Changeset 3369189
- Timestamp:
- 09/28/2025 12:32:05 PM (6 months ago)
- Location:
- maintenance-switch
- Files:
-
- 12 edited
- 1 copied
-
tags/1.6.3 (copied) (copied from maintenance-switch/trunk)
-
tags/1.6.3/includes/class-maintenance-switch.php (modified) (61 diffs)
-
tags/1.6.3/maintenance-switch.php (modified) (1 diff)
-
tags/1.6.3/preview.php (modified) (2 diffs)
-
tags/1.6.3/readme.txt (modified) (1 diff)
-
tags/1.6.3/templates/maintenance.php (modified) (2 diffs)
-
tags/1.6.3/uninstall.php (modified) (2 diffs)
-
trunk/includes/class-maintenance-switch.php (modified) (61 diffs)
-
trunk/maintenance-switch.php (modified) (1 diff)
-
trunk/preview.php (modified) (2 diffs)
-
trunk/readme.txt (modified) (1 diff)
-
trunk/templates/maintenance.php (modified) (2 diffs)
-
trunk/uninstall.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
maintenance-switch/tags/1.6.3/includes/class-maintenance-switch.php
r3369156 r3369189 15 15 16 16 // If this file is called directly, abort. 17 if ( ! defined( 'WPINC' )) {17 if (!defined('WPINC')) { 18 18 die; 19 19 } … … 33 33 * @author Fugu <info@fugu.fr> 34 34 */ 35 class Maintenance_Switch { 35 class Maintenance_Switch 36 { 36 37 37 38 /** … … 108 109 * @since 1.0.0 109 110 */ 110 public function __construct() { 111 public function __construct() 112 { 111 113 112 114 $this->plugin_name = MS_SLUG; 113 115 $this->version = PLUGIN_VERSION; 114 $this->default_settings = json_decode( MS_DEFAULT_SETTINGS, true);116 $this->default_settings = json_decode(MS_DEFAULT_SETTINGS, true); 115 117 $this->current_theme = wp_get_theme(); 116 118 … … 137 139 * @access private 138 140 */ 139 private function load_dependencies() { 141 private function load_dependencies() 142 { 140 143 141 144 /** … … 143 146 * core plugin. 144 147 */ 145 require_once plugin_dir_path( dirname( __FILE__ )) . 'includes/class-maintenance-switch-loader.php';148 require_once plugin_dir_path(dirname(__FILE__)) . 'includes/class-maintenance-switch-loader.php'; 146 149 147 150 /** … … 149 152 * of the plugin. 150 153 */ 151 require_once plugin_dir_path( dirname( __FILE__ )) . 'includes/class-maintenance-switch-i18n.php';154 require_once plugin_dir_path(dirname(__FILE__)) . 'includes/class-maintenance-switch-i18n.php'; 152 155 153 156 /** 154 157 * The class responsible for defining all actions that occur in the admin area. 155 158 */ 156 require_once plugin_dir_path( dirname( __FILE__ )) . 'admin/class-maintenance-switch-admin.php';159 require_once plugin_dir_path(dirname(__FILE__)) . 'admin/class-maintenance-switch-admin.php'; 157 160 158 161 /** … … 160 163 * side of the site. 161 164 */ 162 require_once plugin_dir_path( dirname( __FILE__ )) . 'public/class-maintenance-switch-public.php';165 require_once plugin_dir_path(dirname(__FILE__)) . 'public/class-maintenance-switch-public.php'; 163 166 164 167 $this->loader = new Maintenance_Switch_Loader(); … … 175 178 * @access private 176 179 */ 177 private function set_locale() { 180 private function set_locale() 181 { 178 182 179 183 $plugin_i18n = new Maintenance_Switch_i18n(); 180 $plugin_i18n->set_domain( $this->plugin_name);181 182 $this->loader->add_action( 'plugins_loaded', $plugin_i18n, 'load_plugin_textdomain');184 $plugin_i18n->set_domain($this->plugin_name); 185 186 $this->loader->add_action('plugins_loaded', $plugin_i18n, 'load_plugin_textdomain'); 183 187 184 188 } … … 191 195 * @access private 192 196 */ 193 private function define_admin_hooks() { 194 195 $plugin_admin = new Maintenance_Switch_Admin( $this ); 197 private function define_admin_hooks() 198 { 199 200 $plugin_admin = new Maintenance_Switch_Admin($this); 196 201 197 202 $this->loader->add_action('admin_enqueue_scripts', $plugin_admin, 'enqueue_styles'); 198 203 $this->loader->add_action('admin_enqueue_scripts', $plugin_admin, 'enqueue_scripts'); 199 204 200 205 // Add AJAX variables to admin footer 201 206 $this->loader->add_action('admin_footer', $plugin_admin, 'add_ajax_script_variables'); // Add the options page and menu item. 202 $this->loader->add_action( 'admin_menu', $plugin_admin, 'add_plugin_admin_menu');207 $this->loader->add_action('admin_menu', $plugin_admin, 'add_plugin_admin_menu'); 203 208 204 209 // Execute actions on settings option updated 205 $this->loader->add_action( 'update_option_maintenance_switch_settings', $this, 'admin_action_update');210 $this->loader->add_action('update_option_maintenance_switch_settings', $this, 'admin_action_update'); 206 211 207 212 // Add an action link pointing to the options page. 208 $plugin_basename = plugin_basename( plugin_dir_path( __DIR__ ) . $this->plugin_name . '.php');209 $this->loader->add_filter( 'plugin_action_links_' . $plugin_basename, $plugin_admin, 'add_action_links');213 $plugin_basename = plugin_basename(plugin_dir_path(__DIR__) . $this->plugin_name . '.php'); 214 $this->loader->add_filter('plugin_action_links_' . $plugin_basename, $plugin_admin, 'add_action_links'); 210 215 211 216 // Add an action for the switch button … … 213 218 214 219 // Add an action to init in admin 215 $this->loader->add_action( 'wp_loaded', $this, 'admin_init');220 $this->loader->add_action('wp_loaded', $this, 'admin_init'); 216 221 217 222 // Add callback action for ajax request 218 $this->loader->add_action( 'wp_ajax_toggle_status', $this, 'toggle_status_callback');223 $this->loader->add_action('wp_ajax_toggle_status', $this, 'toggle_status_callback'); 219 224 220 225 // Admin notices 221 $this->loader->add_action( 'admin_notices', $this, 'display_admin_notices');226 $this->loader->add_action('admin_notices', $this, 'display_admin_notices'); 222 227 } 223 228 … … 229 234 * @access private 230 235 */ 231 private function define_public_hooks() { 232 233 $plugin_public = new Maintenance_Switch_Public( $this->plugin_name, $this->version ); 234 235 $this->loader->add_action( 'wp_enqueue_scripts', $plugin_public, 'enqueue_styles' ); 236 $this->loader->add_action( 'wp_enqueue_scripts', $plugin_public, 'enqueue_scripts' ); 237 238 $this->loader->add_action( 'wp_head', $plugin_public,'set_ajaxurl' ); 236 private function define_public_hooks() 237 { 238 239 $plugin_public = new Maintenance_Switch_Public($this->plugin_name, $this->version); 240 241 $this->loader->add_action('wp_enqueue_scripts', $plugin_public, 'enqueue_styles'); 242 $this->loader->add_action('wp_enqueue_scripts', $plugin_public, 'enqueue_scripts'); 243 244 $this->loader->add_action('wp_head', $plugin_public, 'set_ajaxurl'); 239 245 } 240 246 … … 244 250 * @since 1.3.3 245 251 */ 246 public function admin_action_update() { 247 248 $this->init_files( true ); 252 public function admin_action_update() 253 { 254 255 $this->init_files(true); 249 256 } 250 257 … … 254 261 * @since 1.3.3 255 262 */ 256 public function admin_action_request() { 263 public function admin_action_request() 264 { 257 265 258 266 $action = isset($_REQUEST['action']) ? sanitize_key($_REQUEST['action']) : ''; 259 if ( !empty( $action )) {260 261 switch ( $action) {267 if (!empty($action)) { 268 269 switch ($action) { 262 270 263 271 case 'restore_settings': 264 272 265 if ( $this->restore_default_settings())266 $this->notice( 'success', __( 'Default settings successfuly restored.', MS_SLUG ));273 if ($this->restore_default_settings()) 274 $this->notice('success', __('Default settings successfuly restored.', MS_SLUG)); 267 275 else 268 $this->notice( 'error', __( 'Default settings was not restored.', MS_SLUG ));276 $this->notice('error', __('Default settings was not restored.', MS_SLUG)); 269 277 break; 270 278 271 279 case 'restore_html': 272 280 273 if ( $this->restore_html_setting()) {274 $this->notice( 'success', __( 'HTML code successfuly restored.', MS_SLUG ));281 if ($this->restore_html_setting()) { 282 $this->notice('success', __('HTML code successfuly restored.', MS_SLUG)); 275 283 } else { 276 $this->notice( 'error', __( 'HTML code could was not restored.', MS_SLUG ));284 $this->notice('error', __('HTML code could was not restored.', MS_SLUG)); 277 285 } 278 286 break; … … 280 288 case 'create_theme_file': 281 289 282 if ( $this->create_theme_file()) {283 $this->notice( 'success', __( 'The theme file was created successfuly.', MS_SLUG ));290 if ($this->create_theme_file()) { 291 $this->notice('success', __('The theme file was created successfuly.', MS_SLUG)); 284 292 } else { 285 $this->notice( 'error', __( 'The theme file was not created.', MS_SLUG ));293 $this->notice('error', __('The theme file was not created.', MS_SLUG)); 286 294 } 287 295 break; … … 289 297 case 'delete_theme_file': 290 298 291 if ( $this->delete_theme_file()) {292 $this->notice( 'success', __( 'The theme file was deleted successfuly', MS_SLUG ));299 if ($this->delete_theme_file()) { 300 $this->notice('success', __('The theme file was deleted successfuly', MS_SLUG)); 293 301 } else { 294 $this->notice( 'error', __( 'The theme file was not deleted.', MS_SLUG ));302 $this->notice('error', __('The theme file was not deleted.', MS_SLUG)); 295 303 } 296 304 break; … … 306 314 * @since 1.3.3 307 315 */ 308 public function notice( $type, $notice ) { 309 310 if ( !empty( $type ) && !empty( $notice ) ) 311 $this->notices[] = sprintf( '<div class="notice notice-%s is-dismissible"><p>%s</p></div>', $type, $notice ); 312 } 313 314 /** 316 public function notice($type, $notice) 317 { 318 319 if (!empty($type) && !empty($notice)) 320 $this->notices[] = sprintf('<div class="notice notice-%s