/** * Hook this to the activation phase */ function glome_plugin_activate() { add_option('glome_plugin_do_activation_redirect', true); if (!function_exists('register_post_status')) { deactivate_plugins(basename(dirname(__FILE__)) . '/' . basename(__FILE__)); exit; } update_option('glome_plugin_activation_message', 0); // check and set the Glome API domain // the function will sanitize the value; see glome_api.php $domain = get_api_domain(); }
/** * Generic Glome API POST wrapper */ function glome_post($query, $params = false) { if (!$params) { $params = array(); } $domain = get_api_domain(); $uid = get_option('glome_api_uid'); $key = get_option('glome_api_key'); $url = $domain . $query; $payload = array('body' => array('application[uid]' => $uid, 'application[apikey]' => $key) + $params, 'timeout' => 15); $response = wp_remote_post($url, $payload); return $response; }
/** * */ function glome_settings() { $email = null; $domain = null; $current_user = wp_get_current_user(); if (isset($_POST, $_POST['glome_plugin_settings'], $_POST['glome_plugin_settings']['api_uid'], $_POST['glome_plugin_settings']['api_domain'], $_POST['glome_plugin_settings']['api_key'])) { // sanitize and validate api_domain // 1. it must be a valid URL // 2. length: max 255 bytes $raw = esc_url_raw($_POST['glome_plugin_settings']['api_domain']); $sanitized = filter_var($raw, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED); if ($sanitized !== FALSE && strlen($sanitized) <= 255) { $domain = $sanitized; update_option('glome_api_domain', $sanitized); } else { $domain = get_api_domain(); } // sanitize and validate api_uid // 1. it's a string (a-zA-Z0-9.) chars allowed // 2. length: max 255 bytes $raw = $_POST['glome_plugin_settings']['api_uid']; $sanitized = preg_replace('/[^a-zA-Z0-9.]/i', '', $raw); if (strlen($sanitized) <= 255) { update_option('glome_api_uid', $sanitized); } // sanitize and validate api_key // 1. only hex string // 2. 32 bytes fixed length $raw = $_POST['glome_plugin_settings']['api_key']; $sanitized = preg_replace('/[^a-fA-F0-9]/i', '', $raw); if (ctype_xdigit($sanitized) && strlen($sanitized) == 32) { update_option('glome_api_key', $sanitized); } // validate activity_tracking // can only be 0 or 1 $checkbox = (int) isset($_POST['glome_plugin_settings']['activity_tracking']); update_option('glome_activity_tracking', $checkbox); // validate clone_name // can only be 0 or 1 $checkbox = (int) isset($_POST['glome_plugin_settings']['clone_name']); update_option('glome_clone_name', $checkbox); } $domain = get_option('glome_api_domain'); $settings = array('api_domain' => empty($domain) ? get_api_domain() : $domain, 'api_uid' => get_option('glome_api_uid'), 'api_key' => get_option('glome_api_key'), 'activity_tracking' => get_option('glome_activity_tracking'), 'clone_name' => get_option('glome_clone_name')); $email = $current_user->email; include plugin_dir_path(__FILE__) . '../templates/settings.php'; }