false, 'message' => "Invalid or non-existent plugin folder")); 353 369 exit(); … … 395 411 396 412 $backup_folder_name = sanitize_text_field( wp_unslash( $_GET['backupFolderName'] ?? null ) ); 397 $backup_dir = ABSPATH . 'wp-content/plugins-rm/' . $backup_folder_name . '/';413 $backup_dir = '../../../wp-content/plugins-rm/' . $backup_folder_name . '/'; 398 414 399 415 // Validate and sanitize folder name -
robomaintainer/trunk/classes/AcuaRmWordpressClass.php
r3190930 r3238447 72 72 'post_status' => 'publish', 73 73 'posts_per_page' => -1, 74 'orderby' => 'date', 75 'order' => 'ASC', 74 76 ); 75 77 76 78 $query = new WP_Query($args); 77 79 78 80 if ($query->have_posts()) : 79 81 while ($query->have_posts()) : $query->the_post(); … … 83 85 wp_reset_postdata(); 84 86 endif; 85 } 87 } 86 88 87 89 header('Content-Type: application/json; charset=utf-8'); -
robomaintainer/trunk/pages/settings.php
r3190930 r3238447 11 11 <button name="RM_ACTION" class="button button-primary action" value="ACUA_REGISTER">Request</button> 12 12 <p>❌ Please enter your e-mail address and you will receive your API key and temporary password.</p> 13 <p>❌ Already have an account and API key? Enter your email address again to add this page to your account.</p> 13 14 </form> 14 15 <?php endif; ?> … … 33 34 34 35 <?php if ($is_valid && $isSiteRegistered && $instanceData) { ?> 36 37 <?php 38 $additional_emails = []; 39 if($instanceData && $instanceData->site && $instanceData->site->additional_emails) { 40 $parts = explode(';', $instanceData->site->additional_emails); 41 if(is_array($parts)) { 42 $additional_emails = $parts; 43 } 44 } 45 ?> 46 47 <form method="POST"> 48 <div class="card"> 49 <h2 class="title">Additional emails for notifiations</h2> 50 <?php 51 foreach([0, 1, 2] as $i) { ?> 52 <p> 53 <input name="additional_emails[]" size="60" type="email" value="<?php 54 echo isset($additional_emails[$i]) && filter_var($additional_emails[$i], FILTER_VALIDATE_EMAIL) ? esc_attr($additional_emails[$i]) : esc_attr(''); 55 ?>" autocomplete="off" placeholder="Additional email"/> 56 </p> 57 <?php } ?> 58 <?php wp_nonce_field( 'RM_ADDITIONAL_EMAILS' ); ?> 59 <button name="RM_ACTION" class="button button-primary action" value="RM_ADDITIONAL_EMAILS">Save</button> 60 </div> 61 </form> 62 35 63 <div class="card"> 36 64 <h2 class="title">Plan details</h2>
Note: See TracChangeset
for help on using the changeset viewer.