is-dismissible"><p>%s</p></div>', $type, $notice); 321 } 322 323 /** 315 324 * Display admin notices stored in object 316 325 * 317 326 * @since 1.3.3 318 327 */ 319 public function display_admin_notices() { 320 321 if ( !empty( $this->notices ) ) { 322 foreach( $this->notices as $key => $notice ) { 328 public function display_admin_notices() 329 { 330 331 if (!empty($this->notices)) { 332 foreach ($this->notices as $key => $notice) { 323 333 echo $notice; 324 334 } … … 331 341 * @since 1.1.1 332 342 */ 333 public function admin_init() { 343 public function admin_init() 344 { 334 345 335 346 $this->init_settings(); … … 343 354 * @since 1.3.1 344 355 */ 345 public function init_settings() { 356 public function init_settings() 357 { 346 358 347 359 // Define if settings mode needs to be migrated from old to new system … … 349 361 350 362 // Get and delete previous settings values 351 if ( $this->version_before( '1.3.3' )) {363 if ($this->version_before('1.3.3')) { 352 364 353 365 // Get previous settins in an array 354 366 $previous_version_settings = array( 355 'ms_page_html' => get_option( 'ms_page_html'),356 'ms_switch_roles' => get_option( 'ms_switch_roles'),357 'ms_allowed_roles' => get_option( 'ms_allowed_roles'),358 'ms_allowed_ips' => get_option( 'ms_allowed_ips'),359 'ms_use_theme' => get_option( 'ms_use_theme')367 'ms_page_html' => get_option('ms_page_html'), 368 'ms_switch_roles' => get_option('ms_switch_roles'), 369 'ms_allowed_roles' => get_option('ms_allowed_roles'), 370 'ms_allowed_ips' => get_option('ms_allowed_ips'), 371 'ms_use_theme' => get_option('ms_use_theme') 360 372 ); 361 $ms_status = (int) get_option( 'ms_status');373 $ms_status = (int) get_option('ms_status'); 362 374 363 375 // Remove old invalid settings 364 delete_option( 'ms_maintenance_page_html');365 delete_option( 'ms_allowed_ip');376 delete_option('ms_maintenance_page_html'); 377 delete_option('ms_allowed_ip'); 366 378 367 379 // Get and remove previous settings version 368 if ( $previous_version_settings['ms_page_html'] !== false ) { $migrate = true; delete_option( 'ms_page_html' ); } 369 if ( $previous_version_settings['ms_switch_roles'] !== false ) { $migrate = true; delete_option( 'ms_switch_roles' ); } 370 if ( $previous_version_settings['ms_allowed_roles'] !== false ) { $migrate = true; delete_option( 'ms_allowed_roles' ); } 371 if ( $previous_version_settings['ms_allowed_ips'] !== false ) { $migrate = true; delete_option( 'ms_allowed_ips' ); } 372 if ( $previous_version_settings['ms_use_theme'] !== false ) { $migrate = true; delete_option( 'ms_use_theme' ); } 373 if ( $ms_status !== false ) { $migrate = true; delete_option( 'ms_status' ); } 374 375 if ( !$migrate ) return false; 380 if ($previous_version_settings['ms_page_html'] !== false) { 381 $migrate = true; 382 delete_option('ms_page_html'); 383 } 384 if ($previous_version_settings['ms_switch_roles'] !== false) { 385 $migrate = true; 386 delete_option('ms_switch_roles'); 387 } 388 if ($previous_version_settings['ms_allowed_roles'] !== false) { 389 $migrate = true; 390 delete_option('ms_allowed_roles'); 391 } 392 if ($previous_version_settings['ms_allowed_ips'] !== false) { 393 $migrate = true; 394 delete_option('ms_allowed_ips'); 395 } 396 if ($previous_version_settings['ms_use_theme'] !== false) { 397 $migrate = true; 398 delete_option('ms_use_theme'); 399 } 400 if ($ms_status !== false) { 401 $migrate = true; 402 delete_option('ms_status'); 403 } 404 405 if (!$migrate) 406 return false; 376 407 } 377 408 378 409 // Initialize options 379 $this->init_options( $migrate ? $previous_version_settings : array(), $migrate ? $ms_status : null);410 $this->init_options($migrate ? $previous_version_settings : array(), $migrate ? $ms_status : null); 380 411 381 412 // Create the plugin core maintenance files … … 392 423 * @var int $status the status wanted 393 424 */ 394 public function init_options( $options = array(), $status = null ) { 425 public function init_options($options = array(), $status = null) 426 { 395 427 396 428 // Get defaults settings … … 401 433 402 434 // Merging database options with defaults options 403 if ( empty($settings))404 $settings = wp_parse_args( $defaults, $settings);435 if (empty($settings)) 436 $settings = wp_parse_args($defaults, $settings); 405 437 406 438 // Merging options param with defaults options 407 if ( !empty( $options ))408 $settings = wp_parse_args( $options, $settings);439 if (!empty($options)) 440 $settings = wp_parse_args($options, $settings); 409 441 410 442 // Save settings 411 update_option( 'maintenance_switch_settings', $settings);443 update_option('maintenance_switch_settings', $settings); 412 444 413 445 // Set the status param 414 if ( $status !== null)415 $status = update_option( 'maintenance_switch_status', $status);446 if ($status !== null) 447 $status = update_option('maintenance_switch_status', $status); 416 448 417 449 // Get the status of maintenance … … 419 451 420 452 // Save the plugin version in the database 421 update_option( 'maintenance_switch_version', $this->version);453 update_option('maintenance_switch_version', $this->version); 422 454 } 423 455 … … 428 460 * @var integer $status the status to set, or just sync with file if null 429 461 */ 430 public function sync_status( $status_wanted=null ) { 462 public function sync_status($status_wanted = null) 463 { 431 464 432 465 // get the status in the database if no status in param 433 if ( $status_wanted === null)466 if ($status_wanted === null) 434 467 $status = $this->get_the_status(); 435 468 else … … 437 470 438 471 // try to create the file according to the status value 439 switch ( $status) {472 switch ($status) { 440 473 441 474 case 1: 442 475 443 if ( $this->create_dot_file()) {444 $response = array( 'success' => true);476 if ($this->create_dot_file()) { 477 $response = array('success' => true); 445 478 // if status called, update in db 446 if ( $status_wanted !== null ) $this->set_the_status( $status ); 479 if ($status_wanted !== null) 480 $this->set_the_status($status); 447 481 } else { 448 $response = array( 'success' => false);482 $response = array('success' => false); 449 483 } 450 484 … … 453 487 case 0: 454 488 455 if ( $this->_delete_file( MS_DOT_FILE_ACTIVE, true )) {456 $response = array( 'success' => true);489 if ($this->_delete_file(MS_DOT_FILE_ACTIVE, true)) { 490 $response = array('success' => true); 457 491 // if status called, update in db 458 if ( $status_wanted !== null ) $this->set_the_status( $status ); 492 if ($status_wanted !== null) 493 $this->set_the_status($status); 459 494 } else { 460 $response = array( 'success' => false);495 $response = array('success' => false); 461 496 } 462 497 … … 476 511 * @return boolean true 477 512 */ 478 public function init_files( $override=false ) { 513 public function init_files($override = false) 514 { 479 515 480 516 // create the php file from template 481 if ( $override || ! file_exists( MS_PHP_FILE_ACTIVE )) {517 if ($override || !file_exists(MS_PHP_FILE_ACTIVE)) { 482 518 $this->create_php_file(); 483 519 } 484 520 485 if ( $this->get_the_status() == 1)521 if ($this->get_the_status() == 1) 486 522 $this->create_dot_file(); 487 523 … … 494 530 * @since 1.3.1 495 531 */ 496 public function version_before( $version ) { 532 public function version_before($version) 533 { 497 534 // get the version in db 498 535 $previous_version = $this->get_the_version(); 499 536 500 if ( empty( $previous_version ))537 if (empty($previous_version)) 501 538 return false; 502 539 503 540 // test if the db version is anterior to called version 504 if ( $this->numeric_version( $previous_version ) < $this->numeric_version( $version ))541 if ($this->numeric_version($previous_version) < $this->numeric_version($version)) 505 542 return true; 506 543 … … 513 550 * @since 1.3.1 514 551 */ 515 public function numeric_version( $version ) { 516 517 $version = str_replace( '.', '', $version ); 552 public function numeric_version($version) 553 { 554 555 $version = str_replace('.', '', $version); 518 556 return (int) $version; 519 557 } … … 524 562 * @since 1.3.0 525 563 */ 526 public function get_current_theme() { 564 public function get_current_theme() 565 { 527 566 528 567 return $this->current_theme; … … 534 573 * @since 1.3.0 535 574 */ 536 public function get_the_status() { 537 538 $status = get_option( 'maintenance_switch_status' ); 539 if ( !$status ) { 540 $status = update_option( 'maintenance_switch_status', MS_DEFAULT_STATUS ); 575 public function get_the_status() 576 { 577 578 $status = get_option('maintenance_switch_status'); 579 if (!$status) { 580 $status = update_option('maintenance_switch_status', MS_DEFAULT_STATUS); 541 581 return MS_DEFAULT_STATUS; 542 582 } … … 551 591 * @return boolean true if the status was changed, false if not 552 592 */ 553 public function set_the_status( $status ) { 554 555 if ( isset( $status ) ) { 556 return update_option( 'maintenance_switch_status', $status ); 593 public function set_the_status($status) 594 { 595 596 if (isset($status)) { 597 return update_option('maintenance_switch_status', $status); 557 598 } 558 599 return false; … … 565 606 * @return string the version of the plugin saved in db 566 607 */ 567 public function get_the_version() { 568 569 return get_option( 'maintenance_switch_version' ); 608 public function get_the_version() 609 { 610 611 return get_option('maintenance_switch_version'); 570 612 } 571 613 … … 576 618 * @return misc the option value or false if option not exists 577 619 */ 578 public function get_the_settings() { 579 580 return get_option( 'maintenance_switch_settings' ); 620 public function get_the_settings() 621 { 622 623 return get_option('maintenance_switch_settings'); 581 624 } 582 625 … … 586 629 * @since 1.3.0 587 630 */ 588 public function restore_default_settings() { 631 public function restore_default_settings() 632 { 589 633 590 634 $settings = $this->default_settings; 591 return update_option( 'maintenance_switch_settings', $settings);635 return update_option('maintenance_switch_settings', $settings); 592 636 } 593 637 … … 597 641 * @since 1.3.0 598 642 */ 599 public function restore_html_setting() { 643 public function restore_html_setting() 644 { 600 645 601 646 $settings = $this->get_the_settings(); 602 647 $settings['ms_page_html'] = $this->default_settings['ms_page_html']; 603 return update_option( 'maintenance_switch_settings', $settings);648 return update_option('maintenance_switch_settings', $settings); 604 649 } 605 650 … … 610 655 * @return string The theme file with absolute url 611 656 */ 612 public function get_theme_file_url() { 657 public function get_theme_file_url() 658 { 613 659 614 660 return $this->current_theme->get_stylesheet_directory_uri() . '/' . MS_THEME_FILENAME; … … 621 667 * @return string The theme file with absolute path 622 668 */ 623 public function get_theme_file_path() { 669 public function get_theme_file_path() 670 { 624 671 625 672 return $this->current_theme->get_stylesheet_directory() . '/' . MS_THEME_FILENAME; … … 632 679 * @return boolean true if the file exists in theme, false if not 633 680 */ 634 public function theme_file_exists() { 681 public function theme_file_exists() 682 { 635 683 636 684 $theme_file = $this->get_theme_file_path(); 637 return file_exists( $theme_file);685 return file_exists($theme_file); 638 686 } 639 687 … … 644 692 * @return boolean True if the file was created in theme, false if not of if it already exists 645 693 */ 646 public function create_theme_file() { 694 public function create_theme_file() 695 { 647 696 648 697 $theme_file = $this->get_theme_file_path(); 649 if ( ! $this->theme_file_exists()) {650 return $this->_create_file( $theme_file, $this->default_settings['ms_page_html']);698 if (!$this->theme_file_exists()) { 699 return $this->_create_file($theme_file, $this->default_settings['ms_page_html']); 651 700 } 652 701 return false; … … 659 708 * @return boolean True if the file was deleted in theme, false if not of if not exists 660 709 */ 661 public function delete_theme_file() { 710 public function delete_theme_file() 711 { 662 712 663 713 $theme_file = $this->get_theme_file_path(); 664 if ( $this->theme_file_exists()) {665 return $this->_delete_file( $theme_file);714 if ($this->theme_file_exists()) { 715 return $this->_delete_file($theme_file); 666 716 } 667 717 return false; … … 676 726 * @return misc The setting value 677 727 */ 678 public function get_setting( $setting_name, $default_value = false ) { 728 public function get_setting($setting_name, $default_value = false) 729 { 679 730 680 731 $settings = $this->get_the_settings(); 681 732 682 if ( isset( $settings[ $setting_name ] )) {683 return $settings[ $setting_name];733 if (isset($settings[$setting_name])) { 734 return $settings[$setting_name]; 684 735 } 685 736 … … 695 746 * @return boolean True if the setting was updated, false if not of if is not set 696 747 */ 697 public function update_setting( $setting_name, $setting_value ) { 748 public function update_setting($setting_name, $setting_value) 749 { 698 750 699 751 $settings = $this->get_the_settings(); 700 752 701 if ( isset( $settings[$setting_name] ))753 if (isset($settings[$setting_name])) 702 754 $settings[$setting_name] = $setting_value; 703 755 else … … 712 764 * @since 1.0.0 713 765 */ 714 public function run() { 766 public function run() 767 { 715 768 716 769 $this->loader->run(); … … 724 777 * @return string The name of the plugin. 725 778 */ 726 public function get_plugin_name() { 779 public function get_plugin_name() 780 { 727 781 728 782 return $this->plugin_name; … … 735 789 * @return Maintenance_Switch_Loader Orchestrates the hooks of the plugin. 736 790 */ 737 public function get_loader() { 791 public function get_loader() 792 { 738 793 739 794 return $this->loader; … … 746 801 * @return string The version number of the plugin. 747 802 */ 748 public function get_version() { 803 public function get_version() 804 { 749 805 750 806 return $this->version; … … 757 813 * @return string The status of the maintenance mode. 758 814 */ 759 public function get_status() { 815 public function get_status() 816 { 760 817 761 818 return $this->status; … … 768 825 * @return string The default settings. 769 826 */ 770 public function get_default_settings() { 827 public function get_default_settings() 828 { 771 829 772 830 return $this->default_settings; … … 779 837 * @return boolean True if the user can switch, false if not 780 838 */ 781 public function current_user_can_switch() { 839 public function current_user_can_switch() 840 { 782 841 783 842 global $current_user; 784 843 $user_can = false; 785 844 786 $switch_roles = (array) $this->get_setting( 'ms_switch_roles');787 788 foreach ( $current_user->roles as $role) {789 if ( in_array( $role, $switch_roles ))845 $switch_roles = (array) $this->get_setting('ms_switch_roles'); 846 847 foreach ($current_user->roles as $role) { 848 if (in_array($role, $switch_roles)) 790 849 $user_can = true; 791 850 } … … 799 858 * @return array List of all users logins 800 859 */ 801 public function get_allowed_users() { 802 803 $allowed_roles = (array) $this->get_setting( 'ms_allowed_roles' ); 804 $users = $this->get_users_by_role( $allowed_roles ); 860 public function get_allowed_users() 861 { 862 863 $allowed_roles = (array) $this->get_setting('ms_allowed_roles'); 864 $users = $this->get_users_by_role($allowed_roles); 805 865 $allowed_users = array(); 806 foreach ( $users as $user) {866 foreach ($users as $user) { 807 867 $allowed_users[] = $user->user_login; 808 868 } … … 816 876 * @return string List of all ips comma separated 817 877 */ 818 public function get_allowed_ips() { 819 820 $allowed_ips = $this->get_setting( 'ms_allowed_ips' ); 821 $allowed_ips = explode( ',', $allowed_ips ); 878 public function get_allowed_ips() 879 { 880 881 $allowed_ips = $this->get_setting('ms_allowed_ips'); 882 $allowed_ips = explode(',', $allowed_ips); 822 883 return $allowed_ips; 823 884 } … … 830 891 * @return array the user list 831 892 */ 832 public function get_users_by_role( $roles = array() ) { 833 834 $users = array(); 835 foreach ($roles as $role) { 836 if ( !empty( $role ) ) { 837 $users_query = new WP_User_Query( array( 838 'fields' => 'all_with_meta', 839 'role' => $role, 840 'orderby' => 'display_name' 841 ) ); 842 $results = $users_query->get_results(); 843 if ($results) $users = array_merge($users, $results); 844 } 845 } 846 return $users; 893 public function get_users_by_role($roles = array()) 894 { 895 896 $users = array(); 897 foreach ($roles as $role) { 898 if (!empty($role)) { 899 $users_query = new WP_User_Query(array( 900 'fields' => 'all_with_meta', 901 'role' => $role, 902 'orderby' => 'display_name' 903 )); 904 $results = $users_query->get_results(); 905 if ($results) 906 $users = array_merge($users, $results); 907 } 908 } 909 return $users; 847 910 } 848 911 … … 853 916 * @return string The current ip of the user 854 917 */ 855 public function get_user_ip() { 918 public function get_user_ip() 919 { 856 920 //Just get the headers if we can or else use the SERVER global 857 if ( function_exists( 'apache_request_headers' )) {921 if (function_exists('apache_request_headers')) { 858 922 $headers = apache_request_headers(); 859 923 } else { 860 $headers = $_SERVER;924 $headers = array_map('sanitize_text_field', $_SERVER); 861 925 } 862 926 // Get the forwarded IP if it exists 863 if ( array_key_exists( 'X-Forwarded-For', $headers ) && filter_var( $headers['X-Forwarded-For'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 )) {927 if (array_key_exists('X-Forwarded-For', $headers) && filter_var($headers['X-Forwarded-For'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { 864 928 $the_ip = $headers['X-Forwarded-For']; 865 } elseif ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers ) && filter_var( $headers['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 )) {929 } elseif (array_key_exists('HTTP_X_FORWARDED_FOR', $headers) && filter_var($headers['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { 866 930 $the_ip = $headers['HTTP_X_FORWARDED_FOR']; 867 931 } else { 868 $the_ip = filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);932 $the_ip = filter_var(sanitize_text_field($_SERVER['REMOTE_ADDR']), FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); 869 933 } 870 934 return $the_ip; … … 878 942 * @return boolean True if the .maintenance file is core, false if was created by the plugin 879 943 */ 880 public function _check_core_file( $file ) { 881 882 if ( file_exists( $file ) ) { 883 $content = file_get_contents( $file ); 884 if ( preg_match( '/'.$this->plugin_name.'/i', $content) ) 944 public function _check_core_file($file) 945 { 946 947 if (file_exists($file)) { 948 $content = file_get_contents($file); 949 if (preg_match('/' . $this->plugin_name . '/i', $content)) 885 950 return false; 886 951 else … … 898 963 * @return boolean True if the file was deleted, false if not 899 964 */ 900 public function _delete_file( $file, $check_core=false ) { 901 902 if ( file_exists( $file ) ) { 903 904 if ( $check_core && $this->_check_core_file( $file ) ) 965 public function _delete_file($file, $check_core = false) 966 { 967 968 if (file_exists($file)) { 969 970 if ($check_core && $this->_check_core_file($file)) 905 971 return false; 906 972 907 if ( unlink( $file ))973 if (unlink($file)) 908 974 return true; 909 975 } … … 918 984 * @var string $content the content to put in the file 919 985 */ 920 public function _create_file( $file, $content ) { 921 922 if ( file_exists( $file ) ) 986 public function _create_file($file, $content) 987 { 988 989 if (file_exists($file)) 923 990 return false; 924 991 925 if ( ! file_put_contents( $file, $content ))992 if (!file_put_contents($file, $content)) 926 993 return false; 927 994 … … 934 1001 * @since 1.0.0 935 1002 */ 936 public function create_php_file() { 1003 public function create_php_file() 1004 { 937 1005 938 1006 // get the template file content 939 $content = file_get_contents( MS_PHP_FILE_TEMPLATE);1007 $content = file_get_contents(MS_PHP_FILE_TEMPLATE); 940 1008 941 1009 // get flags values 942 $page_html = wp_specialchars_decode( $this->get_setting( 'ms_page_html' ), ENT_QUOTES);943 $use_theme_file = $this->get_setting( 'ms_use_theme');944 $return503 = $this->get_setting( 'ms_error_503');1010 $page_html = wp_specialchars_decode($this->get_setting('ms_page_html'), ENT_QUOTES); 1011 $use_theme_file = $this->get_setting('ms_use_theme'); 1012 $return503 = $this->get_setting('ms_error_503'); 945 1013 $theme = wp_get_theme(); 946 1014 $theme_file = $theme->get_stylesheet_directory() . '/' . MS_THEME_FILENAME; 947 1015 948 1016 // apply flags replacements 949 $content = str_replace( '{{MS_PLUGIN_SLUG}}' , $this->plugin_name, $content);950 $content = str_replace( '{{MS_USE_THEME_FILE}}' , $use_theme_file, $content);951 $content = str_replace( '{{MS_RETURN_503}}' , $return503, $content);952 $content = str_replace( '{{MS_THEME_FILE}}' , $theme_file, $content);953 $content = str_replace( '{{MS_PAGE_HTML}}' , $page_html, $content);1017 $content = str_replace('{{MS_PLUGIN_SLUG}}', $this->plugin_name, $content); 1018 $content = str_replace('{{MS_USE_THEME_FILE}}', $use_theme_file, $content); 1019 $content = str_replace('{{MS_RETURN_503}}', $return503, $content); 1020 $content = str_replace('{{MS_THEME_FILE}}', $theme_file, $content); 1021 $content = str_replace('{{MS_PAGE_HTML}}', $page_html, $content); 954 1022 955 1023 // delete the current file 956 $this->_delete_file( MS_PHP_FILE_ACTIVE);1024 $this->_delete_file(MS_PHP_FILE_ACTIVE); 957 1025 958 1026 // try to create the file 959 if ( ! $this->_create_file( MS_PHP_FILE_ACTIVE, $content )) {1027 if (!$this->_create_file(MS_PHP_FILE_ACTIVE, $content)) { 960 1028 return false; 961 1029 } … … 968 1036 * @since 1.0.0 969 1037 */ 970 public function create_dot_file() { 1038 public function create_dot_file() 1039 { 971 1040 972 1041 // get the template file content 973 $content = file_get_contents( MS_DOT_FILE_TEMPLATE);1042 $content = file_get_contents(MS_DOT_FILE_TEMPLATE); 974 1043 975 1044 // get flags values 976 $allowed_users = "'" . implode( "', '", $this->get_allowed_users()) . "'";977 $allowed_ips = "'" . implode( "','", $this->get_allowed_ips()) . "'";978 $login_url = str_replace( get_site_url(), '', wp_login_url());1045 $allowed_users = "'" . implode("', '", $this->get_allowed_users()) . "'"; 1046 $allowed_ips = "'" . implode("','", $this->get_allowed_ips()) . "'"; 1047 $login_url = str_replace(get_site_url(), '', wp_login_url()); 979 1048 980 1049 // apply flags replacements 981 $content = str_replace( '{{MS_ALLOWED_USERS}}' , $allowed_users, $content);982 $content = str_replace( '{{MS_ALLOWED_IPS}}' , $allowed_ips, $content);983 $content = str_replace( '{{MS_PLUGIN_SLUG}}' , $this->plugin_name, $content);984 $content = str_replace( '{{MS_LOGIN_URL}}' , $login_url, $content);1050 $content = str_replace('{{MS_ALLOWED_USERS}}', $allowed_users, $content); 1051 $content = str_replace('{{MS_ALLOWED_IPS}}', $allowed_ips, $content); 1052 $content = str_replace('{{MS_PLUGIN_SLUG}}', $this->plugin_name, $content); 1053 $content = str_replace('{{MS_LOGIN_URL}}', $login_url, $content); 985 1054 986 1055 // check if the core dot file exists or delete current file 987 if ( $this->_check_core_file( MS_DOT_FILE_ACTIVE )) {1056 if ($this->_check_core_file(MS_DOT_FILE_ACTIVE)) { 988 1057 return false; 989 1058 } else { 990 $this->_delete_file( MS_DOT_FILE_ACTIVE, true);1059 $this->_delete_file(MS_DOT_FILE_ACTIVE, true); 991 1060 } 992 1061 993 1062 // try to create the file 994 if ( ! $this->_create_file( MS_DOT_FILE_ACTIVE, $content )) {1063 if (!$this->_create_file(MS_DOT_FILE_ACTIVE, $content)) { 995 1064 return false; 996 1065 } … … 1003 1072 * @since 1.0.0 1004 1073 */ 1005 public function toggle_status_callback() { 1006 1074 public function toggle_status_callback() 1075 { 1076 1007 1077 // Check nonce for security 1008 1078 $nonce = isset($_POST['nonce']) ? sanitize_text_field(wp_unslash($_POST['nonce'])) : ''; … … 1023 1093 $new_status = (bool) $status == 1 ? 0 : 1; 1024 1094 // sync status 1025 $response = $this->sync_status( $new_status);1095 $response = $this->sync_status($new_status); 1026 1096 // return json response 1027 wp_send_json( $response);1097 wp_send_json($response); 1028 1098 // this is required to terminate immediately and return a proper response 1029 1099 wp_die(); … … 1036 1106 * @since 1.0.0 1037 1107 */ 1038 public function add_switch_button( $wp_admin_bar ){ 1039 1040 if ( $this->current_user_can_switch() ) { 1108 public function add_switch_button($wp_admin_bar) 1109 { 1110 1111 if ($this->current_user_can_switch()) { 1041 1112 1042 1113 $args = array( 1043 1114 'id' => 'ms-switch-button', 1044 'title' => '<span class="ab-icon dashicons-admin-tools"></span><span class="ab-label">' . __( 'Maintenance', $this->plugin_name) . '</span>',1115 'title' => '<span class="ab-icon dashicons-admin-tools"></span><span class="ab-label">' . __('Maintenance', $this->plugin_name) . '</span>', 1045 1116 'href' => '#', 1046 1117 'meta' => array( 1047 'class' => 'toggle-button ' . ( $this->status ? 'active' : ''),1118 'class' => 'toggle-button ' . ($this->status ? 'active' : ''), 1048 1119 ) 1049 1120 ); 1050 1121 1051 $wp_admin_bar->add_node( $args);1122 $wp_admin_bar->add_node($args); 1052 1123 } 1053 1124 } -
maintenance-switch/tags/1.6.3/maintenance-switch.php
r3369181 r3369189 17 17 * Plugin URI: https://wordpress.org/plugins/maintenance-switch 18 18 * Description: Customize easily and switch in one-click to (native) maintenance mode from your backend or frontend. 19 * Version: 1.6. 219 * Version: 1.6.3 20 20 * Author: Fugu 21 21 * Author URI: http://www.fugu.fr -
maintenance-switch/tags/1.6.3/preview.php
r3369181 r3369189 2 2 3 3 // If this file is called directly, abort. 4 if ( ! defined( 'WPINC' )) {5 4 if (!defined('WPINC')) { 5 die; 6 6 } 7 7 8 8 // Security check: only allow admin users 9 if ( ! current_user_can( 'manage_options' )) {10 wp_die( __( 'Insufficient permissions to access this page.' ));9 if (!current_user_can('manage_options')) { 10 wp_die(__('Insufficient permissions to access this page.')); 11 11 } 12 12 13 13 // Security check: verify nonce 14 if ( ! empty( $_POST['preview-code'] )) {15 if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'maintenance_switch_preview' )) {16 wp_die( __( 'Security check failed.' ));17 14 if (!empty($_POST['preview-code'])) { 15 if (!isset($_POST['_wpnonce']) || !wp_verify_nonce(sanitize_text_field($_POST['_wpnonce']), 'maintenance_switch_preview')) { 16 wp_die(__('Security check failed.')); 17 } 18 18 } 19 19 … … 33 33 header('Content-Type: text/html; charset=utf-8'); 34 34 35 36 35 if (!empty($_POST['preview-code'])) { 37 echo wp_kses_post(wp_unslash( $_POST['preview-code']));36 echo wp_kses_post(wp_unslash(sanitize_textarea_field($_POST['preview-code']))); 38 37 } -
maintenance-switch/tags/1.6.3/readme.txt
r3369181 r3369189 5 5 Requires at least: 3.5 6 6 Tested up to: 6.3 7 Stable tag: 1.6. 27 Stable tag: 1.6.3 8 8 Requires PHP: 7.4 9 9 License: GPLv2 or later -
maintenance-switch/tags/1.6.3/templates/maintenance.php
r3369156 r3369189 10 10 11 11 // If this file is called directly, abort. 12 if ( ! defined( 'WPINC' )) {12 if (!defined('WPINC')) { 13 13 die; 14 14 } 15 15 16 16 // Displaying this page during the maintenance mode 17 $protocol = $_SERVER["SERVER_PROTOCOL"];17 $protocol = isset($_SERVER['SERVER_PROTOCOL']) ? sanitize_text_field($_SERVER['SERVER_PROTOCOL']) : 'HTTP/1.0'; 18 18 19 19 if ('HTTP/1.1' != $protocol && 'HTTP/1.0' != $protocol) … … 34 34 $use_theme = '{{MS_USE_THEME_FILE}}'; 35 35 36 if ($use_theme == '1' && file_exists($theme_file)) {36 if ($use_theme == '1' && !empty($theme_file) && file_exists($theme_file) && strpos(realpath($theme_file), ABSPATH) === 0) { 37 37 require_once $theme_file; 38 38 die(); -
maintenance-switch/tags/1.6.3/uninstall.php
r3369156 r3369189 2 2 3 3 // If this file is called directly, abort. 4 if ( ! defined( 'WP_UNINSTALL_PLUGIN' )) {4 if (!defined('WP_UNINSTALL_PLUGIN')) { 5 5 die; 6 6 } … … 13 13 * 14 14 * - This method should be static 15 * - Check if the $_REQUESTcontent actually is the plugin name16 * - Run an admin referrer check to make sure it goes through authentication 17 * - Verify the output of $_GETmakes sense15 * - Check if the request content actually is the plugin name 16 * - Run an admin referrer check to make sure it goes through authentication 17 * - Verify the output makes sense 18 18 * - Repeat with other user roles. Best directly by using the links/query string parameters. 19 19 * - Repeat things for multisite. Once for a single site in the network, once sitewide. -
maintenance-switch/trunk/includes/class-maintenance-switch.php
r3369156 r3369189 15 15 16 16 // If this file is called directly, abort. 17 if ( ! defined( 'WPINC' )) {17 if (!defined('WPINC')) { 18 18 die; 19 19 } … … 33 33 * @author Fugu <info@fugu.fr> 34 34 */ 35 class Maintenance_Switch { 35 class Maintenance_Switch 36 { 36 37 37 38 /** … … 108 109 * @since 1.0.0 109 110 */ 110 public function __construct() { 111 public function __construct() 112 { 111 113 112 114 $this->plugin_name = MS_SLUG; 113 115 $this->version = PLUGIN_VERSION; 114 $this->default_settings = json_decode( MS_DEFAULT_SETTINGS, true);116 $this->default_settings = json_decode(MS_DEFAULT_SETTINGS, true); 115 117 $this->current_theme = wp_get_theme(); 116 118 … … 137 139 * @access private 138 140 */ 139 private function load_dependencies() { 141 private function load_dependencies() 142 { 140 143 141 144 /** … … 143 146 * core plugin. 144 147 */ 145 require_once plugin_dir_path( dirname( __FILE__ )) . 'includes/class-maintenance-switch-loader.php';148 require_once plugin_dir_path(dirname(__FILE__)) . 'includes/class-maintenance-switch-loader.php'; 146 149 147 150 /** … … 149 152 * of the plugin. 150 153 */ 151 require_once plugin_dir_path( dirname( __FILE__ )) . 'includes/class-maintenance-switch-i18n.php';154 require_once plugin_dir_path(dirname(__FILE__)) . 'includes/class-maintenance-switch-i18n.php'; 152 155 153 156 /** 154 157 * The class responsible for defining all actions that occur in the admin area. 155 158 */ 156 require_once plugin_dir_path( dirname( __FILE__ )) . 'admin/class-maintenance-switch-admin.php';159 require_once plugin_dir_path(dirname(__FILE__)) . 'admin/class-maintenance-switch-admin.php'; 157 160 158 161 /** … … 160 163 * side of the site. 161 164 */ 162 require_once plugin_dir_path( dirname( __FILE__ )) . 'public/class-maintenance-switch-public.php';165 require_once plugin_dir_path(dirname(__FILE__)) . 'public/class-maintenance-switch-public.php'; 163 166 164 167 $this->loader = new Maintenance_Switch_Loader(); … … 175 178 * @access private 176 179 */ 177 private function set_locale() { 180 private function set_locale() 181 { 178 182 179 183 $plugin_i18n = new Maintenance_Switch_i18n(); 180 $plugin_i18n->set_domain( $this->plugin_name);181 182 $this->loader->add_action( 'plugins_loaded', $plugin_i18n, 'load_plugin_textdomain');184 $plugin_i18n->set_domain($this->plugin_name); 185 186 $this->loader->add_action('plugins_loaded', $plugin_i18n, 'load_plugin_textdomain'); 183 187 184 188 } … … 191 195 * @access private 192 196 */ 193 private function define_admin_hooks() { 194 195 $plugin_admin = new Maintenance_Switch_Admin( $this ); 197 private function define_admin_hooks() 198 { 199 200 $plugin_admin = new Maintenance_Switch_Admin($this); 196 201 197 202 $this->loader->add_action('admin_enqueue_scripts', $plugin_admin, 'enqueue_styles'); 198 203 $this->loader->add_action('admin_enqueue_scripts', $plugin_admin, 'enqueue_scripts'); 199 204 200 205 // Add AJAX variables to admin footer 201 206 $this->loader->add_action('admin_footer', $plugin_admin, 'add_ajax_script_variables'); // Add the options page and menu item. 202 $this->loader->add_action( 'admin_menu', $plugin_admin, 'add_plugin_admin_menu');207 $this->loader->add_action('admin_menu', $plugin_admin, 'add_plugin_admin_menu'); 203 208 204 209 // Execute actions on settings option updated 205 $this->loader->add_action( 'update_option_maintenance_switch_settings', $this, 'admin_action_update');210 $this->loader->add_action('update_option_maintenance_switch_settings', $this, 'admin_action_update'); 206 211 207 212 // Add an action link pointing to the options page. 208 $plugin_basename = plugin_basename( plugin_dir_path( __DIR__ ) . $this->plugin_name . '.php');209 $this->loader->add_filter( 'plugin_action_links_' . $plugin_basename, $plugin_admin, 'add_action_links');213 $plugin_basename = plugin_basename(plugin_dir_path(__DIR__) . $this->plugin_name . '.php'); 214 $this->loader->add_filter('plugin_action_links_' . $plugin_basename, $plugin_admin, 'add_action_links'); 210 215 211 216 // Add an action for the switch button … … 213 218 214 219 // Add an action to init in admin 215 $this->loader->add_action( 'wp_loaded', $this, 'admin_init');220 $this->loader->add_action('wp_loaded', $this, 'admin_init'); 216 221 217 222 // Add callback action for ajax request 218 $this->loader->add_action( 'wp_ajax_toggle_status', $this, 'toggle_status_callback');223 $this->loader->add_action('wp_ajax_toggle_status', $this, 'toggle_status_callback'); 219 224 220 225 // Admin notices 221 $this->loader->add_action( 'admin_notices', $this, 'display_admin_notices');226 $this->loader->add_action('admin_notices', $this, 'display_admin_notices'); 222 227 } 223 228 … … 229 234 * @access private 230 235 */ 231 private function define_public_hooks() { 232 233 $plugin_public = new Maintenance_Switch_Public( $this->plugin_name, $this->version ); 234 235 $this->loader->add_action( 'wp_enqueue_scripts', $plugin_public, 'enqueue_styles' ); 236 $this->loader->add_action( 'wp_enqueue_scripts', $plugin_public, 'enqueue_scripts' ); 237 238 $this->loader->add_action( 'wp_head', $plugin_public,'set_ajaxurl' ); 236 private function define_public_hooks() 237 { 238 239 $plugin_public = new Maintenance_Switch_Public($this->plugin_name, $this->version); 240 241 $this->loader->add_action('wp_enqueue_scripts', $plugin_public, 'enqueue_styles'); 242 $this->loader->add_action('wp_enqueue_scripts', $plugin_public, 'enqueue_scripts'); 243 244 $this->loader->add_action('wp_head', $plugin_public, 'set_ajaxurl'); 239 245 } 240 246 … … 244 250 * @since 1.3.3 245 251 */ 246 public function admin_action_update() { 247 248 $this->init_files( true ); 252 public function admin_action_update() 253 { 254 255 $this->init_files(true); 249 256 } 250 257 … … 254 261 * @since 1.3.3 255 262 */ 256 public function admin_action_request() { 263 public function admin_action_request() 264 { 257 265 258 266 $action = isset($_REQUEST['action']) ? sanitize_key($_REQUEST['action']) : ''; 259 if ( !empty( $action )) {260 261 switch ( $action) {267 if (!empty($action)) { 268 269 switch ($action) { 262 270 263 271 case 'restore_settings': 264 272 265 if ( $this->restore_default_settings())266 $this->notice( 'success', __( 'Default settings successfuly restored.', MS_SLUG ));273 if ($this->restore_default_settings()) 274 $this->notice('success', __('Default settings successfuly restored.', MS_SLUG)); 267 275 else 268 $this->notice( 'error', __( 'Default settings was not restored.', MS_SLUG ));276 $this->notice('error', __('Default settings was not restored.', MS_SLUG)); 269 277 break; 270 278 271 279 case 'restore_html': 272 280 273 if ( $this->restore_html_setting()) {274 $this->notice( 'success', __( 'HTML code successfuly restored.', MS_SLUG ));281 if ($this->restore_html_setting()) { 282 $this->notice('success', __('HTML code successfuly restored.', MS_SLUG)); 275 283 } else { 276 $this->notice( 'error', __( 'HTML code could was not restored.', MS_SLUG ));284 $this->notice('error', __('HTML code could was not restored.', MS_SLUG)); 277 285 } 278 286 break; … … 280 288 case 'create_theme_file': 281 289 282 if ( $this->create_theme_file()) {283 $this->notice( 'success', __( 'The theme file was created successfuly.', MS_SLUG ));290 if ($this->create_theme_file()) { 291 $this->notice('success', __('The theme file was created successfuly.', MS_SLUG)); 284 292 } else { 285 $this->notice( 'error', __( 'The theme file was not created.', MS_SLUG ));293 $this->notice('error', __('The theme file was not created.', MS_SLUG)); 286 294 } 287 295 break; … … 289 297 case 'delete_theme_file': 290 298 291 if ( $this->delete_theme_file()) {292 $this->notice( 'success', __( 'The theme file was deleted successfuly', MS_SLUG ));299 if ($this->delete_theme_file()) { 300 $this->notice('success', __('The theme file was deleted successfuly', MS_SLUG)); 293 301 } else { 294 $this->notice( 'error', __( 'The theme file was not deleted.', MS_SLUG ));302 $this->notice('error', __('The theme file was not deleted.', MS_SLUG)); 295 303 } 296 304 break; … … 306 314 * @since 1.3.3 307 315 */ 308 public function notice( $type, $notice ) { 309 310 if ( !empty( $type ) && !empty( $notice ) ) 311 $this->notices[] = sprintf( '<div class="notice notice-%s is-dismissible"><p>%s</p></div>', $type, $notice ); 312 } 313 314 /** 316 public function notice($type, $notice) 317 { 318 319 if (!empty($type) && !empty($notice)) 320 $this->notices[] = sprintf('<div class="notice notice-%s is-dismissible"><p>%s</p></div>', $type, $notice); 321 } 322 323 /** 315 324 * Display admin notices stored in object 316 325 * 317 326 * @since 1.3.3 318 327 */ 319 public function display_admin_notices() { 320 321 if ( !empty( $this->notices ) ) { 322 foreach( $this->notices as $key => $notice ) { 328 public function display_admin_notices() 329 { 330 331 if (!empty($this->notices)) { 332 foreach ($this->notices as $key => $notice) { 323 333 echo $notice; 324 334 } … … 331 341 * @since 1.1.1 332 342 */ 333 public function admin_init() { 343 public function admin_init() 344 { 334 345 335 346 $this->init_settings(); … … 343 354 * @since 1.3.1 344 355 */ 345 public function init_settings() { 356 public function init_settings() 357 { 346 358 347 359 // Define if settings mode needs to be migrated from old to new system … … 349 361 350 362 // Get and delete previous settings values 351 if ( $this->version_before( '1.3.3' )) {363 if ($this->version_before('1.3.3')) { 352 364 353 365 // Get previous settins in an array 354 366 $previous_version_settings = array( 355 'ms_page_html' => get_option( 'ms_page_html'),356 'ms_switch_roles' => get_option( 'ms_switch_roles'),357 'ms_allowed_roles' => get_option( 'ms_allowed_roles'),358 'ms_allowed_ips' => get_option( 'ms_allowed_ips'),359 'ms_use_theme' => get_option( 'ms_use_theme')367 'ms_page_html' => get_option('ms_page_html'), 368 'ms_switch_roles' => get_option('ms_switch_roles'), 369 'ms_allowed_roles' => get_option('ms_allowed_roles'), 370 'ms_allowed_ips' => get_option('ms_allowed_ips'), 371 'ms_use_theme' => get_option('ms_use_theme') 360 372 ); 361 $ms_status = (int) get_option( 'ms_status');373 $ms_status = (int) get_option('ms_status'); 362 374 363 375 // Remove old invalid settings 364 delete_option( 'ms_maintenance_page_html');365 delete_option( 'ms_allowed_ip');376 delete_option('ms_maintenance_page_html'); 377 delete_option('ms_allowed_ip'); 366 378 367 379 // Get and remove previous settings version 368 if ( $previous_version_settings['ms_page_html'] !== false ) { $migrate = true; delete_option( 'ms_page_html' ); } 369 if ( $previous_version_settings['ms_switch_roles'] !== false ) { $migrate = true; delete_option( 'ms_switch_roles' ); } 370 if ( $previous_version_settings['ms_allowed_roles'] !== false ) { $migrate = true; delete_option( 'ms_allowed_roles' ); } 371 if ( $previous_version_settings['ms_allowed_ips'] !== false ) { $migrate = true; delete_option( 'ms_allowed_ips' ); } 372 if ( $previous_version_settings['ms_use_theme'] !== false ) { $migrate = true; delete_option( 'ms_use_theme' ); } 373 if ( $ms_status !== false ) { $migrate = true; delete_option( 'ms_status' ); } 374 375 if ( !$migrate ) return false; 380 if ($previous_version_settings['ms_page_html'] !== false) { 381 $migrate = true; 382 delete_option('ms_page_html'); 383 } 384 if ($previous_version_settings['ms_switch_roles'] !== false) { 385 $migrate = true; 386 delete_option('ms_switch_roles'); 387 } 388 if ($previous_version_settings['ms_allowed_roles'] !== false) { 389 $migrate = true; 390 delete_option('ms_allowed_roles'); 391 } 392 if ($previous_version_settings['ms_allowed_ips'] !== false) { 393 $migrate = true; 394 delete_option('ms_allowed_ips'); 395 } 396 if ($previous_version_settings['ms_use_theme'] !== false) { 397 $migrate = true; 398 delete_option('ms_use_theme'); 399 } 400 if ($ms_status !== false) { 401 $migrate = true; 402 delete_option('ms_status'); 403 } 404 405 if (!$migrate) 406 return false; 376 407 } 377 408 378 409 // Initialize options 379 $this->init_options( $migrate ? $previous_version_settings : array(), $migrate ? $ms_status : null);410 $this->init_options($migrate ? $previous_version_settings : array(), $migrate ? $ms_status : null); 380 411 381 412 // Create the plugin core maintenance files … … 392 423 * @var int $status the status wanted 393 424 */ 394 public function init_options( $options = array(), $status = null ) { 425 public function init_options($options = array(), $status = null) 426 { 395 427 396 428 // Get defaults settings … … 401 433 402 434 // Merging database options with defaults options 403 if ( empty($settings))404 $settings = wp_parse_args( $defaults, $settings);435 if (empty($settings)) 436 $settings = wp_parse_args($defaults, $settings); 405 437 406 438 // Merging options param with defaults options 407 if ( !empty( $options ))408 $settings = wp_parse_args( $options, $settings);439 if (!empty($options)) 440 $settings = wp_parse_args($options, $settings); 409 441 410 442 // Save settings 411 update_option( 'maintenance_switch_settings', $settings);443 update_option('maintenance_switch_settings', $settings); 412 444 413 445 // Set the status param 414 if ( $status !== null)415 $status = update_option( 'maintenance_switch_status', $status);446 if ($status !== null) 447 $status = update_option('maintenance_switch_status', $status); 416 448 417 449 // Get the status of maintenance … … 419 451 420 452 // Save the plugin version in the database 421 update_option( 'maintenance_switch_version', $this->version);453 update_option('maintenance_switch_version', $this->version); 422 454 } 423 455 … … 428 460 * @var integer $status the status to set, or just sync with file if null 429 461 */ 430 public function sync_status( $status_wanted=null ) { 462 public function sync_status($status_wanted = null) 463 { 431 464 432 465 // get the status in the database if no status in param 433 if ( $status_wanted === null)466 if ($status_wanted === null) 434 467 $status = $this->get_the_status(); 435 468 else … … 437 470 438 471 // try to create the file according to the status value 439 switch ( $status) {472 switch ($status) { 440 473 441 474 case 1: 442 475 443 if ( $this->create_dot_file()) {444 $response = array( 'success' => true);476 if ($this->create_dot_file()) { 477 $response = array('success' => true); 445 478 // if status called, update in db 446 if ( $status_wanted !== null ) $this->set_the_status( $status ); 479 if ($status_wanted !== null) 480 $this->set_the_status($status); 447 481 } else { 448 $response = array( 'success' => false);482 $response = array('success' => false); 449 483 } 450 484 … … 453 487 case 0: 454 488 455 if ( $this->_delete_file( MS_DOT_FILE_ACTIVE, true )) {456 $response = array( 'success' => true);489 if ($this->_delete_file(MS_DOT_FILE_ACTIVE, true)) { 490 $response = array('success' => true); 457 491 // if status called, update in db 458 if ( $status_wanted !== null ) $this->set_the_status( $status ); 492 if ($status_wanted !== null) 493 $this->set_the_status($status); 459 494 } else { 460 $response = array( 'success' => false);495 $response = array('success' => false); 461 496 } 462 497 … … 476 511 * @return boolean true 477 512 */ 478 public function init_files( $override=false ) { 513 public function init_files($override = false) 514 { 479 515 480 516 // create the php file from template 481 if ( $override || ! file_exists( MS_PHP_FILE_ACTIVE )) {517 if ($override || !file_exists(MS_PHP_FILE_ACTIVE)) { 482 518 $this->create_php_file(); 483 519 } 484 520 485 if ( $this->get_the_status() == 1)521 if ($this->get_the_status() == 1) 486 522 $this->create_dot_file(); 487 523 … … 494 530 * @since 1.3.1 495 531 */ 496 public function version_before( $version ) { 532 public function version_before($version) 533 { 497 534 // get the version in db 498 535 $previous_version = $this->get_the_version(); 499 536 500 if ( empty( $previous_version ))537 if (empty($previous_version)) 501 538 return false; 502 539 503 540 // test if the db version is anterior to called version 504 if ( $this->numeric_version( $previous_version ) < $this->numeric_version( $version ))541 if ($this->numeric_version($previous_version) < $this->numeric_version($version)) 505 542 return true; 506 543 … … 513 550 * @since 1.3.1 514 551 */ 515 public function numeric_version( $version ) { 516 517 $version = str_replace( '.', '', $version ); 552 public function numeric_version($version) 553 { 554 555 $version = str_replace('.', '', $version); 518 556 return (int) $version; 519 557 } … … 524 562 * @since 1.3.0 525 563 */ 526 public function get_current_theme() { 564 public function get_current_theme() 565 { 527 566 528 567 return $this->current_theme; … … 534 573 * @since 1.3.0 535 574 */ 536 public function get_the_status() { 537 538 $status = get_option( 'maintenance_switch_status' ); 539 if ( !$status ) { 540 $status = update_option( 'maintenance_switch_status', MS_DEFAULT_STATUS ); 575 public function get_the_status() 576 { 577 578 $status = get_option('maintenance_switch_status'); 579 if (!$status) { 580 $status = update_option('maintenance_switch_status', MS_DEFAULT_STATUS); 541 581 return MS_DEFAULT_STATUS; 542 582 } … … 551 591 * @return boolean true if the status was changed, false if not 552 592 */ 553 public function set_the_status( $status ) { 554 555 if ( isset( $status ) ) { 556 return update_option( 'maintenance_switch_status', $status ); 593 public function set_the_status($status) 594 { 595 596 if (isset($status)) { 597 return update_option('maintenance_switch_status', $status); 557 598 } 558 599 return false; … … 565 606 * @return string the version of the plugin saved in db 566 607 */ 567 public function get_the_version() { 568 569 return get_option( 'maintenance_switch_version' ); 608 public function get_the_version() 609 { 610 611 return get_option('maintenance_switch_version'); 570 612 } 571 613 … … 576 618 * @return misc the option value or false if option not exists 577 619 */ 578 public function get_the_settings() { 579 580 return get_option( 'maintenance_switch_settings' ); 620 public function get_the_settings() 621 { 622 623 return get_option('maintenance_switch_settings'); 581 624 } 582 625 … … 586 629 * @since 1.3.0 587 630 */ 588 public function restore_default_settings() { 631 public function restore_default_settings() 632 { 589 633 590 634 $settings = $this->default_settings; 591 return update_option( 'maintenance_switch_settings', $settings);635 return update_option('maintenance_switch_settings', $settings); 592 636 } 593 637 … … 597 641 * @since 1.3.0 598 642 */ 599 public function restore_html_setting() { 643 public function restore_html_setting() 644 { 600 645 601 646 $settings = $this->get_the_settings(); 602 647 $settings['ms_page_html'] = $this->default_settings['ms_page_html']; 603 return update_option( 'maintenance_switch_settings', $settings);648 return update_option('maintenance_switch_settings', $settings); 604 649 } 605 650 … … 610 655 * @return string The theme file with absolute url 611 656 */ 612 public function get_theme_file_url() { 657 public function get_theme_file_url() 658 { 613 659 614 660 return $this->current_theme->get_stylesheet_directory_uri() . '/' . MS_THEME_FILENAME; … … 621 667 * @return string The theme file with absolute path 622 668 */ 623 public function get_theme_file_path() { 669 public function get_theme_file_path() 670 { 624 671 625 672 return $this->current_theme->get_stylesheet_directory() . '/' . MS_THEME_FILENAME; … … 632 679 * @return boolean true if the file exists in theme, false if not 633 680 */ 634 public function theme_file_exists() { 681 public function theme_file_exists() 682 { 635 683 636 684 $theme_file = $this->get_theme_file_path(); 637 return file_exists( $theme_file);685 return file_exists($theme_file); 638 686 } 639 687 … … 644 692 * @return boolean True if the file was created in theme, false if not of if it already exists 645 693 */ 646 public function create_theme_file() { 694 public function create_theme_file() 695 { 647 696 648 697 $theme_file = $this->get_theme_file_path(); 649 if ( ! $this->theme_file_exists()) {650 return $this->_create_file( $theme_file, $this->default_settings['ms_page_html']);698 if (!$this->theme_file_exists()) { 699 return $this->_create_file($theme_file, $this->default_settings['ms_page_html']); 651 700 } 652 701 return false; … … 659 708 * @return boolean True if the file was deleted in theme, false if not of if not exists 660 709 */ 661 public function delete_theme_file() { 710 public function delete_theme_file() 711 { 662 712 663 713 $theme_file = $this->get_theme_file_path(); 664 if ( $this->theme_file_exists()) {665 return $this->_delete_file( $theme_file);714 if ($this->theme_file_exists()) { 715 return $this->_delete_file($theme_file); 666 716 } 667 717 return false; … … 676 726 * @return misc The setting value 677 727 */ 678 public function get_setting( $setting_name, $default_value = false ) { 728 public function get_setting($setting_name, $default_value = false) 729 { 679 730 680 731 $settings = $this->get_the_settings(); 681 732 682 if ( isset( $settings[ $setting_name ] )) {683 return $settings[ $setting_name];733 if (isset($settings[$setting_name])) { 734 return $settings[$setting_name]; 684 735 } 685 736 … … 695 746 * @return boolean True if the setting was updated, false if not of if is not set 696 747 */ 697 public function update_setting( $setting_name, $setting_value ) { 748 public function update_setting($setting_name, $setting_value) 749 { 698 750 699 751 $settings = $this->get_the_settings(); 700 752 701 if ( isset( $settings[$setting_name] ))753 if (isset($settings[$setting_name])) 702 754 $settings[$setting_name] = $setting_value; 703 755 else … … 712 764 * @since 1.0.0 713 765 */ 714 public function run() { 766 public function run() 767 { 715 768 716 769 $this->loader->run(); … … 724 777 * @return string The name of the plugin. 725 778 */ 726 public function get_plugin_name() { 779 public function get_plugin_name() 780 { 727 781 728 782 return $this->plugin_name; … … 735 789 * @return Maintenance_Switch_Loader Orchestrates the hooks of the plugin. 736 790 */ 737 public function get_loader() { 791 public function get_loader() 792 { 738 793 739 794 return $this->loader; … … 746 801 * @return string The version number of the plugin. 747 802 */ 748 public function get_version() { 803 public function get_version() 804 { 749 805 750 806 return $this->version; … … 757 813 * @return string The status of the maintenance mode. 758 814 */ 759 public function get_status() { 815 public function get_status() 816 { 760 817 761 818 return $this->status; … … 768 825 * @return string The default settings. 769 826 */ 770 public function get_default_settings() { 827 public function get_default_settings() 828 { 771 829 772 830 return $this->default_settings; … … 779 837 * @return boolean True if the user can switch, false if not 780 838 */ 781 public function current_user_can_switch() { 839 public function current_user_can_switch() 840 { 782 841 783 842 global $current_user; 784 843 $user_can = false; 785 844 786 $switch_roles = (array) $this->get_setting( 'ms_switch_roles');787 788 foreach ( $current_user->roles as $role) {789 if ( in_array( $role, $switch_roles ))845 $switch_roles = (array) $this->get_setting('ms_switch_roles'); 846 847 foreach ($current_user->roles as $role) { 848 if (in_array($role, $switch_roles)) 790 849 $user_can = true; 791 850 } … … 799 858 * @return array List of all users logins 800 859 */ 801 public function get_allowed_users() { 802 803 $allowed_roles = (array) $this->get_setting( 'ms_allowed_roles' ); 804 $users = $this->get_users_by_role( $allowed_roles ); 860 public function get_allowed_users() 861 { 862 863 $allowed_roles = (array) $this->get_setting('ms_allowed_roles'); 864 $users = $this->get_users_by_role($allowed_roles); 805 865 $allowed_users = array(); 806 foreach ( $users as $user) {866 foreach ($users as $user) { 807 867 $allowed_users[] = $user->user_login; 808 868 } … … 816 876 * @return string List of all ips comma separated 817 877 */ 818 public function get_allowed_ips() { 819 820 $allowed_ips = $this->get_setting( 'ms_allowed_ips' ); 821 $allowed_ips = explode( ',', $allowed_ips ); 878 public function get_allowed_ips() 879 { 880 881 $allowed_ips = $this->get_setting('ms_allowed_ips'); 882 $allowed_ips = explode(',', $allowed_ips); 822 883 return $allowed_ips; 823 884 } … … 830 891 * @return array the user list 831 892 */ 832 public function get_users_by_role( $roles = array() ) { 833 834 $users = array(); 835 foreach ($roles as $role) { 836 if ( !empty( $role ) ) { 837 $users_query = new WP_User_Query( array( 838 'fields' => 'all_with_meta', 839 'role' => $role, 840 'orderby' => 'display_name' 841 ) ); 842 $results = $users_query->get_results(); 843 if ($results) $users = array_merge($users, $results); 844 } 845 } 846 return $users; 893 public function get_users_by_role($roles = array()) 894 { 895 896 $users = array(); 897 foreach ($roles as $role) { 898 if (!empty($role)) { 899 $users_query = new WP_User_Query(array( 900 'fields' => 'all_with_meta', 901 'role' => $role, 902 'orderby' => 'display_name' 903 )); 904 $results = $users_query->get_results(); 905 if ($results) 906 $users = array_merge($users, $results); 907 } 908 } 909 return $users; 847 910 } 848 911 … … 853 916 * @return string The current ip of the user 854 917 */ 855 public function get_user_ip() { 918 public function get_user_ip() 919 { 856 920 //Just get the headers if we can or else use the SERVER global 857 if ( function_exists( 'apache_request_headers' )) {921 if (function_exists('apache_request_headers')) { 858 922 $headers = apache_request_headers(); 859 923 } else { 860 $headers = $_SERVER;924 $headers = array_map('sanitize_text_field', $_SERVER); 861 925 } 862 926 // Get the forwarded IP if it exists 863 if ( array_key_exists( 'X-Forwarded-For', $headers ) && filter_var( $headers['X-Forwarded-For'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 )) {927 if (array_key_exists('X-Forwarded-For', $headers) && filter_var($headers['X-Forwarded-For'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { 864 928 $the_ip = $headers['X-Forwarded-For']; 865 } elseif ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers ) && filter_var( $headers['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 )) {929 } elseif (array_key_exists('HTTP_X_FORWARDED_FOR', $headers) && filter_var($headers['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { 866 930 $the_ip = $headers['HTTP_X_FORWARDED_FOR']; 867 931 } else { 868 $the_ip = filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);932 $the_ip = filter_var(sanitize_text_field($_SERVER['REMOTE_ADDR']), FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); 869 933 } 870 934 return $the_ip; … … 878 942 * @return boolean True if the .maintenance file is core, false if was created by the plugin 879 943 */ 880 public function _check_core_file( $file ) { 881 882 if ( file_exists( $file ) ) { 883 $content = file_get_contents( $file ); 884 if ( preg_match( '/'.$this->plugin_name.'/i', $content) ) 944 public function _check_core_file($file) 945 { 946 947 if (file_exists($file)) { 948 $content = file_get_contents($file); 949 if (preg_match('/' . $this->plugin_name . '/i', $content)) 885 950 return false; 886 951 else … … 898 963 * @return boolean True if the file was deleted, false if not 899 964 */ 900 public function _delete_file( $file, $check_core=false ) { 901 902 if ( file_exists( $file ) ) { 903 904 if ( $check_core && $this->_check_core_file( $file ) ) 965 public function _delete_file($file, $check_core = false) 966 { 967 968 if (file_exists($file)) { 969 970 if ($check_core && $this->_check_core_file($file)) 905 971 return false; 906 972 907 if ( unlink( $file ))973 if (unlink($file)) 908 974 return true; 909 975 } … … 918 984 * @var string $content the content to put in the file 919 985 */ 920 public function _create_file( $file, $content ) { 921 922 if ( file_exists( $file ) ) 986 public function _create_file($file, $content) 987 { 988 989 if (file_exists($file)) 923 990 return false; 924 991 925 if ( ! file_put_contents( $file, $content ))992 if (!file_put_contents($file, $content)) 926 993 return false; 927 994 … … 934 1001 * @since 1.0.0 935 1002 */ 936 public function create_php_file() { 1003 public function create_php_file() 1004 { 937 1005 938 1006 // get the template file content 939 $content = file_get_contents( MS_PHP_FILE_TEMPLATE);1007 $content = file_get_contents(MS_PHP_FILE_TEMPLATE); 940 1008 941 1009 // get flags values 942 $page_html = wp_specialchars_decode( $this->get_setting( 'ms_page_html' ), ENT_QUOTES);943 $use_theme_file = $this->get_setting( 'ms_use_theme');944 $return503 = $this->get_setting( 'ms_error_503');1010 $page_html = wp_specialchars_decode($this->get_setting('ms_page_html'), ENT_QUOTES); 1011 $use_theme_file = $this->get_setting('ms_use_theme'); 1012 $return503 = $this->get_setting('ms_error_503'); 945 1013 $theme = wp_get_theme(); 946 1014 $theme_file = $theme->get_stylesheet_directory() . '/' . MS_THEME_FILENAME; 947 1015 948 1016 // apply flags replacements 949 $content = str_replace( '{{MS_PLUGIN_SLUG}}' , $this->plugin_name, $content);950 $content = str_replace( '{{MS_USE_THEME_FILE}}' , $use_theme_file, $content);951 $content = str_replace( '{{MS_RETURN_503}}' , $return503, $content);952 $content = str_replace( '{{MS_THEME_FILE}}' , $theme_file, $content);953 $content = str_replace( '{{MS_PAGE_HTML}}' , $page_html, $content);1017 $content = str_replace('{{MS_PLUGIN_SLUG}}', $this->plugin_name, $content); 1018 $content = str_replace('{{MS_USE_THEME_FILE}}', $use_theme_file, $content); 1019 $content = str_replace('{{MS_RETURN_503}}', $return503, $content); 1020 $content = str_replace('{{MS_THEME_FILE}}', $theme_file, $content); 1021 $content = str_replace('{{MS_PAGE_HTML}}', $page_html, $content); 954 1022 955 1023 // delete the current file 956 $this->_delete_file( MS_PHP_FILE_ACTIVE);1024 $this->_delete_file(MS_PHP_FILE_ACTIVE); 957 1025 958 1026 // try to create the file 959 if ( ! $this->_create_file( MS_PHP_FILE_ACTIVE, $content )) {1027 if (!$this->_create_file(MS_PHP_FILE_ACTIVE, $content)) { 960 1028 return false; 961 1029 } … … 968 1036 * @since 1.0.0 969 1037 */ 970 public function create_dot_file() { 1038 public function create_dot_file() 1039 { 971 1040 972 1041 // get the template file content 973 $content = file_get_contents( MS_DOT_FILE_TEMPLATE);1042 $content = file_get_contents(MS_DOT_FILE_TEMPLATE); 974 1043 975 1044 // get flags values 976 $allowed_users = "'" . implode( "', '", $this->get_allowed_users()) . "'";977 $allowed_ips = "'" . implode( "','", $this->get_allowed_ips()) . "'";978 $login_url = str_replace( get_site_url(), '', wp_login_url());1045 $allowed_users = "'" . implode("', '", $this->get_allowed_users()) . "'"; 1046 $allowed_ips = "'" . implode("','", $this->get_allowed_ips()) . "'"; 1047 $login_url = str_replace(get_site_url(), '', wp_login_url()); 979 1048 980 1049 // apply flags replacements 981 $content = str_replace( '{{MS_ALLOWED_USERS}}' , $allowed_users, $content);982 $content = str_replace( '{{MS_ALLOWED_IPS}}' , $allowed_ips, $content);983 $content = str_replace( '{{MS_PLUGIN_SLUG}}' , $this->plugin_name, $content);984 $content = str_replace( '{{MS_LOGIN_URL}}' , $login_url, $content);1050 $content = str_replace('{{MS_ALLOWED_USERS}}', $allowed_users, $content); 1051 $content = str_replace('{{MS_ALLOWED_IPS}}', $allowed_ips, $content); 1052 $content = str_replace('{{MS_PLUGIN_SLUG}}', $this->plugin_name, $content); 1053 $content = str_replace('{{MS_LOGIN_URL}}', $login_url, $content); 985 1054 986 1055 // check if the core dot file exists or delete current file 987 if ( $this->_check_core_file( MS_DOT_FILE_ACTIVE )) {1056 if ($this->_check_core_file(MS_DOT_FILE_ACTIVE)) { 988 1057 return false; 989 1058 } else { 990 $this->_delete_file( MS_DOT_FILE_ACTIVE, true);1059 $this->_delete_file(MS_DOT_FILE_ACTIVE, true); 991 1060 } 992 1061 993 1062 // try to create the file 994 if ( ! $this->_create_file( MS_DOT_FILE_ACTIVE, $content )) {1063 if (!$this->_create_file(MS_DOT_FILE_ACTIVE, $content)) { 995 1064 return false; 996 1065 } … … 1003 1072 * @since 1.0.0 1004 1073 */ 1005 public function toggle_status_callback() { 1006 1074 public function toggle_status_callback() 1075 { 1076 1007 1077 // Check nonce for security 1008 1078 $nonce = isset($_POST['nonce']) ? sanitize_text_field(wp_unslash($_POST['nonce'])) : ''; … … 1023 1093 $new_status = (bool) $status == 1 ? 0 : 1; 1024 1094 // sync status 1025 $response = $this->sync_status( $new_status);1095 $response = $this->sync_status($new_status); 1026 1096 // return json response 1027 wp_send_json( $response);1097 wp_send_json($response); 1028 1098 // this is required to terminate immediately and return a proper response 1029 1099 wp_die(); … … 1036 1106 * @since 1.0.0 1037 1107 */ 1038 public function add_switch_button( $wp_admin_bar ){ 1039 1040 if ( $this->current_user_can_switch() ) { 1108 public function add_switch_button($wp_admin_bar) 1109 { 1110 1111 if ($this->current_user_can_switch()) { 1041 1112 1042 1113 $args = array( 1043 1114 'id' => 'ms-switch-button', 1044 'title' => '<span class="ab-icon dashicons-admin-tools"></span><span class="ab-label">' . __( 'Maintenance', $this->plugin_name) . '</span>',1115 'title' => '<span class="ab-icon dashicons-admin-tools"></span><span class="ab-label">' . __('Maintenance', $this->plugin_name) . '</span>', 1045 1116 'href' => '#', 1046 1117 'meta' => array( 1047 'class' => 'toggle-button ' . ( $this->status ? 'active' : ''),1118 'class' => 'toggle-button ' . ($this->status ? 'active' : ''), 1048 1119 ) 1049 1120 ); 1050 1121 1051 $wp_admin_bar->add_node( $args);1122 $wp_admin_bar->add_node($args); 1052 1123 } 1053 1124 } -
maintenance-switch/trunk/maintenance-switch.php
r3369181 r3369189 17 17 * Plugin URI: https://wordpress.org/plugins/maintenance-switch 18 18 * Description: Customize easily and switch in one-click to (native) maintenance mode from your backend or frontend. 19 * Version: 1.6. 219 * Version: 1.6.3 20 20 * Author: Fugu 21 21 * Author URI: http://www.fugu.fr -
maintenance-switch/trunk/preview.php
r3369181 r3369189 2 2 3 3 // If this file is called directly, abort. 4 if ( ! defined( 'WPINC' )) {5 4 if (!defined('WPINC')) { 5 die; 6 6 } 7 7 8 8 // Security check: only allow admin users 9 if ( ! current_user_can( 'manage_options' )) {10 wp_die( __( 'Insufficient permissions to access this page.' ));9 if (!current_user_can('manage_options')) { 10 wp_die(__('Insufficient permissions to access this page.')); 11 11 } 12 12 13 13 // Security check: verify nonce 14 if ( ! empty( $_POST['preview-code'] )) {15 if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'maintenance_switch_preview' )) {16 wp_die( __( 'Security check failed.' ));17 14 if (!empty($_POST['preview-code'])) { 15 if (!isset($_POST['_wpnonce']) || !wp_verify_nonce(sanitize_text_field($_POST['_wpnonce']), 'maintenance_switch_preview')) { 16 wp_die(__('Security check failed.')); 17 } 18 18 } 19 19 … … 33 33 header('Content-Type: text/html; charset=utf-8'); 34 34 35 36 35 if (!empty($_POST['preview-code'])) { 37 echo wp_kses_post(wp_unslash( $_POST['preview-code']));36 echo wp_kses_post(wp_unslash(sanitize_textarea_field($_POST['preview-code']))); 38 37 } -
maintenance-switch/trunk/readme.txt
r3369181 r3369189 5 5 Requires at least: 3.5 6 6 Tested up to: 6.3 7 Stable tag: 1.6. 27 Stable tag: 1.6.3 8 8 Requires PHP: 7.4 9 9 License: GPLv2 or later -
maintenance-switch/trunk/templates/maintenance.php
r3369156 r3369189 10 10 11 11 // If this file is called directly, abort. 12 if ( ! defined( 'WPINC' )) {12 if (!defined('WPINC')) { 13 13 die; 14 14 } 15 15 16 16 // Displaying this page during the maintenance mode 17 $protocol = $_SERVER["SERVER_PROTOCOL"];17 $protocol = isset($_SERVER['SERVER_PROTOCOL']) ? sanitize_text_field($_SERVER['SERVER_PROTOCOL']) : 'HTTP/1.0'; 18 18 19 19 if ('HTTP/1.1' != $protocol && 'HTTP/1.0' != $protocol) … … 34 34 $use_theme = '{{MS_USE_THEME_FILE}}'; 35 35 36 if ($use_theme == '1' && file_exists($theme_file)) {36 if ($use_theme == '1' && !empty($theme_file) && file_exists($theme_file) && strpos(realpath($theme_file), ABSPATH) === 0) { 37 37 require_once $theme_file; 38 38 die(); -
maintenance-switch/trunk/uninstall.php
r3369156 r3369189 2 2 3 3 // If this file is called directly, abort. 4 if ( ! defined( 'WP_UNINSTALL_PLUGIN' )) {4 if (!defined('WP_UNINSTALL_PLUGIN')) { 5 5 die; 6 6 } … … 13 13 * 14 14 * - This method should be static 15 * - Check if the $_REQUESTcontent actually is the plugin name16 * - Run an admin referrer check to make sure it goes through authentication 17 * - Verify the output of $_GETmakes sense15 * - Check if the request content actually is the plugin name 16 * - Run an admin referrer check to make sure it goes through authentication 17 * - Verify the output makes sense 18 18 * - Repeat with other user roles. Best directly by using the links/query string parameters. 19 19 * - Repeat things for multisite. Once for a single site in the network, once sitewide.
Note: See TracChangeset
for help on using the changeset viewer.